Computer Crime and Ethics

Topics of Discussion
y Introduction y What are Computer Crimes and Ethics y Types of Computer Crime y Information Systems and Technology

Vulnerabilities y Ways to Manage the Risks Associated with Vulnerabilities y Can we trust Computers?

Information Systems Ethics

y Information accessibility y Deals with what information a person has the right to obtain about

others and how the information can be used y Issues in information accessibility y Carnivore: software application designed to be connected to Internet Service Providers computers and eavesdrops on all communications. y Electronic Communications Privacy Act (ECPA): it offered stronger support for voice mail than it did for e-mail. No other laws at federal or state levels protect e-mail privacy y Monitoring e-mail

y The need for a code of ethical conduct

Computer ethics is a branch of practical philosophy which deals with how computing professionals should make decisions regarding professional and social conduct.
y Business ethics y Plagiarism y Cybersquatting: registering a domain name and then trying to sell

the name for big bucks to a person, company. Domain names are a scarce resource one of the few scarce resources in cyberspace

Computer Crime
y Computer used to commit a crime

- Any crime in which computerrelated technology is encountered.

y Child porn, threatening email,

assuming someones identity, sexual harassment, defamation, spam, phishing

Computer as a target of a crime The commission of illegal acts through the use of a computer or against a computer system.
y Viruses, worms, industrial espionage,

software piracy, hacking

Types of Computer Crime

y Business attacks y Financial attacks y Terrorist attacks y Grudge attacks y Fun attacks

Computer Crime
y Types of computer crime y Data diddling: modifying data y Salami slicing: skimming small amounts of money y Phreaking: making free long distance calls y Cloning: cellular phone fraud using scanners y Carding: stealing credit card numbers online y Piggybacking: stealing credit card numbers by spying y Social engineering: tricking employees to gain access y Dumpster diving: finding private info in garbage cans y Spoofing: stealing passwords through a false login page

Computer Crime
y Who commits computer crime?

Computer Crimes Are Hard to Prosecute

y Lack of understanding y Lack of physical evidence y Lack of recognition of assets y Lack of political impact y Complexity of case y Juveniles

Computer Criminals Are Hard to Catch

y Multinational activity y No international laws for computer crimes y Complexity y Networked attacks hard to trace

Top Cyber Crimes that Attack Business

y Spam y Viruses/Worms y Industrial Espionage and Hackers y Wi-Fi High Jacking

SPAM
Spam accounts for 9 out of every 10

emails in the United States. MessageLabs, Inc., an email management and security company based in NewYork.
y Controlling the Assault of Non-Solicited Pornography and Marketing

Act (Can-Spam) . Signed into law on Dec 16, 2003

y Unsolicited commercial email must: y Be labeled y Include Opt-Out instructions y No false headers

Spam is Hostile
Spam can be dangerous
y Never click on the opt-out link! y May take you to hostile web site

where mouse-over downloads an .exe y Tells spammers they found a working address y They wont take you off the list anyway

What should you do?

y Filter it out whenever possible y Keep filters up to date y If you get it, just delete the email

Viruses and Worms

y Viruses
y software that piggybacks on other

software and runs when you run something else y Macro in excel, word
y Transmitted through sharing programs

on bulletin boards y Passing around floppy disks

y An .exe, .com file in your email

y Worms
y software that uses computer networks

to find security holes to get in to your computer usually in Microsoft OS!! But worm for MAC was recently written

Hackers are Everywhere

y Stealing data y Industrial Espionage y Identity theft y Defamation y Deleting data for fun y A lot of bored 16 year olds late at night y Turning computers into zombies y To commit crimes y Take down networks y Distribute porn y Harass someone y Ethical/white hat hackers exist too y Help break into networks to prevent crimes

Wi-Fi High Jacking

60-70% wireless networks are wide open Why are the Wi-Fi networks unprotected?
y Most people say Our data is boring y But criminals look for wireless networks

to commit their crimes on your door..

y And the authorities will come knocking

The Fight Against Computer Crimes

The role in combating cyber crime is essentially two-fold: (1) preventing cyber attacks before they occur or limiting their scope by disseminating warnings and advisories about threats so that potential victims can protect themselves (2) responding to attacks that do occur by investigating and identifying the perpetrator

Protect your Computers!

y Use anti-virus software and

firewalls - keep them up to date

y Don't share access to your

computers with strangers

y Keep your operating system up to

date with critical security updates and patches

y If you have a wi-fi network,

password protect it

y Don't open emails or attachments

y Disconnect from the Internet when

from unknown sources

not in use

y Use hard-to-guess passwords.

y Reevaluate your security on a

Dont use words found in a dictionary. Remember that password cracking tools exist

regular basis

y Make sure your employees and

y Back-up your computer data on

family members know this info too!

disks or CDs often

Conclusion
Obviously computer crime is on the rise, but so is the awareness and ability to fight it. Law enforcement realizes that it is happening more often than it is reported and are doing there best to improve existing laws and create new laws as appropriate. Security is an illusion as any system can be attacked under the right circumstances. Hopefully people will begin to realize that unless they report these crimes and get convictions, those committing computer crimes will continue to do so.

Thank you!