COMPUTER

CRIMES
 Stealing / Computer
• Stealing – whetherTheft
you use a gun or a computer –
is as an immoral act.
• Every now and then, we hear or read news about
people being robbed of their money through the
use of ATM facilities or through “inside jobs” –
crimes perpetuated by company insiders.
• Computer crimes can be carried out by outsiders –
those who are not in the employ of a certain
company, or by insiders – those who actually work
as employees in a bank or in a film.
Unauthorized entry into a
Examples:
computer
• A company can gain an edge over one
of its competitors by stealing
information from the competitor’s
computer system.
• A student can break into the computer
system of his school in order to change
his failing grades to passing and even
exceptional ones.
 Stealing
computer
• Under time
this category, the one breaking into
the computer system intends to do is use
the computer for his own personal use.
• As a student, you may also be committing
such acts when you use the computer
time given to you to finish your hands-on
activity in playing computer games.
Hardware Theft
• Computer hardware – esp. laptops
are favorite targets of burglars.
• Hardware theft is sometimes
more serious because the
information contained in it are
also stolen in the process.
The Big Brother
Syndrome
 The Big Brother Syndrome

• Is a fear brought about by

the idea of someone – be it
the government of other
entities – are using
information stored in
MALW
ARE
What is Malware?
 MALWARE
• short for malicious
malevolent software
• is a software designed to
infiltrate a computer system
without the owner's
informed consent.
What are the different kinds of
Malware?
• Rogue Software
• Computer Viruses
• Computer Worms
• Trojan Horse
• Spyware
• Adware
• Keystroke Loggers
• Scareware
ROGUE SOFTWARE
 Rogue Software
• Any program that
runs on a computer
without prior consent
or knowledge of the
user.
 What are the different sub-
classifications of Rogue Software?
 Back Door (Trap Door)
• It refers to a special password or code
which is used to bypass the normal
security measures of computer systems.
• It is like a house which has a secret door
hidden in one of the walls. Even if all the
doors and windows of the house are
locked, a person who knows the presence
of the secret entrance can enter without
being noticed.
 Chameleons
• A chameleon program can imitate another
program in order to gather user information.
• For example, a chameleon can imitate a
network login text in order to gather the
passwords of different users. The gathered
information can then be used by the one who
created chameleon to access the network
installation it has infected.
• Some chameleons can even detect if a user has
changed his/her password.
 Logic Bombs
• Are programs which can destroy programs and/or
data when a certain trigger is encountered. The
trigger can be a predefined time, date or command.
• Logic bombs are commonly used by programmers
in order to ensure payment of software.
• For instance, if a buyer refuses to pay for the
software they have ordered and still continued to use
the software, the logic bomb can be activated and
the program will “self-destruct”.
 Trojan Horse
• A rogue software that is readily accepted
by a user because it presents itself as
something useful. However, it will create
damage instead of something useful.
• Example: PC/Cyborg AIDS
 ANSI Bombs
• Are programs which makes the keyboard act
in a peculiar way.
• For example, if the “A” key is pressed, the
computer will interpret it as a different letter. It
can also make the monitor look as if it is not
working.
• ANSI bombs are easily removed by rebooting
the computer. The infected file must be
removed to avoid further contamination.
COMPUTER
VIRUS
 COMPUTER
VIRUS
The most popular
and widely-
distributed type of
rogue software.
What is Computer Virus?
 COMPUTER
VIRUS
• It is an acronym which stands
for Vital Information Resource
Under Siege.
• A program that duplicates itself
by infecting other programs.
Why do people create Computer
Virus?
People create viruses for several
reasons…
• Some people think it’s funny to
create mischief, by creating viruses.
They’re the same kind of people who
like to play “practical jokes” and as
kids, pulled fire alarms.
 People create viruses for several
reasons…
• Some people are angry (at
dictatorships, at the military, at big
impersonal corporations, at clients
who don’t pay bills, at lovers who
rejected them, and at homosexuals).
To get revenge, they create viruses to
destroy their computer.
People create viruses for several
reasons…
• Some people are intellectuals who
want the challenge trying to create a
program that replicated itself. Too
often, the program replicates itself
too well and too fast and accidentally
does more harm that the programmer
intended.
People create viruses for several
reasons…
• Some people want to become famous
(or infamous or influential) by
inventing viruses. They’re the same
kinds of people who, as kids, wrote
graffiti on school walls and in
bathrooms.
 People who create
viruses tend to be
immature. Many are
teenagers or
disgruntled college
students.
History of
Computer
Virus
 History of Computer Virus
Traditional computer viruses
were first widely seen in the
late 1980’s, and they came
about because of several
factors.
 What are the factors that contributeD to
the spread of computer virus?

1st: the spread of Personal Computers (PCs).

During the 1980s, real computers started
to spread to businesses and homes because
of the popularity of the IBM PC (released
in 1982) and the Apple Macintosh
(released in 1984). By the late1980s, PCs
were widespread in businesses, homes and
college campuses.
 What are the factors that contributeD to
the spread of computer virus?

2nd: the use of computer bulletin

boards.
People could dial up a bulletin board
with a modem and download programs
of all types. Games were extremely
popular, and so were simple word
processor, spreadsheets, etc. bulletin
boards led to the precursor of the virus
 What are the factors that contributeD to
the spread of computer virus?

3rd: Floppy disks led to the creation of viruses

In the 1980s, programs were small, and you
could fit the operating system, a word
processor (plus several other programs) and
some documents onto a floppy disk or two.
Many computers did not have hard disks, so
you would turn on your machine and it would
load the operating system and everything else
off of the floppy disk.
 The spread of computer viruses…
• In 1949, John von Neumann, a Hungarian
American mathematician, proposed that it was
theoretically possible for a computer program to
replicate. This theory was tested in the 1950s at
Bell Laboratories when a game called Core Wars
was developed, in which players created tiny
computer programs that attacked, erased, and
tried to propagate on an opponent's system.
 The spread of computer
viruses…
• The first computer virus was invented
in 1983 by Fred Cohen as an innocent
experiment in computer security. He
coined the term virus to describe a self-
replicating computer program. He
didn’t harm anybody, his virus stayed
in his lab.
The spread of computer viruses…
• In 1986, a different person
invented the first virus that ran on
a PC. That virus was called Brain.
Unfortunately, it accidentally
escaped from its lab, it was found
next year at the University of
Delaware.
 The spread of computer viruses…
• Most early viruses harmed nobody, but
eventually bad kids started inventing
destructive viruses. The first destructive
virus that spread fast was called the
Jerusalem virus because it was first noticed
at the Hebrew University of Israel in 1987.
it’s believed to have been invented by a
programmer in Tel Aviv or Italy.
 Anti-virus programs invented…
• In 1988, magazines began running articles
saying computer viruses really exist. Then
researchers began to invent anti-virus
programs to protect against viruses and
destroy them.
• In 1989, anti-virus programs started being
distributed to the general public, to protect
against the 30 viruses that had been invented
so far.
Virus Propagation Tricks /
Ways of Destruction:
A virus can be triggered to
cause destruction in several
ways…
 Randomly-triggered Virus

• Are designed to attack at random.

• Example: Ambulance Car Virus
displays a moving ambulance car
across the bottom of the screen.
 Date-activated Virus
• Virus that waits for a pre-defined date
before it strikes.
• Example: Michaelangelo, which is
designed to activate itself on the 6th of
March – the artist’s birthday.
 Boot-count Virus
• It counts the number of times the
computer is booted.
• Example: Telecom Virus, will activate
itself on the 400th boot. The virus will
then destroy the contents of the hard
disk.
 Time-since Virus
• Virus attacks after the computer is left open for a
specified period of time.
• Example: Jerusalem Virus, display a black 30
minutes after booting. It is said that Palestinian
programmers were the ones who created the
virus. It is also known to cause system slow down
and delete files every Friday the 13th.
 Keystroke-triggered Virus
• It will activate itself after a
predefined number of keystrokes.
• Example: Fingers Virus, strikes after
400 keystrokes. It repeats succeeding
keystrokes unexpectedly.
Virus
Mischi
 Different viruses perform different kinds
of mischief:

• Some viruses print nasty

messages containing four-letter
words or threats or warnings,
to make you worry and waste
lots of your time and prevent
you from getting work done.
Different viruses perform different kinds
of mischief:
• Some viruses erase some files,
or even your entire hard disk.
• Some viruses screw up your
computer so it prints wrong
answers or stops functioning.
 Different viruses perform different kinds
of mischief:
• Some viruses clog your computer,
by giving the computer more
commands than the computer can
handle, so the computer has no
time left to handle other tasks,
and all useful computer tasks
remain undone.
 The damage done by a virus is
called the virus’ “payload”. Some
viruses are “benign”, they do
very little damage, their payload
is small. Other viruses do big
damage, they have a big payload.
If a virus destroys your files, it’s
said to have a destructive
payload.
How viruses are
transmitted?
 VIRUSES CAN BE
TRANSMITTED BY:
• Booting a PC from an
infected medium
• Executing an infected
program
• Opening an infected file
What are the common routes for
virus infiltration?
COMMON ROUTES FOR VIRUS
INFILTRATION INCLUDE:
• Floppy disks or other media
that users can exchange
• E-mail attachments
• Pirated software
• Shareware
How virus infection occurs?
• In order to infect a computer, a virus has to
have the chance to execute its code.
• Whenever you run an infected program, the
virus in the program copies itself into the
RAM memory chips, stays there (until you
turn the computer off), and infects every
other program you try to run or copy. To
infect a program, the virus looks for unused
spaces in the program’s file, then breaks
itself up and puts pieces of itself into unused
spaces, so the file’s total length is the same
as before and the virus is undetected.
How will you know if your
computer is infected?
 Here are some of the indicators of
an infection:
• System slowdown
• Unexpected display of messages or encrypted
files
• Unexpected graphics on screen
• Unexpected file date or time change
• Unexpected music
• Corruption of system and data files
• Decreased memory
• Disk drive LED lighting up for no apparent
reason
What are the different Kinds of
Viruses?
7 Kinds of
Viruses1. File virus
2. Boot-sector virus
3. Multipartite virus
4. Macro virus
5. E-mail worm
6. Denial-of-service attack
7. Hoax
 FILE VIRUSES
• A file virus (also called as
Parasitic virus) secretly
attaches itself to an innocent
program, so the innocent
program becomes infected.
Whenever you run the infected
innocent program, you’re
running the virus tool.
 Examples of File
Viruses
1. Yankee Doodle (from Bulgaria in Sept.
1989)
- Every day at 5pm, this virus plays part
of the song Yankee Doodle on the
computer’s built-in speaker. This virus is
also called Old Yankee and TP44VIR. It
infects .COM and .EXE files, so they
become 2899 bytes longer.
 Examples of File
Viruses
2. Die Hard 2 (from South Africa in July
1994)
- This virus infects .COM and .EXE files
and makes them become exactly 4000 bytes
bigger. The virus also overwrites .ASM
files (programs written in assembler) with
a short program. When you try to compile
the .ASM program, the computer hangs.
 Examples of File
Viruses
3. Chernobyl (from Taiwan in June 1998)
- Back on April 26, 1986, radioactive gas
escaped from a nuclear reactor in Chernobyl in
the Soviet Union. The Chernobyl virus
commemorates that event by erasing your hard
disk on April 26th every year. If you get infected
by this virus, you won’t notice it until the 26 th,
then suddenly your hard disk gets erased and so
do the hard disks of all your friends to whom
you’d accidentally sent the virus.
 Examples of File
Viruses
3. Chernobyl (from Taiwan in June 1998)
- The virus was written in Taiwan by a 24-year old guy
named Chen Ing-Hau. Since his initials are CIH, the
virus is also called the CIH virus. The virus was first
noticed in June 1998. it did its first damage on April 26,
1999. computers all over the world lost their data on
that day. Most American corporation were forewarned
and forearmed with anti-virus programs; but in Korea
a million computers lost their data, at a cost of 250
million dollars, because Koreans don’t use anti-virus
programs but do use a lot of pirated software.
 BOOT-SECTOR VIRUSES
• On a floppy disk or hard disk, the first sector is
called the disk’s boot sector or, master boot
record (MBR). A virus that hides in the boot
sector is called a boot-sector virus. Whenever the
computer tries to boot from a drive containing an
infected disk, the virus copies itself into RAM
memory chips. Before hiding in the boot sector,
the typical boot-sector virus makes room for
itself by moving data from the boot sector to a
“second place” on the disk.
 Examples of Boot-sector Viruses
1. Stoned (from New Zealand in Dec.
1987)
- Invented in 1987 by a student at the
University of Wellington, New
Zealand. If you boot from a disk
(floppy or hard) infected with this
virus, there’s a 1-in-8 chance in your
computer will beep and display this
message: “Your PC is now stoned.”
 Examples of Boot-sector Viruses
2. Michaelangelo (from Sweden in April
1991)
- This virus sits quietly on your hard disk
until Michaelangelo’s birthday, March
6th. Each year, on March 6th, the virus
tries to destroy all data on your hard
drive, by writing garbage (random
meaningless bytes) everywhere.
 Examples of Boot-sector Viruses
3. Monkey (from the USA in October 1992)
- This virus encrypts the hard drive’s partition
table, so the hard drive is accessible just
while the virus is in memory. If you boot the
system from a clean (uninfected) floppy disk,
the hard drive is unusable. This virus is tough
to remove successfully, since removing the
virus will also remove your ability to access
data. It reduces your total conventional RAM
by 1K, so you have 639K instead of 640K.
 MULTIPARTITE VIRUSES
• A multipartite virus hides in two places: the boot
sector also the file system. If you remove the virus
from just the boot sector (or from just files), you
still haven’t completely removed the virus, which
can regenerate itself from the place you missed. If
a virus is very smart, it’s called a stealth
polymorphic armored multipartite virus (SPAM
virus). A stealth virus makes special efforts to hide
itself from anti-virus software. For example, it
tricks anti-virus software into inspecting a clean
copy of a file instead of letting it read the actual
(infected) file.
 Example of Multipartite Virus
1. One Half (from Austria in Oct. 1994)
- It slowly encrypts the hard drive. Each
time you turn on the computer, the
virus encrypts two more cylinders.
When about half of the hard drive’s
cylinders are encrypted, the computer
says “Dis is one half Press any key to
continue…..”
MACRO VIRUSES
• A macro virus hides in macros, which
are little programs embedded in
Microsoft Word documents and Excel
spreadsheets. The virus spreads to
another computer when you give
somebody an infected document.
During the past few years, email has
become prevalent, and so have macro
viruses: they’re more prevalent that all
other viruses combined.