Xinwen Fu Anonymous Communication & Computer Forensics 91.580.203 Computer & Network Forensics.
Computer Security Management: Assessment and Forensics Session 8.
-
Upload
myles-hicks -
Category
Documents
-
view
216 -
download
0
Transcript of Computer Security Management: Assessment and Forensics Session 8.
Computer Security Management: Assessment and Forensics
Session 8
Computer crime means a crime involving computer resources, including using a computer to commit a crime.
Computer fraud means using computer resources to defraud .
Using a computer to defraud.
Fraud is an intentional act to deceive or mislead, convert assets to one’s own benefit, or make intentional false statements or misrepresentations often accompanied by omission, manipulation of documents or collusion.
Computer fraud is criminal.
Hacking. Deliberate virus spreading. Theft of information, software or hardware. Theft of computer resource usage. Denial of computer services by means of
malicious software or messages. Message interception.
Scams Phishing Defamation of character. Disseminating hate propaganda. Threats Developing, holding or spreading child
pornography.
A perpetrator lacking integrity or ethics
Motivation to commit fraud
Opportunity to commit and conceal fraud
False representation to a substantial degree
Factor to induce a victim or accomplice to act
Intent to defraud
Injury or loss sustained
The fraud provisions of the Criminal Code have been used to prosecute people who used computers to commit frauds.
The Internet is increasingly used to perpetrate fraud because of its reach and the impulse responses of Web surfers.
A complex accounting system raises the potential for “creative accounting” and consequently fraud
The general perception that computerized information is reliable makes computer fraud less susceptible to challenge than fraud committed on paper
Manipulating systems or causing glitches to “smooth” quarterly earnings
Salami, rounding down interest calculation and deposit difference to programmer’s own account
Employee selling of customer lists to competitor
Fictitious insurance policies to defraud insurers and reinsurers
A scheme that uses one or more components of the Internet - such as chat rooms, e-mail, message boards, or Web sites - to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or others connected with the scheme.
Auction or sales inducing the victim to send money or give out credit card numbers for promised goods
Business opportunity Work-at-home program
Investment scheme
Stock market manipulation by spreading fictitious news about public companies
Identity theft
Segregation of duties
Management and independent review
Restricted access
Code of business conduct to outline what is not acceptable, what is not supposed to be done with organization IT resources, what constitutes conflict of interest.
Intrusion detection and prevention systems
Encryption
Security education
Analytical review
System monitoring
Security check on new hires and contractors
An established process for whistle blowing and investigation
Exemplifying management culture
Lock laptops when not attended to
Scheduled refreshment of web sites from the backup version to nullify even minor changes by hackers such as changing a key word in the user agreement or a rate
Management Actions in Reaction to Computer Crime Damage control by pulling equipment off
the network. Preserve evidence, do not turn off
computers. Call a forensic expert to image the
computer hard disks. Do not use the computer until the hard disk
is successfully captured
Management Actions in Reaction to Computer Fraud Do not set off alarm, let the suspect
continue. Damage control, by making backup of data
and providing an alternate plan. Continue to monitor suspect. Collect evidence behind the scene. Depending on severity, may need to
terminate access or reassign suspect immediately.
Sanitize data behind the scene.
Gathering evidence◦ Rules of Evidence must be carefully followed◦ Chain of custody critical◦ Interviewing personnel◦ Invigilation◦ Indirect methods of proof
Screwdriver and pliers Disk imaging software Hash calculation utility Search utilities File and data recovery tools File viewing utilities Password cracking software Digital camera
Computer crime and computer fraud on the rise
Organizations should adopt a code of business conduct.
Organizations should have chief ethic officers