* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Crime and Security in the Networked Economy Part 4
Survey
Document related concepts
Computer virus wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Unix security wikipedia , lookup
Information security wikipedia , lookup
Information privacy law wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
Data remanence wikipedia , lookup
Trusted Computing wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Security-focused operating system wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Cyberattack wikipedia , lookup
Mobile security wikipedia , lookup
Social engineering (security) wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Transcript
Part 4 Crime and Security in the Networked Economy The Changing Face of Crime • IT Crime • IT Security • Types of IT Crime – Theft – Fraud – Copyright Infringement – Attacks TECHNOLOGY TRENDS & ETHICAL ISSUES • Computing Power Doubles Every 18 Months • Advances In Data Storage • Advances In Data Mining Techniques • Advances In Telecommunications Infrastructure * The Changing Face of Crime • Types of IT Criminals – Employees – Outside Parties • Hackers – Organized Crime • Counterfeit Products • Intellectual Property Infringement Risks to Information Systems Human errors, accidents and omissions 50Ð80% Human errors, accidents, and omissions 50-80% Dishonest employees Dishonest employees 1010Ð17% -17% Natural disasters 10Ð15% Natural Disasters 10-15% Disgruntled employees 3Ð4% Disgruntled employees 3-4% ater 2Ð3% WaterW 2-3% Outsiders 1Ð3% Outsiders 1-3% Source: Forcht, K.A, Computer Security Management, with the permission of Course Technology, Inc. Copyright 1992 by Boyd and Fraser Publishing Co. Figure 17.4 W hat causes damage to ISs? What causes damage to IS? Changing Nature of Crime Aspect of Crime Industrial Economy (1950) Networked Economy (2000) Location Local Remote Impact Low High Format Physical Electronic Risk High Low Types of IT Crime • Theft of hardware, data or information – National Computer Registry • Fraudulent use of IT – Credit card fraud – Investor fraud – Medical and drug-related fraud – Auction site fraud Security • Policies, protection, and tools to safeguard hardware, software, communication network, and data from unauthorized access, alteration, theft and physical damage. Risks To Hardware • • • • • Hardware Failure Natural Disasters Blackouts and Brownouts Vandalism Theft Risks To Application and Data • • • • • • Software Failure Theft Alteration or Destruction Computer Virus Hacker Mishap – Training Risks to Information Systems CAUSE Theft Power Failure Accidents Miscellaneous Causes Lightening Fire Transit Water Total LOSSS IN MILLIONS NUMBERS OF REPORTS $1,011 $318 $246 $157 $86 $72 $53 $51 $1,994 275,000 389,000 276,000 269,000 91,000 19,000 54,000 34,000 1,407,000 Source: Software, The Insurance Agency, Inc., quoted in “1993 Computer Losses,” MacWeek, Vol 8 No 36, September 12, 1994, p. 28. Theft/Alteration of Information • Secure Passwords – Biometric Controls • Data Entry Controls • Audit Trails • Separation of Duties • Back-up copies secured • Shred Printouts • Secure diskettes Protection from Disasters • Fault-tolerant Systems – Extra hardware, software, and power supply components that can back the system up and keep it running. • Back-up of Data • Secure Area • Battery Back-up – UPS Copyright Infringement • • • • Software Piracy Business Software Alliance 1980 Software Copyright Act 1997 No Electronic Theft Act (NET) Copyright Infringement • Music Piracy • Motion Picture Experts Group • MPEG version 3 • MP3 Rio Player • NET Act Coverage Computer Virus • Software Program that spreads through system destroying data and Operating System. – – – – – Scan Disks with Current Antivirus Program Know Origin of Software Don’t Copy Anti-Virus Watch Downloads Passwords for Access Virus Generation Process Virus is Created at Terminal or PC Virus is Transmitted to Other Computers via Network or Disk Virus Replicates Itself on New Computers, Taking Over Main Memory Virus Sends Copies of Itself over Network or on Disk to More Computers • • • • • • VIRUS Attacks Worm Trojan Horse Time Bomb Logic Bomb Trapdoor Attacks on Web and E-mail Servers Information Technology Security • Threats to the Computer –Physical Security • Controlled Access –Data Security • Backups –Internet Security Information Technology Security • Surge Protection • Uninterruptible Power Supplies (UPS) • Password Policy and Use • Personal Identification Number (PIN) • System Audit Software HACKER • Person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure. – – – – Passwords Callback Firewall Encryption Data Encryption Systems • Plaintext –Ciphertext –Public Key Encryption Systems –Private Key Types of IT Crime Secure Electronic Transmission (SET) Purchase is Requested Transaction is Approved SET Encryption Request is Sent to E-commerce Server Merchant Sends Record to Bank Bank Credits Merchant’s Account E-Commerce Server Verifies Transaction Encrypting Communications Increases Security Plain Text LetÕ s meet at 11pm at the regular place Encrypted Message encryption @#$%^&*)(hJKgfSed %$dE?><:Ó{><?V Decrypted Message decryption Figure 17.10 Encrypting communications increases security. LetÕ s meet at 11pm at the regular place Firewalls • Software to separate users from computing resources. • Allows retrieval and viewing of certain material, but blocks attempts to make any changes in the information or to access data that reside on the same computer. • They are also used to keep unauthorized software away. Firewall Around Network Internet Security • 4 Basic Firewall Actions – Packet can be dropped entirely – Alert network administrator – Return failed message to sender – Action can be logged only