Computer Crime --------------------------------------------------------------------Learning Objectives 1. Understand types of computer crime 2. Understand areas of computer abuse 3. Understand methods of computer attack 4. Understand rule for security 5. Understand computer system security --------------------------------------------------------------------Introduction A computer crime is defined as an illegal act in which knowledge of computer technology is used to commit the offense. Computer manipulation crimes involve changing data to create records in a system for the specific advancement of another crime. Computer crime commonly takes one of a few familiar, highly general forms: 1. Fraud 2. Theft 3. Destruction 4. Disruption 5. Conspiracy --------------------------------------------------------------------Fraud Fraud is the misrepresentation of information. The end goal of fraud may be monetary or some other type of specific gain or it may grant a more general advantage to the perpetrator. Depending on the exact circumstances, fraud may be criminal in itself, whether it leads to any further 1 ends or not. This fact is particularly evident in certain areas of legal and regulatory compliance --------------------------------------------------------------------Theft Theft is probably the most familiar type of computer crime; in fact, identity theft has become a household word. Theft is not restricted to only this type, however. Computer related theft also may include theft of funds, theft of information, theft of physical property, or theft of intellectual property. This category can encompass anything from the misappropriation of computer hardware to various forms of industrial espionage. The end goal, however, is typically a targeted, tangible, or economic gain of some kind. --------------------------------------------------------------------Destruction Destruction is one of the most familiar forms of computer crime. Information or the devices that it resides on may be destroyed for any number of reasons. Most security professionals encounter destruction of information in a more familiar form: computer viruses and other kinds of malware. Malware threats represent one of the most damaging and costly areas of computer crime because malware threats are both numerous and diverse. A computer virus, Trojan, or worm may destroy files, sectors on a disk, or entire file systems. Depending on the specifics of the threat, it may spread by infecting other files and drives, the local area network, a Web page, e-mail, or any combination of these. 2 --------------------------------------- -----------------------------Disruption The most common type of disruption in computer crime is the denial of service attack. This type of attack typically crashes a system by sending large amounts of network traffic to it such that it is unable to process legitimate requests, or simply fill up the system’s disk. --------------------------------------------------------------------Conspiracy At a conceptual level, a conspiracy is simply an agreement between two or more individuals to commit an illegal act. Legally, this type of crime may become a computer crime whenever computers, networks, e-mail systems, chat rooms, instant message agents, and other systems are used to facilitate such an agreement or consultation. The actual illegal act does not have to take place for conspiracy itself to take place. --------------------------------------------------------------------Areas of Computer Abuse The following are the most likely areas where computer abuse will occur. 1. Payroll, fictitious personnel can be created. 2. Inventory, fictitious accounts can be created and records falsified to show bills were paid, while inventory was delivered to fictitious persons and locations. 3. Accounts receivable, this information can be mismanaged by a loss of computer records of monies owed to the firm. 3 4. Operations information, this data can be very valuable to a firm’s competitors, especially in the areas of growth plans and new designs. --------------------------------------------------------------------Hardware and Software Thefts These thefts characterize the illegal use of a computer. Software piracy involves the duplication of programs without authorization or payment. Virtually millions of dollars are lost by software developers to this type of crime each year, even though vendors are now attempting to safeguard their programs through the use of copyright protection devices. --------------------------------------------------------------------Methods of Attack There are many ways to compromise a computer. Some are technical attacks, while others can be accomplished with only a basic understanding of computer operations. The following are the most common methods of attack. --------------------------------------------------------------------Data Diddling This is the simplest, safest, and most common method used by insiders. It involves putting false information into the computer. The data are changed before or during input from a computer, such as fraudulent payroll information. --------------------------------------------------------------------Logic Bombs These are illegal instructions that operate at a specific time or periodically after being given to a computer. They 4 are often dependent upon date, time, or another operation for execution. --------------------------------------------------------------------Trojan Horse The computer criminal can alter the computer program by adding instructions unknown to the owner. As a result, the computer performs unauthorized functions. For example, it deletes accounts payable or receivable. --------------------------------------------------------------------Design and Personnel Rules for Security Certain commonsense steps, as follows, can greatly reduce the possibility of computer crimes, if they are taken into consideration from the very beginning: 1. Establish strong rules about who is allowed access to computer facilities. 2. Establish strong controls about data preparation equipment, and establish from the start who will have access to it. 3. Provide for extensive background screening of individuals who will do data processing. 4. Require that at least two persons be present when data processing equipment is operated. ----------------------------------------------------------------------Computer System and Electronic Transactions Security Maintaining the security of a computer system and electronic transactions involves the following: 1. Adequate physical security to prevent accidental or intentional damage to the computer system and related equipment 5 2. Established techniques for maintaining transaction data controls and for analyzing the reasonableness of transactions to detect and report possible crime attempts 3. Use of customer identification methods to restrict unauthorized individuals from initiating transactions to customer accounts ----------------------------------------------------------------------- 6