Download Social engineering - Information Systems

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
Document related concepts

Security-focused operating system wikipedia , lookup

Information privacy law wikipedia , lookup

Malware wikipedia , lookup

Trusted Computing wikipedia , lookup

Information security wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Cyberattack wikipedia , lookup

Hacker wikipedia , lookup

Computer security wikipedia , lookup

Social engineering (security) wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cybercrime wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript 
Chapter 9
Information Systems Ethics,
Computer Crime, and Security
9-1
Chapter 9 Objectives
Understand how computer ethics affects IS
 Understand information privacy, accuracy,
property, and accessibility
 Understand types of computer crime
 Understand the terms virus, worm, Trojan
horse, and logic or time bomb
 Understand computer security

9-2
Information Systems Ethics

Toffler’s three waves of change
 Agriculture
 Industrial Revolution
 Information Age
9-3
Information Systems Ethics

Computer Literacy


Digital Divide


Knowing how to use a computer
That gap between those with computer access
and those who don’t have it
Computer Ethics

Standards of conduct as they pertain to the use
of information systems
9-4
Information Systems Ethics

Privacy


Protecting one’s personal information
Identity theft

Stealing of another’s social security number,
credit card number, or other personal
information
9-5
Information Systems Ethics

Information accuracy


Deals with authentication and fidelity of
information
Information property

Deals with who owns information about
individuals and how information can be sold
and exchanged
9-6
9-7
Information Systems Ethics

Information accessibility


Deals with what information a person has the
right to obtain about others and how the
information can be used
Issues in information accessibility
Carnivore
 Electronic Communications Privacy Act (ECPA)
 Monitoring e-mail

9-8
Information Systems Ethics

The need for a code of ethical conduct
Business ethics
 Plagiarism
 Cybersquatting

9-9
Computer Crime

Definition: the act of using a computer to
commit an illegal act
Authorized and unauthorized computer access
 Examples
 Stealing time on company computers
 Breaking into government Web sites
 Stealing credit card information

9-10
Computer Crime

Federal and State Laws
Stealing or compromising data
 Gaining unauthorized computer access
 Violating data belonging to banks
 Intercepting communications
 Threatening to damage computer systems
 Disseminating viruses

9-11
Computer Crime

Hacking and Cracking
Hacker – one who gains unauthorized computer
access, but without doing damage
 Cracker – one who breaks into computer systems
for the purpose of doing damage

9-12
Computer Crime

Who commits computer crime?
9-13
Computer Crime

Types of computer crime









Data diddling: modifying data
Salami slicing: skimming small amounts of money
Phreaking: making free long distance calls
Cloning: cellular phone fraud using scanners
Carding: stealing credit card numbers online
Piggybacking: stealing credit card numbers by spying
Social engineering: tricking employees to gain access
Dumpster diving: finding private info in garbage cans
Spoofing: stealing passwords through a false login page
9-14
Computer Crime

Software piracy
North America – 25%
 Western Europe – 34%
 Asia / Pacific – 51%
 Mid East / Africa – 55%
 Latin America – 58%
 Eastern Europe – 63%

9-15
Computer Crime

Computer viruses and destructive code


Virus – a destructive program that disrupts the normal
functioning of computer systems
Types:
 Worm: usually does not destroy files; copies itself
 Trojan horses: Activates without being detected;
does not copy itself
 Logic or time bombs: A type of Trojan horse that
stays dormant for a period of time before
activating
9-16
Computer Security

Computer Security – precautions taken to keep
computers and the information they contain safe
from unauthorized access
9-17
Computer Security

Recommended Safeguards
 Implement a security plan to prevent break-ins
 Have a plan if break-ins do occur
 Make backups!
 Only allow access to key employees
 Change passwords frequently
 Keep stored information secure
 Use antivirus software
 Use biometrics for access to computing resources
 Hire trustworthy employees
9-18
Computer Security

Encryption – the process of encoding messages
before they enter the network or airwaves, then
decoding them at the receiving end of the transfer
9-19
Computer Security

How encryption works

Symmetric secret key system



Public key technology


Both sender and recipient use the same key
Key management can be a problem
A private key and a public key
Certificate authority


A trusted middleman verifies that a Web site is a
trusted site (provides public keys to trusted partners)
Secure socket layers (SSL)
9-20
Computer Security

Other encryption approaches

Pretty good privacy (PGP)

Phil Zimmerman
Clipper Chip

9-21
Computer Security

Internet Security

Firewall – hardware and software designed to
keep unauthorized users out of network systems
9-22
Computer Security

Virus prevention
Install antivirus software
 Make backups
 Avoid unknown sources of shareware
 Delete e-mails from unknown sources
 If your computer gets a virus…

9-23
Computer Security

How to maintain your privacy online
Choose Web sites monitored by privacy
advocates
 Avoid “cookies”
 Visit sites anonymously
 Use caution when requesting confirming e-mail

9-24
Computer Security

Avoid getting conned in cyberspace
Internet auctions
 Internet access
 International modem dialing
 Web cramming
 Multilevel marketing (pyramid schemes)
 Travel/vacations
 Business opportunities
 Investments
 Health-care products

9-25
Related documents
Week Three - Temple Fox MIS
Week Three - Temple Fox MIS
Social Responsibility and Ethics Notes
Social Responsibility and Ethics Notes
The definite article is used: The definite article is not used:
The definite article is used: The definite article is not used:
Slides Group 1 - Department of Information Technology
Slides Group 1 - Department of Information Technology
Ecophilosophy - University of Wisconsin–Madison
Ecophilosophy - University of Wisconsin–Madison
Ethics - Typepad
Ethics - Typepad
print
print
Public Relations and Ethics
Public Relations and Ethics
"What is Law?" Power Point
"What is Law?" Power Point
Crime 1. What did the word hacker mean in the early days of
Crime 1. What did the word hacker mean in the early days of
Chapter 14
Chapter 14