Slides created by

Bob Koziel

Hagerstown Community College

Tips for using the slide show

Use MS Power Point XP to view the presentation. Earlier versions will not show the animations correctly.

Slides with an icon: Click to view all parts of the slide. Some slides need to be clicked several times.

Slides with an icon: Represents an internet link. Clicking on it will take you to the website. Internet connection required.

Clicking on the or icon will take you to the previous slide or the next slide

Slides with videos or sounds: Click on the picture to view videos or listen to sounds

Computer Crime and Security

How attackers and intruders gain entry into computer systems to harm or destroy data

Ways you can help system administrators keep computer systems safe from unauthorized users and viruses

People who are most likely to attack or harm computer systems and their motives

Types of losses caused by computer system intrusions and attacks

The tools and techniques used to defend computer systems against intruders and attackers

COMPUTERS IN YOUR FUTURE 2003COMPUTERS IN YOUR FUTURE 2003 BRYAN

PFAFFENBERGER

What You Will Learn

Chapter 12

What is the scope of the problem?

Computer security risk- Any event, action, or situation that leads to the loss of computer systems or data

Computer crime- Actions that violate state or Federal laws

Cybercrime- Crimes carried out over the Internet

What are some techniques used to commit computer crimes?

Intruders gain unauthorized access to computer systems

Techniques used to gain access are: Password guessing Shoulder surfing Packet sniffing Dumpster diving Social engineering Superuser status SATAN

Techniques used by insiders are: Salami shaving Data diddling

What are computer viruses?

Computer viruses are malicious programs that infect a computer system causing various problems with its use

They replicate and attach themselves to programs in the system

More than 20,000 different computer viruses

How does a computer get infected?

Inserting a disk with an infected program and then starting the program Downloading an infected program from the Internet Being on a network with an infected computer Opening an infected e-mail attachment

What are the types of viruses?

File infectors

Attach themselves to program files Spreads to other programs on the hard drive Most common type of virus

Boot sector virus

Attach themselves to the beginning of hard drive Executes each time computer is started May lead to destruction of all data

Macro virus

Infect automatic command capabilities of productivity software Attach themselves to data files in word processing, spreadsheet and database programsSpread when data files are exchanged between users

What are some other types of destructive programs?

Time bombs

Also called logic bombs Harmless until a certain event or circumstances activate the program

Worm

Disguises itself as a useful program Contains hidden instructions May erase data or cause other damage

Resembles a virus Spreads from one computer to another Controls infected computers Attacks other networked computers

Trojan horse

Who creates malicious and damaging computer crimes?

Computer hobbyists Try to find weaknesses and loopholes in computer systems Rarely destructive Adhere to hacker’s code of ethics

Hackers Crackers

Also called black hats Obsessed with entering secure computer systems Rarely destructive Leave calling cards on systems they enter

Cyber gangs

Brings crackers together by way of the Internet and meetings

Virus authors

Usually teenage males Want to push the boundaries of antivirus software Can be very damaging

More of who creates malicious and damaging computer crimes?

Disgruntled employees Sabotage a company’s computer system Create security holes called trap doors Can divulge trade secrets or destroy data

Spies Participate in corporate espionage Some are hackers or former employees 125 countries are involved in industrial espoionage

Swindlers Use the Internet to scam money from people Favorite distribution methods are e-mail, chat rooms and web sites Types of scams are: Rip & tear, Pumping and dumping and Bogus goods

Shills

Used on Internet auctions A secret operative who bid’s on a seller’s item to drive up the bid

What is cyberstalking?

Newest and fastest growing crime

Using the Internet and other electronic media to harass and threaten a person

Most perpetrators are men most victims are women

Children are at risk from online sexual predators

What’s the cost of computer crime?

Staff time- Computer staff stops everything and focuses on the problem

Downtime- The system is shutdown unitl it’s safe to operate again

Replacing equipment- Company pays when computers and parts are missing due to theft

Adverse publicity- Crimes go unreported because of fear of publicity of loss

Loss of privacy- Sensitive personal information can end up in the hands of criminals

Risk to public safety- Many government agencies rely on computers to maintain public safety

Denial of service- Internet service becomes overloaded and doesn’t function

Use programs that have an auto save/auto recovery function

Equip system with an uninterruptible power supply; A battery powered device that automatically turns on when power is interrupted

Protecting computers from power related problems (surges & outages)

Controlling access

Choose authentication passwords that have at least eight letters, mix upper and lower case letters and include numbers

Callback systems- Access is granted or denied based on information caller gives

Know & have authentication- Users have various ways of accessing a system

Tokens- Electronic device that generates a logon code Digital certificates- Resemble computer ID cards Smartcards- Credit card sized device with internal memory Biometric authentication- Voice recognition,

retinal scans, thumbprints and facial recognition

Install a firewall program

Programs that are designed to prohibit outside sources from accessing the computer system

Personal firewall- Designed to protect home computers from unauthorized access while connected to the Internet

Use encryption

Encryption programs make information unreadable if it is stolen

Update web browser to use 128-bit encryption for online shopping

Use antivirus programs

Called vaccines or virus checkers

Uses pattern-matching techniques to examine program files for patterns of virus code

Two drawbacks: They cannot find viruses not in their database They can not find new viruses that alter themselves to evade detection

Use antivirus programs that offer frequent updates and monitor system functions

Check disks for viruses that were used on another system

Backup data

Backup programs and data regularly

Store backups away from the computer system

Types of backups: Full backups- Everything stored on the computer; Backup once a month Incremental backups- Backup only those files that have changed since last backup: Backup daily or weekly

Disaster recovery plan- Large organizations should develop a detailed plan for emergencies

Tips for avoiding scams

Do business with established companies

Read the fine print

Don’t provide financial or personal information to anyone

Be skeptical about information received in chat rooms

Tips for preventing cyberstalkers

Don’t share personal information in chat rooms

Be extremely cautious about meeting anyone you’ve contacted online

Contact the police if a situation occurs that makes you feel afraid while online

THE

END