Information Security and Computer Crimes

______________________________________________________________________________________________________________

Chapter 4
INFORMATION SECURITY AND COMPUTER CRIME
COMPUTER AND INFORMATION SECURITY

 Computer Security, techniques developed to safeguard information and information

systems stored on computers. Potential threats include the destruction of computer
hardware and software and the loss, modification, theft, unauthorized use, observation, or
disclosure of computer data.

 Today many people relay on computer to create or store useful information. Therefore, it is
important for the information on the computer to be stored and kept properly.

 Computers and the information they contain are often considered confidential systems
because their use is typically restricted to a limited number of users. This confidentiality
can be compromised in a variety of ways. For example, computers and computer data can
be harmed by people who spread computer viruses and worms.

 It is also extremely important for people to protect their computer from data lose, misuse
and abuse. For example, it is crucial for businesses to keep their information from being
accessed by unauthorized users. Home users are also need to secure their credit card
numbers when they are participating in online transaction.

Generally, a computer security threat is any action that could cause

 Loss of information, data, software
 Processing incompatibilities
 Damage the computer hardware
An intentional breach in a computer security is known as a computer crime.
Cyber crime is an illegal act based on the internet.

INFORMATION SECURITY THREATS

A. CYBERCRIMINALS AND COMPUTER CRIMINALS

There are several distinct categories of people that commit cyber crimes and computer crimes.

1. HACKERS
Hackers are people who access a computer or computer network unlawfully. They often claim
that they do this to find leaks in the security of a network.

People who intentionally create viruses are computer experts often known as hackers. Hackers
also violate confidentiality by observing computer monitor screens and by impersonating
authorized users of computers in order to gain access to the users’ computers. They invade

__________________________________________________________________________________
1
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

computer databases to steal the identities of other people by obtaining private, identifying
information about them. Hackers also engage in software piracy and deface Web sites on the
Internet. For example, they may insert malicious or unwanted messages on a Web site, or alter
graphics on the site. They gain access to Web sites by impersonating Web site managers.

2. CRACKER
Crackers are people who access a computer with the intent of destroying or stealing
information. They are basically evil hackers.

3. CYBER-TERRORIST
 A cyberterrorist is someone who intimidates or coerces a government or organization to
advance his or her political or social objectives by launching computer-based attack against
computers, network, and the information stored on them.
 Cyberterrorism in general, can be defined as an act of terrorism committed through the use
of cyberspace or computer resources. At worst, cyberterrorists may use the Internet or
computer resources to carry out an actual attack. As well there are also hacking activities
directed towards individuals, families, organized by groups within networks, tending to
cause fear among people, demonstrate power, collecting information relevant for ruining
peoples' lives, robberies, blackmailing etc.
 Cyber-terrorism is the leveraging of a target's computers and information, particularly via
the Internet, to cause physical, real-world harm or severe disruption of infrastructure.
Cyber terrorism is the use of techniques that disrupt or damage computer based information
system to cause fear, injury, or economics loss. Cyber-terrorists destroy computers or
communication systems. They are terrorists that disrupt an information system.

4. CYBER-EXTORTIONIST
Cyber-extortionists use E-mail as an offensive force. They usually send a threatening message.
For example, they send a threatening mail stating that they will release some confidential
information, exploit a security leak or launch an attack that will harm a company’s network.
They will request a paid sum of money to stop the attack from being committed.

5. UNETHICAL EMPLOYEES

Unethical employees are employees that illegally access their company’s computer resource
for numerous reasons, for example they can steal the top secret information for selling.

6. CORPORATE SPY

Corporate spy is professional that is hired to break into a specific computer over the network
to steal and destroy the company’s confidential information. Some companies hire these
professionals for a practice known as corporate espionage. They do this to gain an advantage
over their competition.

__________________________________________________________________________________
2
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

B. MALICIOUS PROGRAMS

Malicious hackers are increasingly developing powerful software crime tools such as
automatic computer virus generators, Internet eavesdropping sniffers, password guessers,
vulnerability testers, and computer service saturators. For example, an Internet eavesdropping
sniffer intercepts Internet messages sent to other computers. A password guesser tries millions
of combinations of characters in an effort to guess a computer’s password.

1. Computer Viruses

Virus is a generic term that people are using these days to describe a group of willfully
destructive computer programs.
A virus is a “deviant” program that attaches itself to computer systems and destroys or
corrupts data.
Viruses are potentially destructive software that spread from program to program or from
disk to disk.
A virus can also be defined as a program that reproduces its own code by attaching itself to
other programs in such a way that the virus’s code is executed when the infected program
is executed.
Viruses are programs just like any other program on your computer. They consist of
instructions that your computer executes. What makes viruses special is that they do their
“job” by placing self-replicating code in other programs, so that when those other programs
are executed, even more programs are “infected” with the self-replicating code.
Viruses are a specific type of program written deliberately to cause harm to someone’s
computer or to use that computer in an unauthorized way.
Computer viruses, like biological viruses, need a host to infect; in the case of computer
viruses this host is an innocent program. If such a program is transferred to your computer,
other programs on your computer will become infected. Even though some viruses do not
intentionally damage your data, we must consider all viruses as malicious softwares since
they modify your programs without your permission with occasional disastrous results. If
your computer gets infected with a virus, you are no longer in control of your computer.
Virus usually attaches itself to your hard disk. It might then display annoying messages like
“Your PC is stoned-legalize marijuana”. More seriously, it might add garbage to or erase
your files or destroy your system software. E.g. “I Love You”, “Pakistani Brain”
Viruses are transmitted in two ways:
 By secondary storage units: The first way is via an infected secondary storage device, such
as one you might get from a friend or a repairperson. It’s also possible to get a virus from a
sales demo disk or even from a shrink-wrapped commercial disk.
 By network: The second way is via a network,, as from e-mail or an electronic bulletin
board. This is why, when you’re looking into all the freebie games and other software
available online, you should use virus-scanning software to check downloaded files.

__________________________________________________________________________________
3
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

Types of viruses
a. Boot-sector virus (boot virus):
 The boot sector is that part of the system software containing most of the instructions for
booting, or powering up, the system.
 The boot sector virus replaces these boot instructions with some of its own. Once the
system is turned on, the virus is loaded into main memory before the operating system.
From there it is in a position to overtake the whole system and infect other file.
 Any diskette that is used in the drive of the computer then becomes infected. When the
diskette is moved to another computer, the contagion continues. E.g. AntCMOS.
b. File Virus
 File viruses attach themselves to executable files (.exe files)-those that actually begin a
program. When the program is run, the virus starts working, trying to get into main
memory and infecting files.
c. Logic Bomb:
 Just like a real bomb, a logic bomb will lie dormant until triggered by some event.
 It is a piece of code embedded in a program that waits for a particular event to occur. The
event (trigger) can be
 a specific date,
 the number of times executed,
 a random number, or
 a specific event such as deletion of a particular file.
 When the logic bomb is triggered, it will usually do something unpleasant. This can range
from changing a random byte of data somewhere on your disk to making the entire disk
unreadable. The changing of random data on disk may be the most insidious attack since it
would do a lot of damage before it would be detected.

2. Worm
A worm is a program that copies itself repeatedly into memory or onto a disk drive until no
more space is left.
A worm is a self-reproducing program that does not infect other programs as a virus will,
but instead creates copies of it self, which in turn create even more copies. It creates an
image of itself either in a file or at a particular location on the disk.
These are usually seen on networks and on multi-processing operating systems, where the
worm will create copies of itself, which are also executed. Each new copy will create more
copies quickly clogging (blocking) the system.
A worm differs from a virus in that it propagates through computer networks without user
intervention. Unlike a virus, it does not need to attach itself to an existing program.

3. Trojan Horse
 Trojan horse is a program that acts like the Trojan horse of Greek mythology, which
delivered soldiers to the city of Troy. Like wise, a

__________________________________________________________________________________
4
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

 Trojan program is a delivery vehicle for some destructive code onto a computer.
 It is a harmful program that is hidden inside another useful program. While the useful
program runs, the harmful part does something nasty like erasing your files. It appears to
be a useful program, but when a certain event occurs (like executing the useful program), it
will attack your computer in some way.
 A Trojan horse is a program which seems to be doing one thing, but is actually doing
another. A trojan horse can be used to set up a back door in a computer system such that
the intruder can gain access later.
 The Trojan horse covertly places illegal, destructive instructions in the middle of a
legitimate program, such as a computer game. Once you run the program, the Trojan horse
goes to work, doing its damage while you are blissfully unaware. An example of Trojan
horse is “FormatC”
4. Spywares
 Spywares are programs that are designed to secretly record and report your personal
activities over the internet. They can perform certain operations on your computer without
your consent, including displaying advertisements, collecting your personal information, or
changing the configuration of your computer.
 They can also change your web-browser’s home page, install network cookies on your hard
disk, and they make it difficult to restore your system to its original configurations.
o Cookies are specialized programs that can be installed on your hard disk from the
web site you have visited over the internet. They are used to record personal
information like, the website you have visited, what you did on the site, password s
used, credit card numbers, etc.

5. Adwares
 Adwares are programs that display advertisements. They popup without the consent of the
user. Therefore, they are annoying and they can slowdown the performance of your
computer.

C. OTHER TYPES OF INFORMATION SECURITY THREATS

a. Software errors
 When softwares have bugs (bugs are errors in a computer program which caused it not to
run properly.)
b. Technological failure
 Mechanical or electrical problems may occur on devices. They may get dirty or
overheated, damaged. Power failures can shut a system down and power surge can
burnout devices.
c. “Dirty Data” problems
 When the input data is incomplete, outdated, inaccurate, faulty.
 Human-error
d. Natural hazards

__________________________________________________________________________________
5
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

 Natural hazards may not merely lead to temporary system downtime, but can also wreak
the entire system. Example: earth quake, floods, fire,etc

e. Theft of computer resources

 Theft of hardware: can range from shoplifting an accessory of computers to taking away
the already installed systems.
 Theft of software and information: stealing confidential data.

WAYS OF ENSURING AN INFORMATION SECURITY

A variety of simple techniques can help prevent computer crimes, such as protecting computer
screens from observation, keeping printed information and computers in locked facilities,
backing up copies of data files and software, and clearing desktops of sensitive information
and materials. Increasingly, however, more sophisticated methods are needed to prevent
computer crimes. These include using encryption techniques, establishing software usage
permissions, mandating passwords, and installing firewalls and intrusion detection systems. In
addition, controls within application systems and disaster recovery plans are also necessary.

1. BACKUP
 Storing backup copies of software and data and having backup computer and
communication capabilities are important basic safeguards because the data can then be
restored if it was altered or destroyed by a computer crime or accident. Computer data
should be backed up frequently and should be stored nearby in secure locations in case of
damage at the primary site. Transporting sensitive data to storage locations should also be
done securely.

2. USING ANTI-VIRUS PROGRAMS

 You should have anti-virus software installed on your system and ensure you download
updates frequently to ensure your software has the latest fixes for new viruses and worms.
Additionally you want to make sure your anti-virus program has the ability to scan e-mail
and files as they are downloaded from the Internet. This will help prevent malicious
programs from even reaching your computer.

 There are many types of anti-virus software that are used to defend against the potential
threats of computer viruses. Examples include:

o Norton anti-virus,

o Symantec anti-virus, and

o McAfee anti-virus among others.

3. ENCRYPTION
__________________________________________________________________________________
6
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

 Encryption is the process of converting messages or data into a form that cannot be read
without decrypting or deciphering it. The root of the word encryption—crypt—comes from
the Greek word kryptos, meaning “hidden” or “secret.”
 Computer users can scramble information to prevent unauthorized users from accessing it.
Authorized users can unscramble the information when needed by using a secret code
called a key. Without the key the scrambled information would be impossible or very
difficult to unscramble. A more complex form of encryption uses two keys, called the
public key and the private key, and a system of double encryption. Each participant
possesses a secret, private key and a public key that is known to potential recipients. Both
keys are used to encrypt, and matching keys are used to decrypt the message. However, the
advantage over the single-key method lies with the private keys, which are never shared
and so cannot be intercepted. The public key verifies that the sender is the one who
transmitted it. The keys are modified periodically, further hampering unauthorized
unscrambling and making the encrypted information more difficult to decipher.

4. PASSWORDS (USER AUTHENTICATION)

 Passwords are confidential sequences of characters that allow approved persons to make
use of specified computers, software, or information. To be effective, passwords must be
difficult to guess and should not be found in dictionaries. Effective passwords contain a
variety of characters and symbols that are not part of the alphabet. To thwart imposters,
computer systems usually limit the number of attempts and restrict the time it takes to enter
the correct password.

 To help prevent abuse and misuse of computer data, it is important to limit the use of
computers and data files to approved persons. Security software can verify the identity of
computer users and limit their privileges to use, view, and alter files. The software also
securely records their actions to establish accountability. Military organizations give access

__________________________________________________________________________________
7
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

rights to classified, confidential, secret, or top-secret information according to the

corresponding security clearance level of the user. Other types of organizations also
classify information and specify different degrees of protection.

5. FIREWALL

 A firewall is a system which prevents unauthorized use and access to your computer.

 Firewalls provide a strong degree of protection from most forms of attack coming from the
outside world and battle viruses, worms and Trojans, embedded worms in out going e-
mails.

 Firewall will protect your computer from outside attempts to control or gain access your
computer, and usually provides additional protection against the most common Trojan
programs or e-mail worms.

 Computers connected to communication networks, such as the Internet, are particularly

vulnerable to electronic attack because so many people have access to them. These
computers can be protected by using firewall computers or software placed between the
networked computers and the network. The firewall examines, filters, and reports on all
information passing through the network to ensure its appropriateness. These functions
help prevent saturation of input capabilities that otherwise might deny usage to legitimate
users, and they ensure that information received from an outside source is expected and
does not contain computer viruses.

 It is important to remember that on its own a firewall is not going to rid you of your
computer virus problems, but when used in conjunction with regular operating system
updates and a good anti-virus scanning software, it will add some extra security and
protection for your computer or network.

6. USING UP-TO-DATE OPERATING SYSTEM

 The other step to protect your computer is to ensure your operating systems is up-to-date.
This is essential if you are running Microsoft Windows operating systems.

7. DISASTER RECOVERY PLANS

 Disaster recovery planning is a method of restoring information processing operations that
have been halted by destruction or accident

__________________________________________________________________________________
8
 Information Security and Computer Crimes
______________________________________________________________________________________________________________

 Organizations and businesses that rely on computers need to institute disaster recovery
plans that are periodically tested and upgraded. This is because computers and storage
components such as diskettes or hard disks are easy to damage. A computer's memory can
be erased or flooding, fire, or other forms of destruction can damage the computer’s
hardware. Computers, computer data, and components should be installed in safe and
locked facilities.

__________________________________________________________________________________
9