Crime and Security in the Networked Economy Part 4.
-
Upload
rudolph-fowler -
Category
Documents
-
view
216 -
download
0
Transcript of Crime and Security in the Networked Economy Part 4.
![Page 1: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/1.jpg)
Crime and Security in the Networked Economy
Part 4
![Page 2: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/2.jpg)
The Changing Face of Crime
• IT Crime• IT Security• Types of IT Crime
– Theft– Fraud– Copyright Infringement– Attacks
![Page 3: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/3.jpg)
TECHNOLOGY TRENDS & ETHICAL ISSUES
• Computing Power Doubles Every 18 Months
• Advances In Data Storage
• Advances In Data Mining Techniques
• Advances In Telecommunications Infrastructure
*
![Page 4: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/4.jpg)
The Changing Face of Crime
• Types of IT Criminals– Employees– Outside Parties
• Hackers
– Organized Crime• Counterfeit Products• Intellectual Property Infringement
![Page 5: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/5.jpg)
Risks to Information Systems
What causes damage to IS?Figure 17.4 What causes damage to ISs?
Human errors, accidents and omissions 50Ð80%
Dishonest employees 10Ð17%
Natural disasters 10Ð15%
Disgruntled employees 3Ð4%
Water 2Ð3%
Outsiders 1Ð3%
Source: Forcht, K.A, Computer Security Management, with the permission ofCourse Technology, Inc. Copyright 1992 by Boyd and Fraser Publishing Co.
Human errors, accidents, and omissions 50-80%
Dishonest employees 10 -17%
Natural Disasters 10-15%
Disgruntled employees 3-4%
Water 2-3%
Outsiders 1-3%
![Page 6: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/6.jpg)
Changing Nature of Crime
Aspect of Crime IndustrialEconomy (1950)
NetworkedEconomy (2000)
Location Local Remote
Impact Low High
Format Physical Electronic
Risk High Low
![Page 7: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/7.jpg)
Types of IT Crime• Theft of hardware, data or
information– National Computer Registry
• Fraudulent use of IT– Credit card fraud
– Investor fraud
– Medical and drug-related fraud
– Auction site fraud
![Page 8: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/8.jpg)
Security
• Policies, protection, and tools to safeguard hardware, software, communication network, and data from unauthorized access, alteration, theft and physical damage.
![Page 9: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/9.jpg)
Risks To Hardware
• Hardware Failure
• Natural Disasters
• Blackouts and Brownouts
• Vandalism
• Theft
![Page 10: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/10.jpg)
Risks To Application and Data
• Software Failure
• Theft
• Alteration or Destruction
• Computer Virus
• Hacker
• Mishap– Training
![Page 11: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/11.jpg)
Risks to Information SystemsCAUSE LOSSS IN
MILLIONSNUMBERSOF REPORTS
Theft $1,011 275,000
Power Failure $318 389,000
Accidents $246 276,000
Miscellaneous Causes $157 269,000
Lightening $86 91,000
Fire $72 19,000
Transit $53 54,000
Water $51 34,000
Total $1,994 1,407,000
Source: Software, The Insurance Agency, Inc., quoted in “1993 ComputerLosses,” MacWeek, Vol 8 No 36, September 12, 1994, p. 28.
![Page 12: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/12.jpg)
Theft/Alteration of Information
• Secure Passwords– Biometric Controls
• Data Entry Controls• Audit Trails• Separation of Duties
• Back-up copies secured
• Shred Printouts• Secure diskettes
![Page 13: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/13.jpg)
Protection from Disasters
• Fault-tolerant Systems– Extra hardware, software, and power supply
components that can back the system up and keep it running.
• Back-up of Data• Secure Area• Battery Back-up
– UPS
![Page 14: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/14.jpg)
Copyright Infringement
• Software Piracy
• Business Software Alliance
• 1980 Software Copyright Act
• 1997 No Electronic Theft Act (NET)
![Page 15: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/15.jpg)
Copyright Infringement• Music Piracy
• Motion Picture Experts Group
• MPEG version 3
• MP3 Rio Player
• NET Act Coverage
![Page 16: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/16.jpg)
Computer Virus
• Software Program that spreads through system destroying data and Operating System.– Scan Disks with Current Antivirus Program– Know Origin of Software– Don’t Copy– Watch Downloads– Passwords for Access
Anti-Virus
![Page 17: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/17.jpg)
Virus Generation Process
Virus is Createdat Terminal or PC
Virus is Transmitted to OtherComputers via Network or Disk
Virus ReplicatesItself on
New Computers,Taking Over
Main Memory
Virus Sends Copies of Itselfover Network or on Diskto More Computers
![Page 18: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/18.jpg)
VIRUS Attacks• Worm
• Trojan Horse
• Time Bomb
• Logic Bomb
• Trapdoor
• Attacks on Web and E-mail Servers
![Page 19: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/19.jpg)
Information Technology Security
• Threats to the Computer–Physical Security
• Controlled Access
–Data Security• Backups
–Internet Security
![Page 20: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/20.jpg)
Information Technology Security
• Surge Protection• Uninterruptible Power Supplies
(UPS)• Password Policy and Use• Personal Identification Number
(PIN)• System Audit Software
![Page 21: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/21.jpg)
• Person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure.– Passwords– Callback– Firewall– Encryption
HACKER
![Page 22: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/22.jpg)
Data Encryption Systems• Plaintext
–Ciphertext
–Public Key Encryption Systems
–Private Key
![Page 23: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/23.jpg)
SET EncryptionRequest is Sent toE-commerce Server
E-Commerce ServerVerifies Transaction
Types of IT CrimeSecure Electronic Transmission (SET)
Purchaseis Requested
MerchantSends Recordto Bank
Transactionis Approved Bank Credits
Merchant’s Account
![Page 24: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/24.jpg)
Encrypting Communications Increases Security
Figure 17.10 Encrypting communications increases security.
Plain Text
LetÕs meet at11pm at theregular place
LetÕs meet at11pm at theregular place
Encrypted Message Decrypted Message
encryption decryption@#$%^&*)(hJKgfSed%$dE?><:Ó{><?V
![Page 25: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/25.jpg)
Firewalls• Software to separate users from computing
resources.
• Allows retrieval and viewing of certain material, but blocks attempts to make any changes in the information or to access data that reside on the same computer.
• They are also used to keep unauthorized software away.
![Page 26: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/26.jpg)
Firewall Around Network
![Page 27: Crime and Security in the Networked Economy Part 4.](https://reader035.fdocuments.us/reader035/viewer/2022062713/56649cc55503460f9498f264/html5/thumbnails/27.jpg)
Internet Security
• 4 Basic Firewall Actions– Packet can be dropped entirely
– Alert network administrator
– Return failed message to sender
– Action can be logged only