H-1 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Extended Learning Module.

Slides:



Advertisements
Similar presentations
Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
Advertisements

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Crime and Security in the Networked Economy Part 4.
Topic 4: Protecting People & Information Ethics, Privacy & Security MGMD 233-MIS AMN 2012.
CHAPTER OVERVIEW SECTION 4.1 – Ethics
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Chapter 9: Privacy, Crime, and Security
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
BUSINESS PLUG-IN B6 Information Security.
McGraw-Hill/Irwin ©2005 The McGraw-Hill Companies, All rights reserved Extended Learning Module H COMPUTER CRIME AND FORENSICS.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security, Privacy, and Ethics Online Computer Crimes.
Extended Learning Module H Computer Crime and Digital Forensics Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
8-1 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Chapter 8 Protecting People.
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Extended Learning Module H COMPUTER CRIME AND DIGITAL.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 Investigations.
Copyright © 2014 Pearson Education, Inc. 1 IS Security is a critical aspect of managing in the digital world Chapter 10 - Securing Information Systems.
CHAPTER FOUR ETHICS AND INFORMATION SECURITY MIS BUSINESS CONCERNS
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Video Following is a video of what can happen if you don’t update your security settings! security.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Securing Information Systems
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Protecting People and Information: Threats and Safeguards
PROTECTING PEOPLE AND INFORMATION Threats and Safeguards
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.
1 I.Assets and Treats Information System Assets That Must Be Protected People People Hardware Hardware Software Software Operating systems Operating systems.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Security Chapter 8 Objectives Societal impact of information and information technology –Explain the meaning of terms related to computer security and.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
BUSINESS B1 Information Security.
Issues Information Systems and Management. Issues Privacy Ethics Health Computer Crime Security.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
CHAPTER 8 PROTECTING PEOPLE AND INFORMATION Threats and Safeguards.
Next Back MAP MAP B-1 Management Information Systems for the Information Age Second Canadian Edition Copyright 2004 The McGraw-Hill Companies, Inc. All.
ED 505 Educational Technology By James Moore.  What is the definition of Netiquette and how does it apply to social media sites? ◦ Netiquette is the.
Chapter 4 McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.
Caring for Technology Malware. Malware In this Topic we examine: v Viruses (or Malware) v Virus Detection Techniques v When a Virus is Detected v Updating.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Chapter 8 Computers and Society, Security, Privacy, and Ethics
Types of Electronic Infection
Computer Defining denial of service, worm, virus and hoax. Examples of negligence or incompetence that leads to crime. CI R M E By: Megan Price.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.
Chapter 16 Computer Crime. Three Key Characteristics of Computer Crime Computer Crimes are relatively easy to commit and difficult to detect. Most computer.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Business Plug-In B6 Information Security.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 14 – Windows Security.
Security and Ethics Safeguards and Codes of Conduct.
Any criminal action perpetrated primarily through the use of a computer.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
Computer Security INSM 180- Belasco Bryant and Stratton Fall 2011
Introduction to Computer Forensics
Chap 10 Malicious Software.
Chap 10 Malicious Software.
Presentation transcript:

H-1 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Extended Learning Module H Computer Crime and Forensics

H-2 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Presentation Overview Computer Crime Computer Crime Computer Forensics Computer Forensics Recovery and Interpretation Recovery and Interpretation

H-3 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Computer crime - a crime in which a computer, or computers, play a significant part. Computer crime - a crime in which a computer, or computers, play a significant part.  Illegal gambling  Forgery and money laundering  Child pornography  Electronic stalking  The list goes on…

H-4 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Outside the Organization Computer virus (or virus) - software that was written with malicious intent to cause annoyance or damage. There are two types of viruses. Computer virus (or virus) - software that was written with malicious intent to cause annoyance or damage. There are two types of viruses.  Benign viruses display a message or slow down the computer, but don’t destroy any information.  Malignant viruses damage your computer system.

H-5 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Outside the Organization Macro viruses - spread by binding themselves to software such as Word or Excel. Macro viruses - spread by binding themselves to software such as Word or Excel. Worm - a computer virus that replicates and spreads itself, not only from file to file, but from computer to computer via and other Internet traffic. Worm - a computer virus that replicates and spreads itself, not only from file to file, but from computer to computer via and other Internet traffic.

H-6 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Outside the Organization Denial-of-service (DoS) attacks - flood a Web site with so many requests for service that it slows down or crashes. Denial-of-service (DoS) attacks - flood a Web site with so many requests for service that it slows down or crashes. Distributed denial-of-service (DDos) – attacks from multiple computers that flood a Web site with so many requests for service that it slows down or crashes. Distributed denial-of-service (DDos) – attacks from multiple computers that flood a Web site with so many requests for service that it slows down or crashes.

H-7 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Outside the Organization Code Red was the first virus that combined a worm and DoS attack. Code Red was the first virus that combined a worm and DoS attack. Probably a hoax if: Probably a hoax if:  Says to forward it to everyone you know, immediately.  Describes the awful consequences of not acting immediately.  Quotes a well-known authority in the computer industry.

H-8 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Outside the Organization On Your Own What Polymorphic Viruses Are Floating Around Cyberspace?

H-9 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Outside the Organization Stand alone worms can run on any computer that can run Win32 programs. Stand alone worms can run on any computer that can run Win32 programs. Spoofing - the forging of the return address on an so that the message appears to come from someone other than the actual sender. Spoofing - the forging of the return address on an so that the message appears to come from someone other than the actual sender. Trojan horse virus - hides inside other software, usually an attachment or download. Trojan horse virus - hides inside other software, usually an attachment or download. Key logger, or key trapper, software - a program that, when installed on a computer, records every keystroke and mouse click. Key logger, or key trapper, software - a program that, when installed on a computer, records every keystroke and mouse click.

H-10 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Web Defacing Web defacing replaces the site with a substitute that’s neither attractive nor complimentary. Web defacing replaces the site with a substitute that’s neither attractive nor complimentary. Web defacing is a favorite sport of the people who break into computer systems. Web defacing is a favorite sport of the people who break into computer systems.

H-11 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime The Players Hackers Hackers Thrill-seeker hackers Thrill-seeker hackers White-hat (or ethical) hackers White-hat (or ethical) hackers Black-hat hackers Black-hat hackers Crackers Crackers Hacktivists Hacktivists Cyberterrorist Cyberterrorist Script kiddies or script bunnies Script kiddies or script bunnies

H-12 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime The Players Team Work Make up a Good Password

H-13 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Inside the Company Along with the traditional crimes of fraud and other types of theft, managers sometimes have to deal with harassment of one employee by another. Along with the traditional crimes of fraud and other types of theft, managers sometimes have to deal with harassment of one employee by another. Chevron Corporation and Microsoft settled sexual harassment lawsuits for $2.2 million each because employees sent offensive to other employees and management didn’t intervene. Chevron Corporation and Microsoft settled sexual harassment lawsuits for $2.2 million each because employees sent offensive to other employees and management didn’t intervene.

H-14 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Crime Inside the Company On Your Own Digital Signatures and Certificates

H-15 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Forensics Computer forensics - the collection, authentication, preservation, and examination of electronic information for presentation in court. Computer forensics - the collection, authentication, preservation, and examination of electronic information for presentation in court. In a well-conducted computer forensics investigation, there are two major phases: In a well-conducted computer forensics investigation, there are two major phases: 1. Collecting and authenticating electronic evidence. 2. Analyzing the findings. Computer forensics experts use special hardware and software tools to conduct investigations. Computer forensics experts use special hardware and software tools to conduct investigations.

H-16 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Forensics The Collection Phase Step one of the collection phase is to get physical access to the computer and related items. Step one of the collection phase is to get physical access to the computer and related items.  Computers  Hard disks  Floppy disks  CD’s and DVD’s  Zip disks  Printouts  Post-it notes, etc. This process is similar to what police do when investigating crime in the brick world. This process is similar to what police do when investigating crime in the brick world.

H-17 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Forensics Phase I - The Collection Phase Step two of the collection phase is to make a forensic image copy of all the information. Step two of the collection phase is to make a forensic image copy of all the information.  Forensic image copy - an exact copy or snapshot of the contents of an electronic medium.  MD5 hash value - a mathematically generated number that is unique for each individual storage medium at a specific point in time, because it’s based on the contents of that medium.

H-18 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Forensics Phase II - The Analysis Phase The analysis phase consists of the recovery and interpretation of the information that’s been collected and authenticated. The analysis phase consists of the recovery and interpretation of the information that’s been collected and authenticated. The analysis phase of the investigation is when the investigator follows the trail of clues and builds the evidence into a crime story. The analysis phase of the investigation is when the investigator follows the trail of clues and builds the evidence into a crime story.

H-19 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Computer Forensics Phase II - The Analysis Phase Computer forensic programs can pinpoint a file’s location on the disk, its creator, the date it was created, the date of last access, the date it was deleted, as well as file formatting, and notes embedded or hidden in a document. Computer forensic programs can pinpoint a file’s location on the disk, its creator, the date it was created, the date of last access, the date it was deleted, as well as file formatting, and notes embedded or hidden in a document.

H-20 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Recovery and Interpretation Much of the information comes from: Much of the information comes from:  Recovered  Deleted files  Currently unused disk space  Deliberately hidden information or files People whose was recovered to their extreme embarrassment (or worse) were: People whose was recovered to their extreme embarrassment (or worse) were:  Monica Lewinsky  Arresting officer in the Rodney King case  Bill Gates of Microsoft

H-21 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Recovery and Interpretation Places to Look for Stray Information Information is written all over a disk, not only when you save a file, but also when you create folders, repartition the disk, and so on. Information is written all over a disk, not only when you save a file, but also when you create folders, repartition the disk, and so on. File remnants could be found in: File remnants could be found in: 1. Slack space 2. Unallocated disk space 3. Unused disk space 4. Hidden files

H-22 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Recovery and Interpretation Ways of Hiding Information Rename the file. Rename the file. Make the information invisible. Make the information invisible. Use windows to hide files. Use windows to hide files. Protect the file with a password. Protect the file with a password. Encrypt the file. Encrypt the file. Use steganography. Use steganography.

H-23 Management Information Systems for the Information Age Copyright 2004 The McGraw-Hill Companies, Inc. All rights reserved Summary Assignments & Exercises 1. Find computer forensics software 2. Is your financial identity at risk for theft? 3. The international anti-cybercrime treaty 4. Does the fourth amendment apply to computer search and seizure?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.