Transcript Pertemuan 7_Computer Crime

MK Etika Profesi
Pertemuan 7
Computer Crime
Definition
• Computer Crime : An illegal act that involves a
computer system or computer related system
like any mobile device microwave, satellite or
other telecommunication systems that connect
one or more computers or computer related
systems
Definisi
Kegiatan penggunaan komputer untuk melakukan
tindakan ilegal
 Hak pengaksesan komputer
 Contoh : mencuri waktu pada komputer
perusahaan, membobol situs web pemerintah,
pencurian
informasi
kartu
kredit
Example
•
•
•
•
•
•
•
•
Intrusions into public packet networks
Network integrity violations(pelanggaran)
Privacy violations
Industrial or financial espionage
Pirated computer software
Computer-aided fraud
Internet/e-mail abuse(penyalahgunaan)
Using computers technology to commit
murder, terrorism, pornography and many
others
Siapa yang berkomitmen
melakukan kejahatan komputer?
Kejahatan Komputer
Jenis-jenis kejahatan komputer :
1. Data diddling : manipulasi atau pemalsuan data
2. Salami slicing : bagian program yang memotong
sebagian kecil dari nilai transaksi yang besar dan
mengumpulkan-nya dalam suatu periode tertentu
3. Phreaking : making free long distance calls
4. Cloning : penyalahgunaan telpon selular
menggunakan scanner
Kejahatan Komputer
Jenis-jenis kejahatan komputer :
5. Carding : pencurian nomor kartu kredit secara
online
6. Piggybacking : pencurian nomor kartu kredit
dengan memata-matai
7. Social enggineering : menipu pegawai untuk
mendapatkan akses
8. Dumper diving : pencarian informasi pribadi di
bak sampah
9. Spoofing : pencurian password melalui pemalsuan
halaman login
Kejahatan Komputer
Virus Komputer dan Kode yang merusak
Virus – program yang bersifat merusak yang
mengganggu fungsi normal sistem komputer
Jenis-jenis :
Worm : biasanya tidak merusak file; mampu memperbanyak diri
Trojan horses : kegiatan tak terdeteksi; tidak memperbanyak diri
Logic bomb atau time bombs : sejenis Trojan Horse yang
aktif setelah dipicu oleh suatu kejadian atau setelah selang waktu
tertentu
Computer resources target
• Hardware (computers, printers, servers,
communication media)
• Software (application, systems program,
system backup, special program)
• Data in storage, transition or undergoing
modification
History of Computer Crimes
• Computer virus : a self propagating computer
program designed to alter or destroy a computer
system’s resources. It attaches to software, grows,
reproduces many times & spread in the new
environment.
Attacks system  weakening capacity 
bringing the system down
• Hacking : computer attack technique utilizes
the internetworking between computers and
communication devices.
History of Computer Crimes
• Mid 1980 : 414 club in San Francisco started series of attacks
•
•
•
•
•
via a Stanford University computer
1984: first hacker magazines launched
1988: a Cornel graduate student created a computer virus
that crashed 6.000 computers and shutdown the internet for
two days
1991: michelangelo virus crashed computers on March
6,1992.
1995: Kevin Mitnick arrested by the FBI on charges of
computer fraud by stealing thousands credit card access
End of 20th century Y2K bug
http://www.kaskus.co.id/thread/512aafee48ba54af36000003
/y2k-millenium-bug-bencana-internet-dunia/
Masalah millenium bug Y2K  pendapat Onno W.Purbo
Major Types of Computer System Attack
• Penetration
– Breaking into a computer system using known
vulnerabilities to gain access to a cyberspace resource
– Source: insider, hackers, criminal group, hacktivism
• Denial of Service (DDoS)
– Diminishing the system’s ability to function.
Capable of bringing system down without destroying
its resources
– Aim to exhaust the network bandwidth, router
processing capacity, breaking down the network
– Example: ip spoofing, syn flooding, smurfing, buffer
overflow, sequence number sniffing
Motives
• Political Activism
• Vendetta
https://www.maxmanroe.com/inilah-4-kelompok-black-hathacker-yang-paling-ditakuti-di-dunia.html
•
•
•
•
•
•
•
Joke/Hoax
The Hackers ethics
Terrorism
Political Espionage
Business Espionage
Hate
Game/Fun
Cost & Social Consequences
• Cybercrime growing because of:
–
–
–
–
–
–
–
Rapid technology growth
Easy availability of hacker tools
Anonymity
Cut and paste programming technology
Communication speed
High degree of internetworking
Increasing dependency on computers
Mengapa Kejahatan Komputer
Semakin Meningkat?
• Aplikasi bisnis berbasis TI dan jaringan komputer meningkat online
banking, e-commerce, Electronic data Interchange (EDI).
• Desentralisasi server.
• Transisi dari single vendor ke multi vendor.
• Meningkatnya kemampuan pemakai (user).
• Kesulitan penegak hokum dan belum adanya ketentuan yang pasti.
• Semakin kompleksnya system yang digunakan, semakin besarnya
source code program yang digunakan.
• Berhubungan dengan internet.
Prevention Strategies
• Three entities involved:
– The computer as a tool
– The criminal
– The innocent victim
Protect the computer
• Physical protection
• Procedural and operational protection
• Antivirus Protection
Anticipate the criminal
• Pass computer Crime Prevention laws
• Enforcement of Criminal Laws
• Moral education
Monitor the innocent victim
• Personal policies
– Monitor employee activities
– Change security password regularly
– Establish rules
– Educate
Keamanan Komputer
• Merupakan tindakan pencegahan yang
diambil untuk menjaga komputer dan
informasi yang ada di dalam nya tetap
aman dari pengaksesan yang tidak berhak
Keamanan Komputer
• Pengamanan yang disarankan :
• Terapkan rencana pengamanan untuk mencegah
pembobolan
• Miliki rencana jika pembobolan terjadi
• Buatlah backup
• Hanya ijinkan akses untuk pegawai tertentu
• Ubah password secara teratur
• Jagalah informasi yang tersimpan dengan aman
• Gunakan software antivirus
• Gunakan biometrik untuk mengakses sumberdaya
komputasi
• Rekrut tenaga kerja/pegawa yang bisa dipercaya
Case: Kevin David Mitnick
•
•
•
•
•
August 63 – Born
At 12 – by pass the punch card system used in the Los Angeles bus
system
At 16 - He broke into DEC's computer network and copied their
software, a crime he was charged with and convicted of in 1988. He was
sentenced to 12 months in prison followed by three years of supervised
release. Near the end of his supervised release, Mitnick hacked into
Pacific Bell voice mail computers. Mitnick fled, becoming a fugitive for
two and a half years.
Mitnick gained unauthorized access to dozens of computer network. He
used cloned cellular phones to hide his location and, among other
things, copied valuable proprietary software from some of the country's
largest cellular telephone and computer companies.
Mitnick also intercepted and stole computer passwords, altered
computer networks, and broke into and read private e-mail. Mitnick
was apprehended on February 15, 1995 in Raleigh, North Carolina.[4] He
was found with cloned cellular phones, more than 100 clone cellular
phone codes, and multiple pieces of false identification
• The FBI arrested Mitnick on February 15, 1995, on
federal offenses related to a 2½-year period of
computer hacking.[6]
• In 1999, Mitnick confessed to four counts of wire
fraud, two counts of computer fraud and one count
of illegally intercepting a wire communication. He
was sentenced to 46 months in prison plus 22
months for violating the terms of his 1989
supervised release sentence for computer fraud. He
admitted to violating the terms of supervised
release by hacking into PacBell voicemail and other
systems and to associating with known computer
hackers, in this case co-defendant Lewis De Payne.
• Mitnick served five years in prison — four and a
half years pre-trial and eight months in solitary
confinement — because, law enforcement officials
convinced a judge that he had the ability to "start a
nuclear war by whistling into a pay phone“ [8] He
was released on January 21, 2000.
• During his supervised release, which ended on January 21, 2003, he
was initially forbidden to use any communications technology other
than a landline telephone. Mitnick fought this decision in court,
eventually winning a ruling in his favor, allowing him to access the
Internet.
• Mitnick now runs Mitnick Security Consulting LLC, a computer
security consultancy.
• http://www.bbc.com/indonesia/majalah/2015
/07/150709_majalah_finnish_hacker
• http://www.liputan6.com/tag/cybercrime
Referensi
• Heru Priyanto, S.T.,MBA, “Materi Kuliah
Computer Crime”