COMPUTER SECURITY AND

SAFETY, ETHICS, AND PRIVACY

BUS IT 5
Computer Security Risks
 Loss or Damage
 COMPUTER CRIME –Illegal act involving computers
 CYBERCRIME – FBI’s Top Priorities
Computer Security Risks
 Hacker
 Cracker
 Script Kiddie
 Corporate Spy
 Unethical Employee
 Cyber-Extortionist
 Cyber-Terrorist
Computer Security Risks
 Internet and Network Attacks
 Unauthorized Access
 Hardware Theft
 Software Theft
 Information Theft
 System Failure
Internet and Network Attacks
 Malware(Malicious Software)
 Computer Viruses, Worms, Trojan Horses and
Rootkits
 Payload – expected outcome
Internet and Network Attacks
 Operating system runs much slower than usual
 Available memory is less than expected
 Files become corrupted
 Screen displays unusual message or image
 Unknown programs or files mysteriously appear
 Music or unusual sound plays randomly
 Existing programs and files disappear
 Programs or files do not work properly
 System properties change
 Operating system does not start up
 Operating system shuts down unexpectedly
Internet and Network Attacks
 Opens an infected file
 Runs an infected program
 Boots the computer with infected removable media
inserted in a drive or plugged in a port,
 Connects an unprotected computer to a network
 When a certain condition or event occurs
Internet and Network Attacks
 Can multimedia files be infected with a virus?
 YES
Safeguards against Computer Viruses
and Other Malware
 Never start a computer with removable media
inserted in the drives or plugged in the ports, unless
the media are uninfected.
 Never open an e-mail attachment unless you are
expecting it and it is from a trusted source.
 Install an antivirus program on all of your
computers. Update the software and the virus
signature files regularly.
 Scan all downloaded programs for viruses and
other malware.
Safeguards against Computer Viruses
and Other Malware
 If the antivirus program flags an e-mail attachment
as infected, delete or quarantine the attachment
immediately.
 Before using any removable media, scan the media
for malware.
 Install a personal firewall program.
 Stay informed about new virus alerts and virus
hoaxes.
Botnets
 A botnet is a group of compromised computers
connected to a network such as the Internet that are
used as part of a network that attacks other
networks, usually for nefarious purposes.
 Zombie – refers to a compromised computer.
 Cybercriminals use botnets to send spam via e-mail,
spread viruses and other malware, or commit a
denial of service attack.
Back Doors
 Is a program or set of instructions in a program that
allow users to bypass security controls when
accessing a program, computer, or network
Spoofing
 Is a technique intruders use to make their network or
Internet transmission appear legitimate to a victim
computer or network.
Safeguards against Botnets, DoS
Attacks, Back Doors, and Spoofing
 Users can implement firewall solutions and install
intrusion detection software.
Unauthorized Access and Use
 Access - Is the use of a computer or network without
permission.
 Use - Is the use of a computer or its data for
unapproved or possibly illegal activities.
Safeguards against Unauthorized
Access and Use
 Acceptable Use Policy (AUP)
 outlines
the computer activities for which the computer
and network may and may not be used.
Identifying and Authenticating Users

 Access control
 Audit trail
 Three Methods:
 User names and passwords
 Possessed objects

 Biometric Devices
Hardware Theft and Vandalism
 Hardware theft is the act of stealing computer
equipment.
 Hardware vandalism is the act of defacing or
destroying computer equipment.
Safeguards against Hardware Theft
and Vandalism
 Physical access controls
 Real time location system (RTLS)
 Mini-security system
Software Theft – CCb, DDB
 Occurs when someone steals software media,
intentionally erases programs, illegally copies a
program, or illegally registers and/or activates a
program.
Safeguards against Software Theft
 Keep original software boxes and media in a
secure location
 Back up files and disks regularly
 Software Piracy
 LicenseAgreement
 Product Activation
Information Theft
 Occurs when someone steals personal or
confidential information.
Safeguards against Information Theft

 User identification and authentication controls

 Encryption Techniques
System Failure
 Is the prolonged malfunction of a computer.
 Can cause loss of hardware, software, data, or
information
Safeguards against System Failure
 Surge protector
 Backing Up – The Ultimate Safeguard
Ethics and Society-2:30
 Are the moral guidelines that govern the use of
computers and information systems.
Ethics and Society
 Six frequently discussed areas of computer ethics
are unauthorized use of computers and networks,
software theft (piracy), information accuracy,
intellectual property rights, green computing, and
information privacy.
Ethics and Society
 An organization requires employees to wear
badges that track their whereabouts while at work.
 A supervisor reads an employee’s e-mail.
 An employee uses his computer at work to send e-
mail messages to a friend.
 An employee sends an e-mail message to several
coworkers and blind copies his supervisor.
 An employee forwards an e-mail message to a third
party without permission from the sender.
Ethics and Society
 An employee uses her computer at work to
complete a homework assignment for school.
 The vice president of your Student Government
Association (SGA) downloads a photo from the
Web and uses it in a flyer recruiting SGA members.
 A student copies text from the Web and uses it in a
research paper for his English Composition class.
 An employee sends political campaign material to
individuals on her employer’s mailing list.
Ethics and Society
 An employee who has been laid off installs a computer
virus on his employer’s computer.
 A person designing a Web page finds one on the Web
similar to his requirements, copies it, modifies it, and
publishes it as his own Web page.
 A student researches using only the Web to write a
report.
 In a society in which all transactions occur online (a
cashless society), the government tracks every
transaction you make and automatically deducts taxes
from your bank account
Ethics and Society
 Someone copies a well-known novel to the Web and
encourages others to read it.
 A person accesses an organization’s network and
reports to the organization any vulnerabilities
discovered.
 Your friend uses a neighbor’s wireless network to connect
to the Internet and check e-mail.
 A company uses recycled paper to print a 50-page
employee benefits manual that is distributed to 425
employees.
 Your friend donates her old computers and mobile
devices to local schools when she purchases newer
models.
Ten Commandments of Computer
Ethics
 Thou shall not use a computer to harm other people.
 Thou shall not interfere with other people's
computer work.
 Thou shall not snoop around in other people's
computer files.
 Thou shall not use a computer to steal.
 Thou shall not use a computer to false witness.
Ten Commandments of Computer
Ethics
 Thou shall not copy or use proprietary software for
which you have not paid.
 Thou shall not use other people's computer resources
without authorization or proper compensation.
 Thou shall not appropriate other people's intellectual
output.
 Thou shall think about the social consequences of the
program you are writing or the system you are
designing.
 Thou shall always use a computer in ways that ensure
consideration and respect for your fellow humans.