1 / 34

Chapter 9

Please turn your cell phone off. Chapter 9. Topics:. Computer Waste and Mistakes Computer Crime Privacy Health Concerns. Security, Privacy, and Ethics. Chapter 9.1. Computer Waste & Mistakes. Proper Management. Computer Waste. Discarded technology Unused systems

sema
Download Presentation

Chapter 9

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Please turn your cell phone off. Chapter 9 Topics: • Computer Waste and Mistakes • Computer Crime • Privacy • Health Concerns Security, Privacy, and Ethics

  2. Chapter 9.1 Computer Waste & Mistakes

  3. Proper Management Computer Waste • Discarded technology • Unused systems • Personal use of corporate time & technology

  4. Proper Management Computer Mistakes • Data entry or capture errors • Programming Errors/Bugs • File Management Errors • Insufficient Disaster Recovery Plan

  5. Preventing Computer Waste & Mistakes • Implement Preventive Policies and Procedures • Computer acquisition & use • Individual & workgroup training • Maintenance & use of computer systems • Approval for applications & systems

  6. Technology: The Dark Side Identity Theft Viruses Hackers Trojan Horse Worms Crackers Spyware Scams

  7. Computer Crime

  8. Computer Crime In 2000: • 70% of companies report serious computer breaches • 74% acknowledge suffering financial loss from computer security breaches • 85% report virus contamination

  9. Computer As A Tool to Commit Crime • Computer systems as tools to commit crimes • Used to gain access to valuable information (credit card numbers). • Two requirements • Access to the system • Knowledge of how to manipulate the system

  10. Computer As A Tool to Commit Crime • Social Engineering • The practice of talking a critical computer password out of an individual • Social Engineering • Dumpster Diving • Searching through garbage for important pieces of information that can help crack an organization’s computers of be used to convince someone at the company to give someone access to the computers • Cards for Sale: http://www.internetnews.com/ec-news/article.php/1467331

  11. Computer As A Tool to Commit Crime • Cyberterrorist: intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer-based attacks against computers, networks, and the information stored on them • Identity theft: An imposter obtains key pieces of personal identification information, such as Social Security or driver’s license numbers, in order to impersonate someone else

  12. Computer As The Object Of The Crime • Hacker: A person who enjoys computer technology and spends time learning and using computer systems • Cracker (criminal hacker): A computer-savvy person who attempts to gain unauthorized or illegal access to computer systems • http://www.2600.com/

  13. Computer As The Object Of The Crime • Script bunnies: Wannabe crackers with little technical savvy who download programs-scripts-that automate the job of breaking into computers • Insider: An employee, disgruntled or otherwise, working solo on in concert with outsiders to compromise corporate systems

  14. Computer As The Object Of The Crime • Virus: a computer program capable of attaching to disks or other files and replicating itself repeatedly, typically without the user’s knowledge or permission • Worm: an independent program that replicates its own program files until it interrupts the operation of networks and computer systems • http://www.mcafee.com/anti-virus/default.asp?ag=1&vso=true&oemid= • http://vil.mcafee.com/dispVirus.asp?virus_k=99528

  15. Computer As The Object Of The Crime • Trojan Horse: a program that appears to be useful but actually masks a destructive program • Logic bomb: an application or system virus designed to “explode” or execute at a specified time and date

  16. Computer As The Object Of The Crime: Phishing PayPal    We are currently performing regular maintenance of our security measures. Your account has been selected for this maintenance, and you will now be taken through a series of identity verification pages.     Protecting the security of your PayPal account is our primary concern, and we apologize for any inconvenience this may cause.    To update your PayPal Account, you must click the link below and complete all steps from the following page as we try to verify your identity. Click here to verify your accountThank you for using PayPal!The PayPal TeamPlease do not reply to this email. This mailbox is not monitored and you will not receive a response. PayPal Email ID: PP468 www.apwg.com

  17. Adware & Spyware • Adware: any software application in which advertising banners are displayed while the program is running. • Spyware: On the Internet, spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. • Spyware can get in a computer as a software virus or as the result of installing a new program. • File-sharing users beware… • Xupiter (Wired article) • Ad-Aware (http://www.lavasoftusa.com/)

  18. Using AntiVirus Programs • Antivirus program: program or utility that prevents viruses and recovers from them if they infect a computer • An antivirus software should be run and updated often

  19. Information & Equipment Theft • To obtain illegal access, criminal hackers require identification numbers and passwords • Password sniffer • A small program hidden in a network or a computer system that records identification numbers and passwords • Theft of data and software • Theft of computer systems and equipment

  20. Software & Internet Software Piracy • Software piracy: the act of illegally duplicating software • Internet software piracy: illegally downloading software from the Internet

  21. Spam / Fraud • Spam is unsolicited e-mail on the Internet. • Internet Fraud uses the Web & Email to solicit donations for illegitimate causes.

  22. Preventing Computer-Related Crime • Crime prevention by state and federal agencies • Crime prevention by corporations • Public key infrastructure (PKI): a means to enable users of an unsecured public network such as the Internet to securely and privately exchange data through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority • Biometrics: the measurement of one of a person’s traits, whether physical or behavioral

  23. Preventing Computer-Related Crime Table 9.8: Common Methods Used to Commit Computer Crimes

  24. Preventing Computer-Related Crime • Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion • Managed security service provider (MSSP): an organization that monitors, manages, and maintains network security hardware and software for its client companies • Internet laws for libel and protection of decency

  25. Preventing Computer-Related Crime

  26. Privacy Issue

  27. Privacy Issues • Privacy and the Federal Government • Privacy Act of 1974: This national guideline provides knowledge, and limited control (notice and consent) over your fed records. • Privacy at work • E-mail privacy • Florida Sunshine Law

  28. Privacy Issues: Privacy & the Internet • Platform for Privacy Preferences (P3P) • A screening technology that shields users from Web sites that don’t provide the level of privacy protection they desire • P3P

  29. Ethical Issues in Information Systems • “Old contract” of business: the only responsibility of business is to its stockholders and owners • “Social contract” of business: businesses are responsible to society

  30. The AITP Code of Ethics • Obligation to management • Obligation to fellow AITP members • Obligation to society • Obligation to college or university • Obligation to the employer • Obligation to country

  31. The ACM Code of Professional Conduct • Strive to achieve the highest quality, effectiveness, and dignity in both the process and products of professional work • Acquire and maintain professional competence • Know and respect existing laws pertaining to professional work • Accept and provide appropriate professional review • Give comprehensive and thorough evaluations of computer systems and their impact, including analysis of possible risks

  32. The ACM Code of Professional Conduct • Honor contracts, agreements, and assigned responsibilities • Improve public understanding of computing and its consequences • Access computing and communication resources only when authorized to do so

  33. Shameless Plug PC Security and Maintenance • Taught by yours truly!

  34. ? Questions? ? ? ? ?

More Related