Professional Documents
Culture Documents
Lecture 4. Com - Ethics
Lecture 4. Com - Ethics
Lecture 4. Com - Ethics
Objectives
1. Discuss key trade-offs and ethical issues associated with safeguarding of data and information
systems.
2. Identify reasons for the increase in the number of Internet-related security incidents.
3. Describe the most common types of computer security attacks.
4. Outline the characteristics of common perpetrators including their objectives, available resources,
willingness to accept risk, and frequency of attack.
5. Describe a multi-level process for managing Internet vulnerabilities based on the concept of
reasonable assurance.
Outline the actions that must be taken in response to a security incident.
Computer Abuse
• The unauthorized use of, or access to, a computer for purposes contrary to the wishes of the
owner of the computer or the data held thereon.
Industrial spy Capture trade secrets or gain Well-funded, well Minimal Low
competitive advantage trained
Cybercriminal Financial gain Well-funded, well Moderate Low
trained
Cyberterrorist Cause destruction to key Not necessarily well Very high Low
infrastructure components funded nor well trained
Hacker
Hackers are individuals who attempt to gain access to computer systems illegally
• Supplies for the Hacker
– PC
– Communications network
• Why hack?
– Harass
– Show-off
– curiosity
– Gain access to computer services without
paying
– Obtain information to sell
A hacker is an individual who tests the limitations of systems out of intellectual curiosity.
Unfortunately, much of what hackers (and crackers) do is illegal.
– Breaking into networks and systems.
– Defacing web pages.
– Crashing computers.
– Spreading harmful programs or hate messages.
Crackers are hackers who break code.
Malicious insiders are a security concern for companies. Insiders may be employees,
consultants, or contractors. They have knowledge of internal systems and know where the weak
points are.
Forms of Computer Criminals
Malicious insiders are the number one security concern for companies.
Industrial spies use illegal means to obtain trade secrets from the competitors of firms for which
they are hired.
Cybercriminals are criminals who hack into computers and steal money.
Cyber terrorists are people who intimidate or coerce a government to advance their political or
social objectives by launching attacks against computers and networks.
Legal Overview
Fraud is obtaining title to property through deception or trickery.
To prove fraud four elements must be shown:
– The wrongdoer made a false representation of the material fact.
– The wrongdoer intended to deceive the innocent party.
– The innocent party justifiably relied on the misrepresentation.
– The innocent party was injured.
Characteristics of Computer Crimes
• Geographic dislocation of offender
• Invisibility/Anonymity of offender
• Lack of victim awareness
• Unwillingness to report
• Intangibility of digital goods, evidence, value e.g., downloadable music and films, e-books and
others.
PREVENTION OF THE COMPUTER CRIME
• Education of each computer user on the dangers of the computer crimes, especially the young
generation which are the most numerous users.
• Through this education each individual user will learn how to protect himself from cyber
intruders or computer viruses before injuries happen.
• Administering of the information systems by trained personnel.
• When choosing administrators who will take care of the security of the information systems
special attention should be paid to their proper education and experience,
• so that they are one step ahead of the computer criminals and so that they apply proper protection
of the systems they control, according to regulations.
• Passing of laws;
Having in mind the dangers of the computer crime the state should pass proper sanctions against
perpetrators of such crime that will impose serious threat to many potential hackers who will not
run the risk of entering into protected systems.
• Install a corporate firewall.
• Install anti-virus software on personal computers.
• Implement safeguards against attacks by malicious insiders.
• Address the ten most critical Internet security threats (10 each in Windows and UNIX): Top
Twenty List
• Verify backup processes for critical software and databases.
• Conduct periodic IT security audits.
Detection of computer crime…
Injured party reports damage
• One of the most frequent ways to discover any crime is receiving a report about it by the injured
party.
• This is true for computer crimes too. In this sense an injured party can be both physical and legal
subjects, state organs and institutions.
Administrators of information systems find out
• Investigators of this type of crime sometimes use the original application program and sometimes
use special software for analysis and tools for investigation e.g., GFI Lan guard & GFI web
monitor.
• Investigators have found ways to collect traces from a remote computer which is out of their
physical reach through telephone line or network connection.
• Moreover, it is possible to follow the work of the computer network using the Internet.
Computer Forensic:
Computer investigation is the science of locating; extracting, analyzing and protecting specific
data from computers and digital storage media, which can be interpreted to serve as legal
evidence in courts of law.
No matter how much people are careful when stealing electronic information, they leave behind
traces of their activities. Also, when perpetrators try to destroy the evidence (proof) in the
computer they leave traces behind. In both cases the traces are;
Detectible and can be presented before the court.
Computer forensic specialists should be able to run complex evidence recovery procedures with
ability and expertise that will support the credibility of the expert witnessing in question.
- Copying of data
- Search of evidence in electronic mail and other internet communication
- Recalling of data
- Browsing of documents and other data
- Filing and presenting of computer traces
Detection
Intrusion detection systems monitor system and network resources and activities and, using
information gathered from these sources, they notify authorities when they identify a possible
intrusion.
Honeypot is a computer on your network that contains no data or applications critical to the
company but has enough interesting data to lure intruders so that they can be observed in action.
Response
Incident notification is the plan and process used to notify company individuals when a computer
attack has happened. In addition, your company should be prepared to:
– Protect evidence and activity logs
– Incident containment
– Incident eradication
– Incident follow-up
Computer/Cybercrime in Africa
Cyber threats are a big issue in Africa. It is estimated that up to 80% of all computers in Africa
are infected, compared to 30% in Europe.