Computer crimes

•Living in a Digital
World
•Discovering
Computers 2010

Why Be Concerned about Network and
Internet Security?
 A computer system consists not only of software,
hardware, data/information, and procedures, but also of
people- the users of the computer system.
 People can use computer system for both good and bad
purposes. Some people use computers for evil activities.
A computer crime is generally defined as one that uses
computers and software for illegal purposes.
 Any illegal act involving a computer generally is
referred to as a computer crime.
Computer crime encompasses a broad range of
potentially illegal activities.

Perpetrators of Cyber Crime
Perpetrators of cybercrime and other
intrusions fall into seven basic categories:
hacker
cracker
script kiddies
 corporate spy
unethical employee
 cyberextortionist
 cyberterrorist

Hackers and Crackers
Hackers
 A hacker is a person who breaks into computers and computer
networks, either for profit or motivated by the challenge
 Hackers do not use the system to steal money or property but they
did create fictitious accounts changed some data files.
 Some people engage in hacking purely for the challenge codes.
Others do it to steal computer time, to peek at confidential
information, or to cause damage.
 White hat is a term often used to describe ethical hackers that stay
entirely within the law.
 They never access a system or network illegally, and they work
tirelessly to expose holes in systems with the ultimate goal of fixing
flaws and improving security.
 White hats may be security professionals, hired by companies to
audit network security or test software.

Hackers and Crackers
Crackers
 Cracking is the act of breaking into other computer systems.
 This can be done with malicious intent, for financial profit, or for
fun.
 The opposite of the white hat, a black hat or cracker breaks into
systems illegality for personal gain, vandalism (damage), or bragging
rights.
 A cracker is a one who uses their proficiency for personal gains
outside of the law. EX: stealing data, changing bank accounts,
distributing viruses, acts of sabotage and mischief on the internet,
and have cost companies millions of dollars. etc.

7Chapter 9 Understanding Computers, 11th Edition
Hacking
Hacking: using a computer to break
into another computer system; the
person doing the hacking is a hacker
To steal information
To sabotage a system
To hijack PCs to generate spam or host
Web sites
Social hacking
Authorized hacking

Script kiddie
A script kiddie has the same intent as a
cracker but does not have the technical
skills and knowledge.
Script kiddies often use prewritten
hacking and cracking programs to break
into computers.

Cyberextortionist
A cyberextortionist is someone who
uses e-mail as a vehicle for extortion.
These perpetrators send an organization a
threatening e-mail message indicating
they will expose confidential information,
exploit a security flaw, or launch an attack
that will compromise the organization’s
network — if they are not paid a sum of
money.

Cyberterrorist
 A cyberterrorist is someone who uses the Internet or
network to destroy or damage computers for political
reasons.
 The cyberterrorist might target the nation’s air traffic
control system, electricity-generating companies, or a
telecommunications infrastructure.
 The term, cyberwarfare, describes an attack whose
goal ranges from disabling a government’s computer
network to crippl a country. Cyberterrorism and
cyberwarfare usually require a team of highly skilled
people.

Introduction
Computer viruses and crimes have become
today’s headline news
With the increasing use of the Internet, it has
become easier for virus to spread
Virus show us loopholes in software
Most virus are targeted at the MS Windows OS


First Computer Virus
The first virus was made in Lahore,
Pakistan, 1986
Two programmers named Basit and
Amjad Farooq Alvi
Called Brain Virus

Computer Virus
 A virus is a program that "infects" an executable file. After
infection, the executable file functions in a different way than
before: maybe only displaying a benign message on the monitor,
maybe deleting some or all files on the user's hard drive, maybe
altering data files.
There are two key features of a computer virus:
 The ability to propagate by attaching itself to executable files (e.g.,
application programs, OS, scripts, boot sector of a hard disk or
floppy disk, etc.) Running the executable file may make new copies
of the virus.
 The virus causes harm only after it has infected an executable file
and the executable file is run.
 Viruses spread from one computer to another through removable
disks like USB, network computers & internet.
 If a Virus is found on one computer of the network, then it can
easily infect whole network.

Background
There are estimated 30,000 computer
viruses in existence
Over 300 new ones are created each
month
First virus was created to show loopholes
in software

Virus Languages
ANSI COBOL
C/C++
Pascal
VBA
Unix Shell Scripts
JavaScript
Basically any language that works on the system
that is the target

Symptoms of Virus Attack
 Computer runs slower then usual
 Computer no longer boots up
 Screen sometimes flicker
 PC speaker beeps periodically
 System crashes for no reason
 Files/directories sometimes disappear
 Denial of Service (DoS)

Virus through the Internet
Today almost 87% of all viruses are spread
through the internet (source: ZDNet)
Transmission time to a new host is relatively
low, on the order of hours to days
“Latent virus”

Classifying Virus - General
Virus Information
Discovery Date:
Origin:
Length:
Type:
SubType:
Risk Assessment:
Category:

TYPES OF COMPUTER
Virus
Basic types of computer viruses are
Worm
Trojan Horse
Macro

•Worms
•A worm is a program that copies itself.
•The distinction between a virus and worm, is that a virus never
copies itself – a virus is copied only when the infected executable file
is run.
•In the pure, original form, a worm neither deleted nor changed files
on the victim's computer — the worm simply made multiple copies
of itself and sent those copies from the victim's computer, thus
clogging(jam) disk drives and the Internet with multiple copies of
the worm. Releasing such a worm into the Internet will slow the
legitimate traffic on the Internet, as continuously increasing
amounts of traffic are mere copies of the worm.
•A classic example of a worm is the ILOVEYOU virus.

Worms
Spread over network connection
Worms replicate
First worm released on the Internet was called
Morris worm, it was released on Nov 2, 1988.

Trojan Horse
Covert
Leaks information
Usually does not reproduce

The TROJAN HORSE Virus
•The Trojan virus once on your computer,
doesn't reproduce, but instead makes your
computer susceptible to malicious intruders by
allowing them to access and read your files.
Making this type of virus extremely dangerous to
your computer's security and your personal
privacy. Therefore, you should avoid
downloading programs or files from sites if
you're not 100 percent positive of what the file
or program does.

Macro
A macro virus is programmed as a macro
embedded in a document. Many applications,
such as Microsoft Word and Excel, support
macro languages.
Once a macro virus gets on to your computer,
every document you produce will become
infected.
This type of virus is relatively new and may slip
by your antivirus software if you don't have the
most recent version installed on your computer.

Boot Sector viruses:
 A boot sector virus infects diskettes and hard drives. All disks and
hard drives contain smaller sections called sectors. The first sector
is called the boot.
 The boot carries the Master Boot Record (MBR). MBR functions to
read and load the operating system. So, if a virus infects the boot
or MBR of a disk, such as a floppy disk, your hard drive can become
infected, if you re-boot your computer while the infected disk is in
the drive.
 Once your hard drive is infected all diskettes that you use in your
computer will be infected. Boot sector viruses often spread to other
computers by the use of shared infected disks and pirated software
applications.
 The best way to disinfect your computer of the boot sector virus is
by using antivirus software.

Logic & Time Bombs
Logic bombs are programs which start executing malicious
program when user performs any specific action in the
computer. For Example: In one case, a programmer inserted a
logic bomb into a company’s system; that would destroy
company’s whole system, if his name was removed from it.
Their objective is to destroy data on the computer once certain
conditions have been met. Logic bombs go undetected until
launched, and the results can be destructive.
A time bomb refers to a computer program that has been written
so that it will stop functioning after a predetermined date or it
will trigger criminal activity at a specified date. For Example:
Time bombs are commonly used in shareware (trial) software
when the manufacturer of the software does not want the trial
version being used after the fix time.

Data Diddling or
Data Manipulation
Data diddling or manipulation is the way
in which important data can be
manipulated and changed. A person can
edit the business information of a
company or personal information of some
other person to harm them. Data diddlers
are often found changing grades in the
university records, falsifying input records
on bank transactions etc.


Data Stealing
This is the type of crime in which the
private information is stolen using illegal
ways. For Example: Mostly credit cards
information is theft by black hats.
Passwords can also be stolen through
different hacking techniques.

Software Piracy
The unauthorized copying & use of any proprietary
software is called Piracy.
 Most retail programs are licensed for use at just one
computer site or for use by only one user at any time.
By buying the software, you become a licensed user
rather than an owner.
 You are allowed to make copies of the program for
backup purposes, but it is against the law to give copies
to friends and colleagues.

Software Theft
Software theft occurs when someone:
Discovering Computers 2010: Living in a
Digital World Chapter 11
33Page 571
Steals software
media
Intentionally
erases
programs
Illegally copies
a program
Illegally
registers and/or
activates a
program

Software Theft
A single-user license agreement typically contains
the following conditions:
34Page 571
Permitted toPermitted to
• Install the software on one computer
• Make one copy of the software
• Remove the software from your computer before giving it away or selling it
Not permitted toNot permitted to
• Install the software on a network
• Give copies to friends or colleagues while continuing to use the software
• Export the software
• Rent or lease the software

Software Theft
Copying, loaning,
borrowing, renting, or
distributing software
can be a violation of
copyright law
Some software
requires product
activation to
function fully
35Pages 571 – 572
Figure 11-16
Click to view Web Link,
click Chapter 11, Click Web
Link from left navigation,
then click Business Software
Alliance below Chapter 11

Hardware Theft and
Vandalism
Hardware theft is
the act of stealing
computer equipment
Hardware
vandalism is the act
of defacing or
destroying computer
equipment
36Page 570

Hardware Theft and
Vandalism
To help reduce the of chances of theft,
companies and schools use a variety of
security measures
37Page 570
Figure 11-15
Physical
access
controls
Alarm
systems
Cables to lock
equipment
Real time location
system
Passwords, possessed
objects, and biometrics

Information Theft
Information theft occurs when someone
steals personal or confidential information
Encryption is a process of converting
readable data into unreadable characters to
prevent unauthorized access
38Pages 572 - 573
Figure 11-17

Information Theft
39Page 573
Figure 11-18

Information Theft
A digital signature is an encrypted code
that a person, Web site, or organization
attaches to an electronic message to verify
the identity of the sender
Often used to ensure that an impostor is not
participating in an Internet transaction
Web browsers and Web sites use encryption
techniques
40Page 574

System Failure
A system failure is the prolonged
malfunction(breakdown, fault) of a computer
A variety of factors can lead to system failure,
including:
Aging hardware
Natural disasters
Electrical power problems
Noise, undervoltages, and overvoltages
Errors in computer programs
41Page 575

Backing Up – The Ultimate
Safeguard
A backup is a duplicate of a file, program, or
disk that can be used if the original is lost,
damaged, or destroyed
To back up a file means to make a copy of it
Offsite backups are stored in a location
separate from the computer site
42Page 577
•Cloud
Storage

Backing Up – The Ultimate
Safeguard
Two categories of
backups:
Full backup
Selective backup
Three-generation
backup policy
43Page 577
Grandparent
Parent
Child

•44
Protecting Against Unauthorized Access,
Use, and Computer Sabotage
 Antivirus software: Used to detect and eliminate
computer viruses and other types of malware
Should be set up to run continuously to check incoming e-mail
messages, instant messages, and downloaded files
Should be set up to scan the entire PC regularly
Needs to be updated regularly since new malware is introduced
at all times
Best to have the program automatically download new virus
definitions on a regular basis
Some programs also scan for other threats, such as spyware,
bots, possible phishing schemes, etc.

45
Protecting Against Unauthorized Access,
Use, and Computer Sabotage
 Firewall: Security system that provides a protective
boundary between a computer or network and the
outside world
Works by closing down all external communications port
addresses
Blocks access to the PC from outside crackers
Blocks access to the Internet from programs on the user’s
PC unless authorized by the user
Important for home PCs that have a direct Internet
connection as well as for businesses
Intrusion protection system (IPS) software is related
Monitors and analyzes traffic allowed by the firewall to try and
detect possible attacks

46
Chapter 9
Understanding
Computers, 11th Edition
Encryption and Other
Security Tools
Encryption: method of scrambling e-mail or
files to make them unreadable
Secure Web servers: use encryption to
protect information transmitted via their Web
pages
Most common is SSL
Look for a locked padlock on the status bar and
https:// in the URL
Only transmit credit card numbers and other
sensitive data via a secure Web server

47
Chapter 9
Understanding
Computers, 11th Edition

Protect Password
Use information that only an individual
should know
Usernames
PINs
Passwords
Should be strong passwords and changed
frequently

Techniques Used for
Computer Security
 By taking the following precautionary steps, we can
protect our computers from viruses and their affects.
 Avoid downloading unnecessary files from unknown
Internet websites.
 Always scan downloaded contents & files before using
(opening) them.
 Don't open emails or attachments from unknown
senders.
 Use strong hard-to-guess passwords or pass-
phrases. Do not use words that are commonly used.
Remember that password cracking tools exist.

Techniques Used for
Computer Security
 If your computer is on a network, make sure that you
have a good, fully functional and updated antivirus &
firewall software installed on your computer.
 Always scan all removable disks or drives (like USBs,
CDs etc) through antivirus software before using (open)
it.
 Use anti-virus software and firewalls - keep them up to
date.
 Back-up your computer data on disks or CDs often.
 Don't share access to your computers with strangers.
 Disconnect from the Internet when not in use
 Encrypt document method of scrambling e-mail or files
to make them unreadable

Ethics and Society
Computer ethics
are the moral
guidelines that govern
the use of computers
and information
systems
Information accuracy
is a concern
Not all information on
the Web is correct
52Pages 581 – 582
Figure 11-28

Ethics and Society
Intellectual property rights are the rights to which
creators are entitled for their work
• A copyright protects any tangible form of expression
An IT code of conduct is a written guideline that
helps determine whether a specific computer action is
ethical or unethical
53Page 582
Click to view Web Link,
click Chapter 11, Click Web
Link from left navigation,
then click Digital Rights
Management
below Chapter 11

Ethics and Society
54Page 583
Figure 11-29

Video: Attack of the Mobile
Viruses
55
•CLICK TO START

Computer crimes

More Related Content

What's hot

Viewers also liked

Similar to Computer crimes

More from Muniba Bukhari

Recently uploaded

Computer crimes