Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Crime & Security Hackers & Crackers & Worms! Oh my!!

Published byCarmella Nash Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Crime & Security Hackers & Crackers & Worms! Oh my!!"— Presentation transcript:

1 Computer Crime & Security Hackers & Crackers & Worms! Oh my!!

2 What’s at Risk Personal Information Personal Information Intellectual Property Intellectual Property Business Information Business Information National Security National Security

3 Personal Information Identity Theft Identity Theft Contact the fraud departments of any one of the three consumer reporting companies Contact the fraud departments of any one of the three consumer reporting companies Close the accounts that you know or believe have been tampered with or opened fraudulently. Close the accounts that you know or believe have been tampered with or opened fraudulently. File a report with your local police or the police in the community where the identity theft took place File a report with your local police or the police in the community where the identity theft took place File your complaint with the FTC File your complaint with the FTC

4 Intellectual Property Copyright Copyright Protects words, music, and other expressions for life of copyright holder plus 70 years Protects words, music, and other expressions for life of copyright holder plus 70 years Trademark Trademark Protects unique symbol or words used by a business to identify a product or service Protects unique symbol or words used by a business to identify a product or service Trade Secret Trade Secret Protects secrets or proprietary information Protects secrets or proprietary information Patent Patent Protects an invention by giving the patent holder monopoly on invention for 20 years after patent application has been applied. Protects an invention by giving the patent holder monopoly on invention for 20 years after patent application has been applied.

5 Business Information Business Intelligence Business Intelligence Collecting & analyzing information in pursuit of the business advantage. Collecting & analyzing information in pursuit of the business advantage. Competitor Intelligence Competitor Intelligence Business intelligence about the competitor. Business intelligence about the competitor. Counter Intelligence Counter Intelligence Protecting your own information from access by a competitor. Protecting your own information from access by a competitor. Customers’ Information Customers’ Information

6 National Security Cyber terrorism Cyber terrorism Acts of terrorism over the Internet which intimidate or harm a population Acts of terrorism over the Internet which intimidate or harm a population United States Computer Emergency Readiness Team – US CERT United States Computer Emergency Readiness Team – US CERT National Strategy to Secure cyberspace National Strategy to Secure cyberspace Prevent cyberattacks on America’s critical infrastructures Prevent cyberattacks on America’s critical infrastructures Reduce national vulnerability to cyberattacks Reduce national vulnerability to cyberattacks Minimize damage and recovery time from cyberattacks Minimize damage and recovery time from cyberattacks http://www.us-cert.gov/ http://www.us-cert.gov/ http://www.us-cert.gov/

7 Current US Privacy Laws Consumer Internet Privacy Protection Act of 1997 Consumer Internet Privacy Protection Act of 1997 The Children’s Online Privacy Protection Act of 2000 The Children’s Online Privacy Protection Act of 2000 Information Protection & Security Act of 2005 Information Protection & Security Act of 2005 Notification of Risk of Personal Data Act 2003 Notification of Risk of Personal Data Act 2003

8 Current US Privacy Laws Identity Theft Protection Act of 2005 Identity Theft Protection Act of 2005 Health Insurance Portability & Accountability Act (HIPAA) of 1996 Health Insurance Portability & Accountability Act (HIPAA) of 1996 Sarbanes-Oxley Act (“Sarbox”) of 2002 Sarbanes-Oxley Act (“Sarbox”) of 2002 Gramm-Leach-Bliley Act (GBLA) of 1999 Gramm-Leach-Bliley Act (GBLA) of 1999

9 Source of Security Threats Software/Network Vulnerabilities Software/Network Vulnerabilities User Negligence & Theft User Negligence & Theft Pirates & Plagiarism Pirates & Plagiarism Hackers & Crackers Hackers & Crackers Internal Threats Internal Threats

10 Software/Network Vulnerabilities Security Holes Security Holes Vulnerability of a program or a system Vulnerability of a program or a system Data compromise Data compromise Unauthorized software installation Unauthorized software installation Software Patches Software Patches Fixes to the software Fixes to the software Announces the problem Announces the problem

11 User Negligence & Theft Data-entry errors Data-entry errors Errors in programs Errors in programs Improper set-up or installation Improper set-up or installation Mishandling of output Mishandling of output Inadequate planning for equipment malfunctions Inadequate planning for equipment malfunctions Inadequate planning for environment Inadequate planning for environment

12 Pirates & Plagiarism Piracy Piracy Illegal copying, use, and distribution of digital intellectual property Illegal copying, use, and distribution of digital intellectual property Warez - Commercial programs made available to the public illegally Warez - Commercial programs made available to the public illegally Plagiarism Plagiarism Taking credit for someone else’s inellectual property Taking credit for someone else’s inellectual property

13 Hackers & Crackers Hacker Hacker Slang term for computer enthusiast Slang term for computer enthusiast May be complementary or derogatory May be complementary or derogatory Goal is to gain knowledge Goal is to gain knowledge Cracker Cracker Someone who breaks into a computer system for malicious purposes Someone who breaks into a computer system for malicious purposes Computer Forensics Computer Forensics The application of scientifically proven methods to gather, process, interpret, and to use digital evidence to provide a conclusive description of cyber crime activities. The application of scientifically proven methods to gather, process, interpret, and to use digital evidence to provide a conclusive description of cyber crime activities.

14 Internal Threats Threat to System Health & Stability Threat to System Health & Stability Software Software Data Data Information Theft Information Theft Most information theft internal Most information theft internal Most not reported Most not reported Accidental unauthorized access Accidental unauthorized access

15 Types of Threats Networks Networks Wireless Networks Wireless Networks Internet Threats Internet Threats Malware Malware Scams, Hoaxes, Spam, & Fraud Scams, Hoaxes, Spam, & Fraud

16 Network Threats Users Users Permissions Permissions File Ownership File Ownership Software Software Data Data Unauthorized use of resources Unauthorized use of resources

17 Wireless Network Threats Signals are broadcast Signals are broadcast War driving War driving War walking War walking Piggybacking Piggybacking

18 Internet Threats Methods Methods Key-logging software Key-logging software Packet-sniffing software Packet-sniffing software Port-scanning software Port-scanning software Social engineering Social engineering Denial of Service Denial of Service Distributed Denial of Service Distributed Denial of Service

19 Internet Threats Purpose Purpose Hobby or challenge Hobby or challenge Vandalism Vandalism Gain a platform for an attack Gain a platform for an attack Steal information or services Steal information or services Spying Spying

20 Malware Viruses Viruses Worms Worms Trojan Horses Trojan Horses Spyware/Adware Spyware/Adware Zombies & Botnets Zombies & Botnets

21 Computer Viruses Self-replicating Self-replicating Self-executing Self-executing Delivers a payload Delivers a payload Attaches itself to an existing file Attaches itself to an existing file

22 Types of Viruses Boot Virus Boot Virus Direct Action Virus Direct Action Virus Directory Virus Directory Virus Encrypted Virus Encrypted Virus File Virus File Virus Logic Bomb Logic Bomb Macro Virus Macro Virus

23 Types of Viruses Multipartite Virus Multipartite Virus Overwrite Virus Overwrite Virus Polymorphic Virus Polymorphic Virus Resident Virus Resident Virus Time Bomb Time Bomb Stealth Virus Stealth Virus

24 Worms Operate on a computer network Operate on a computer network Uses network to send copies of itself Uses network to send copies of itself Does not attach itself to an existing file Does not attach itself to an existing file Exploits network security flaws Exploits network security flaws

25 Types of Worms E-mail Worms E-mail Worms Instant Messaging Worms Instant Messaging Worms IRC Worms IRC Worms File-sharing Networks Worms File-sharing Networks Worms Internet Worms Internet Worms

26 Trojan Horse Disguised as non-harmful software Disguised as non-harmful software Non-self replicating Non-self replicating Types of Trojan Horses Types of Trojan Horses Legitimate program corrupted by malicious code insertion Legitimate program corrupted by malicious code insertion Stand alone program masquerading as something else, i.e. a game or image file Stand alone program masquerading as something else, i.e. a game or image file

27 Spyware & Adware Spyware Spyware Collects information Collects information Sends information over the Internet Sends information over the Internet Can take control of computer Can take control of computer Adware Adware Automatically pops-up with advertising material Automatically pops-up with advertising material

28 Zombies & Botnets Zombie Zombie Compromised computer attached to the Internet Compromised computer attached to the Internet Performs malicious behavior under remote control Performs malicious behavior under remote control May be used for Ddos or Spam May be used for Ddos or Spam Botnet Botnet Collection of robot computers running autonomously Collection of robot computers running autonomously

29 Phishing, Spam, & Hoaxes Phishing & Pharming Phishing & Pharming Spam Spam http://video.google.com/videoplay?docid=562 7694446211716271 http://video.google.com/videoplay?docid=562 7694446211716271 http://video.google.com/videoplay?docid=562 7694446211716271 http://video.google.com/videoplay?docid=562 7694446211716271 Hoaxes & Urban Legends Hoaxes & Urban Legends http://www.snopes.com http://www.snopes.com http://www.snopes.com

30 Securing Systems Passwords Passwords Firewalls Firewalls ID Devices & Biometrics ID Devices & Biometrics Data Encryption Data Encryption Systems Maintenance Systems Maintenance Wireless Security Wireless Security

31 Passwords Secret authentication Secret authentication Control access Control access Short enough to be memorized Short enough to be memorized Good Passwords Good Passwords Do use a password with mixed-case alphabetic characters. Do use a password with mixed-case alphabetic characters. Do use a password with nonalphabetic characters. Do use a password with nonalphabetic characters. Do use a password that is easy to remember. Do use a password that is easy to remember. Do use a password that you can type quickly. Do use a password that you can type quickly.

32 Firewalls Hardware or Software Hardware or Software Port Protection Port Protection Packet Filter Packet Filter Network Layer Network Layer Application Layer Application Layer Proxy Server Proxy Server

33 ID Devices & Biometrics ID Devices ID Devices Hardware for authentication Hardware for authentication Biometrics Biometrics Measure of unique physical characteristic for authentication Measure of unique physical characteristic for authentication

34 Data Encryption Obscuring Information Obscuring Information Cipher Cipher Encryption Software Encryption Software

35 Systems Maintenance Anti-virus software Anti-virus software Back-up system and data Back-up system and data Software updates Software updates Delete temporary files Delete temporary files

36 Wireless Security Disable SSID Disable SSID Passwords Passwords Discrimination Discrimination Data Encryption Data Encryption

Download ppt "Computer Crime & Security Hackers & Crackers & Worms! Oh my!!"

Similar presentations

POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.

Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an email from a stranger – it may contain viruses that.

Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Computer Viruses.

Computer Viruses.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
… refers to the protection of information systems and the information they manage against unauthorized access, use, manipulation, or destruction, and against.

… refers to the protection of information systems and the information they manage against unauthorized access, use, manipulation, or destruction, and against.
Computer Security & Safety

Computer Security & Safety
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Similar presentations

Ads by Google