slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Computer Security And Computer Crimes PowerPoint Presentation
Download Presentation
Computer Security And Computer Crimes

Loading in 2 Seconds...

play fullscreen
1 / 20

Computer Security And Computer Crimes - PowerPoint PPT Presentation


  • 98 Views
  • Uploaded on

Computer Security And Computer Crimes. Problem under consideration.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Computer Security And Computer Crimes' - jamese


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1
Computer Security

And

Computer Crimes

problem under consideration
Problem under consideration
  • A software flaw was found in a national bank's web site that allows anyone who knows about the flaw to read all information about other people's bank accounts. You consider it a serious privacy risk. You sent e-mail to the bank about the problem but received no answer. What should you do next? Discuss pros and cons of various possible actions.
discussions covered
Discussions covered
  • Individual’s standpoint
  • Bank’s perspective
individual s stand point cont d customer decision tree
Individual’s stand point (cont’d.)[Customer Decision Tree…]

(Try Again)

(Take Advantage)

(Do Nothing)

Follow Executive Hierarchy

Harmless Hacking

Close Account

Repetition till remedy

Malicious Hacking

Hactivism

Eye on possibility of threats

individual s standpoint cont d 1 take advantage of the situation
Individual’s standpoint (cont’d.)1.Take Advantage of the Situation
  • Use your knowledge to hack the web site
    • Harmless hacking
      • Let the bank know they have been hacked
      • Probably illegal
      • Forces the bank to confront security breach
      • Is this ethically justified?
individual s standpoint cont d 1 take advantage of the situation7
Individual’s standpoint (cont’d.)[ 1.Take Advantage of the Situation…]
  • Malicious hacking
    • Access accounts yourself
    • Disrupt service and/or steal money
    • Very much illegal
    • Severe penalties
    • No ethical justification
individual s standpoint cont d 1 take advantage of the situation8
Individual’s standpoint (cont’d.)[ 1.Take Advantage of the Situation…]
  • Hacktivism
    • Disrupt service
    • Tell other customers that web site is unsafe
    • Very much illegal or valid civil disobedience?
    • Penalties may not be as severe
individual s standpoint cont d 1 take advantage of the situation9
Individual’s standpoint (cont’d.)[ 1.Take Advantage of the Situation…]
  • In all three hacking examples the bank may incur serious losses
    • Financial
    • Customer relationships
    • Service disruptions
individual s standpoint cont d 2 do nothing
Individual’s standpoint (cont’d.)2. Do Nothing
  • Close account and go away
    • Problem still exists
    • Save your own hide
    • No recognition of responsibility to anyone beyond yourself; socially irresponsible
    • Absolutely the least one can do
    • Don’t care about bank’s further actions
individual s standpoint cont d 3 try again
Individual’s standpoint (cont’d.)3. Try again
  • Go up one level in complaint
    • Threaten to leave
    • Threaten to go to authorities (FDIC)
    • Threaten to go to media
  • Repeat process as necessary, through chain of command
individual s standpoint cont d 3 try again12
Individual’s standpoint (cont’d.)[ 3. Try again…]
  • Follow through on threats
  • Shows
    • Social responsibility
    • Customer loyalty
bank s perspective 1 keep quiet about it
Bank’s Perspective1. Keep quiet about it
  • Don’t draw attention
    • Keep secret from hackers
  • Reliance on secrecy
    • Cheap
      • Cost of fix vs. cost of liability
    • Cost of exposure could have consequences beyond the cost of fixing the problem
bank s perspective cont d
Bank’s Perspective (cont’d.)

2. Analyze and fix problem internally

  • Problem can be fixed without undue publicity
  • Minimal disruption of service
  • Question of competence
    • Can we trust the people who broke it to fix it?
  • Potentially most cost effective
bank s perspective cont d16
Bank’s Perspective (cont’d.)

[ 2. Analyze and fix problem internally…]

  • Check the flaw and see if any others exist
  • Check on potential of IT team
    • Maybe hire a hacker to test other parts of the system
  • Let it stay within the bank
bank s perspective cont d17
Bank’s Perspective (cont’d.)

3. Third party security audit

  • What requires auditing?
    • Hardware
    • Software
    • Network
  • Personnel evaluation
bank s perspective cont d18
Bank’s Perspective (cont’d.)

[ 3. Third party security audit …]

  • Question of security
    • Threat of exposure
    • Exposes secrets to outside entity
bank s perspective cont d19
Bank’s Perspective (cont’d.)
  • How to decide
    • Has anyone been injured
      • Loss of money
      • Loss of personal information
    • Consequences of breach becoming known
      • Known only to hackers
      • Known to general public
    • Ethical considerations