Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

Published byKerrie Miles Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall"— Presentation transcript:

1 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Tomorrow’s Technology and You 9/e Chapter 10 Online Outlaws: Computer Crime Computers are used to break laws as well as to uphold them. Computer crime involves: Theft by computer Software piracy Software sabotage Hacking and electronic trespassing Computer forensics experts use special software to scan criminal suspects for digital “fingerprints.” Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

2 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
The digital dossier Computer crime is any crime accomplished through knowledge or use of computer technology. Cyberstalking is similar to stalking, but the domain is digital. Businesses and government institutions lose billions of dollars every year to computer criminals. The majority of crimes are committed by company insiders. These crimes are typically covered up or not reported to authorities to avoid embarrassment. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

3 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Theft by computer: from property theft to identity theft Theft is the most common form of computer crime. Computers are used to steal: Money Goods Information Computer resources Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

4 Common types of computer crime:
Spoofing: the use of a computer (or other technology for stealing passwords or phone call: “Hi, I’m a technician for your ISP. There is a problem with the network and we need your password to solve the problem”. Identity theft: the use of computers and other tools to steal whole identities Involves social engineering: slang for the use of deception to get individuals to reveal sensitive information In 2009, 10 million people in the U.S. had their identities stolen. © 2009 Prentice-Hall, Inc.

5 Phishing: users “fish” for sensitive information under false pretenses
Usually s Attempt to impersonate genuine organizations, such as banks, to fool the user into providing sensitive personal data Normally are very official looking The link the contains is operated by criminals and not your financial (or other) institution Often performed to commit identity theft Related scams are smishing and vishing which use text messages or telephone calls to commit phishing attacks © 2009 Prentice-Hall, Inc.

6 Pharming (DNS Poisoning): used by phishers to direct users to a fake web site when entering the URL of a genuine site Criminals replace the real URL with the URL of their fake site to steal your information Pharming is effective – the fake web site even shows the correct domain name in the browser address bar Online fraud: 87% related to online auctions Average cost per victim: $600 © 2009 Prentice-Hall, Inc.

7 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Protect yourself from identity theft: Make all your online purchases using a credit card. Get a separate credit card with a low credit limit for your online transactions Make sure a secure Web site is managing your transaction. Don’t disclose personal information over the phone. Don’t give Social Security or driver’s license numbers over the phone; don’t print it on checks; and use encryption when sending it in . Shred or burn sensitive mail before you recycle it. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

8 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Keep your wallet thin Copy your cards Make photocopies of your cards, front and back, in case they are stolen Look over your bills and statements promptly Remember: No reputable organization will ever request personal information in an or a phone call. Your bank does not need your password to access your account. Report identity theft promptly Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

9 Hacking Also referred to as cracking
Refers to gaining unauthorized access to computer systems Exploits weaknesses in target system’s security Once access is gained information will often be stolen Personal data, credit card number, passwords Hackers use a variety of tools to gain access to a system Social engineering is the easiest Tricks a person into revealing their password or other sensitive data Watches person over their shoulder as they type Calling companies IT department and impersonates genuine user pretending to have forgotten their password Use of Phishing © 2009 Prentice-Hall, Inc.

10 Keyloggers capture every keystroke typed by users
Software tools Packet sniffers gather unencrypted data as it travels over the Internet Keyloggers capture every keystroke typed by users Password crackers guess passwords Dictionary attack tries every word in a list of known English words (or words in another language) Brute force try every combination of characters until the correct password is guessed Takes years to guess passwords for long passwords © 2009 Prentice-Hall, Inc.

11 Information Technology in a Global Society, Stuart Gray, 2011
EXAMPLES In 2008 US Republican candidate Sarah Palin’s webmail was compromised by hackers. The attack was relatively simple: the attackers used the password reset mechanism of her account and, when asked for her personal details, they used details freely available on the Internet. This enabled the attackers to reset Palin’s password and leak her s onto the Internet. In 2009 a web hosting company lost the web sites of 100,000 customers after its servers were attacked. The company had updated its software with the latest security patches but the attackers targeted a newly reported, and unfixed vulnerability – a so called zero day exploit. The attackers deleted large amounts of data from the servers. Many of the customers had signed up for hosting without backup facilities, meaning they were unable to retrieve their data. Information Technology in a Global Society, Stuart Gray, 2011

12 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Software sabotage: viruses and other malware Sabotage of software can include: Malware: malicious software Trojan horse: performs a useful task while also being secretly destructive Examples: logic and time bombs Virus: spreads by making copies of itself from program to program or disk to disk Examples: macro viruses and viruses Worms: Spread without any user interaction. Examples: Opening worm infected attachements will spread the worm through the network or automatically forward itself to people in the user’s address book. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

13 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
How a Worm Works Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

14 McAfee Global Virus Map
Virus Hoaxes Virus Info Glossary Anti-Virus Tips © 2009 Prentice-Hall, Inc.

15 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Antivirus programs are designed to search for viruses, notify users when they’re found, and remove them from infected disks or files. Antivirus programs continually monitor system activity, watching for and reporting suspicious virus-like actions. Programs need to be frequently revised to combat new viruses as they appear. Most can automatically download new virus-fighting code from the Web as new virus strains appear. It can take several days for companies to develop and distribute patches for new viruses. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

16 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Spyware is technology that collects information from computer users without their knowledge or consent. Also called: tracking software Information is gathered and shared with others via Internet. Your keystrokes could be monitored. Web sites you visit are recorded. Snapshots of your screen are taken. Spyware can cause pop-ups appearing on your screen. 91% of PC users have spyware on their computers. In drive-by downloads, just visiting a Web site can cause a download. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

17 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Zombie computers–Internet connected computers that have been hijacked using viruses to perform malicious acts without the knowledge of the owners and users. Malware infects computers with a “backdoor” which allows them to be controlled by an unauthorized user Criminals control hundreds or even thousands of zombies at once to form “Botnets” which are groups of computers under their control Send out spam or phishing s or distribute further malicious software DOS (denial of service) attacks bombard servers and Web sites with traffic that shuts down networks. DDOS (Distributed denial of service) attacks use many computers (botnets) to attack a system. Drive-by downloads - programs which are downloaded or installed automatically, without the user’s consent, when they visit a web page. Typically used either to infect a system with malware or to make money by tricking the user into buying security software they don’t need. They sometimes use false error messages to trick the user into thinking they have a virus. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

18 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Depending on the security system, you might be granted access to a computer based on: Something you have A key, an ID card with a photo, or a smart card containing digitally encoded identification in a built-in memory chip (RFID) Something you know A password, an ID number, a lock combination, or a piece of personal history, such as your mother’s maiden name Something you do Your signature or your typing speed and error patterns Something about you A voice print, fingerprint, retinal scan, facial feature scan, or other measurement of individual body characteristics—collectively called biometrics Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

19 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Passwords and access privileges Passwords are the most common tool for restricting access to a computer system. Effective passwords: Use more than 12 characters Use upper-case and lower-case letters, numbers, and symbols Use different passwords for each system to limit problems if one password is compromised Avoid using real words, names or dates You should: Never write down passwords – use a password vault with a strong password to store passwords Change your passwords frequently Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

20 Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall
Firewalls, encryption These security systems reduce or prohibit the interception of messages between computers. A firewall is hardware or software that determines which data is allowed to enter and leave a network. Firewalls help secure a computer by preventing network access from external unauthorized users. Encryption is where codes protect transmitted information and a recipient needs a special key to decode the message. When sensitive data, such as credit card numbers, are sent over the Internet they are encrypted. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall

Download ppt "Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.
Computer Security and Risks 11.  2001 Prentice Hall11.2 Chapter Outline On-line Outlaws: Computer Crime Computer Security: Reducing Risks Security, Privacy,

Computer Security and Risks 11.  2001 Prentice Hall11.2 Chapter Outline On-line Outlaws: Computer Crime Computer Security: Reducing Risks Security, Privacy,
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Threats To A Computer Network

Threats To A Computer Network
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Quiz Review.

Quiz Review.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

Similar presentations

Ads by Google