1 / 43

Ethical Issues concerning CyberCrime

Ethical Issues concerning CyberCrime. Cyber Crime. Youtube : cyber crime in 2009 https://www.youtube.com/watch?v=Y_SE4GHuAzg. Why Cyber Crime.

edolie
Télécharger la présentation

Ethical Issues concerning CyberCrime

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ethical Issues concerning CyberCrime

  2. Cyber Crime • Youtube: cyber crime in 2009 https://www.youtube.com/watch?v=Y_SE4GHuAzg

  3. Why Cyber Crime • In a day and age when everything from microwave ovens and refrigerators to nuclear power plants are being run on computers, cyber crime has assumed rather threatening implications. • The majority of what are termed “cyber-crimes” is really violations of longstanding criminal law, perpetrated through the use of computers or information networks. BUT ease of access, global reach, “greased data” all create special conditions for cyber crime

  4. What is a Computer Crime? • Criminals Can Operate Anonymously Over the Computer Networks. • The term “hackers” is contested (more later), but for now we’ll use it. • Hackers Invade Privacy. • Hackers Destroy "Property" in the Form of Computer Files or Records. • Hackers Injure Other Computer Users by Destroying Information Systems. • Computer Pirates Steal Intellectual Property.

  5. Definition of Cyber Crimes • Defining cyber crimes, as "acts that are punishable by the Information Technology Act" would also cover many things such as email spoofing and cyber defamation, sending threatening emails etc. A simple yet sturdy definition of cyber crime would be "unlawful acts wherein the computer is either a tool or a target or both".

  6. Classification of Cyber Crimes: • Tampering with computer source documents • Hacking • Publishing of information, which is obscene in electronic form • Child Pornography • Accessing protected system • Breach of confidentiality and privacy

  7. Other Cyber Crimes • Cyber Stalking • Cyber squatting • Data Diddling • Cyber Defamation • Trojan Attack • Forgery • Financial crimes Virus/worm attack E-mail spoofing Email bombing Salami attack Web Jacking Internet time theft

  8. Current Statistics • The 2012 FBI cyber crime report: http://www.ic3.gov/media/annualreport/2012_IC3Report.pdf

  9. Laptop Theft • Easy to carry • Going through airport security • Be sure the TSA person sees YOU • Same TSA person keeps laptop • Same TSA person gives it back to you.

  10. Data Theft • when any information in the form of data is illegally copied or taken from a business or individual without his knowledge or consent • poor technical know-how of our police adds to the woes • the lack of coordination between different investigating agencies • if the culprit is caught he can easily get away because of various loopholes in our law

  11. Cyber Crime Videos • There are several good videos on Youtube on: • Blue jacking – Bluetooth hijacking jacking • War driving

  12. Cyber Criminals • Any person who commits an illegal act with a guilty intention or commits a crime is called an offender or a criminal. • The Cyber Criminals may be children and adolescents aged 6-18 years, they may be organized hackers, may be professional hackers or crackers, discontented employees, cheaters or even psychic persons.

  13. Kids & Teenagers (ages 9-16) • have just begun to understand what appears to be a lot about computers, it is a matter of pride to have hacked into a computer system. • Appearing really smart among friends. • Commit cyber crimes without really knowing that they are doing anything wrong. • Teen hackers have gone from simply trying to make a name for themselves to actually working their way into a life of crime.

  14. Organized Hacktivists • Hacktivists are hackers with a particular (mostly political) motive. • Can be social activism, religious activism, etc. • Attacks on approximately 200 prominent Indian websites by a group of hackers known as Pakistani Cyber Warriors are a good example of political hacktivists at work. • Anonymous: mixed bag: attacks on porn sites; attack on Sony for proprietary protectin of Playstation

  15. Disgruntled employees • Displeased employees can become spiteful. • It is easy for disgruntled employees to do more harm to their employers by committing computer related crimes, which can bring entire systems down.

  16. Professional Hackers(Corporate espionage) • Rival organizations employ hackers to steal industrial secrets and other information that could be beneficial to them. • The temptation to use professional hackers for industrial espionage also stems from the fact that physical presence required to gain access to important documents is rendered needless if hacking can retrieve those.

  17. Microsoft – February 2010 • Microsoft Corp. launched a novel legal assault to take down a global network of PCs suspected of spreading spam and harmful computer code, adding what the company believes could become a potent weapon in the battle against cyber criminals.

  18. Security experts say it isn't yet clear how effective Microsoft's approach will be, while online rights groups warn that the activities of innocent computer users could be inadvertently disrupted. • Here we go with everything we have been talking about.

  19. A Federal judge in Alexandria, Va., granted Microsoft's request for an order to deactivate hundreds of Internet addresses that the company linked to an army of tens of thousands of PCs around the globe, infected with computer code that allows them to be harnessed to spread spam, malicious virus programs and mount mass attacks to disable Web sites.

  20. By cutting off access to those addresses, Microsoft hopes to prevent the masterminds behind the network from reprogramming the infected PCs with a fresh batch of addresses to reach, blocking them from directing the network.

  21. Google • In one high-profile incident, Google Inc. (February 2010) disclosed attacks against the Internet giant and other major U.S. companies that it linked to China. Chinese officials deny any involvement.

  22. Source Code of a Virus • Not illegal to sell or publish the source code • Illegal to release a virus over the Internet • 373 Source codes freely available on Internet: vxheavens.com

  23. Phishing • Online identity theft • Phishing emails look authentic, many include accurate-looking logos. • Want the user to enter sensitive information like passwords, account numbers, credit card information • Information is then used to pilfer money from unsuspecting user’s accounts or create bogus credit cards

  24. Macro Virus • Macro is a recorded series of steps • Macros are used in many application programs (Microsoft Office) • Macros can be blocked by virus detection programs but then you can’t send Access files

  25. Costs of Cybercrime & Cybervandalism • Survey of 300 North American companies showed • 103 virus infections per 1000 computers • Cost billions of dollars each year • Blames the Internet and email for spread of viruses and worms

  26. Malware • Worms • Malicious pieces of code that run independently • Travel across network connections from computer to computer • Trojan Horse • Appears to be good • Used to insert corrupt information into a working program • Backdoor Trojan Horse when ran opens the door for people to steal your passwords, destroy files, etc.

  27. “Internet Worm” • One of the first cases showing the Internet’s vulnerability • Developed by a Cornell University student , 1988 • A self-replicating C program • Didn’t modify system files or destroy data but made performance deteriorate rapidly and crash • Halted after 12 hours of destruction (2,500 computers infected with over $1 million cleanup) • Robert Morris claimed did this to show security gaps • Fined $10,000 and 3 year probation

  28. Computer System Security • Break into 4 topics • Cybercrime –how it is defined and what sorts of activities • Trespass – unauthorized access • Protection for online communications • Encryption – different ways encrypt and decipher

  29. Cybercrime • Special category of criminal acts typically executed through utilization of computer and network technologies • Includes 3 basic categories • Software piracy • Computer sabotage • Electronic break-ins

  30. Software Piracy • Unauthorized duplication of proprietary software and the distribution or making available those copies • Software could be system software, application software or even MP3 files • In 2001 law enforcement officials shut down a major piracy ring called “Drink or Die” of software and movies; created by students at MIT and UCLA

  31. Computer Sabotage • Disruption of computer operations by means of a virus, worm, or logic bomb • Blaster worm and the SoBig virus unleashed in 2003 caused of $35 billion in losses • Denial of Service (DoS) attack – attacks a server multiple mock requests that the server crashes.

  32. Electronic Break-ins • Trespassing and unauthorized access • Internet-related fraud accounted for 53% of all consumer fraud in 2004 • Internet is used for planning crimes in the physical world • The Target fiasco: http://www.businessweek.com/videos/2014-03-13/hacking-timeline-what-did-target-know-and-when

  33. Anti-piracy • Constant battle to keep music, videos, and software from being copied. • Want to give user the ability to make a backup or use on diverse platforms (windows, mac) • iPod and MP3 players and music issues

  34. Trespass and Unauthorized Access • 1983 7 Milwaukee teenagers were convicted of computer trespassing but they said they were playing a game. Their game was to see if they could get in and they did allegedly break into Los Alamos Nation Laboratory and Sloan Kettering Cancer Center • 1986 Computer Fraud and Abuse Act (CFAA) updated in 1996 made trespassing a federal crime if done so to pilfer classified information to perpetrate fraud or to cause damage whether reckless or not

  35. Controversy of CFAA • What if the hacker: • Did no deliberate damage or destruction to property • Uncover security flaws so this is a good thing • Just did this to learn how computer systems operate • Claims this is just digital graffiti (a prank) • Does good (Robin Hoods)

  36. Controversy of CFAA continued • What if the hacker: • Did no malicious destruction • It could still be disruptive or costly • Must be inspected to verify no damage • There should be property rights because someone took the time to set up the site

  37. Questionable Forms of Trespass • Trespass to chattels – a tort action (negligence) based on unauthorized use or interference with another’s property • ISPs suing spammers for “trespass to chattels” • Compuserve vs. CyberPromotions Inc. – Compuserve notified CyberPromotions that it was prohibited from using their mail servers to send unsolicited bulk email • Compuserve grants permission to use but not overwhelm the mail server

  38. Shopbots • Shopbots comb through commercial web sites extracting pricing and product information for user comparison for the same item • eBay vs Bidder’s Edge – comparing auction data; court sided with eBay

  39. Security Measures in Cyberspace • Firewall • Software or hardware is first in the line of defense to protect internal network • Positioned between an organizer’s internal network and the Internet • Can trap an intrusion (virus) before it can penetrate • Is a packet filter (router to filter packets) • allows legitimate interactions • Not always effective, use other protection as well

  40. Security Software • AntiVirus • Software programmed to scan a computer for malicious code then deletes it once found • New viruses (300 launched each month) all the time so antivirus must be kept up-to-date • Filtering systems • Scan mail for spam or viruses

  41. Encryption • Encryption - Encoding the information so it can only be read if the receiver has the proper key to decode • Cryptography – use of algorithms that allow information to be understood thru secret codes • Types of keys • Single key – 1=A, 2=B, etc. • Data Encryption Standard (DES) – private key, 56 bits long • Public/private – messages are encrypted with public key that can only be decrypted with a private key

  42. Secure Socket Layer – is most often used in e-commerce transactions • Sniffers – programs used to seek out security lapse and intercept vulnerable communications travelling over a network • Authentication – process where a security system establishes the validity of an identification • Digital signature – public key encryption that verifies identity

  43. Encryption Controversy • Giving government the key to encryption systems not well received (like forcing builders to install microphones and cameras in all new homes) • Clipper Chip (multiple versions) and controversial

More Related