Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Management: Assessment and Forensics Session 8.

Published byMyles Hicks Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Security Management: Assessment and Forensics Session 8."— Presentation transcript:

1 Computer Security Management: Assessment and Forensics Session 8

2  Computer crime means a crime involving computer resources, including using a computer to commit a crime.  Computer fraud means using computer resources to defraud.

3  Using a computer to defraud.  Fraud is an intentional act to deceive or mislead, convert assets to one’s own benefit, or make intentional false statements or misrepresentations often accompanied by omission, manipulation of documents or collusion.  Computer fraud is criminal.

4  Hacking.  Deliberate virus spreading.  Theft of information, software or hardware.  Theft of computer resource usage.  Denial of computer services by means of malicious software or messages.  Message interception.

5  Scams  Phishing  Defamation of character.  Disseminating hate propaganda.  Threats  Developing, holding or spreading child pornography.

6  A perpetrator lacking integrity or ethics  Motivation to commit fraud  Opportunity to commit and conceal fraud  False representation to a substantial degree

7  Factor to induce a victim or accomplice to act  Intent to defraud  Injury or loss sustained

8  The fraud provisions of the Criminal Code have been used to prosecute people who used computers to commit frauds.  The Internet is increasingly used to perpetrate fraud because of its reach and the impulse responses of Web surfers.

9  A complex accounting system raises the potential for “creative accounting” and consequently fraud  The general perception that computerized information is reliable makes computer fraud less susceptible to challenge than fraud committed on paper

10  Manipulating systems or causing glitches to “smooth” quarterly earnings  Salami, rounding down interest calculation and deposit difference to programmer’s own account  Employee selling of customer lists to competitor  Fictitious insurance policies to defraud insurers and reinsurers

11 A scheme that uses one or more components of the Internet - such as chat rooms, e-mail, message boards, or Web sites - to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or others connected with the scheme.

12  Auction or sales inducing the victim to send money or give out credit card numbers for promised goods  Business opportunity  Work-at-home program

13  Investment scheme  Stock market manipulation by spreading fictitious news about public companies  Identity theft

14  Segregation of duties  Management and independent review  Restricted access  Code of business conduct to outline what is not acceptable, what is not supposed to be done with organization IT resources, what constitutes conflict of interest.

15  Intrusion detection and prevention systems  Encryption  Security education  Analytical review

16  System monitoring  Security check on new hires and contractors  An established process for whistle blowing and investigation  Exemplifying management culture

17  Lock laptops when not attended to  Scheduled refreshment of web sites from the backup version to nullify even minor changes by hackers such as changing a key word in the user agreement or a rate

18  Damage control by pulling equipment off the network.  Preserve evidence, do not turn off computers.  Call a forensic expert to image the computer hard disks.  Do not use the computer until the hard disk is successfully captured

19  Do not set off alarm, let the suspect continue.  Damage control, by making backup of data and providing an alternate plan.  Continue to monitor suspect.  Collect evidence behind the scene.  Depending on severity, may need to terminate access or reassign suspect immediately.  Sanitize data behind the scene.

20  Gathering evidence ◦ Rules of Evidence must be carefully followed ◦ Chain of custody critical ◦ Interviewing personnel ◦ Invigilation ◦ Indirect methods of proof Conducting the Forensic Investigation

21  Screwdriver and pliers  Disk imaging software  Hash calculation utility  Search utilities  File and data recovery tools  File viewing utilities  Password cracking software  Digital camera Tools of Computer Forensics

22  Computer crime and computer fraud on the rise  Organizations should adopt a code of business conduct.  Organizations should have chief ethic officers

Download ppt "Computer Security Management: Assessment and Forensics Session 8."

Similar presentations

Security and Control Soetam Rizky. Why Systems Are Vulnerable ?

Security and Control Soetam Rizky. Why Systems Are Vulnerable ?
A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.

A Gift of Fire, 2edChapter 7: Computer Crime1 Computer Crime.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Control and Accounting Information Systems

Control and Accounting Information Systems
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.

Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.

Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.
Chapter Extension 24 Computer Crime and Forensics © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 24 Computer Crime and Forensics © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Auditing Computer Systems

Auditing Computer Systems
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
OVERVIEW OF COMPUTER CRIME LEGISLATION IN HAWAII

OVERVIEW OF COMPUTER CRIME LEGISLATION IN HAWAII

Similar presentations

Ads by Google