1 / 24

Computer Crime and Security: Protecting Your Systems

Learn about computer crime and security, including how attackers gain entry to computer systems, ways to prevent unauthorized access, types of losses caused by intrusions, and techniques to defend against attackers.

dianaf
Download Presentation

Computer Crime and Security: Protecting Your Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Slides created by Bob Koziel Hagerstown Community College

  2. Use MS Power Point XP to view the presentation. Earlier versions will not show the animations correctly. Slides with an icon: Click to view all parts of the slide. Some slides need to be clicked several times. Slides with an icon: Represents an internet link. Clicking on it will take you to the website. Internet connection required. Clicking on the or icon will take you to the previous slide or the next slide Slides with videos or sounds: Click on the picture to view videos or listen to sounds Tips for using the slide show

  3. COMPUTERS IN YOUR FUTURE 2003 • BRYAN PFAFFENBERGER Chapter 12 What You Will Learn Computer Crime and Security • How attackers and intruders gain entry into computer systems to harm or destroy data • Ways you can help system administrators keep computer systems safe from unauthorized users and viruses • People who are most likely to attack or harm computer systems and their motives • Types of losses caused by computer system intrusions and attacks • The tools and techniques used to defend computer systems against intruders and attackers

  4. What is the scope of the problem? • Computer security risk- Any event, action, or situation that leads to the loss of computer systems or data • Computer crime- Actions that violate state or Federal laws • Cybercrime- Crimes carried out over the Internet

  5. What are some techniques used to commit computer crimes? • Intruders gain unauthorized access to computer systems • Techniques used to gain access are: • Password guessing • Shoulder surfing • Packet sniffing • Dumpster diving • Social engineering • Superuser status • SATAN • Techniques used by insiders are: • Salami shaving • Data diddling

  6. Computer Viruses

  7. What are computer viruses? • Computer viruses are malicious programs that infect a computer system causing various problems with its use • They replicate and attach themselves to programs in the system • More than 20,000 different computer viruses

  8. How does a computer get infected? • Inserting a disk with an infected program and then starting the program • Downloading an infected program from the Internet • Being on a network with an infected computer • Opening an infected e-mail attachment

  9. What are the types of viruses? File infectors Boot sector virus • Attach themselves to program files • Spreads to other programs on the hard drive • Most common type of virus • Attach themselves to the beginning of hard drive • Executes each time computer is started • May lead to destruction of all data Macro virus • Infect automatic command capabilities of productivity software • Attach themselves to data files in word processing, spreadsheet and database programs • Spread when data files are exchanged between users

  10. What are some other types of destructive programs? Time bombs Worm • Resembles a virus • Spreads from one computer to another • Controls infected computers • Attacks other networked computers • Also called logic bombs • Harmless until a certain event or circumstances activate the program Trojan horse • Disguises itself as a useful program • Contains hidden instructions • May erase data or cause other damage

  11. Who creates malicious and damaging computer crimes? Hackers Crackers • Computer hobbyists • Try to find weaknesses and loopholes in computer systems • Rarely destructive • Adhere to hacker’s code of ethics • Also called black hats • Obsessed with entering secure computer systems • Rarely destructive • Leave calling cards on systems they enter Cyber gangs Virus authors • Usually teenage males • Want to push the boundaries of antivirus software • Can be very damaging • Brings crackers together by way of the Internet and meetings

  12. More of who creates malicious and damaging computer crimes? Disgruntled employees Spies • Sabotage a company’s computer system • Create security holes called trap doors • Can divulge trade secrets or destroy data • Participate in corporate espionage • Some are hackers or former employees • 125 countries are involved in industrial espoionage Swindlers • Use the Internet to scam money from people • Favorite distribution methods are e-mail, chat rooms and web sites • Types of scams are: Rip & tear, Pumping and dumping and Bogus goods Shills • Used on Internet auctions • A secret operative who bid’s on a seller’s item to drive up the bid

  13. What is cyberstalking? • Newest and fastest growing crime • Using the Internet and other electronic media to harass and threaten a person • Most perpetrators are men most victims are women • Children are at risk from online sexual predators

  14. What’s the cost of computer crime? • Staff time- Computer staff stops everything and focuses on the problem • Downtime- The system is shutdown unitl it’s safe to operate again • Replacing equipment- Company pays when computers and parts are missing due to theft • Adverse publicity- Crimes go unreported because of fear of publicity of loss • Loss of privacy- Sensitive personal information can end up in the hands of criminals • Risk to public safety- Many government agencies rely on computers to maintain public safety • Denial of service- Internet service becomes overloaded and doesn’t function

  15. Protecting Computer Systems

  16. Protecting computers from power related problems (surges & outages) • Use programs that have an auto save/auto recovery function • Equip system with an uninterruptible power supply; A battery powered device that automatically turns on when power is interrupted

  17. Controlling access • Choose authentication passwords that have at least eight letters, mix upper and lower case letters and include numbers • Callback systems- Access is granted or denied based on information caller gives • Know & have authentication- Users have various ways of accessing a system • Tokens- Electronic device that generates a logon code • Digital certificates- Resemble computer ID cards • Smartcards- Credit card sized device with internal memory • Biometric authentication- Voice recognition, retinal scans, thumbprints and facial recognition

  18. Install a firewall program • Programs that are designed to prohibit outside sources from accessing the computer system • Personal firewall- Designed to protect home computers from unauthorized access while connected to the Internet

  19. Use encryption • Encryption programs make information unreadable if it is stolen • Update web browser to use 128-bit encryption for online shopping

  20. Use antivirus programs • Called vaccines or virus checkers • Uses pattern-matching techniques to examine program files for patterns of virus code • Two drawbacks: • They cannot find viruses not in their database • They can not find new viruses that alter themselves to evade detection • Use antivirus programs that offer frequent updates and monitor system functions • Check disks for viruses that were used on another system

  21. Backup data • Backup programs and data regularly • Store backups away from the computer system • Types of backups: • Full backups- Everything stored on the computer; Backup once a month • Incremental backups- Backup only those files that have changed since last backup: Backup daily or weekly • Disaster recovery plan- Large organizations should develop a detailed plan for emergencies

  22. Tips for avoiding scams • Do business with established companies • Read the fine print • Don’t provide financial or personal information to anyone • Be skeptical about information received in chat rooms

  23. Tips for preventing cyberstalkers • Don’t share personal information in chat rooms • Be extremely cautious about meeting anyone you’ve contacted online • Contact the police if a situation occurs that makes you feel afraid while online

  24. THE END

More Related