Chapter 3 Computer and Internet Crime - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Chapter 3 Computer and Internet Crime

Description:

Discuss key trade-offs and ethical issues associated with ... an application language such as VBScript to infect and replicate documents and templates. ... – PowerPoint PPT presentation

Number of Views:266
Avg rating:3.0/5.0
Slides: 25
Provided by: johnpbuerc
Category:

less

Transcript and Presenter's Notes

Title: Chapter 3 Computer and Internet Crime


1
Chapter 3Computer and Internet Crime
2
Chapter 3 - Objectives
  • Discuss key trade-offs and ethical issues
    associated with safeguarding of data and
    information systems.
  • Identify reasons for the increase in the number
    of Internet-related security incidents.
  • Describe the most common types of computer
    security attacks.
  • Outline the characteristics of common
    perpetrators including their objectives,
    available resources, willingness to accept risk,
    and frequency of attack.
  • Describe a multi-level process for managing
    Internet vulnerabilities based on the concept of
    reasonable assurance.
  • Outline the actions that must be taken in
    response to a security incident.

3
IT Security Incidents
Source CERT Web site at www.CERT.org/stats
4
Increased Internet Security Incidents
  • Increasing complexity increases vulnerability.
  • Higher computer user error and access to
    information.
  • Expanding and changing environment introduces new
    risks.
  • Increased reliance on commercial software with
    known vulnerabilities.

5
Types of Internet Attacks
  • Virus
  • Worm
  • Trojan Horse
  • Denial-of-Service Attacks

6
Virus
  • The term computer virus is an umbrella term
    used for many types of malicious code.
  • A virus is usually a piece of programming code
    that causes some unexpected and usually
    undesirable event.
  • Most viruses deliver a payload or malicious
    act.

7
Virus
  • Viruses may execute and affect your computer in
    many different ways.
  • Replicate themselves
  • Reside in memory and infect other files
  • Modify and/or create new files
  • Most common viruses are macro viruses. These
    viruses use an application language such as
    VBScript to infect and replicate documents and
    templates.

8
Worm
  • A worm is a computer program, which replicates
    itself and is self-propagating. Worms, as opposed
    to viruses, are meant to spawn in network
    environments. (http//www.easydesksoftware.com/glo
    ssary.htm)
  • Worms are also harmful and they differ from
    standard viruses in that they have this ability
    to self-propagate without human intervention.

9
Trojan Horse
  • A Trojan horse is a program that gets secretly
    installed on a computer, planting a harmful
    payload that can allow the hacker to do such
    things as steal passwords or spy on users by
    recording keystrokes and transmitting them to a
    third party.

10
Trojan Horse Logic Bomb
  • A logic bomb is a type of Trojan horse that
    executes when a specific condition occurs.
  • Logic bombs can be triggered by a change in a
    particular file, typing a specific series of key
    strokes, or by a specific time or date.

11
Denial-of-Service Attack
  • A denial-of-service attack is one in which a
    malicious hacker takes over computers on the
    Internet and causes them to flood a target site
    with demands for data and other tasks. SCO and
    Microsoft MyDoom.a and .b
  • Denial of service does not involve a computer
    break-in it simply keeps the target machine so
    busy responding to the automated requests that
    legitimate users cannot get work done.

12
Denial-of-Service Attack
  • Zombies are computers that send these requests.
  • Spoofing is the practice of putting a false
    return address on a data packet.
  • Filtering is the process of preventing packets
    with false IP addresses from being passed on.

13
Classification of Perpetrators of Computer Crime
See Three Blind Phreaks
14
Hacker
  • A hacker is an individual who tests the
    limitations of systems out of intellectual
    curiosity.
  • Unfortunately, much of what hackers (and
    crackers) do is illegal.
  • Breaking into networks and systems.
  • Defacing web pages.
  • Crashing computers.
  • Spreading harmful programs or hate messages.

15
Hacker
  • Crackers are hackers who break code.
  • Malicious insiders are a security concern for
    companies. Insiders may be employees,
    consultants, or contractors. They have knowledge
    of internal systems and know where the weak
    points are.

16
Forms of Computer Criminals
  • Malicious insiders are the number one security
    concern for companies.
  • Industrial spies use illegal means to obtain
    trade secrets from the competitors of firms for
    which they are hired.
  • Cybercriminals are criminals who hack into
    computers and steal money.
  • Cyberterrorists are people who intimidate or
    coerce a government to advance their political or
    social objectives by launching attacks against
    computers and networks.

17
Legal Overview
  • Fraud is obtaining title to property through
    deception or trickery.
  • To prove fraud four elements must be shown
  • The wrongdoer made a false representation of the
    material fact.
  • The wrongdoer intended to deceive the innocent
    party.
  • The innocent party justifiably relied on the
    misrepresentation.
  • The innocent party was injured.

18
Reducing Internet Vulnerabilities
  • Risk assessment is an organizations review of
    the potential threats to its computer and network
    and the probability of those threats occurring.
  • Establish a security policy that defines the
    security requirements of an organization and
    describes the controls and sanctions to be used
    to meet those requirements.
  • Educate employees, contractors, and part-time
    workers in the importance of security so that
    they will be motivated to understand and follow
    security policy.

19
Prevention
  • Install a corporate firewall.
  • Install anti-virus software on personal
    computers.
  • Implement safeguards against attacks by malicious
    insiders.
  • Address the ten most critical Internet security
    threats (10 each in Windows and UNIX) Top Twenty
    List
  • Verify backup processes for critical software and
    databases.
  • Conduct periodic IT security audits.
  • See Tourbus Virus Solution or locally
  • MS Patch for IECNET News. Implications of
    changes, speed of reaction

20
Detection
  • Intrusion detection systems monitor system and
    network resources and activities and, using
    information gathered from theses sources, they
    notify authorities when they identify a possible
    intrusion.
  • Honeypot is a computer on your network that
    contains no data or applications critical to the
    company but has enough interesting data to lure
    intruders so that they can be observed in action.

21
Response
  • Incident notification is the plan and process
    used to notify company individuals when a
    computer attack has happened. In addition, your
    company should be prepared to
  • Protect evidence and activity logs
  • Incident containment
  • Incident eradication
  • Incident follow-up

22
Summary
  • Business managers, IT professionals, and IT users
    all face a number of ethical decisions regarding
    IT security.
  • The increased complexity of the computing
    environment has led to an increase in the number
    of security related issues.

23
Summary
  • Common computer attacks include viruses, worms,
    Trojan horses, and denial-of-service attacks.
  • Computer hackers include general hackers,
    crackers, and malicious insiders.

24
Summary
  • A strong security program is a safeguard for a
    companys systems and data.
  • An incident response plan includes
  • Protect evidence and activity logs.
  • Incident containment.
  • Incident eradication.
  • Incident follow-up.
Write a Comment
User Comments (0)
About PowerShow.com