Research ( to Papa God Be All the Glory!)

download Research ( to Papa God Be All the Glory!)

of 31

  • date post

    12-Sep-2014
  • Category

    Documents

  • view

    106
  • download

    1

Embed Size (px)

Transcript of Research ( to Papa God Be All the Glory!)

CHAPTER I INTRODUCTION

Computer and internet are very flexible to innovations as a new technology occurs to greatly serve its users. These technologies serve as a venue for growth and development in different fields that these could hardly be thought to be misused for criminal activities, called cybercrime. Cybercrime is an illegal and criminal activity using computer and internet. It comes in different forms such as: (i) an offense where computer is the target; (ii) an offense where a computer is a tool used to conduct illegal activity; and (iii) an offense where computer is used as a repository of crime. Cybercrime is one of the fastestgrowing crimes around the world. It attacks people, property and organizations. Organizations prone to cybercrime include various establishments, businesses and government. The government constitutes different government agencies that play major roles to provide public services in the society. Government agencies are responsible for the oversight and administration of specific functions consequently, require utmost information safekeeping. In the Philippines, there are already cases of cybercrime in government agencies. In research conducted by the Government Computer Security and Incident Response Team (GCSIRT) from 2003 to 2007 (Sosa, n.d.), there was evidence of transnational attacks on computers and the information infrastructure and a total of 667 government websites were discovered defaced, or an aggregate of 133 government

1

websites were attacked by defacers/hackers each year, an average of 11 incidents per month. The cases indicate increasingly technological society in the Philippine in which strengthening the information security for government agencies is very essential. Cybercrimes existence analysis and awareness programs can promote a great change to the way information safekeeping is being practiced.

Background of the Study Cybercrime is a relatively new phenomenon and many simple steps that could be taken to protect against it remain unknown or unused by the majority of Information and Communications Technology (ICT) users. A degree of basic understanding of technological developments and their impact on information will often be sufficient to prompt government agencies into action and change their routine behaviours. Although cybercrime affects all parts of society, arguably it is the government that feels the most of the impact from it. Premeditated attacks carried out by hackers and viruses are clearly of great concern for all government agencies. More often than not, these attacks are targeted at well-known, large, government agencies. It is rarer for small and medium sized agencies to be singled out for a targeted, malicious attack. More frequently it is human error, or a collective failure by the organisation to protect itself, that is the root cause of a security breach. Awareness-raising is thus needed at many different levels and should be tailored to suit the information needs of different target groups. Government agencies is similar to

2

businesses, which are inclined to give credibility to the impact that serious breaches of security could have on their organisation, but despite this, the majority of businesses remain confident that their current technical security processes, often based on conventional, off-the-shelf anti-virus and firewall software, provide sufficient protection. Sole reliance on these systems is, however, not sufficient to provide comprehensive protection from attacks by increasingly sophisticated hackers and virus designers who are able to bypass traditional security programmes. Making available up-to-date information and general guidance on how to tackle the latest threats is therefore necessary to overcome the dangerous over-reliance by businesses on conventional programmes. Furthermore, if they are serious, security breaches may have consequences for compliance and company liability, but many government agencies are not aware of these risks and so do nothing to mitigate them.

Statement of the Problem Computer and Internet which greatly serve its users can hardly be misused for criminal activities. How do Philippine government agencies strengthen information security from cybercrime existence in this increasingly technological society? Cybercriminals are veering away from attacking individual personal computers (PCs) due to low gain that they can get from single users. Instead, they are turning to infiltrate establishments or agencies for larger profit. According to Senator Edgardo Angara (2011) the country ranks high among countries in the region susceptible to cybercrimes and attacks as well as malicious programs such as URL phishing that allows hackers to remotely control another computer. Increasing reports of crimes are presented

3

in research conducted by the GCSIRT from 2003 to 2007 (Sosa, n.d.), there was evidence of transnational attacks on computers and the information infrastructure and a total of 667 government websites were discovered defaced, or an aggregate of 133 government websites were attacked by defacers/hackers each year, an average of 11 incidents per month. Based on this research, it was found out that 134 coded defacers (both local and international) have attacked these government websites in that five-year period. Government agencies now are in proactive queries of cybercrime as they want protection. Information security is next to cybercrime awareness. Based from the current information security, a tailored cybercrime awareness program is generated. Evaluation of the information security implemented with cybercrime awareness program will determine the change in information in Philippine government agencies.

Objectives of the Study To determine the different types of cybercrimes being experienced by Philippine government agencies. To evaluate the causes of cybercrime in the Philippine government agencies. To determine how cybercrime affects the information security of Philippine government agencies. To determine the change in information security by an increase in cybercrime awareness in Philippine government agencies.

4

Hypotheses of the Study The following hypotheses were tested in the study: H1: An increase in cybercrime awareness strengthens information security in Philippine government agencies. H0: An increase in cybercrime awareness has no change in the information security in Philippine government agencies.

Significance of the Study The results of this study will be of significant value to a number of sectors in government agencies, ITC users and the general public. To government agencies themselves. The study aids in awareness rising on cybercrimes that could possibly attack different levels of information safekeeping. Sole reliance on basic systems is no longer sufficient to provide comprehensive protection from attacks by increasingly sophisticated hackers and virus designers who are able to bypass traditional security programmes. Updated information and general guidance on how to tackle the latest threats are necessary to overcome the dangerous over-reliance by government agencies on conventional programmes and strengthen the information security. To ICT users. Information on cybercrime awareness for efficacy of information security is very useful to the majority of ICT users. A degree of basic understanding of technological developments and their impact on operation will often be sufficient to prompt government ICT users into action and change their routine behaviours.

5

To the citizens. The citizens are the tax payers and they have the rights to know that the taxes are efficiently managed by the agencies particularly in the field of information security. If the government information is well protected, it will also be beneficial to the citizens who the government serves. This study focuses on the government agencies in the Philippines making itself, its ICT user and its stakeholder or the citizens as the beneficiaries of the research. The data on cybercrime awareness for efficacy of information security is very useful not only for further study in this area but also in a better understanding of the particular target group. This shall help in designing intervention for this group and sending the right message across to the right people.

Scope and Limitations of the Study This study will determine the different types of cybercrimes being experienced by most of the government agencies in the Philippines. The realization of the various types of cybercrimes is determined but no further analysis of how the process of certain cybercrime works. The change in information security will be evaluated by how it is affected by cybercrime awareness programs. It is revealed through the evaluation of compliance in information security standards and through examination of resources and expenses, such as in terms of assets, costs or profit. This study also gathered pertinent data regarding the efficacy of information security. The study involves discussions from experts and concerned government leaders. The selection of respondents will only be limited to government agencies that have had experiences with cybercrimes. Since the Philippines have a different organizational setting as compared to other countries, this

6

study is limited only to an analysis of Philippine government agencies. Researchers are open for the fact that there will be organizations that will conceal that they have experienced such crime for investors or stakeholders sake and for confidentiality purposes. The study can offer for an increased in cybercrime awareness that can contribute to the effectiveness of information security in the administrative level of government agencies situated in the Philippines. This study will not cover actual solutions to cybercrimes experienced by Philipp