Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-1 10 Chapter Managing...

Information Systems Today: Managing in the Digital World -Dr. Ali Zolait

10-1

10Chapter

Managing Information Systems Ethics and Crimes

Worldwide losses due to software piracy in 2005 exceeded $34 billion.

Business Software Alliance, 2006


10-2

Learning Objectives


10-3

Learning Objectives


10-4

The Three Waves of Change (I)• The Third Wave by Alvin Toffler describes three phases or “waves of changes”

• First waveo A civilization based

on agriculture and handwork

o Relatively primitivestage

o Lasted thousands of years

The Three Waves of Change (II)• Second wave

o The Industrial Revolution

o Began at the end of the 18th century and lasted about 150 years

• Third waveo The Information Age

o Information becomes the currency


10-5


10-6

Computer Literacy

• Computer literacyo Necessary skill in today’s world

o May be the difference between being employed or unemployed

o Many different jobs involve the use of computers


10-7

Digital Divide• Major ethical challenge

• New class system of powero Power comes from knowledge

• The gap in the US is shrinkingo Rural communities, the elderly, people with

disabilities, and minorities lag behind national averages

• Widening gap between developed and developing countries


10-8

Learning Objectives


10-9

Computer Ethics• Issues and standards of

conduct pertaining to the use of information systems

• 1986 – Richard O. Mason articleo Most ethical debates relate to

• Information privacy

• Information accuracy

• Information property

• Information accessibility


10-10

Information Privacy• What information should

you have to reveal?

• Information you might want to keep private:o Social security numbero Medical historyo Family history

• Identity thefto Fastest growing “information”

crimeo Biometrics for better

protection


10-11

Information Privacy• Companies seem to know about our every move – how

much information do we need to reveal?

• Amazon.com is famous for personalization

• What are the costs?


10-12

How to Maintain Your Privacy Online• Review the privacy policy of the company with which

you are transacting

• The policy should indicate:o What information is being gathered about youo How the seller will use this informationo Whether and how you can “opt out” of these practices

• Additional tips:o Choose Web sites monitored by independent organizationso Avoid having cookies left on your machineo Visit sites anonymouslyo Use caution when requesting confirmation email


10-13

Avoid Getting Conned in Cyberspace

• U.S. Federal Trade Commission compiled a list of advices (List of top 10 things not to do)


10-14

Top 10 List of Things Not to Do (II)


10-15

Information Accuracy• Ensuring of the

authenticity and fidelity of information

• High costs of incorrect informationo Bankso Hospitals

• Difficult to track down the person who made the mistake


10-16

Information Property

• Who owns information about individuals?

• How can this information be sold and exchanged?


10-17

Data Privacy Statements

• Company maintaining the database with customer information legally owns ito Is free to sell it

o Cannot sell information it agreed not to share

o Must insure proper data handling practices

Information Property


10-18

Spam, Cookies and SpywareThree additional ways to gather information about

individual • Spam

o Unsolicited e-mail promoting products or serviceso CAN-SPAM Act of 2003o Little protection available

• Cookieso Text file storing Web browsing activityo Can opt for cookies not to be storedo Web sites might not function properly without cookies

• Spywareo Software used for data collection without the users’

knowledgeo Unlikely this activity will become illegal anytime soon


10-19

Combating Spyware

• Windows defender

o Spyware monitoring and removal

• Others Include:

o Ad-aware

o Spybot Search & Destroy


10-20

Cybersquatting• The practice of registering a domain name and

later reselling it

• Some of the victims includeo Panasonic, Hertz, Avon

• Anti-Cybersquatting Consumer Protection Act in 1999o Fines as high as $100,000

o Some companies pay the cybersquatters to speed up the process of getting the domain


10-21

Information Accessibility

• Who has the right to monitor the information?

• E.g., email capture by Carnivore


10-22

Carnivore• Developed to

monitor all communication by the government

• In 2005 FBI abandoned Carnivore for commercially available software


10-23

Legal Support for Electronic Communication Privacy

• Little support available

• 1986 – Electronic Communications Privacy Act (ECPA)o Mostly geared towards protecting voice

communication privacyo No other laws protect e-mail privacyo Some states define rules for companies

•Need to be open about monitoring policies

•Need to use good judgment


10-24

Need for a Code of Ethical Conduct• Many businesses have guidelines for

appropriate use

• Universities endorse guidelines proposed by EduCom

• Responsible computer use (based on work of the Computer Ethics Institute) prohibits:1. Using a computer to harm others2. Interfering with other people’s computer work3. Snooping in other people’s files

Information Systems Today: Managing in the Digital World 10-25

Need for a Code of Ethical Conduct• Responsible computer use prohibits

(continued):

4. Using a computer to steal5. Using a computer to bear false witness6. Copying or using proprietary software

without paying for it7. Using other people’s computer resources

without authorization8. Appropriating other people’s intellectual

output

10-25Information Systems Today: Managing in the Digital World -Dr. Ali Zolait


10-26

Learning Objectives


10-27

Computer Crime

• Using a computer to commit an illegal acto Targeting a computer – unauthorized access

o Using a computer to commit an offense

o Using a computer to support a criminal activity

• Overall trend of computer crime declining


10-28

Types of Computer Crimes and Financial Losses• Figures based on a survey of 639 organizations


10-29

Financial Impact of Virus Attacks• Losses from computer crime can be tremendous

o $14.2 billion in estimated losses due to viruses alone in 2005


10-30

Unauthorized Computer Access

• Using computer systems with no authority to gain such access

• Other examples from the mediao Employees steal time on company

computers to do personal business

o Intruders break into government Web sites and change information displayed

o Thieves steal credit card numbers and buy merchandise


10-31

Unauthorized computer access• Frequency of successful attacks is declining


10-32

Federal and State Laws• Two main federal laws against computer crime

1. Computer Fraud and Abuse Act of 1986 Prohibits

• Stealing or compromising data

• Gaining access to computers owned by the U.S. government

• Violating data belonging to financial institutions

• Intercepting communication between foreign countries

• Threatening to damage computer systems in order to gain profit

o 1996 Amendment prohibits

• Dissemination of computer viruses and other harmful code


10-33

Federal and State Laws (II)• Electronic Communications Privacy Act of 1986

o Breaking into any electronic communication service is a crime

• USA PATRIOT Act of 2002o Controversial law o Investigators may monitor voice communication

• Other lawso Patent laws protect some software and hardwareo Right to Financial Privacy Acto All 50 states passed laws prohibiting computer crime

10-34

Computer Forensics

• Use of formal investigative techniques to evaluate digital informationo Evaluation of storage devices for traces of

illegal activity

•Now common in murder cases

o Restoration of deleted files



10-35

Hacking and Cracking• Hackers

o Individuals gaining unauthorized access

o Motivated by curiosity

o No intentions to do harm

• Crackerso Break into computers with the intention of doing

harm

• Hacktivistso Break into computer systems to promote political or

ideological goals


10-36

Who Commits Computer Crimes?

• No clear profile

• Four groups of computer criminals1. Current or former employees

• 85-95% of theft from businesses comes from the inside

2. People with technical knowledge committing crimes for personal gain

3. Career criminals using computers to assist them in crimes

4. Outside crackers hoping to find information of value

• About 12% of cracker attacks cause damage


10-37

Types of Computer Crimes


10-38

Types of Computer Crimes (II)


10-39

Software Piracy• Legal activities

o Making one backup copy for personal useo Sharing free software (shareware or public domain

software)

• Illegal activitieso Making copies of purchased software for otherso Offering stolen proprietary software (warez peddling)

• Applicable copyright lawso 1980 Computer Software Copyright Acto 1992 Act making software piracy a felonyo 1997 No Electronic Theft Act


10-40

Software Piracy Is a Global Business• Worldwide losses for 2005 estimated at $34 billion

• Some factors influencing piracy around the worldo Concept of intellectual property differs between countries

o Economic reasons for piracy

o Lack of public awareness about the issue


10-41

Computer Viruses and Other Destructive Code

• Malware (malicious software)o 1,400 new pieces released in one month

o Viruses

•Reproduce themselves

•Usually delete or destroy files

•Boot sector viruses

•File infector viruses

•Viruses can spread through e-mail attachments


10-42

How a Computer Virus is Spread


10-43

Worms, Trojan Horses and Other Sinister Programs• Worm

o Does not destroy fileso Designed to copy and send itselfo Brings computers down by clogging memory

• Trojan horseo Does not copy itselfo Often remains hidden to the user

• Logic bombs and time bombso Variations of Trojan horseo Do not disrupt computer function until triggering

event/operation


10-44

Internet Hoaxes

• False messages circulated onlineo New viruses (that don’t exist)

•2004 e-mail told recipients to erase a file that was actually a part of Windows operating system

o Collection of funds for certain group

•Cancer causes

o Possible consequences

•Spammers harvesting e-mail addresses from hoaxes


10-45

Learning Objectives


10-46

Cyberwar

• Military’s attempt to disrupt or destroy other country’s information and communication systemso Goal is to diminish opponent’s

communication capabilities

o Used in concert with traditional methods

Cyberwar vulnerabilities1. Command and control systems

2. Intelligence collection and distribution systems

3. Information processing and distribution systems

4. Tactical communication systems and methods

5. Troop and weapon positioning systems

6. Friend-or-foe identification systems

7. Smart weapons systems


10-47


10-48

Cyberterrorism

• Governments not involved

• Lunched by individuals or groups.

• Can be launched from anywhere in the world

• Goal is to cause fear, panic and destruction

• Cyberterrorism will likely become weapon of choice


10-49

Categories of Potential Cyberterrorist Attacks


10-50

Use of Internet in Terrorist Attacks


10-51

Use of Internet in Terrorist Attacks (II)


10-52

Assessing the Cyberterrorism Threat

• The U.S. Department of Defenseo Popular target for hackers and crackerso 60-90 attempts a dayo Some successful attacks

• 1991 – Gulf Waro Dutch crackers stole information about the movement of U.S.

troops and offered it for sale to Iraqo Iraqis turned down the offer

• 2000 – United States presidential electionso Web sites targeted with political motiveso DoS attacks launched

• 2003 – Romanian cracker compromised systems housing life support control for 58 scientists and contractors in Antarctica


10-53

Obstacles to Cyberterrorism1. Computer systems are complex and attacks

may not have desired outcome

2. Fast changing security measures

3. Cyberattacks rarely cause physical harm to victims


10-54

The Globalization of Terrorism• Increasing dependence on technology

• Increasing possibilities of cyberterrorism

• International laws and treaties must evolve

• Likelihood of large attacks is smallo Successful large attack would require

• Intelligence information

•Years of preparation

•At least $200 million

End of Chapter Content

10-55Information Systems Today: Managing in the Digital World -Dr. Ali Zolait

Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-1 10 Chapter Managing...

Documents

Transcript of Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-1 10 Chapter Managing...