45

Presentation1

Embed Size (px)

Citation preview

Page 1: Presentation1
Page 2: Presentation1
Page 3: Presentation1
Page 4: Presentation1

This technical report will provide the outline of some forms that computer crime takes, and examines some of the perpetrators of these crimes and their motives.

This technical report also provides an overview of the security measures that can be implemented to prevent the threat of computer crime, including passwords, encryptions, biometrics, and firewall and access control software.

I hope that through this study, concern individuals will be aware that they can be a victim of computer crime. I also hope that individuals will have an idea on about security measures to prevent the threat of computer crime.

Page 5: Presentation1

History of Computer CrimeIn the early decades of modern information

technology (IT), computer crimes were largely committed by individual disgruntled and dishonest employees. Physical damage to computer systems was a prominent threat until the 1980s. Criminals often used authorized access to subvert security systems as they modified data for financial gain or destroyed data for revenge. Early attacks on telecommunications systems in the 1960s led to subversion of the long- distance phone systems for amusement and for theft of services. As telecommunications technology spread throughout the IT world, hobbyists with criminal tendencies learned to penetrate systems and networks. Programmers in the 1980s began writing malicious software, including self-replicating programs, to interfere with personal computers.

Page 6: Presentation1

As the Internet increased access to increasing numbers of systems worldwide, criminals used unauthorized access to poorly protected systems for vandalism, political action and financial gain. As the 1990s progressed, financial crime using penetration and subversion of computer systems increased. The types of malware shifted during the 1990s, taking advantage of new vulnerabilities and dying out as operating systems were strengthened, only to succumb to new attack vectors. Illegitimate applications of e-mail grew rapidly from the mid-1990s onward, generating torrents of unsolicited commercial and fraudulent e-mail.

Page 7: Presentation1

Definition of Terms

ComputerA device that computes,

especially a programmable electronic machine that performs high-speed mathematical or logical operations or that assembles, stores, correlates, or otherwise processes information. It is a machine used in computer crime.

Page 8: Presentation1

Crime

Any act that violates the law using a computer.

Page 9: Presentation1

Computer crime, or cybercrime.

It refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime. Net crime refers, more precisely, to criminal exploitation of the Internet. Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.

Page 10: Presentation1

Security

Security is the degree of protection against danger, damage, loss, and criminal activity.

Page 11: Presentation1

Computer securityComputer security. A branch of

computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. The term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively.

Page 12: Presentation1

Computer software Computer software or just

software. The collection of computer programs and related data that provide the instructions telling a computer what to do. The term was coined to contrast to the old term hardware (meaning physical devices). In contrast to hardware, software is intangible, meaning it "cannot be touched". Software is also sometimes used in a more narrow sense, meaning application software only. Sometimes the term includes data that has not traditionally been associated with computers, such as film, tapes and records.

Page 13: Presentation1

Discussion

Page 14: Presentation1

Types of AttacksComputer Virus

A computer virus is a program or piece of code that is actually loaded on your computer without your permission or knowing and runs against your wishes. Some viruses are only made to be a nuisance, while others are simply out there to destroy. Some viruses can literally damage all your hardware, software and files on your computer. Almost all viruses are attached to an executable file, which means the virus is on your computer but it has no power to do anything unless you open or execute that specific file. A virus cannot be spread without a human action, (such as running an infected program) to keep it going. People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending e-mails with viruses as attachments in the email.

Page 15: Presentation1

Worm

A worm is a program or algorithm that can duplicate itself. A worm has the capability to travel without any help from a person from PC to PC and have ability to duplicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a massive problem for you and people you are sending infected files to. Its like a true infestation.

Page 16: Presentation1

Trojan HorseA Trojan Horse is a destructive

program that “working” as a benign application (like changing your desktop, adding silly active desktop icons) or can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a back door on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Trojans do not reproduce by infecting other files nor do they self-replicate.

Page 17: Presentation1

Computer Crime (Theft, Forgery and Piracy Concerns)

“Theft” is used here in the sense of the second meaning defined in Webster’s Third New International Dictionary, which states, “ the taking of property unlawfully.” “Piracy” is used here in a sense of the third meaning defined in Webster’s Third New International Dictionary, which states, “an unauthorized appropriation and reproduction of another’s production, invention, or conception, esp., in infringement of a copyright” (Barger, 2008).

Page 18: Presentation1

Fake ID’s

Computers can be used to make fake identification cards that are used for purposes of misrepresentation.

Page 19: Presentation1

Identity Theft

It is achieved by stealing personal information about an individual and using it to appear to be that person in order to change purchases to that person’s credit card account.

Page 20: Presentation1

Intellectual Property

It is something produced by using one’s mind, such as invention, a literary work, a work of art, a piece of music, a photograph, or a computer program.

Page 21: Presentation1

Peer-to-Peer Music SharingMusic sharing by computer

can involve a violation of copyright. One of the things that make unethical music sharing so tempting is the ease of acquiring music off the web. It requires little more than a simple download operation on the computer.

Page 22: Presentation1

Phishing

An activity where the phisher sends spam email or pop-up messages to multiple addresses, disguising his/her identity as a legitimate entity (such as a bank). -Attempts to deceive users into providing others with their personal information that can then be used to steal from them. The object of the phisher is to lure recipients into revealing personal data that may then be used by the phisher for identity theft (Barger, 2008).

Page 23: Presentation1

Computer Security

Page 24: Presentation1

FirewallA firewall consists of hardware and/or

software that is designed to insulate an organization’s internal network (or ‘intranet’) from the wider Internet, by putting a boundary around it (a ‘firewall’). Firewall software gives access only to entrusted Internet (IP) addresses and scrutinizes data for irregularities or signs of danger. Ideally, firewalls are configured so that all connections to an internal network go through relatively few, well-monitored locations. A firewall cannot only serve to protect against hacking from outside, but also to restrict access to the Internet form inside a network, for example by blocking access to certain websites. The main shortcoming of firewalls, however, is that they provide no protection against crimes by insiders (Dequenoy, 2008).

Page 25: Presentation1

Anti-virus SoftwareAnti-virus programs are therefore an

essential aspect of computer security. Anti-virus software works by searching the computer’s hard disk and storage media for virus patterns and signatures, and matching them against its own database of virus definitions. If a match if found and an existing virus is detected, an appropriate course of action is suggested to remove the virus. Anti-virus programs also prevent infected files from being downloaded (whether from a disk or an e-mail attachment) and prevent viruses from inserting themselves into a computer system (Dequenoy, 2008).

Page 26: Presentation1

PasswordsOne of the simplest and most widely

used computer security measures involves the use of passwords which authenticate authorized users and allow access to a system or network. Passwords represent the first line of defense in network security. However, they have a number of inherent weaknesses. Perhaps the most serious of these is that passwords are often too obvious and easy to guess. People tend to choose the names of their partners, spouses or family pets, or a favourite hobby. If a password cannot be guessed, then password-cracking software is relatively easy to obtain (Dequenoy, 2008).

Page 27: Presentation1

EncryptionIn computer networks, whether local

are networks of the wider internet, one of the more complicated problems is to secure information in transit between the server and the end user, and between sender and receiver. This is important in the transmission of any kind of sensitive or confidential information which must be protected adequately from the risk of being intercepted. It applies to eCommerse transactions and submission of credit card numbers, private e-mails, or any kind of security, military or business communication. One way to secure this data is through encryption (Dequenoy, 2008).

Page 28: Presentation1

Audit control software

Audit control software is used to closely monitor the use of computer. This enables auditors to trace and identify any operator who gains access to the system, and the exact time that this occurred –such as after working hours.

Page 29: Presentation1

BiometricsAnother weapon in the fight

against computer crime is biometrics, or the digitizing of biological characteristics. These technologies work by sampling ‘unique’ biological features, such as the voice, the pattern of blood vessels in the retina, or fingerprints. They then extract and convert these features into a mathematical code and store them as a biometric template.

Page 30: Presentation1

Computer Crime Perpetrators

There is a commonly held view that a typical computer is something of a ‘whizz kid’, with highly developed computing skills and a compulsive desire to ‘beat the system’. However, not many crimes demonstrate high technical ingenuity on the part of the perpetrator. Most exhibit an opportunistic exploitation of an inherit weakness in the computer system being used (Dequenoy, 2008).

Page 31: Presentation1

Hackers and CrackersHackers are individuals who

test the limitations of systems out of intellectual curiosity –to see whether they can gain access and how far they can go. They have at least a basic understanding of information systems and security features, and much of their motivation comes from a desire to learn even more.

Page 32: Presentation1

Cracking is a form of hacking that is clearly a form of criminal activity. Crackers break into other people’s networks and systems, deface Web pages, crash computers, spread harmful programs or hateful messages, and write scripts and automatic programs that let other people do these things.

Page 33: Presentation1

Malicious InsidersThe number one security concern for

companies is the malicious insider –an ever percent adversary. Indeed, it is estimated that more than 70 percent of network intruders come from inside the organization. Insiders are not necessarily employees; they can be consultants and contractors and contractors as well. Nor do they need to be employees in IT-related positions; they may just be experienced IT users. Their risk tolerance ranges from low to high, depending on whether they are motivated by financial gain, revenge on their employers, or publicity (Reynolds, 2006).

Page 34: Presentation1

Cyber terrorism

Cyber terrorism is a phrase used to describe the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.

Page 35: Presentation1

Prevention of your own system from computer crime

Page 36: Presentation1

• 1. Install a anti-virus scanner or firewall and run it often.

• 2. Update it often. • 3. Scan all diskettes/flasks disks before

copying or running programs from them. • 4. Install software only from a sealed

package produced by a known software company.

• 5. Follow careful downloading practices. • 6. If you detect a virus, take immediate

action.

Page 37: Presentation1

Actual CaseNew times bring new crimes. It's a

story as old as humanity and as new as the Internet. First comes cars, then car thieves follow. Telephones are followed by telephone fraud. Now we've got computers.

To make home, school, and office life easier, society relies on computers. As a result of this dependency, computer use grows everyday. Along with the growing use of computers comes widespread computer crime.

Page 38: Presentation1

With the Internet becoming increasingly popular, more and more people are becoming computer literate, and networks are becoming more readily accessible. The rise in computer crime can easily be blamed upon the increasing number of users. The Internet is widely deemed as a new community and "wild" electric frontier. Either way you look at it, the Internet offers cover for con artists, ground for grifters, and plenty of places where larceny can lurk. It provides the same opportunities for crime that the real world offers.

Page 39: Presentation1

Internet crimes, however, carry their own intricacies and innovations. These online crimes take advantage of the very same technologies that make the Internet possible. The most common crimes committed on the Internet are the same basic variations of the four main time-tested, real-world crimes: Forgery (of E-mail), assault (on your Web site, E-mail box, or computer system), fraud (cyberscams), and robbery (theft of valuable information). Various types of people commit computer crimes. The two most familiar being hackers and crackers.

Page 40: Presentation1

A hacker is a person who enjoys exploring the details of a programmable system and how to stretch their capabilities; one who programs enthusiastically, even obsessively. A cracker is one who breaks security on a system. Although hackers and crackers both break into computer systems, their motives are different. Hackers seem to break into computer systems for the intellectual challenge. Crackers are considered malicious with the intention of harming or causing damage to a computer system. The motivations behind crackers' actions are profits, revenge, or a mixture of the two.

Page 41: Presentation1

Other computer criminals include terrorists, company competitors, and aggravated employees. Aggravated employees are a company's worst nightmare since they have easy access to the company's system, and are usually fired or leave on bad terms. Competitors will often do whatever is necessary to get an edge on their industry leaders by riffling through their competitors' trash, bugging phone lines, and now breaking into their competitors' networks in an attempt to gather inside information. Terrorists are becoming more computer literate because they realize the amount of information regarding the government defense are stored and found on computers. Terrorists are also targeting technology and utility companies because they realize the damage caused would be wide spread and devastating.

Page 42: Presentation1

The fundamental issue in most computer crime is the criminals' lack of respect for the property or privacy of other people. I hope that society will recognize the seriousness of computer crime and demand more severe punishment for such criminals.

Page 43: Presentation1

Summary

This study heightens one’s awareness that computer crimes (Dequenoy, 2008) are criminal acts committed using a computer for computer-based hardware as the principal tool. When most people talk about computer crime, they are usually referring to the ‘act that a computer has either been the object, subject, or instrument of a crime.

The types of computer crime are theft, forgery and piracy which include theft of goods, information or money, theft or computer time, identity theft, cybersquatting, fake id’s, peer-to-peer music sharing, open source software, phishing, software bombs and web spoofing. Other types of computer crimes are computer fraud and computer espionage.

Page 44: Presentation1

Computer security is also included in the study. It showed that some various measures to enhance computer security are the firewalls, antivirus software, passwords, encryption, access control software, audit control software, and biometrics.Preventive measure on how to secure your own computer system depends on the person’s own decision whether he himself does the installing process on his own system or just let others do it for him. Systems can be secured by applying those computer security measures mentioned in the study.Computer crime cannot be executed without those computer crime perpetrators. They are called hackers, crackers, malicious insiders, industrial spies, cyber criminals and cyber terrorists.One over-riding point to note is that no computer system is 100% secure and whatever security measures are taken, people will always find a way around them (Dequenoy, 2008)

Page 45: Presentation1

Thanks for listening =)