Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Digital Planet: Tomorrow’s Technology and You George Beekman Ben Beekman Tenth Edition

Digital Planet: Tomorrow’s Technology and You Chapter 10 Computer Security and Risks Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall

Chapter 10 Objectives Describe several types of computer crime and discuss possible crime-prevention techniques Describe major security issues facing computer users, computer system administrators, and law enforcement officials Describe how computer security relates to personal privacy issues 3

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Objectives (cont.) Explain how security and computer reliability are related Describe the potential impact of digital technology on warfare and terrorism Summarize some of the larger political and social questions we’ll face as digital technology plays an ever-expanding role in our lives 4

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Gilberto Gil and the Open Source Society Brazilians Gilberto Gil and Caetano Veloso developed Tropicalismo Style of music that combined many styles of music Also a philosophy that encourages creative sharing of music, words, software, and ideas Desire to loosen intellectual property restrictions; adopted the “creative commons license”. This idea mirrors the ideas of an “open source” society The “open source” concept arose from self-styled “hackers”. 5

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Online Outlaws: Computer Crime Law enforcement is being transformed by information technology. Computer forensics experts use special software to scan criminal suspects for digital “fingerprints.” 6

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall The Digital Dossier Computer crime: any crime accomplished through knowledge or use of computer technology Cyberstalking: similar to stalking, but the domain is digital Businesses and government institutions lose billions of dollars every year to computer criminals. The majority of crimes are committed by company insiders and often covered up to avoid embarrassment. 7

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Theft by Computer: From Property Theft to Identity Theft Theft—the most common form of computer crime. A portable computer is easy prey. Identity theft doesn’t require a computer. 8

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Theft by Computer: From Property Theft to Identity Theft (cont.) The most common theft-by-computer is intellectual property theft. Social engineering: deceptive means of getting individuals to reveal sensitive information Spoofing: masquerading as somebody else Phishing: Internet fraud technique 9

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Software Sabotage: Viruses and Other Malware Malware: malicious software Viruses: replicate themselves into uninfected programs Worms: reproduces itself from computer to computer without human intervention Trojan horses: carry a hidden destructive program Logic bomb can be programmed to respond to an event Time bombs are triggered by a time-related event 10

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Software Sabotage: Viruses and Other Malware (cont.) Spyware: collects information without users knowledge Spybots: communicate data to others via the Internet Antivirus software: searches for viruses Security patches: plug potential security breaches 11

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Personal Data: All about You Identity theft: major criminal industry Can be triggered by being careless online or by errors in judgment. Victims can face massive phone bills, threats from collection agencies, and even arrests. It can take years to clear up the damage from an identity theft. 12

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Personal Data: All about You (cont.) Record matching: uses a unique field to combine information from different databases Privacy is decreasing Data can be transmitted almost instantly Workplace monitoring Surveillance cameras 13

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall No Secrets: Computers and Privacy Code of Fair Information Practices In early 1970s, a report to Congress Agencies ensure the reliability and security of information in their databases. Privacy Act of 1974 Broadest privacy law passed by Congress USA Patriot Act Passed in response to September 11, 2001 terrorist attacks 14

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Don’t give out your Social Security number or other numbers. Don’t give away information about yourself. Say no to mail, phone, and solicitations. Be stingy with your address. Safeguard your important documents. Shred all unneeded papers with numbers on them. 15 Say no to sharing your personal information. Think before you post. Pay attention to privacy preferences. Mobilize technology to protect your privacy. If you think there’s incorrect or damaging information about you in a file, find out. Check your credit reports. Your Privacy Rights

Protecting Yourself from Identity Theft Make your online purchases using a credit card or PayPal. Scan your bills promptly. Get a separate credit card for online transactions. Make sure a secure Web site is managing your online transaction. Don’t disclose personal information over the phone. 16 Handle with care. Don’t put your Social Security number on your checks. Shred sensitive mail before you recycle it. Keep your wallet thin. Copy your cards. Report identify theft promptly. (Local police and ftc.gov) Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall

Hacking and Electronic Trespassing Hackers: people who break into computer systems Cracking: criminal hacking Hactivists: hacking as a form of political activism Botnets: network of computers that have been hijacked DOS (denial of service): attacks bombard servers and Web sites with traffic that shuts down Web sites 17

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Physical Access Restrictions You may be granted access to a computer based on: Something you have, such as an ID card or a smart card containing digitally encoded identification in a built-in memory chip Something you know, such as a password Something you do, such as your signature Something about you, a biometric that is a measurement of an individual body characteristic such as a fingerprint 18

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Passwords and Access Privileges Passwords: most common tools used to restrict access to computers. Should be chosen with care. Access-control software: doesn’t need to treat all users identically System administrator: has additional access privileges 19

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Firewalls, Encryption, and Audits Firewalls: guard against unauthorized access to an internal network Encryption software: scrambles transmissions to secure them in transit TEMPEST: program to secure electronic communications while enabling the U.S. government to intercept signals from other sources Audit-control software: used to monitor and record computer transactions so auditors can trace activity 20

Firewalls Firewall: program that filters information between a private network and the rest of the Internet 21 Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall

Backups and Other Precautions UPS (uninterruptible power supply): protect computers from data loss during power failures Surge protectors: shield electronic equipment from power spikes Have a routine for making regular backups. 22

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Backups and Other Precautions (cont.) Four types of backups: Incremental: happens more or less continuously Bootable: makes a complete duplicate of a disk Off-site: transport DVDs of data to remote sites Archive: data is archived and deleted from main drive Human security controls Security experts are developing new techniques. Criminals develop new techniques as well. 23

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Safe Computing Share with care. Beware of bearing gifts. Handle shareware and freeware with care. Don’t pirate software. Disinfect regularly. Take your passwords seriously. 24 If it’s important, back it up. If it’s sensitive, lock it up. Treat your removable discs and drives as if they contained something important. If you’re sending sensitive information, consider encryption.

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall When Security Threatens Privacy Smart badges: broadcast identification codes A badge-location database stores data about the location of the badge (or person wearing the badge). Smart phones have similar technology called proximity recognition technology. 25

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Justice on the Electronic Frontier New laws are being created and questions about civil rights are being raised. Federal and state governments have responded to increase in computer crime: Telecommunications Act of 1996 Digital Millennium Copyright Act of 1998 Each of these laws introduced new problems by threatening rights of citizens—problems that have to be solved by courts and by future lawmakers. 26

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Bugs and Breakdowns Facts about software engineering: It is impossible to eliminate all bugs. Even programs that appear to work can contain dangerous bugs. The bigger the system, the bigger the problem. 27

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Computers at War Smart weapons: missiles that use computerized guidance systems to locate their targets Autonomous system: complex system that can assume almost complete responsibility for a task without human input Cyberwarfare and Cyberterrorism: where future wars may be fought 28

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 29 Human Questions for a Computer Age “The higher the technology, the higher the freedom. Technology enforces certain solutions: satellite dishes, computers, videos, international telephone lines force pluralism and freedom onto a society.” —Lech Walesa Will Computers Be Democratic?

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 30 Will the Global Village Be a Community? Human Questions for a Computer Age (cont.) “When machines and computers, profit motives, and property rights are considered more important than people, the giant triplets of racism, materialism, and militarism are incapable of being conquered.” —The Reverend Martin Luther King, Jr.

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Human Questions for a Computer Age (cont.) Are we becoming information slaves? 31 “Our inventions are wont to be pretty toys which distract our attention from serious things. They are but improved means to an unimproved end.” —Henry David Thoreau

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Human Questions for a Computer Age (cont.) Standing on the shoulders of giants 32 “If I have seen farther than other men, it is because I stood on the shoulders of giants.” —Isaac Newton

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Summary Computers, networks, and databases play an ever-increasing role in fighting crime. Many computer criminals use computers and the Internet to steal intellectual property. Organizations have developed a number of computer security techniques to protect their systems and data. 33

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall Summary (cont.) Occasionally, security procedures threaten the rights to privacy. The trade-offs between computer security and freedom raise important legal and ethical questions. Computer systems aren’t just threatened by people, they’re also threatened by software bugs and hardware glitches. 34

Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. 35