1. Slides created by Bob Koziel Hagerstown Community College

2. Tips for using the slide show Use MS Power Point XP to view the presentation. Earlier versions will not show the animations correctly. Slides with an icon: Click to view all parts of the slide. Some slides need to be clicked several times. Slides with an icon: Represents an internet link. Clicking on it will take you to the website. Internet connection required. Clicking on the or icon will take you to the previous slide or the next slide Slides with videos or sounds: Click on the picture to view videos or listen to sounds

3. Computer Crime and Security How attackers and intruders gain entry into computer systems to harm or destroy data Ways you can help system administrators keep computer systems safe from unauthorized users and viruses People who are most likely to attack or harm computer systems and their motives Types of losses caused by computer system intrusions and attacks The tools and techniques used to defend computer systems against intruders and attackers COMPUTERS IN YOUR FUTURE 2003 BRYAN PFAFFENBERGER What You Will Learn Chapter 12

4. What is the scope of the problem? Computer security risk- Any event, action, or situation that leads to the loss of computer systems or data Computer crime- Actions that violate state or Federal laws Cybercrime- Crimes carried out over the Internet

5. What are some techniques used to commit computer crimes? Intruders gain unauthorized access to computer systems Techniques used to gain access are:  Password guessing  Shoulder surfing  Packet sniffing  Dumpster diving  Social engineering  Superuser status  SATAN Techniques used by insiders are:  Salami shaving  Data diddling

7. What are computer viruses? Computer viruses are malicious programs that infect a computer system causing various problems with its use They replicate and attach themselves to programs in the system More than 20,000 different computer viruses

8. How does a computer get infected? Inserting a disk with an infected program and then starting the program Downloading an infected program from the Internet Being on a network with an infected computer Opening an infected e-mail attachment

9. What are the types of viruses? File infectors Attach themselves to program files Spreads to other programs on the hard drive Most common type of virus Boot sector virus Attach themselves to the beginning of hard drive Executes each time computer is started May lead to destruction of all data Macro virus Infect automatic command capabilities of productivity software Attach themselves to data files in word processing, spreadsheet and database programs Spread when data files are exchanged between users

10. What are some other types of destructive programs? Time bombs Also called logic bombs Harmless until a certain event or circumstances activate the program Worm Disguises itself as a useful program Contains hidden instructions May erase data or cause other damage Resembles a virus Spreads from one computer to another Controls infected computers Attacks other networked computers Trojan horse

11. Who creates malicious and damaging computer crimes? Computer hobbyists Try to find weaknesses and loopholes in computer systems Rarely destructive Adhere to hacker’s code of ethics Hackers Crackers Also called black hats Obsessed with entering secure computer systems Rarely destructive Leave calling cards on systems they enter Cyber gangs Brings crackers together by way of the Internet and meetings Virus authors Usually teenage males Want to push the boundaries of antivirus software Can be very damaging

12. More of who creates malicious and damaging computer crimes? Disgruntled employees Sabotage a company’s computer system Create security holes called trap doors Can divulge trade secrets or destroy data Spies Participate in corporate espionage Some are hackers or former employees 125 countries are involved in industrial espoionage Swindlers Use the Internet to scam money from people Favorite distribution methods are e-mail, chat rooms and web sites Types of scams are: Rip & tear, Pumping and dumping and Bogus goods Shills Used on Internet auctions A secret operative who bid’s on a seller’s item to drive up the bid

13. What is cyberstalking? Newest and fastest growing crime Using the Internet and other electronic media to harass and threaten a person Most perpetrators are men most victims are women Children are at risk from online sexual predators

14. What’s the cost of computer crime? Staff time- Computer staff stops everything and focuses on the problem Downtime- The system is shutdown unitl it’s safe to operate again Replacing equipment- Company pays when computers and parts are missing due to theft Adverse publicity- Crimes go unreported because of fear of publicity of loss Loss of privacy- Sensitive personal information can end up in the hands of criminals Risk to public safety- Many government agencies rely on computers to maintain public safety Denial of service- Internet service becomes overloaded and doesn’t function

16. Use programs that have an auto save/auto recovery function Equip system with an uninterruptible power supply; A battery powered device that automatically turns on when power is interrupted Protecting computers from power related problems (surges & outages)

17. Controlling access Choose authentication passwords that have at least eight letters, mix upper and lower case letters and include numbers Callback systems- Access is granted or denied based on information caller gives Know & have authentication- Users have various ways of accessing a system  Tokens- Electronic device that generates a logon code  Digital certificates- Resemble computer ID cards  Smartcards- Credit card sized device with internal memory  Biometric authentication- Voice recognition, retinal scans, thumbprints and facial recognition

18. Install a firewall program Programs that are designed to prohibit outside sources from accessing the computer system Personal firewall- Designed to protect home computers from unauthorized access while connected to the Internet

19. Use encryption Encryption programs make information unreadable if it is stolen Update web browser to use 128-bit encryption for online shopping

20. Use antivirus programs Called vaccines or virus checkers Uses pattern-matching techniques to examine program files for patterns of virus code Two drawbacks:  They cannot find viruses not in their database  They can not find new viruses that alter themselves to evade detection Use antivirus programs that offer frequent updates and monitor system functions Check disks for viruses that were used on another system

21. Backup data Backup programs and data regularly Store backups away from the computer system Types of backups:  Full backups- Everything stored on the computer; Backup once a month  Incremental backups- Backup only those files that have changed since last backup: Backup daily or weekly Disaster recovery plan- Large organizations should develop a detailed plan for emergencies

22. Tips for avoiding scams Do business with established companies Read the fine print Don’t provide financial or personal information to anyone Be skeptical about information received in chat rooms

23. Tips for preventing cyberstalkers Don’t share personal information in chat rooms Be extremely cautious about meeting anyone you’ve contacted online Contact the police if a situation occurs that makes you feel afraid while online

24. THE END