By:
Jill
Tracy
Lehman
Clegg
Clayton Nichols
Nattapon Nattigon
Robert Loggins

Pop-Up Example
 Short for “malicious software.”
 Designed to infiltrate a system without owner’s consent.
 General term that defines a variety of hostile, intrusive, or annoying program code.
 Creator’s perceived intent defines software as malware.

 A 2008 report released by Symantec suggested:
 Releases of malicious code may be exceeding rates of legitimate software applications.
 Primarily released through the Internet.
 Email
 Web sites
 Shaoxing, China was named the malware capital of the world by Symantec in 2010.

 Early malware, including worms & viruses were written as pranks.
 Today, most malware possesses intent to destroy systems including:
 Files
 Web pages
• Estimated that about 1 in 10 web pages contain malicious code.

 Many others create “zombie computers” that aid in advertising for profit motive.
 Tells infected computers to send spam email.
 Spyware is a form of malware.
 It monitor’s web browsing & displays unsolicited advertisements.
 Do not spread like viruses.
• Simply exploit security holes

 Basis of laws against malware include:
 Hacking
 Copyright Infringement
 Child Porn
 Privacy
 Fraud
 Destruction of property (Denial-of-Service attacks)
 Harassment
 Identity theft

 The basis for cybercrime laws is large in scope.
 As endless as non-cyber crime laws.
 U.S. laws continually get passed at the state &
Federal levels of government.
 Protect users of the web.
• Civil and criminal means of prosecution
 Example: http://www.informationweek.com/news/security/cyber crime/showArticle.jhtml?articleID=210602182

 US cybercrime laws are catching up.
 Some that help to combat malware are not as archaic.
 However, there are still hurdles when the courts are out touch with reality.
• Example: Virginia anti-spam law struck down by the state’s Supreme Court o Said it violated 1 st Amendment right to freedom of speech.
o http://www.cybercrimelaw.org/2008/09/12/virginiasupreme-court-strikes-down-states-anti-spam-law/

 Technology is constantly changing.
 Creates concern that at any given time, cybercrime legislation falls out of date.
 Large amounts of malware originate in foreign countries.
 Extradition laws not always up-to-date.
 New treaties help to combat problems.
• http://www.arnnet.com.au/article/345145/efa_cyber crime_treaty_will_trigger_tougher_laws/


Google said malicious software has been used to spy on Vietnamese computers
 The malware targeted tens of thousands of people.
 The malware has been used to attack blogs containing messages of political dissent.

 Security Issues
 The prevalence of broadband internet has allowed for a wave of malware solely intended to reap benefits.
 Downloading programs & sharing software has created opportunities for malware

 Use of a standard password for access control can create vulnerabilities
 A large percentage of users do not change their passwords from that established by the manufacturer causing the passwords to be easily obtainable
 Public access points, such as airports & coffee shops, offer little or no security.

 Penalties are depend on the level of severity of the attack.
Eg. Steal data such as credit card inf., login to banks and passwords, etc.
 If a site has links to malware sites, then the link is removed from their name in the SERPs (search engine results pages).

This feature is designed so that the site owners become aware of the malware issue.
 In some cases, credit & debit card data is stolen; this level of mayhem constitutes malware fraud felony, which can lead the perpetrators to serve numerous years in prison as well as pay enormous fines.

 A Google penalty is a punishment Google gives to sites they feel do not meet certain quality standards.

This can spell disaster for companies who run their business through their web sites.
 Google Penalty Types
 There are various penalty types that have been found as follows;
I.
The “Minus Thirty” Penalty
II.
The “950 Penalty”
Drop in rankings to the end of the listings for that
III.The Position 6 Penalty keyword
Above google penalties can be fixed by following google’s webmaster guidelines.

 Using Malware for damaging purposes:
 To attack blogs containing messages of political dissent. (Invasion of Privacy)
 Very difficult to identify the criminals who spy on
Vietnamese’s websites as the other side are Chinese government.
 Vietnam is lack of laws & investigators with the requisite experience or even the equipment to collect evidence to fight cyber crime which include malware through google.

Compromising Confidentiality:
18 U.S.C.
§ 1030(a)(2)(c)
 Intentionally access a computer
 without or in excess of authorization
Penalties:

Violations of section 1030(a)(2) are misdemeanors punishable by a fine or a one-year prison term, unless aggravating factors apply.

A violation or attempted violation of section 1030(a)(2) is a felony if:
 committed for commercial advantage or private financial gain,
 committed in furtherance of any criminal or tortuous act in violation of the
Constitution or laws of the United States or of any State, or
 the value of the information obtained exceeds $5,000.

 Historical Data : Computer crime cost Vietnam US$1.76 billion in 2008
 Vietnam should have security systems& computer crime laws as fast as possible by using the U.S. laws as a benchmarking.
 With penalties, cyber crime might be reduce.
Better Economic Situation as investors will have more confidence to invest in
Vietnam bec less cyber crime issues.
Source :http://www.straitstimes.com/Breaking%2BNews/SE%2BAsia/Story/STIStory_354440.html

 Must be aware at all times of potential attacks.
 Must make employees aware of the dangers of malware.
 Must take preventive measures against malware attacks.
 Must be aware of the legal & reporting measures to stop the spread of malware.