Difficulties with New Technologies

Forced Entry

Cybercrimes are those committed via computer networks for such purposes as fraud, identity theft, and the hacking of sensitive information.

Learning Objectives

Discuss the ramifications of cybercrime

Key Takeaways

Key Points

  • Cybercrimes are offenses that are committed with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm directly or indirectly, using modern telecommunication networks such as the Internet and mobile phones.
  • Computer crime may be divided into two categories: crimes that target computers directly, and crimes facilitated by computer networks or devices, the primary target of which is independent of the network or device.
  • Computer fraud is any dishonest misrepresentation of fact intended to get another to do or refrain from doing something which causes loss.
  • Identity theft is a form of stealing someone’s identity in which someone pretends to be someone else by assuming that person’s identity, typically in order to access resources or obtain credit and other benefits in that person’s name.

Key Terms

  • hacking: Unauthorized attempts to bypass the security mechanisms of an information system or network. See also cracker.
  • phishing: The act of sending email that falsely claims to be from a legitimate organization. This is usually combined with a threat or request for information. For example, it may claim that an account will close, a balance is due, or information is missing from an account. The email will ask the recipient to supply confidential information, such as bank account details, PINs or passwords; these details are then used by the owners of the website to conduct fraud.
  • identity theft: The deliberate assumption of another person’s identity, usually to gain access to that person’s finances or to frame a person for a crime.

Forced Entry

The creation and widespread use of new technology brings along with it many benefits. However, new and previously unaccounted-for dangers arise as well. Cybercrime is one such danger. It is defined as offenses that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim, directly or indirectly, using modern telecommunication networks such as the Internet (chat rooms, emails, notice boards, etc.) and mobile phones (SMS/MMS). Such crimes may threaten a nation’s or individual’s security and financial health. Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, and child abduction. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.

Computer crime encompasses a broad range of activities. Generally, however, it may be divided into two categories: crimes that target computers directly, and crimes facilitated by computer networks or devices, the primary target of which is independent of the network or device. Crimes that primarily target computer networks or devices include computer viruses, denial-of- service attacks, and malware. Crimes that use computer networks or devices to advance other ends include cyberstalking, fraud and identity theft, information warfare, and phishing scams.

Computer Fraud

Computer fraud is any dishonest misrepresentation of fact intended to get another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by one of a number of means:

  • Altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees. Altering data before entry or entering false data, or entering unauthorized instructions or using unauthorized processes are the most common examples.
  • Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions. This is difficult to detect.
  • Altering or deleting stored data.
  • Altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes.

Other forms of fraud may be facilitated using computer systems, including bank fraud, identity theft, extortion, and theft of classified information.

Identity Theft

Identity theft is a form of stealing a person’s identity in which someone pretends to be someone else, typically in order to access resources or obtain credit and other benefits in that person’s name. The victim of identity theft (here meaning the person whose identity has been assumed by the identity thief) can suffer adverse consequences if he or she is held accountable for the perpetrator’s actions. Identity theft occurs when someone uses another’s personally identifying information, like name, Social Security number, or credit card number, without permission, to commit fraud or other crimes.

Identity fraud is often but not necessarily the consequence of identity theft. Someone can steal or misappropriate personal information without then committing identity theft using the stolen information; this can happen when a major data breach occurs and the information of a large number of people is compromised.

Documented Cases of Cybercrime

One of the highest profiled banking computer crimes occurred during a course of three years, beginning in 1970. The chief teller at the Park Avenue branch of New York’s Union Dime Savings Bank embezzled over $1.5 million from hundreds of accounts.

In 1983, a nineteen-year-old UCLA student used his PC to break into a Defense Department international communications system.

Between 1995 and 1998, the Newscorp satellite pay-to-view encrypted SKY-TV service was hacked several times during an ongoing technological arms race between a pan-European hacking group and Newscorp. The original motivation of the hackers was to watch Star Trek re-runs in Germany, which was something Newscorp did not have the copyright to allow.

In February 2000, an individual under the alias of MafiaBoy began a series denial-of-service attacks against high profile websites, including Yahoo!, Amazon.com, Dell, E*TRADE, eBay, and CNN. About 50 computers at Stanford University, as well as computers at the University of California at Santa Barbara, were among the zombie computers sending pings in DDoS attacks. On August 3, 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of 10 counts of mischief to data for his attacks.

On March 2, 2010, Spanish investigators arrested three individuals for the infection of over 13 million computers around the world. The “botnet” of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.

In August 2010, the international investigation Operation Delego, operating under the aegis of the Department of Homeland Security, shut down the international pedophile ring Dreamboard. The website had approximately 600 members and may have distributed up to 123 terabytes of child pornography (roughly equivalent to 16,000 DVDs). To date, this is the single largest U.S. prosecution of an international child pornography ring; 52 arrests were made worldwide.

image

Cybercrime: Cybercrime can be committed using computer viruses and other various programs that can track any information you enter into computer networks.

Malware

Malware is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

Learning Objectives

Explain how malware can negatively impact individuals and organizations

Key Takeaways

Key Points

  • Malware includes computer viruses, worms, trojan horses, spyware, adware, and other malicious programs.
  • Malware has caused the rise in use of protective software types such as anti-virus, anti-malware, and firewalls.
  • Malware is often used against individuals to gain personal information such as social security numbers, bank or credit card numbers, and so on.
  • Spyware is designed to monitor users’ web browsing, display unsolicited advertisements, or redirect affiliate marketing revenues to the spyware creator.

Key Terms

  • spyware: Programs that surreptitiously monitor and report the actions of a computer user.
  • adware: A software application that includes advertisements, which are displayed while the software is running. Developers use adware as a source of income and to keep the costs of the software down (usually making it free). Some adware programs can include spyware.
  • malware: Software which has been designed to operate in a malicious, undesirable manner.

Malware

Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Malware is a general term used to refer to a variety of forms of hostile or intrusive software.

Malware includes computer viruses, worms, spyware, adware, and trojan horses. Malware is not the same as defective software, which is software that has a legitimate purpose but contains harmful bugs that were not corrected before release. However, some malware is disguised as genuine software, and may come from an official company website. An example of this is software used for harmless purposes that is packed with additional tracking software that gathers marketing statistics. Malware has caused the rise in use of protective software types such as anti-virus, anti-malware, and firewalls. Each of these are commonly used by personal users and corporate networks to stop the unauthorized access by other computer users, as well as the automated spread of malicious scripts and software.

image

BEAST Trojan Horse: Beast, a Windows-based backdoor Trojan horse

The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior. The term computer virus is used for a program that has infected some executable software and, when run, causes the virus to spread to other executables. On the other hand, a worm is a program that actively transmits itself over a network to infect other computers. These definitions lead to the observation that a virus requires user intervention to spread, whereas a worm spreads itself automatically.

Purposes

Malware is sometimes used broadly against government or corporate websites to gather guarded information, or to disrupt their operation in general. However, malware is often used against individuals to gain personal information such as social security numbers, bank or credit card numbers, and so on. Left unguarded, personal and networked computers can be at considerable risk against these threats. Since the rise of widespread broadband Internet access, malicious software has more frequently been designed for profit. Since 2003, the majority of widespread viruses and worms have been designed to take control of users’ computers for black-market exploitation. Infected “zombie computers” are used to send email spam, to host contraband data such as pornography, or to engage in distributed denial-of-service attacks as a form of extortion.

Another strictly for-profit category of malware has emerged, called spyware. These programs are designed to monitor users’ web browsing, display unsolicited advertisements, or redirect affiliate marketing revenues to the spyware creator. Spyware programs do not spread like viruses; instead they are generally installed by exploiting security holes. They can also be packaged together with user-installed software, such as peer-to-peer applications.

The prevalence of malware as a vehicle for Internet crime, along with the challenge of anti-malware software to keep up with the continuous stream of new malware, has seen the adoption of a new mindset for individuals and businesses using the Internet. With the amount of malware currently being distributed, some percentage of computers will always be infected. For businesses, especially those that sell mainly over the Internet, this means that they need to find a way to operate despite security concerns. The result is a greater emphasis on back-office protection designed to protect against advanced malware operating on customers’ computers.

Concealment

For a malicious program to accomplish its goals, it must be able to run without being detected, shut down, or deleted. When a malicious program is disguised as something normal or desirable, users may willfully install it without realizing it. This is the technique of the Trojan horse or trojan. In broad terms, a Trojan horse is any program that invites the user to run it, though it conceals harmful or malicious code. The code may take effect immediately and can lead to many undesirable effects, such as deleting the user’s files or installing additional harmful software.

One of the most common ways that spyware is distributed is as a Trojan horse, bundled with a piece of desirable software that the user downloads from the Internet. When the user installs the software, the spyware is installed along with it. Spyware authors who attempt to act in a legal fashion may include an end-user license agreement that states the behavior of the spyware in loose terms, which users may not read or understand.

E-Mail as an Entry Point

Email represents a potential IT risk and entry point for hackers, and so IT teams must integrate appropriate safeguards.

Learning Objectives

Understand the risks associated with organizational email systems and the tools available to offset those risks

Key Takeaways

Key Points

  • Email is used by virtually every organization on the planet and is an often targeted weakness by hackers.
  • Opening an email could potentially enable an executable file, which could contain a virus. Once this virus enters just one device, the shared professional network is at risk.
  • Utilizing tools such as firewalls, anti-virus software, and encryption can help block attempts to hack via email.
  • Organizations must be aware of the potential risks, and invest in IT accordingly to offset them.

Key Terms

  • Encryption: A method of scrambling and unscrambling information to protect it during digital transmission (in the context of email).
  • Firewall: A gateway between the internet and a local network, allowing or denying access based upon protocols.

Why Email is a Business Risk

Virtually every business and individual with internet access has an email account of some sort. Emails are files sent from one computer to another, and those files can contain virtually anything, including executable files. If a virus is transferred to a computer and executed internally, it can gain access to the device of an employee that has access to centralized databases. At this point, the virus has now infected the entire organization and, if not caught, can download, manipulate, export, and alter any and all customer data, strategic assets, and potentially even valuable IP.

As a result, protecting the inboxes of the employees at an organization is critical to minimizing this risk. There are a variety of mechanisms designed to do exactly that.

This image shows the transmission of an email from one device to another.

Email: This image shows the transmission of an email from one device to another.

How to Protect Your Inbox

There are a few simple steps organizations should take to protect their email systems. These include:

  • Firewalls – Simply put, a firewall permits or denies communication from the network based upon specific parameters. Setting stricter parameters with verification built in can stop viruses from accessing the network.
  • Encryption – Encryption takes a message and scrambles the contents of that message upon sending. The sender must enable the receiver to unscramble that message, and this can be done in a variety of ways. For example, business partners may agree on a password that will unlock the contents of an email and verify the sender while protecting the contents during transmission.
This shows a simple visual representation of how encryption works.

Encryption: This shows a simple visual representation of how encryption works.

  • Anti-virus Software – Anti-virus programs are designed to record libraries of data on common viruses, and scan all incoming email traffic (as well as internal files and databases) for signs of malicious software.
  • Intrusion detection systems (IDS) – Similar to anti-viruses, these programs scan devices and networks for malicious activity or violations to the preset policies.

As the world grows more and more digitally connected, the risks will continue to elevate. Being aware of the risks and investing in a strong IT infrastructure is key to mitigating the potential risks.