Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-1 10 Chapter Managing...
-
Upload
flora-ross -
Category
Documents
-
view
215 -
download
0
Transcript of Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-1 10 Chapter Managing...
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-1
10Chapter
Managing Information Systems Ethics and Crimes
Worldwide losses due to software piracy in 2005 exceeded $34 billion.
Business Software Alliance, 2006
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-4
The Three Waves of Change (I)• The Third Wave by Alvin Toffler describes three phases or “waves of changes”
• First waveo A civilization based
on agriculture and handwork
o Relatively primitivestage
o Lasted thousands of years
The Three Waves of Change (II)• Second wave
o The Industrial Revolution
o Began at the end of the 18th century and lasted about 150 years
• Third waveo The Information Age
o Information becomes the currency
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-5
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-6
Computer Literacy
• Computer literacyo Necessary skill in today’s world
o May be the difference between being employed or unemployed
o Many different jobs involve the use of computers
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-7
Digital Divide• Major ethical challenge
• New class system of powero Power comes from knowledge
• The gap in the US is shrinkingo Rural communities, the elderly, people with
disabilities, and minorities lag behind national averages
• Widening gap between developed and developing countries
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-9
Computer Ethics• Issues and standards of
conduct pertaining to the use of information systems
• 1986 – Richard O. Mason articleo Most ethical debates relate to
• Information privacy
• Information accuracy
• Information property
• Information accessibility
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-10
Information Privacy• What information should
you have to reveal?
• Information you might want to keep private:o Social security numbero Medical historyo Family history
• Identity thefto Fastest growing “information”
crimeo Biometrics for better
protection
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-11
Information Privacy• Companies seem to know about our every move – how
much information do we need to reveal?
• Amazon.com is famous for personalization
• What are the costs?
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-12
How to Maintain Your Privacy Online• Review the privacy policy of the company with which
you are transacting
• The policy should indicate:o What information is being gathered about youo How the seller will use this informationo Whether and how you can “opt out” of these practices
• Additional tips:o Choose Web sites monitored by independent organizationso Avoid having cookies left on your machineo Visit sites anonymouslyo Use caution when requesting confirmation email
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-13
Avoid Getting Conned in Cyberspace
• U.S. Federal Trade Commission compiled a list of advices (List of top 10 things not to do)
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-14
Top 10 List of Things Not to Do (II)
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-15
Information Accuracy• Ensuring of the
authenticity and fidelity of information
• High costs of incorrect informationo Bankso Hospitals
• Difficult to track down the person who made the mistake
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-16
Information Property
• Who owns information about individuals?
• How can this information be sold and exchanged?
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-17
Data Privacy Statements
• Company maintaining the database with customer information legally owns ito Is free to sell it
o Cannot sell information it agreed not to share
o Must insure proper data handling practices
Information Property
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-18
Spam, Cookies and SpywareThree additional ways to gather information about
individual • Spam
o Unsolicited e-mail promoting products or serviceso CAN-SPAM Act of 2003o Little protection available
• Cookieso Text file storing Web browsing activityo Can opt for cookies not to be storedo Web sites might not function properly without cookies
• Spywareo Software used for data collection without the users’
knowledgeo Unlikely this activity will become illegal anytime soon
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-19
Combating Spyware
• Windows defender
o Spyware monitoring and removal
• Others Include:
o Ad-aware
o Spybot Search & Destroy
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-20
Cybersquatting• The practice of registering a domain name and
later reselling it
• Some of the victims includeo Panasonic, Hertz, Avon
• Anti-Cybersquatting Consumer Protection Act in 1999o Fines as high as $100,000
o Some companies pay the cybersquatters to speed up the process of getting the domain
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-21
Information Accessibility
• Who has the right to monitor the information?
• E.g., email capture by Carnivore
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-22
Carnivore• Developed to
monitor all communication by the government
• In 2005 FBI abandoned Carnivore for commercially available software
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-23
Legal Support for Electronic Communication Privacy
• Little support available
• 1986 – Electronic Communications Privacy Act (ECPA)o Mostly geared towards protecting voice
communication privacyo No other laws protect e-mail privacyo Some states define rules for companies
•Need to be open about monitoring policies
•Need to use good judgment
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-24
Need for a Code of Ethical Conduct• Many businesses have guidelines for
appropriate use
• Universities endorse guidelines proposed by EduCom
• Responsible computer use (based on work of the Computer Ethics Institute) prohibits:1. Using a computer to harm others2. Interfering with other people’s computer work3. Snooping in other people’s files
Information Systems Today: Managing in the Digital World 10-25
Need for a Code of Ethical Conduct• Responsible computer use prohibits
(continued):
4. Using a computer to steal5. Using a computer to bear false witness6. Copying or using proprietary software
without paying for it7. Using other people’s computer resources
without authorization8. Appropriating other people’s intellectual
output
10-25Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-27
Computer Crime
• Using a computer to commit an illegal acto Targeting a computer – unauthorized access
o Using a computer to commit an offense
o Using a computer to support a criminal activity
• Overall trend of computer crime declining
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-28
Types of Computer Crimes and Financial Losses• Figures based on a survey of 639 organizations
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-29
Financial Impact of Virus Attacks• Losses from computer crime can be tremendous
o $14.2 billion in estimated losses due to viruses alone in 2005
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-30
Unauthorized Computer Access
• Using computer systems with no authority to gain such access
• Other examples from the mediao Employees steal time on company
computers to do personal business
o Intruders break into government Web sites and change information displayed
o Thieves steal credit card numbers and buy merchandise
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-31
Unauthorized computer access• Frequency of successful attacks is declining
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-32
Federal and State Laws• Two main federal laws against computer crime
1. Computer Fraud and Abuse Act of 1986 Prohibits
• Stealing or compromising data
• Gaining access to computers owned by the U.S. government
• Violating data belonging to financial institutions
• Intercepting communication between foreign countries
• Threatening to damage computer systems in order to gain profit
o 1996 Amendment prohibits
• Dissemination of computer viruses and other harmful code
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-33
Federal and State Laws (II)• Electronic Communications Privacy Act of 1986
o Breaking into any electronic communication service is a crime
• USA PATRIOT Act of 2002o Controversial law o Investigators may monitor voice communication
• Other lawso Patent laws protect some software and hardwareo Right to Financial Privacy Acto All 50 states passed laws prohibiting computer crime
10-34
Computer Forensics
• Use of formal investigative techniques to evaluate digital informationo Evaluation of storage devices for traces of
illegal activity
•Now common in murder cases
o Restoration of deleted files
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-35
Hacking and Cracking• Hackers
o Individuals gaining unauthorized access
o Motivated by curiosity
o No intentions to do harm
• Crackerso Break into computers with the intention of doing
harm
• Hacktivistso Break into computer systems to promote political or
ideological goals
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-36
Who Commits Computer Crimes?
• No clear profile
• Four groups of computer criminals1. Current or former employees
• 85-95% of theft from businesses comes from the inside
2. People with technical knowledge committing crimes for personal gain
3. Career criminals using computers to assist them in crimes
4. Outside crackers hoping to find information of value
• About 12% of cracker attacks cause damage
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-37
Types of Computer Crimes
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-38
Types of Computer Crimes (II)
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-39
Software Piracy• Legal activities
o Making one backup copy for personal useo Sharing free software (shareware or public domain
software)
• Illegal activitieso Making copies of purchased software for otherso Offering stolen proprietary software (warez peddling)
• Applicable copyright lawso 1980 Computer Software Copyright Acto 1992 Act making software piracy a felonyo 1997 No Electronic Theft Act
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-40
Software Piracy Is a Global Business• Worldwide losses for 2005 estimated at $34 billion
• Some factors influencing piracy around the worldo Concept of intellectual property differs between countries
o Economic reasons for piracy
o Lack of public awareness about the issue
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-41
Computer Viruses and Other Destructive Code
• Malware (malicious software)o 1,400 new pieces released in one month
o Viruses
•Reproduce themselves
•Usually delete or destroy files
•Boot sector viruses
•File infector viruses
•Viruses can spread through e-mail attachments
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-42
How a Computer Virus is Spread
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-43
Worms, Trojan Horses and Other Sinister Programs• Worm
o Does not destroy fileso Designed to copy and send itselfo Brings computers down by clogging memory
• Trojan horseo Does not copy itselfo Often remains hidden to the user
• Logic bombs and time bombso Variations of Trojan horseo Do not disrupt computer function until triggering
event/operation
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-44
Internet Hoaxes
• False messages circulated onlineo New viruses (that don’t exist)
•2004 e-mail told recipients to erase a file that was actually a part of Windows operating system
o Collection of funds for certain group
•Cancer causes
o Possible consequences
•Spammers harvesting e-mail addresses from hoaxes
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-46
Cyberwar
• Military’s attempt to disrupt or destroy other country’s information and communication systemso Goal is to diminish opponent’s
communication capabilities
o Used in concert with traditional methods
Cyberwar vulnerabilities1. Command and control systems
2. Intelligence collection and distribution systems
3. Information processing and distribution systems
4. Tactical communication systems and methods
5. Troop and weapon positioning systems
6. Friend-or-foe identification systems
7. Smart weapons systems
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-47
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-48
Cyberterrorism
• Governments not involved
• Lunched by individuals or groups.
• Can be launched from anywhere in the world
• Goal is to cause fear, panic and destruction
• Cyberterrorism will likely become weapon of choice
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-49
Categories of Potential Cyberterrorist Attacks
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-50
Use of Internet in Terrorist Attacks
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-51
Use of Internet in Terrorist Attacks (II)
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-52
Assessing the Cyberterrorism Threat
• The U.S. Department of Defenseo Popular target for hackers and crackerso 60-90 attempts a dayo Some successful attacks
• 1991 – Gulf Waro Dutch crackers stole information about the movement of U.S.
troops and offered it for sale to Iraqo Iraqis turned down the offer
• 2000 – United States presidential electionso Web sites targeted with political motiveso DoS attacks launched
• 2003 – Romanian cracker compromised systems housing life support control for 58 scientists and contractors in Antarctica
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-53
Obstacles to Cyberterrorism1. Computer systems are complex and attacks
may not have desired outcome
2. Fast changing security measures
3. Cyberattacks rarely cause physical harm to victims
Information Systems Today: Managing in the Digital World -Dr. Ali Zolait
10-54
The Globalization of Terrorism• Increasing dependence on technology
• Increasing possibilities of cyberterrorism
• International laws and treaties must evolve
• Likelihood of large attacks is smallo Successful large attack would require
• Intelligence information
•Years of preparation
•At least $200 million