Presentation is loading. Please wait.

Presentation is loading. Please wait.

INTRODUCTION TO COMPUTER TECHNOLOGY

Published byElfreda Bryan Modified over 8 years ago

Similar presentations

Presentation on theme: "INTRODUCTION TO COMPUTER TECHNOLOGY"— Presentation transcript:

1 INTRODUCTION TO COMPUTER TECHNOLOGY
Part 3-Session_1 COMPUTER CRIME, SECURITY AND LEGAL ISSUES Akanferi Albert

2 OBJECTIVES OF THE SESSION
To define and explain computer crime To explain some of the types of computer crimes To define and explain computer security and control To explain some of the control measures to computer vulnerability To explain computer related legal issues

3 INTRODUCTION Computers systems and digital data generally are very vulnerable as well as expensive. However, they are very important in the daily lives of businesses and individuals Hence, they need to be protected, but the normal laws are not enough to handle the complexities of this phenomenon. Computer crime, a growing threat to society, is caused by the criminal or irresponsible actions of individuals who are taking advantage of the widespread use and vulnerability of computers and the Internet and other networks. It presents a major challenge to the ethical use of information technologies. Computer crime also poses serious threats to the integrity, safety, and survival of most business systems and thus makes the development of effective security methods a top priority.

4 INTRODUCTION Until the introduction of computer and data misuse acts were passed, in some countries, two highly damaging activities were not against the law. These were hacking into computers and the deliberate infection of computer systems with viruses. Although an offended individual or organization could use civil courts to seek damages for losses suffered, there was no effective legal protection against this offence

5 COMPUTER CRIME Defined as the commission of illegal acts through the use of computer or against a computer system. Or as “any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution” Computer may be target of crime, e.g.: Breaching confidentiality of protected computerized data Accessing a computer system without authority Computer may be instrument of crime, e.g.: Theft of trade secrets Using for threats or harassment © Pearson Education 2012

6 COMPUTER CRIME Hence when we access a computer without authority, or with intent to harm, even if by accident, we commit a crime.

7 HACKERS AND COMPUTER CRIME
Hackers vs. crackers Activities include System intrusion System damage Cybervandalism Intentional disruption, defacement, destruction of Web site or corporate information system Hacking is the gaining of unauthorized access to a computer system, and perhaps altering its contents. It may be done in pursuit of a criminal activity or it may be a hobby, with hackers acting alone or passing information to one another. Hacking may be harmless if the participant is only enjoying the challenge of breaking systems defenses, but sever damage can be caused to the computer system owner. A cracker (also called a black hat or darkside hacker) is a malicious or criminal hacker. Usually a cracker is a person who maintains knowledge of the vulnerabilities he or she finds and exploits them for private advantage, not revealing them to either the general public or the manufacturer for correction. Many crackers promote individual freedom and accessibility over privacy and security. © Pearson Education 2012

8 HACKERS AND COMPUTER CRIME
Spoofing Misrepresenting oneself by using fake addresses or masquerading as someone else Redirecting Web link to address different from intended one, with site masquerading as intended destination Sniffer Eavesdropping program that monitors information traveling over network Enables hackers to steal proprietary information such as , company files, etc. © Pearson Education 2012

9 HACKERS AND COMPUTER CRIME
Denial-of-service attacks (DoS) Flooding server with thousands of false requests to crash the network. Distributed denial-of-service attacks (DDoS) Use of numerous computers to launch a DoS Botnets Networks of “zombie” PCs infiltrated by bot malware Worldwide, million computers serve as zombie PCs in thousands of botnets © Pearson Education 2012

10 HACKERS AND COMPUTER CRIME
Identity theft Theft of personal Information (social security id, driver’s license or credit card numbers) to impersonate someone else Phishing Setting up fake Web sites or sending messages that look like legitimate businesses to ask users for confidential personal data. Evil twins Wireless networks that pretend to offer trustworthy Wi-Fi connections to the Internet © Pearson Education 2012

11 HACKERS AND COMPUTER CRIME
Pharming Redirects users to a bogus Web page, even when individual types correct Web page address into his or her browser Click fraud Occurs when individual or computer program fraudulently clicks on online ad without any intention of learning more about the advertiser or making a purchase Cyberterrorism and Cyberwarfare © Pearson Education 2012

12 HACKERS AND COMPUTER CRIME
Computer Viruses Forms of malicious codes written with an aim to harm a computer system and destroy information. Can replicate themselves and harm the computer systems on a network without the knowledge of the system users. Viruses spread to other computers through network file system, through the network, Internet or by the means of removable devices like USB drives and CDs. Writing computer viruses is a criminal activity as virus infections can crash computer systems, thereby destroying great amounts of critical data.

13 HACKERS AND COMPUTER CRIME
Cyberstalking The use of communication technology, mainly the Internet, to torture other individuals is known as cyberstalking. False accusations, transmission of threats and damage to data and equipment fall under the class of cyberstalking activities. Cyberstalkers often target the users by means of chat rooms, online forums and social networking websites to gather user information and harass the users on the basis of the information gathered. Obscene s, abusive phone calls and other such serious effects of cyberstalking have made it a type of computer crime.

14 Threats to computer include:
hardware failure, software failure, personnel actions, terminal access penetration, theft of data, theft of service, theft of equipment, fire, electrical problems, user errors, programme changes and telecommunication problems.

15 DEFINITION OF SECURITY & CONTROL
The potential for unauthorized access, abuse or fraud is not limited to a single location but can occur at any access point in the network, hence, the need to provide computer security and control.

16 DEFINITION OF SECURITY & CONTROL
Security refers to the policies, procedures and technical measures used to prevent unauthorized access, alteration, theft or physical damage to information systems. Access Control consists of all the various mechanisms (physical, logical, administrative) used to ensure that only authorized persons or processes are allowed to use or access a system.

17 TYPES OF CONTROLS Controls can generally be classified as: Physical,
Technical, or Administrative

18 PHYSICAL CONTROLS These are physical measures put in place to ensure security of computer and related resources in an organisation Physical controls can further be grouped into: Preventive Physical Controls Detective Physical Controls

19 PREVENTIVE PHYSICAL CONTROLS
Preventive physical controls are employed to prevent unauthorized personnel from entering computing facilities (i.e. locations housing computing resources, supporting utilities, computer hard copy, and input data media) and to help protect against natural disasters. Examples of these controls include: Backup files and documentation Fences Security guards Badge systems Double door systems Locks and keys Backup power Biometric access controls Site selection Fire extinguishers

20 DETECTIVE PHYSICAL CONTROLS
Detective physical controls warn protective services personnel that physical security measures are being violated. Examples of these controls include: Motion detectors Smoke and fire detectors Closed-circuit television monitors Sensors and alarms

21 TECHNICAL CONTROLS Technical security involves the use of safeguards incorporated in computer hardware, operations or applications software, communications hardware and software, and related devices. Technical controls are sometimes referred to as logical controls. Technical controls can also further be grouped into: Preventive Technical Controls Detective Technical Controls

22 PREVENTIVE TECHNICAL CONTROLS
Preventive technical controls are used to prevent unauthorized personnel or programs from gaining REMOTE access to computing resources. Examples of these controls include: Access control software Antivirus software Library control systems Passwords Smart cards Encryption Dial-up access control and call back in systems

23 DETECTIVE TECHNICAL CONTROLS
Detective technical controls warn personnel of violations or attempted violations of preventive technical controls. Examples of these include: Audit trails and Intrusion detection expert systems

24 ADMINISTRATIVE CONTROLS
Administrative or personnel security consists of management constraints, operational procedures, accountability procedures, and supplemental administrative controls established to provide an acceptable level of protection for computing resources. In addition, administrative controls include procedures established to ensure that all personnel who have access to computing resources have the required authorizations and appropriate security clearances.

25 ADMINISTRATIVE CONTROLS
Administrative controls can also further be grouped into: Preventive Administrative Controls Detective Administrative Controls

26 PREVENTIVE ADMINISTRATIVE CONTROLS
Preventive administrative controls are personnel-oriented techniques for controlling people’s behavior to ensure the confidentiality, integrity, and availability of computing data and programs. Examples of preventive administrative controls include: Security awareness and technical training Separation of duties Procedures for recruiting and terminating employees Security policies and procedures Supervision Disaster recovery, contingency and emergency plans User registration for computer access

27 DETECTIVE ADMINISTRATIVE CONTROLS
Detective administrative controls are used to determine how well security policies and procedures are complied with, to detect fraud, and to avoid employing persons that represent an unacceptable security risk. This type of control includes: Security reviews and audits Performance evaluations Required vacations Background investigations Rotation of duties

28 COPYRIGHT LAW AND SOFTWARE CONTRACTS
Copyright in general term is the right to publish, reproduce and sell the matter and form of a literary, musical, dramatic or artistic work. The owner of the copyright can sell the item that the copyright relates to, and can stop other people from selling the same works because they are breaching the copyright obtained by the original author.

29 COPYRIGHT LAW AND SOFTWARE CONTRACTS
However, selling software is slightly different from selling a book or musical works. When computer software is sold, it is not sold outright to the purchaser. Instead, the purchaser is granted a right to use that software as explained in the user license.

Download ppt "INTRODUCTION TO COMPUTER TECHNOLOGY"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Lecture 14 Securing Information Systems

Lecture 14 Securing Information Systems
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Module 2: Information Technology Infrastructure

Module 2: Information Technology Infrastructure
EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.

EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Information Security Policies and Standards

Information Security Policies and Standards
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Similar presentations

Ads by Google