Chapter 10: Privacy, Security, and Ethics Modified by S.S. BuHamra

Introduction The Universal use of computers and technology prompts some very important questions about the use of personal data and our right to privacy. In part I of Ch 10 presentation, We covered issues related to the impact of technology on people and how to protect ourselves on the Web. discussed the primary privacy issues of accuracy, property, and access. described the impact of large databases, private networks, the Internet, and the Web on privacy. In part 2 of Ch 10 presentation, We will describe the security threats posed by computer criminals including employees, hackers, crackers, organized crime, and terrorists. discuss computer crimes including creation of viruses and worms and implementation of denial of service attacks and Internet scams (tricks). discuss computer ethics including copyright law and plagiarism. describe ways to protect copyrights and to identify plagiarism, including digital rights management and Turnitin (the leading academic plagiarism detector, utilized by teachers and students to avoid plagiarism and ensure academic integrity )

Security Threats to computer security - keeping information private depends on keeping computer systems safe from criminals, natural hazards, and other threats. Computer crime - an illegal action in which the perpetrator uses special knowledge of computer technology Computer criminals – those using computer technology to engage in illegal action. Five types: Computer crime – illegal action in which the perpetrator uses special knowledge of computer technology Computer criminals – those using computer technology to engage in illegal action, five types Employees – the largest category; may be trying to steal hardware, software, proprietary information and could be doing this out of resentment and trying to get back at the company Outside users – could include employees and clients or suppliers having access to a company’s computer system; could obtain confidential passwords (key term) “Hackers” and “crackers” – hackers gain unauthorized access to computer systems “for fun”, crackers on the other hand, create and share programs designed to gain unauthorized access to computer systems. Their motives are malicious and can be very destructive and costly. Organized crime – tracking illegal enterprises, forgery, counterfeiting Terrorists – could potentially crash satellites and wage economic warfare by disrupting navigation and communication systems

Computer criminals Five types of computer criminals: Employees– the largest category; may be trying to steal hardware, software, and could be doing this out of resentment. Outside users - Suppliers or clients having access to a company’s computer system and could obtain confidential passwords. -Hackers - people who gain unauthorized access to a computer system for the fun and challenge of it. However, - crackers create and share programs designed to gain unauthorized access to computer systems. Their motives are malicious and can be very destructive and costly. Organized crime - Computers are used for keeping track of stolen goods or illegal gambling debts. Counterfeiters and forgers use microcomputers and printers to produce sophisticated-looking documents Terrorists - groups and hostile governments who could potentially crash satellites and wage economic warfare by disrupting navigation and communication systems. Concerned with security – on and off the Internet Most people don’t realize that security involves theft by employees as well as deliberate thefts from viruses, electronic break-ins, etc. Re-emphasize ethics as an integral part of security – what belongs to the company, belongs to the company (computer time, software, floppies, getting into area in computer where you don’t need to be) If you do happen to go somewhere in network or Internet you really didn’t intend to go, back out right away Tell your supervisor of the error and document what happened (how you got there, whom you told, and when you told the person)

Computer Crimes have tripled in the past two years! Malicious Programs Viruses Worms Trojan horse Zombies Denial of service (DoS) attacks Internet scams, such as phishing Social networking risks Rogue Wi-Fi hotspots Theft of hardware, software, data, and computer time Data manipulation Computer Fraud and Abuse Act Computer crime can take various forms: Creation of malicious programs – called malware (key term)which is short for malicious software Viruses (key term)– (**Use link to show table of common viruses when talking about viruses) migrate through networks and operating systems and most attach themselves to different programs and databases; can alter and/or delete files; can damage system components; Computer Abuse Amendments Act (key term) makes spreading a virus a federal offense Worms (key term) – a special type of virus Doesn’t attach to a program Fills the computer with self-replicating information or can be a carrier of a more traditional virus Trojan horse – programs that are disguised as something else; like worms they are carriers of viruses; can be innocently downloaded from the Internet Zombies – computers infected by a virus, worm, or Trojan hoorse that allows them to be remotely controlled Denial of service attacks – denies service from ISPs by flooding a computer or network with requests for information and data Internet scams (key term) – (**Use link to show table of common Internet scams when talking about Internet scams) a fraudulent or deceptive act or operation to trick someone into spending money Theft – hardware, software, data, computer time; unauthorized copying of programs for personal gain is called software piracy (key term). The Software Copyright Act (key term) allows only the program owner to make backup copies of programs. Data manipulation – Computer Fraud and Abuse Act – law states that it’s a crime for an unauthorized person to even view data using any computer across state lines

Computer Crime Malicious Programs: called malware -short for malicious software Viruses - are programs that migrate through networks and operating systems, and most attach themselves to different programs and databases. Worms - Fills the computer with self-replicating information or can be a carrier of a more traditional virus. Do not attach themselves to a program. Trojan horse – programs that are disguised as something else; like worms they are carriers of viruses; e.g. can be innocently downloaded from the Internet. Ex. free computer games and free screen saver programs. Zombies -are computers infected by a virus, worm, or Trojan horse that allows them to be remotely controlled for malicious purposes. Botnet is a collection of zombie computers Computer crime can take various forms: Creation of malicious programs – called malware (key term)which is short for malicious software Viruses (key term)– (**Use link to show table of common viruses when talking about viruses) migrate through networks and operating systems and most attach themselves to different programs and databases; can alter and/or delete files; can damage system components; Computer Abuse Amendments Act (key term) makes spreading a virus a federal offense Worms (key term) – a special type of virus Doesn’t attach to a program Fills the computer with self-replicating information or can be a carrier of a more traditional virus Trojan horse – programs that are disguised as something else; like worms they are carriers of viruses; can be innocently downloaded from the Internet Zombies – computers infected by a virus, worm, or Trojan hoorse that allows them to be remotely controlled Denial of service attacks – denies service from ISPs by flooding a computer or network with requests for information and data Internet scams (key term) – (**Use link to show table of common Internet scams when talking about Internet scams) a fraudulent or deceptive act or operation to trick someone into spending money Theft – hardware, software, data, computer time; unauthorized copying of programs for personal gain is called software piracy (key term). The Software Copyright Act (key term) allows only the program owner to make backup copies of programs. Data manipulation – Computer Fraud and Abuse Act – law states that it’s a crime for an unauthorized person to even view data using any computer across state lines

Computer Crime Denial of service (DoS) attacks Internet scams Like a worm, they attack and make attempts to slow down or stop a computer system or network. Unlike a worm that self-replicates, a DoS attack floods a computer or network with requests for information and data. As a result, the ISP or Web site is effectively shut down. The targets of these attacks are usually Internet service providers (ISP) and specific Web sites. Internet scams Afraudulent or deceptive act or operation on the Internet designed to trick individuals into spending their time and money for little or no return. Phishing – a technique employed by scammers attempting to trick Internet users to think a fake but official looking site is legitimate. Computer crime can take various forms: Creation of malicious programs – called malware (key term)which is short for malicious software Viruses (key term)– (**Use link to show table of common viruses when talking about viruses) migrate through networks and operating systems and most attach themselves to different programs and databases; can alter and/or delete files; can damage system components; Computer Abuse Amendments Act (key term) makes spreading a virus a federal offense Worms (key term) – a special type of virus Doesn’t attach to a program Fills the computer with self-replicating information or can be a carrier of a more traditional virus Trojan horse – programs that are disguised as something else; like worms they are carriers of viruses; can be innocently downloaded from the Internet Zombies – computers infected by a virus, worm, or Trojan hoorse that allows them to be remotely controlled Denial of service attacks – denies service from ISPs by flooding a computer or network with requests for information and data Internet scams (key term) – (**Use link to show table of common Internet scams when talking about Internet scams) a fraudulent or deceptive act or operation to trick someone into spending money Theft – hardware, software, data, computer time; unauthorized copying of programs for personal gain is called software piracy (key term). The Software Copyright Act (key term) allows only the program owner to make backup copies of programs. Data manipulation – Computer Fraud and Abuse Act – law states that it’s a crime for an unauthorized person to even view data using any computer across state lines

Common Internet Scams

Computer Crime Social networking risks Rogue Wi-Fi hotspots- Capture any and all information sent by unsuspecting users to legitimate sites including user names and passwords Theft of hardware, software, data, and computer time -unauthorized copying of programs for personal gain is called software piracy (key term). The Software Copyright Act (key term) allows only the program owner to make backup copies of programs Data manipulation The Computer Fraud and Abuse Act makes it a crime to view, copy or damage data using any computer across state lines Theft – hardware, software, data, computer time; unauthorized copying of programs for personal gain is called software piracy (key term). The Software Copyright Act (key term) allows only the program owner to make backup copies of programs. Data manipulation – Computer Fraud and Abuse Act – law states that it’s a crime for an unauthorized person to even view data using any computer across state lines

Other Hazards Natural hazards - Natural forces such as fires, floods, and tornadoes, etc., keep data is safe locations in case of fire or storm damage Civil strife and terrorism-Wars, riots, and terrorist activities Technological failures Voltage surge or spike Use a surge protector Human errors Data entry errors Programmer error There are plenty of other hazards to computer systems besides criminals Natural hazards include fires, floods, winds, hurricanes, etc., keep data is safe locations in case of fire or storm damage Civil strife – wars, riots, etc. are real risks Technological failures – voltage surges or spikes (key term); hard disk crashes possibly occur when the hard disk is bumped Human errors – data entry are commonplace mistakes; programming, faulty design mistakes; sloppy procedures

Measures to Protect Computer Security Security is concerned with protecting information, hardware, and software from unauthorized use as well as from damage from intrusions, sabotage, and natural disasters. Restricting access: Encrypting data :E-mail encryption File encryption Anticipating disasters Preventing data loss Security involves protecting information, hardware, and software from unauthorized use, damage from intrusions, sabotage, and natural disasters Security growing field; currently have courses on Network security as well as Encryption – coding messages to prevent people from reading your messages Restricting access through passwords and firewalls (key term) Anticipating disasters – companies and individuals should prepare Physical security (key term)– protecting hardware Data security (key term)– protecting software and data from unauthorized tampering or damage And have a disaster recovery plan (key term)– describing ways to continue operating until normal computer operations can be restored; can create special emergency facilities called hot sites which are fully equipped backup computer centers or cold sites if hardware must be installed to be utilized Use physical backups – off-site storage using tapes or disks in case of loss of equipment (World Trade Center; Mississippi floods for example; hurricanes in Gulf states; fires in California and national parks)

Restricting Access Biometric scanning Passwords Firewalls Fingerprint scanners Iris (eye) scanners Passwords Firewalls Computers should be protected from unauthorized access Biometric scanning Fingerprint scanners Iris scanners Passwords Dictionary attack – attempts to gain unauthorized access Firewalls – a security buffer between a corporation’s private network and all external networks Return

Encrypting Data Encryption is the process of coding information to make it unreadable, except to those who have the key E-mail encryption File encryption Web site encryption Virtual private networks (VPNs) Wireless network encryption WEP, WPA, and WPA2 Return

Ethics Copyright Software piracy Plagiarism Gives content creators the right to control the use and distribution of their work Software piracy Unauthorized copying and distribution Digital Millenium Copyright Act Digital rights management (DRM) Plagiarism Standards of moral conduct Computer ethics Guidelines for the morally acceptable use of computers Users are entitled to ethical treatment Copyright is a legal concept that gives content creators the right to control use and distribution of their work Piracy – the unauthorized copying and distribution of software Digital Millennium Copyright Act – the right of the owner to make a backup copy Digital rights management – prevents copyright violations Plagiarism – representing some other person’s work and ideas as your own without giving credit to the original person’s work and ideas as your own

Careers in IT Cryptography is the science of disguising and revealing encrypted information Usually refers to keeping any intercepted information private Cryptographers are mathematicians who specialize in making and breaking codes Annual salary is usually between $60,000 to over $100,000/year

A Look to the Future A Webcam on Every Corner Images of public places are more accessible than ever before (e.g., Google Street View) “Virtual site-seeing tours” Public webcams continue to grow in popularity