Chapter 11

Cards (83)

  • Computer waste
    Inappropriate use of computer technology and resources
  • Computer-related mistakes

    Errors, failures, and other computer problems that make computer output incorrect or not useful
  • Spam
    The indiscriminate sending of unsolicited e-mail messages (spam) to many Internet users.
  • Spam filter
    Software that attempts to block unwanted e-mail. Some require first-time emailers to be verified before their e-mails are accepted.
  • Image-based spam
    New tactic spammers use to circumvent spam-filtering software
  • Common causes of computer-related mistakes
    Unclear expectations and a lack of feedback<|>Program development that contains errors<|>Incorrect data entry by data-entry clerk
  • Preventing computer-related waste and mistakes
    Establishing, implementing, monitoring, and reviewing effective policies and procedures
  • Types of computer-related mistakes
    • Data-entry or data-capture errors
    • Errors in computer programs
    • Mishandling of computer output
    • Inadequate planning for and control of equipment malfunctions
    • Inadequate planning for and control of environmental difficulties
    • Installing computing capacity inadequate for the level of activity
    • Failure to provide access to the most current information
  • Implementing Policies and Procedures
    • Changes to critical tables, HTML, and URLs should be tightly controlled
    • User manual should be available covering operating procedures
    • System should have controls to prevent invalid and unreasonable data entry
  • Monitoring policies and procedures
    1. Monitor routine practices and take corrective action if necessary
    2. Implement internal audits to measure actual results against established goals
  • Top four categories of computer crime reported to law enforcement organizations
    • Undelivered merchandise or nonpayment
    • Identity theft
    • Credit card fraud
    • Auction fraud - attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of product purchased through an Internet auction site
  • Computer crime
    The unauthorized use, access, modification, and destruction of hardware, software, data, or network resources.
    The unauthorized release of information.
    The unauthorized copying of software<|>Denying an end user access to his or her own hardware, software, data, or network resources.
    Using or conspiring to use computer or network resources to obtain information or tangible property illegally
  • Social engineering
    Using social skills to get computer users to provide information to access an information system
  • Dumpster diving
    Going through trash cans / decommissioned storage devices to find secret or confidential information
  • Cyberterrorism
    The use of information technology by terrorist groups and individuals to further their agenda
  • Cyberterrorist
    Intimidates a government or organization to advance his or her political or social objectives
  • Identity theft
    Imposter obtains personal identification information in order to impersonate someone else e.g. obtain credit, merchandise and services in the name of the victim and have false credentials
  • Leads Online
    Web-based service system used by law enforcement to recover stolen property.
    It contains more than 250 million recorods in its database.
    It allows law enforcement officers to search the database by item serial number.
  • Geographic Information Systems (GIS)

    Enables law enforcement agencies to gain a quick overview of crime risk at a given address or in a given locale e.g. The National Equipment Registry, The CompStat program and CargoNet
  • Crimes that fall into several categories
    • Illegal access and use
    • Data alteration and destruction
    • Information and equipment theft
    • Software and Internet piracy
    • Computer-related scams
    • International computer crime
  • Criminal hacker
    Learns about and uses computer systems to gain unauthorized use or illegal access to computer systems
  • Script bunny
    A person who uses existing scripts, codes or other tools illicitly to gain entry into computer systems or networks without understanding the way the tools function or the way the systems or networks are designed
  • Insider attack
    Employee who compromises corporate systems
  • Worm
    A computer worm is a type of malware that spreads copies of itself from computer to computer
  • Trojan horse
    Malicious program that disguises itself as a useful application or game and purposefully does something the user does not expect
  • Virus
    Program file capable of attaching to disks or other files and replicating itself repeatedly
  • Rootkit
    Set of programs that enable its user to gain administrator level access to a computer or network
  • Logic bomb
    Type of Trojan horse that executes when specific conditions occur
  • Spyware
    Software installed on a personal computer to intercept or take partial control over user's interaction with the computer without knowledge or permission of the user
  • Password sniffer
    Small program hidden in a network that records identification numbers and passwords
  • Software piracy
    Act of unauthorized copying or distribution of copyrighted software
  • Patent infringement
    Occurs when someone makes unauthorized use of another's patent
  • Vishing
    Similar to phishing, but uses the victim's phone instead of their computer to trick people into giving personal/valuable information
  • Money laundering
    Disguising illegally gained funds so that they seem legal
  • Computer Fraud and Abuse Act of 1986

    Mandates punishment based on the victim's dollar loss
  • Computer Emergency Response Team (CERT)

    Responds to network security breaches and monitors systems for emerging threats
  • Digital Signature Act 1997
    Provides for the licensing and regulation of Certification Authorities (CA) to issue Digital Signatures and certify the identity of a signor
  • Computer Crimes Act 1997
    Gives protection against the misuses of computers and computer criminal activities such as unauthorized use of programs, illegal transmission of data or messages over computers and hacking and cracking of computer systems and networks
  • Unauthorised Access
    Access of any kind by any person to any program/data held in a computer is unauthorised if they are not entitled to control that access or do not have consent
  • Offences
    • Unauthorised access to computer material Causes a computer to perform any function with intent to secure access to any program/data held in any computer, where the access is unauthorised and the person knows this