Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACCT341, Chapter 11 Computer Crime, Ethics, and Privacy

Published byThomasine Rice Modified over 8 years ago

Similar presentations

Presentation on theme: "ACCT341, Chapter 11 Computer Crime, Ethics, and Privacy"— Presentation transcript:

1 ACCT341, Chapter 11 Computer Crime, Ethics, and Privacy
Introduction Computer Crime, Abuse, and Fraud Examples of Computer Crimes Mitigating Computer Crime and Fraud Ethical Issues, Privacy, and Identity Theft

2 Computer Crime involvement of the computer in a criminal act
directly, or indirectly. definition important it affects how statistics are accumulated It said “ hit any key to continue, so I did, just with a hammer.” Is smashing a computer with a sledge hammer considered computer crime? only a small proportion of computer crime gets detected

3 Computer Crime & Abuse - the Difference
Computer crime involves the manipulation of a computer or computer data to dishonestly obtain money, acquire property, or get some other advantage of value, or to cause a loss. Computer abuse is when someone’s computer is used or accessed in a mischievous manner with a motive of revenge or challenge is punishable in extreme cases Should Adrian Lamo have been arrested? Case 11.1, p.343

4 Examples of Computer Crimes.
A computer dating service was sued because referrals for dates were few and inappropriate. The owner eventually admitted that no computer was used to match dates, even though the use of a computer was advertised. Case 11.2, p.344: Donald Burleson, a disgruntled programmer, created a logic bomb that erased 168k of data records and held up paychecks for a month. Would have been more serious if not discovered early. [Logic bombs are programs that remain dormant until a circumstance or date triggers the fuse.]

5 Common Types of Computer Crime and Abuse

6 Federal Legislation three are described as misappropriation
The Computer Fraud and Abuse Act (CFAA) of which was amended in 1994 and 1996 Defines computer fraud as an illegal act for which computer technology is essential for its perpetration, investigation, or prosecution. Defines 7 fraudulent acts; the first three are described as misappropriation of assets and the last four as “other” crimes

7 CFAA Fraudulent Acts Unauthorized theft, use, access, modification, copying, or destruction of software or data. King Soopers p. 345 Theft of money by altering computer records or the theft of computer time. Salami technique, P#14 (salami is made from many small pieces of meat, salt, beef, garlic). Intent to illegally obtain information or tangible property through the use of computers. Send office supplies invoices, Case 11.7, p

8 CFAA Fraudulent Acts Use or the conspiracy to use computer resources to commit a felony. Sjiem-Fat created bogus cashier checks to buy cptr equip. for resale in Caribbean, p Theft, vandalism, destruction of computer hardware. Disgruntled taxpayer shoots IRS cptrs, p. 346 Trafficking in passwords or other login information for accessing a computer. Extortion that uses a computer system as a target. Disgruntled employee steals data for ransom, p

9 Federal Legislation Affecting the Use of Computers
Fair Credit Reporting Act of 1970 Freedom of Information Act of 1970 Federal Privacy Act of 1974 Small Business Computer Security and Education Act of 1984 Computer Fraud and Abuse Act of 1986

10 Federal Legislation Affecting the Use of Computers (cont.)
Computer Fraud and Abuse Act (1996 amendment) Computer Security Act of 1987 USA Patriot Act of 2001 Cyber Security Enhancement Act of 2002 CAN-SPAM Act of 2003

11 The Lack of Computer-Crime Statistics
Data not available because private companies handle abuse internally to prevent embarrassment surveys of computer abuse are often ambiguous most computer abuse is probably not discovered (FBI estimates only 1% detected)

12 The Growth of Computer Crime
Computer crime is growing because of Exponential growth in computer resources Internet gives step-by-step instructions on how to perpetrate computer crime Continuing lax security (in one test, only 3 out of 2200 websites knew they were being targeted -see Case p.347)

13 Importance for Accountants
Computer crime and abuse important to accountants because AISs help control an organization’s financial resources are favored targets of disgruntled employees seeking financial gain or revenge because they are responsible for designing, implementing, and monitoring the control procedures for AISs. because firms suffer millions of dollars in computer-related losses due to viruses, unauthorized access, and denial of service attacks Avg cost to target co. of computer abuse per incident is $500k

14 Computer Crime Cases Compromising Valuable Information: The TRW Credit Data Case: Selling credit scores, data diddling Computer Hacking: Kevin Mitnick and social engineering Reasons to hack: financial gain, revenge, challenge, curiosity, pranks, industrial espionage Max. penalty is 5 years prison + $250k fine. Denial of service: The 2003 Internet Crash A very speedy computer worm, the Slammer worm (cost > $1b and we don’t know who did it) Note: unlike a virus, a worm doesn’t destroy data, just reproduces until system is overloaded

15 Robert T. Morris and the Internet Virus
created one of the world’s most famous computer viruses became first person to be indicted under the Computer Fraud and Abuse Act of 1986 The case illustrated vulnerability of networks to virus infections.

16 Computer Viruses Computer VIRUS is a program
that disrupts normal data processing and that can usually replicates itself onto other files, computer systems or networks. WORM - In contrast to most viruses, a worm doesn’t destroy data but it replicate itself until the user runs out of memory or disk space.

17 Computer Virus Programs
Trojan Horse programs reside in legitimate computer programs. Logic Bomb programs remain dormant until the computer system encounters a specific condition. A virus may be stored in an applet, which is a small program stored on a WWW server.

18 Methods for Thwarting Computer Abuse
Enlist top management support Increase employee awareness and education and have a hotline Conduct security inventory Protect passwords Social engineering, phishing, smishing posing as bona fide when actually fake Prevented by: Lock-out systems Disconnecting users after a set number of unsuccessful login attempts Dial-back systems disconnecting all login users, reconnecting legitimate users after checking their passwords

19 Methods for Thwarting Computer Abuse
Occupation of Ctpr Abusers Implement controls Identify computer criminals Look at technical backgrounds, morals, gender and age Physical security -- secure location -- backup -- proper disposal (>1/3 of used hard drives for sale contained personal info – see Case 11.9)

20 Methods for Thwarting Computer Abuse
Recognize symptoms of employee fraud Five symptoms of employee fraud (Case , p. 360) Accounting irregularities such as forged, altered or destroyed input documents Internal control weaknesses Unreasonable anomalies that go unchallenged Lifestyle changes in an employee Behavioral changes in an employee

21 Methods for Thwarting Computer Abuse
Employ forensic accountants Special training (>27k CFEs) Special sleuthing tools One of fastest growing professions

22 Methods Used to Obtain Your Personal Data – ID Theft
Shoulder surfing Dumpster diving for documents & old cptr hard drives Scanning credit card at restaurant Fake apps for “preapproved” credit cards Key logging software Spam and other s Phishing & smishing

23 Privacy Issues Have a privacy policy for your website
Have an audit done by professionals who provide a privacy seal Truste BBB Online Webtrust Dispose of old computers with care Have laptops password protected Use encrypted USB drives only

Download ppt "ACCT341, Chapter 11 Computer Crime, Ethics, and Privacy"

Similar presentations

Cyber Crime and Technology

Cyber Crime and Technology
Computer Crimes A criminal act committed through the use of a computer. It can also involve the theft of a computer and any equipment associated with the.

Computer Crimes A criminal act committed through the use of a computer. It can also involve the theft of a computer and any equipment associated with the.
UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.

UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Chapter 11: Computer Crime, Fraud, Ethics, and Privacy

Chapter 11: Computer Crime, Fraud, Ethics, and Privacy
Chapter 11: Computer Crime, Fraud, Ethics, and Privacy

Chapter 11: Computer Crime, Fraud, Ethics, and Privacy
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.

Fundamentals of Information Systems, Second Edition 1 Security, Privacy, and Ethical Issues in Information Systems and the Internet Chapter 9.
Lecturer: Fadwa Tlaelan

Lecturer: Fadwa Tlaelan
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Unit 18 Data Security 1.

Unit 18 Data Security 1.
Computer Viruses.

Computer Viruses.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.

Chapter 15 Computer Crime and Information Technology Security Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.

Similar presentations

Ads by Google