Transcript Computer Crime

Chapter 6
IT Security
Information Privacy
The relationship between collection and dissemination of
data, technology, the public expectation of privacy, and
the legal and political issues surrounding them.
Information Privacy
Privacy concerns exist wherever personally identifiable information or
other sensitive information is collected and stored – in digital form or
otherwise. Improper or non-existent disclosure control can be the root
cause for privacy issues. Data privacy issues can arise in response to
information from a wide range of sources, such as:
 Healthcare records
 Criminal justice investigations and proceedings
 Financial institutions and transactions
 Biological traits, such as genetic material
 Residence and geographic records
 Ethnicity
 Privacy breach
 Location-based service and geolocation
Ex: Privacy statement
https://www.google.com/intl/en-GB/policies/
Information Accuracy
IT Accuracy: Factual or truthful, or closely conforming to an
objective standard ascertained through painstaking care
or due diligence. Measurements or statements are
accurate when they have been verified for their
correctness.
• Information presented should be considered and
monitoring data as accurate as possible. And can be
applied without prejudice to the user.
• Users should obtain information from a credible source
and the source can be check easily.
Information
Accuracy !
Information Property
Property is that which belongs to or with something,
whether as an attribute or as a component of said thing.
Intellectual property (IP) is a legal term that refers to
creations of the mind. Examples of intellectual property
include music, literature, and other artistic works; discoveries
and inventions; and words, phrases, symbols, and designs.
Copyright is a legal right created by the law of a
country, that grants the creator of an original work
exclusive rights to its use and distribution, usually for
a limited time, with the intention of enabling the
creator (e.g. the photographer of a photograph or
the author of a book) to receive compensation for
their intellectual effort.
Ex: Copyright infringement
illegal
legal
Information Accessibility
• Administrators will need
to set access rights for
each user profile .
• The right to access
information of each
group and each person
has no equal .
Computer Crime
Computer crime, or Cybercrime, refers to any crime that
involves a computer and a network.
Netcrime is criminal exploitation of the Internet.
Computer crime : Man
• Hacker
• Cracker
• Malware
Computer Crime
1.Hacker
• Someone who seeks and exploits weaknesses in a
computer system or computer network.
• Hackers may be motivated by a multitude of reasons,
such as profit, protest, challenge or enjoyment.
Computer Crime
2.Cracker
• Someone who breaks into someone else's computer
system, often on a network; bypasses passwords or
licenses in computer programs; or in other ways
intentionally breaches computer security.
Computer Crime
Hacker vs. Cracker
Hacker: The White Hats
• White hat is a term often used to describe ethical hackers that
stay entirely within the law. They never access a system or
network illegally, and they work tirelessly to expose holes in
systems with the ultimate goal of fixing flaws and improving
security. Upon finding a flaw, a white hat will usually notify the
software vendor and give the company a chance to patch the
flaw before making the bug public knowledge.
Crackers: The Black Hats
• Black hat or cracker breaks into systems illegality for personal
gain, vandalism, or bragging rights. A cracker doesn’t need to
be particularly knowledgeable or skillful; in fact, most of them
aren’t. Few crackers are skilled enough to create their own
software tools, so most rely on automated programs that they
download from disreputable Web sites.
Computer Crime
3.Malware
• Malicious software, is any software used to disrupt computer
operation, gather sensitive information, or gain access to
private computer systems.
• A category of malicious code that includes viruses, worms,
and Trojan horses.
1) Computer Virus
2) Internet Worm
3) Trojan Horse
4) Spyware
5) Key Logger
http://en.wikipedia.org/wiki/Malware
Computer Crime
1) computer virus
A malware program that, when
executed, replicates by inserting copies of itself
(possibly modified) into other computer
programs, data files, or the boot sector of
the hard drive; when this replication succeeds,
the affected areas are then said to be "infected".
A computer virus is a malware program that,
when executed, replicates by inserting copies of
itself (possibly modified) into other computer
programs, data files, or the boot sector of the
hard drive; when this replication succeeds, the
affected areas are then said to be "infected".
http://en.wikipedia.org/wiki/Computer_virus
Computer Crime
2) Internet worm
Type of malicious software (malware) that
self-replicates and distributes copies of itself to
its network.
These independent virtual viruses spread
through the Internet, break into computers, and
replicate without intervention from and
unbeknownst to computer users.
Internet worms are also known as computer
worms.
http://www.techopedia.com/definition/7786/internet-worm
Computer Crime
3) Trojan Horse
A Trojan often acts as a backdoor, contacting
a controller which can then have unauthorized
access to the affected computer.
Trojan, in computing is a generally non-selfreplicating type of malware program containing
malicious code that, when executed, carries out
actions determined by the nature of the Trojan,
typically causing loss or theft of data, and
possible system harm.
The term is derived from the story of the
wooden horse used to trick defenders of Troy into
taking concealed warriors into their city in ancient
Anatolia.
http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29
Computer Crime
4) Spyware
Spyware is a general term used to describe
software that performs certain behaviors,
generally without appropriately obtaining your
consent first, such as:
- Advertising
- Collecting personal information
- Changing the configuration of your computer
Spyware is often associated with software
that displays advertisements (called adware) or
software that tracks personal or sensitive
information.
http://www.microsoft.com/security/pc-security/spyware-whatis.aspx
Computer Crime
5) Key Logger
Keystroke logging, often referred to as
keylogging or keyboard capturing, is the
action of recording (or logging) the keys
struck on a keyboard, typically in a covert
manner so that the person using the
keyboard is unaware that their actions are
being monitored.
http://en.wikipedia.org/wiki/Keystroke_logging
Computer Crime
Other Type of Malware
1) Spam mail
2) Phishing-Pharming
Computer Crime
1) Spam mail
Spam mail is any email that
meets the following three criteria:
• Anonymity: The address and
identity of the sender are
concealed
• Mass Mailing: The email is sent to
large groups of people
• Unsolicited: The email is not
requested by the recipients
http://emailmarketing.comm100.com/email-marketing-ebook/email-spam.aspx
Computer Crime
2) Phishing-Pharming
The act of sending an email to a user falsely claiming to be
an established legitimate enterprise in an attempt to scam the
user into surrendering private information that will be used for
identity theft.
http://www.webopedia.com/TERM/P/phishing.html
Computer Security
Computer security refers to techniques for ensuring that data
stored in a computer cannot be read or compromised by any
individuals without authorization.
Computer Security
Basic Computer Security Tips
Tip #1: Set up user accounts
One computer, many users, is a
security disaster waiting to happen.
Your files and data are your personal,
private content and should be
protected accordingly. To prevent
other users from seeing or accessing
your data, set up user accounts on
your PC. A user account shows an
individual's specific data and not what
is present on the entire system. It also
specifies privileges on shared data,
such as deleting/editing operations
and what software can be installed on
the machine.
Tip #2: Secure your wireless
network
With wired Internet access, there's
little risk of someone encroaching on
your network. But wireless networks do
have holes in their security, so as the
owner of the network, you need to be
vigilant. Setting up passwordprotected network access is the first
step. You need to assign a network
name and password to your Wi-Fi
network. Use the latest wireless
encryption methods like WPA or
WPA2. Do not reveal your network
password to others.
Computer Security
Basic Computer Security Tips
Tip #3: Arm your computer with an
anti-virus program
The best defense is a good offense. One
of the most basic computer security
guidelines is installing an anti-virus
software. Installing security programs like
an anti-virus, keeps your computer
round-the-clock safe against viruses,
malware, Trojan worms etc. and other
malicious programs. For better
protection, try to install complete
security suites, that provide Internet
security and firewalls along with antivirus software.
Tip #4: Be regular in updates and
virus scans
Just installing an anti-virus program will
not protect your PC. You need to
keep it up-to-date with regular virus
signature and threat updates. New
viruses and malware programs
emerge online each day. You should
also scan your computer regularly for
dangerous programs. Schedule
periodic scans, once-a-month scans,
scanning new added devices and
automatic full system scans, to ensure
your PC is threat-free.
Computer Security
Basic Computer Security Tips
Tip #5: Install parental control
software for kid-friendly
computer usage
Keeping your computer secure
definitely involves keeping your kids
safe from cyber enemies. Aside from
explicit and adult content, you need to
filter and monitor what your kid is up
to online. Social networking sites in
particular, are fun online places to
socialize but they are also preying
grounds for the depraved. Parental
control software allows you to set
filters and block sites as well as
receive warnings when suspicious
activity is taking place online.
Tip #6: Block unwanted search
results
You can even change your web
browser's security settings to block
certain sites and filter out
objectionable content. Such settings
are not as powerful as parental
control software but it helps to be
extra secure. You can find this feature
in the Tools option of most browsers.
With search engines like Google, you
can fiddle with search preferences
settings.
Computer Security
Basic Computer Security Tips
Tip #7: Download wisely
Whether it is a picture, an MP3 or
a game, downloaded files are an
excellent way for malicious
software to enter your computer.
Once you download and install or
use a file, there's no telling what
it will do to your machine. So be
extra careful when it comes to
downloading. Download files from
trusted and preferably certified
sites. Sites offering free, cracked
versions of software programs are
especially dangerous, as some
cracks can contain malware.
Tip #8: Be careful with emails
Getting and sending emails is
easy, going through your inbox for
mail, that is actually relevant, is
not. Email inboxes are storehouses
of junk mail, spam,
advertisements, forwards, mail
and many times, a hidden threat.
You can keep your inbox sorted
and clutter-free by using spam
blockers and filters. Threat-wise,
try to avoid opening emails from
senders or addresses you don't
know.
Computer Security
Basic Computer Security Tips
Tip #9: Secure your data with
backups
Sometimes no matter what steps you
take, you lose data. Part of being
secure is having a fail-safe or backup
to fall back on, in case something bad
happens. So in case a virus has
attacked your files or data is
accidentally deleted, your data is
never really lost, if you have a backup
of it. Backup your data regularly,
either by storing it on physical devices
like CDs or by backing it up on a
network.
http://www.buzzle.com/articles/basic-computer-securitytips.html
Tip #10: Be smart with your
passwords
Passwords are supposed to keep your
individual settings and data safe, so
you need to keep their true value or
the actual password safe. This means,
do not write down all your passwords
on a piece of paper and keep it lying
around. With numerous passwords, it's
understandable that remembering
them all is difficult. So you can write
them down but the place where you
store this info, should be secure. And
once in a while, please change your
passwords. If in case, they are
revealed, updating the passwords
can render all hacking attempts as
naught. Another safety precaution is
the "remember me" option in most
secure sites. If multiple users access
the same PC, do not select this
option.
Questions
1.
2.
3.
4.
How difference between Hacker and Cracker?
What is Malware?
How difference between Virus and Spyware?
How can your protect your computer data?