Chapter # 3 COMPUTER AND INTERNET CRIME

Slides:



Advertisements
Similar presentations
A NASSCOM ® Initiative Comprehensive Computer Security Software An advanced computer security software usually have one or more of the following utilities.
Advertisements

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Ethics in Information Technology, Fourth Edition
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Computer Viruses.
 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Ethics in Information Technology, Second Edition
Chapter 3 Computer and Internet Crime
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Computer Crime and Information Technology Security
Ethics in Information Technology, Second Edition 1 Computer & Society Week 4 Marwan Al-Namari.
BUSINESS B1 Information Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
Computing Essentials 2014 Privacy, Security and Ethics © 2014 by McGraw-Hill Education. This proprietary material solely for authorized instructor use.
C8- Securing Information Systems
Security Issues, Ethics, & Emerging Technologies in Education
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Completing network setup. INTRODUCTION Course Overview Course Objectives.
IT in Business Issues in Information Technology Lecture – 13.
Internet Safety Piotr Hasior Introduction Internet Safety Internet safety, or online safety, is the knowledge of maximizing the user's personal safety.
Topic 5: Basic Security.
Computer Skills and Applications Computer Security.
Computer and Internet Crimess
Security and Ethics Safeguards and Codes of Conduct.
Safe’n’Sec IT security solutions for enterprises of any size.
Woodland Hills School District Computer Network Acceptable Use Policy.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Ethics in Information Technology, Second Edition Computer & Society Week 5.
Securing Information Systems
Chapter 40 Internet Security.
Securing Information Systems
Add video notes to lecture
Computer Security INSM 180- Belasco Bryant and Stratton Fall 2011
Jeopardy—CH 8 Security Risks Ethics- Health Emerging Technology
CYBER SECURITY...
Instructor Materials Chapter 7 Network Security
Lecture 8. Cyber Security, Ethics and Trust
Network security threats
Fundamentals of Information Systems
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Answer the questions to reveal the blocks and guess the picture.
COMPUTER CRIME.
Securing Information Systems
Security in Networking
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
BCT 2.00 Analyze Technology Issues
SECURITY POLICIES, LAWS AND COMPUTER CRIMES (CCI410) PERTEMUAN 12
INFORMATION SYSTEMS SECURITY and CONTROL
Faculty of Science IT Department By Raz Dara MA.
Networking for Home and Small Businesses – Chapter 8
Computer and Internet Crime Privacy
Computer Security By: Muhammed Anwar.
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.
Woodland Hills School District
Presentation transcript:

Chapter # 3 COMPUTER AND INTERNET CRIME INFS 452 – Computer Ethics & Society Chapter # 3 COMPUTER AND INTERNET CRIME Ethics in information technology by George W. Reynolds Prepared by: Arfan Arshad

Overview The security of information technology used in business is of utmost importance. Confidential business data and private customer and employee information must be safeguarded, and systems must be protected against malicious acts of theft or disruption. Although the necessity of security is obvious, it must often be balanced against other business needs and issues.

Types of Exploits Virus is a piece of programming code, usually disguised as something else, which causes a computer to behave in an unexpected and usually undesirable manner.     Worm is a harmful program that resides in the active memory of the computer and duplicates itself. Worms differ from viruses in that they can propagate without human intervention. Trojan Horse is a program in which malicious code is hidden inside a seemingly harmless program.   Botnet is a large group of computers controlled from one or more remote locations by hackers, without the knowledge or consent of their owners. Botnets are frequently used to distribute spam and malicious code.

Types of Exploits (Contd…..) Distributed Denial-of-Service (DDoS) Attacks is one in which a malicious hacker takes over computers on the Internet and causes them to flood a target site with demands for data and other small tasks. Rootkit is a set of programs that enables its user to gain administrator level access to a computer without the end user’s consent or knowledge.   Spam E-mail spam is the abuse of e-mail systems to send unsolicited e-mail to large numbers of people. Most spam is a form of low-cost commercial advertising. Phishing is the act of using e-mail fraudulently to try to get the recipient to reveal personal data. Spear-phishing is a variation of phishing in which the phisher sends fraudulent e-mails to a certain organization’s employees.

Types of Perpetrators

IMPLEMENTING TRUSTWORTHY COMPUTING

Contd……

Risk Assessment A risk assessment is the process of assessing security-related risks to an organization’s computers and networks from both internal and external threats. The goal of risk assessment is to identify which investments of time and resources will best protect the organization from its most likely and serious threats.

Risk Assessment Process

Establishing a Security Policy A security policy defines an organization’s security requirements, as well as the controls and sanctions needed to meet those requirements. A good security policy delineates responsibilities and the behavior expected of members of the organization. A security policy out-lines what needs to be done but not how to do it. The details of how to accomplish the goals of the policy are provided in separate documents and procedure guidelines.

Educating Employees, Contractors, and Part-Time Workers Employees, contractors, and part-time workers must be educated about the importance of security so that they will be motivated to understand and follow the security policies. For example, users must help protect an organization’s information systems and data by doing the following: Guarding their passwords to protect against unauthorized access to their accounts Prohibiting others from using their passwords Applying strict access controls (file and directory permissions) to protect data from disclosure or destruction Reporting all unusual activity to the organization’s IT security group

Prevention from threats Installing a Corporate Firewall Intrusion Prevention Systems   Installing Antivirus Software on Personal Computers Implementing Safeguards against Attacks by Malicious Insiders Conducting Periodic IT Security Audits

Detection Even when preventive measures are implemented, no organization is completely secure from a determined attack. Thus, organizations should implement detection systems to catch intruders in the act. Organizations often employ an intrusion detection system to minimize the impact of intruders. An intrusion detection system is software and/or hardware that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization.

Question & Answer Session