Computer Crime Dr Alaa Sinan Outline Introduction Types of Computer Systems Attacks Motives of Computer Crimes Costs and Social Consequences Computer Crime Prevention Strategies ID: 782086
Download The PPT/PDF document "Computer E thics Lecture 3" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Computer Ethics
Lecture 3Computer CrimeDr. Alaa Sinan
Slide2OutlineIntroduction
Types of Computer Systems Attacks Motives of Computer CrimesCosts and Social Consequences
Computer Crime Prevention StrategiesReflection of the lecture – an open discussion
Introduction A computer crime is a crime like any other crime, except that in this case the illegal act must involve a computer system either as an object of a crime, an instrument used to commit a crime, or a repository of evidence related to a crime.
With the Internet, the scope of computer crimes has widened to actually include crimes that would normally be associated with telecommunication facilities. Because of this, we want to expand our definition of a computer crime to be an illegal act that involves a computer system or computer-related system such as any mobile device, microwave, satellite, or other telecommunication system that connects one or more computers or computer-related systems.
.
Slide4Slide5Acts using computers or computer-related technologies that fall within the limits that the legislature of a state or a nation has specified are considered illegal and
may lead to forfeiture of certain civil rights of the perpetrator. In the United States, local, state, and federal legislatures have defined such acts to include such as the following: Intrusions into Public Packet Networks
Network integrity violations Privacy violations Industrial or financial espionage
Pirated computer software Computer-aided fraud
Internet/e-mail abuse
Using computers or computer technology to commit murder, terrorism , pornography
, hacking
, and many other crimes.
Slide6Slide7Computer crimes target computer resources for a variety of reasons, the resources include: Hardware such as computers, printers, scanners, servers, and communication media
Software that includes application and special programs, system backups, diagnostic programs, and system programs such as operating systems and protocols Data in storage, transition, or undergoing modification
An attack on any one of these resources is considered a computer or computer related attack. Some of these resources are more vulnerable than others and are, therefore, targeted more frequently by attackers. Most computer crimes on the resources just listed fall into the following categories. Our focus in this lecture is on the last category:
Slide8Human blunders, errors, and omissions that are usually caused by unintentional human actions. Unintended human actions are usually the result of design problems
. Such attacks are called malfunctions. Malfunctions, although occurring more frequently than natural disasters, are as unpredictable as natural disasters.Intentional threats that originate from humans caused by illegal or criminal acts from
either insiders or outsiders, recreational hackers , and criminals.
Slide9Types of Computer Systems AttacksPenetration
A penetration attack involves breaking into a computer system using known security vulnerabilities to gain access to a cyberspace resource. With full penetration, an intruder has full access to all that system’s resources. Full penetration, therefore, allows an intruder to alter data files
, change data, plant viruses, or install damaging Trojan Horse programs into the system. It is also possible for intruders—especially if the victim computer is on a network—to use it as a launching pad to attack other network resources. Penetration attacks can be local, wherein the intruder gains
access to a computer on a LAN on which the program is run, or global on a WAN such as the
Internet, where an attack can originate thousands of miles from the victim computer
. Penetration
attacks originate from many sources, including the following:
Slide10Insider Threat. For a long time, penetration attacks were limited to in house employee-generated attacks to systems and theft of company
property.Hackers. Since the mid-1980s, computer network hacking has been on the rise, mostly because of the wider use of the Internet.Criminal Groups . Although a number of penetration attacks come from
insiders and hackers with youthful intents, there are a number of attacks that originate from criminal groups, for example, the “Phonemasters,” a widespread international group
of criminals who in February 1999 penetrated the computer systems of MCI, Sprint, AT&T, Equifax, and even the FBI’s National
Crime Information Centre.
Hactivism
.
Demonstrations have taken place in Seattle, Washington DC
, Prague
, and Genoa by people with all sorts of causes, underlining the
new phenomenon
of activism that is being
fuelled
by the Internet. This activism
has not
only been for good causes, but it has also resulted in what has been
dubbed
hactivism
— motivated attacks on computer systems, usually web pages
or e-mail
servers of selected institutions or groups by activists. A group with
a cause
overloads e-mail servers and hacks into web sites with messages
for their
causes. The attacks so far have not been harmful, but they still cause
damage to
services.
Slide11Denial of ServiceDenial-of- service attacks, commonly known as distributed denial of service (DDoS
) attacks, are a new form of computer attacks. They are directed at computers connected to the Internet. They are not penetration attacks and, therefore, they do not change, alter, destroy, or modify system resources. However, they affect the system by diminishing the system’s ability to function; hence, they are capable of
bringing a system down without destroying its resources.
Slide12Motives of Computer CrimesPolitical Activism
. There are many causes that lead to political activism, but all these causes are grouped under one burner— hactivism.Vendetta. Most v
endetta attacks are for mundane reasons such as a promotion denied, a boyfriend or girlfriend taken, an ex-spouse given child custody, and other situations that may involve family and intimacy issues.
Joke/Hoax. Hoaxes are warnings that are actually scare alerts started by one or more
malicious persons, and are passed on by innocent users who think
that they
are helping the community by spreading the warning. Most hoaxes
are viruses
although there are hoaxes that are computer-related folklore and
urban
legends.
Slide13The Hacker’s Ethics. This is a collection of motives that make up the hacker character. According to Steven Levy, hackers have motivation and ethics and beliefs
that they live by, and he lists six, as below:Free access to computers and other ICT resources—and anything that might teach you something about the way the world works—should be unlimited and total.All
information should be free.Mistrust authority; promote decentralization.Hackers should be judged by their hacking, not bogus criteria such as degrees
, age, race, or position.You can create art and beauty on a computer.
Computers
can change your life for the better.
If any of these beliefs is violated, a hacker will have a motive
Slide14Terrorism/ Extortion . Our increasing dependence on computers and computer communication has opened up a can of worms we now know as electronic terrorism.
Political and Military Espionage . For generations, countries have been competing for supremacy of one form or another.Business and Industrial Espionage. As businesses become global and
world markets become one global bazaar, business competition for ideas and market strategies has become very intense. Economic and industrial espionage is on the rise around the world as businesses and countries try to outdo the
other in the global arena.
Hate
.
The growth of computer and telecommunication technology has
unfortunately created
a boom in all types of hate. There is growing concern
about a
growing rate of acts of violence and intimidation motivated by
prejudice based
on race, religion, sexual orientation, or ethnicity
.
Personal Gain/Fame/Fun
.
Personal gain motives are always driven by
the selfishness
of individuals who are not
satisfied
with what they have and
are always
wanting more, mostly
financially
.
Slide15Cost and Social Consequences
There are several reasons to which we can attribute this rather strange growth of cybercrimes:Rapid technology growthEasy availability of hacker tools.Anonymity .Cut-and-paste programming
technology.Communications speed.High degree of internetworking.Increasing dependency on computers.
Slide16Lack of Cost Estimate Model for Cyberspace AttacksThe efforts
to develop a good cost model is hindered by a number of problems, including the following:It is very difficult to quantify the actual number of attacks.Even with these small numbers reported, there has been no conclusive study to establish a valid figure
that can at least give us an idea of what it is that with which we must cope.Insider attacks are rarely reported even if they are detected
.Lack of cooperation between emergency and computer crime reporting centres worldwide
.
Unpredictable types of attacks and viruses
.
Virus mutation is also another issue in the rising costs of cyber attacks
.
There are not enough trained system administrators and security chiefs
in
the latest
network forensics technology who can quickly scan, spot,
and
remove or
prevent any pending or reported attack and quickly detect system intrusions
.
Primitive monitoring technology
.
Slide17Social and Ethical ConsequencesPsychological effects.Moral decay
.Loss of privacy.Trust. Along with the loss of privacy, trust is lost.
Slide18Computer Crime Prevention StrategiesProtecting Your
ComputerPhysical Protective MeasuresProcedural and Operational Protective MeasuresAnti-Virus
ProtectionThe Computer CriminalPass Computer Crime Prevention
LawsEnforcement of Criminal Laws
Moral Education
The Innocent
Victim
Personnel
Policies
Educating the Computer User
Slide19Exercise Read scenario 7 in the text book page No. 177 thoroughly. Discuss the related questions
Slide20Discussion Reflection of the lecture