Chapter 9 - Security & Ethics
Security
- Threats to computer security include criminals, computer crimes, and other hazards
Computer criminal – engage in illegal action using computer technology
- Employees – may be trying to steal hardware, software and proprietary information
- Outside users – could obtain confidential passwords which include employees and clients or suppliers having access to a company’s computer system
- “Hackers” and “crackers” – Their motives are malicious and can be very destructive and costly. Hackers gain unauthorized access to computer systems “for fun”, crackers create and share programs designed to gain unauthorized access to computer systems.
- Carders – criminals who specialize in stealing, trading, and using stolen credit cards over the Internet
- Organized crime – tracking illegal enterprises, forgery, counterfeiting
- Terrorists – could potentially crash satellites and wage economic warfare by disrupting navigation and communication systems
Computer crime – uses special knowledge of computer technology to engage in illegal action
Creation of malicious programs – malicious software (malware)
Computer Crimes |
Descriptions |
Viruses
|
|
Worms – a special type of virus
|
|
Trojan horse
|
|
Zombies
|
|
Denial of service attacks
|
|
Social networking risks
|
|
Cyber-bullying
|
|
Rogue Wi-Fi Hotspots
|
|
Theft
|
|
Data manipulation
|
|
Internet Scams - Phising
Computer Fraud and Abuse Act – law states that it’s a crime for an unauthorized person to view, copy or damage data using any computer across state lines
Hazard
Natural Hazards – fire, floods, hurricanes, tornadoes, earthquakes
Civil strife and terrorism – wars, riots, terrorist activities
Technological failures - voltage surge or spike, hard disk crash
Human errors – data entry errors, programmer errors, filename errors
Protect Computer Security
- protecting information, hardware, and software from unauthorized use, damage from intrusions, sabotage, and natural disasters
Restricting access
|
1. Biometric Scanning a. Fingerprint scan b. Iris (eye) scan
2. Passwords a. Change passwords when people leave a company b. Dictionary attack – attempt to gain unauthorized access to a user’s account by using software to try thousands of common words sequentially
3. Firewalls – a security buffer between a corporation’s private network and all external networks
|
Encryption |
· coding messages to prevent people from reading your messages · file encryption, email encryption, web site encryption · Virtual private networks (VPNs) · Wireless network encryption (WEP, WPA, and WPA2)
|
Anticipating disasters
|
· Physical security - protecting hardware · Data security– protecting software and data from unauthorized tampering or damage · Disaster recovery plan - continue operating until normal computer operations can be restored - hot sites - can create special emergency facilities which are fully equipped backup computer centers - cold sites - hardware must be installed to be utilized
|
Preventing data loss |
· Use physical backups – off-site storage using tapes or disks in case of loss of equipment
|
https://www.youtube.com/watch?v=zL_HAmWQTgA
Ethics
- Standards of moral conduct / guidelines for the morally acceptable use of computers
- Copyright
- Gives content creators the right to control the use and distribution of their work for paintings, books, music, films, video games
- Software piracy - Unauthorized copying and distribution
- Digital Millennium Copyright Act - the right of the owner to make a backup copy
- Digital rights management (DRM) - prevents copyright violations
- Plagiarism
- without refer to the original person's permission and use the other person’s work and ideas as your own