Chapter 3 - Computer Crime New ETHICS

Chapter 3 Computer and Internet Crime

Ethics in Information Technology, Second Edition

Updated by Carlotta Eaton, NRCC

Computer & Internet Crime Objectives Ethical issues for safe guarding IS & data  Dramatic increase in security incidents  Most common computer security attacks  Characteristics of computer criminals  Key elements to manage security issues  Ho to respond to a security incident 

Ethics in Information Technology, Second

Computer & Internet Crime Objectives Ethical issues for safe guarding IS & data  Dramatic increase in security incidents  Most common computer security attacks  Characteristics of computer criminals  Key elements to manage security issues  Ho to respond to a security incident 

Ethics in Information Technology, Second

IT Security Incidents: A Worsening Probem 

Security of information technology is of utmost importance ◦

!rotect con"dential data 

◦

◦



Safeguard pri#ate customer and employee data

!rotect !rotect against malicious acts of theft or disruption Must $e $alanced $alanced against  against other $usiness needs and issues

%um$er of ITrelated security incidents is increasing around the orld

Ethics in Information Technology, Second

Page 68

IT Security Incidents: A Worsening Probem !continued" 

Computer Emergency 'esponse Team Coordination Center (CE'T)CC* ◦

◦

◦

See +cert+org +cert+org at  at Carnegie Mellon ni#ersity Esta$lished in -.// Charged ith  

Coordinating communication among e0perts during computer security emergencies Helping to pre#ent future incidents

Ethics in Information Technology, Second

Page 69

#$panding and Changing Systems Introduce %e 'is(s 

%etork era ◦

◦



Internet era Easy to share information

Information technology ◦

◦

IT is necessary to achie#e organi1ation goals Di2cult to keep up ith the pace of technology changes

Ethics in Information Technology, Second Edition

Page 7 5

Security Terms 

E0ploit ◦



4eroday attack ◦



3ttack that takes ad#antage of a particular system #ulnera$ility  Takes place $efore a #ulnera$ility is disco#ered or "0ed

!atch ◦

◦

56i07 to eliminate a pro$lem !ro$lem8 sers responsi$le to install patches

Ethics in Information Technology, Second Edition

Page 7 6

%umber o) *unerabiities 'eported to C#'T+CC 24 Sto""ed re"orting attac# n$m%ers

Ethics in Information Technology, Second Edition

Page 7! 7

Attac( terms , -atching  9Denial of Ser#ice 3+ =+  9Egress 6iltering  9Ingress 6iltering C+ D+  9Spoo"ng E+  9Tro:an horse  9;irus 6+  9