Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybercrime ACC/210.

Published byLily Thomas Modified over 6 years ago

Similar presentations

Presentation on theme: "Cybercrime ACC/210."— Presentation transcript:

1 Cybercrime ACC/210

2 INTRODUCTION The number, type and sophistication of cyber security threats to organizations are Increasing day by day with the increasing internet usage. Due to the varied nature of motivations for cyber adversaries targeting employees, organizations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries by cyber criminals. Cybersecurity is very important for organization. It helps in dealing with cybercrimes

3 CYBERCRIME AND FRAUD Cybercrime refers to criminal acts involving the use of computers or other information and communication technology (ICT), or targeted against computers or other ICT. Cyber crime can be either; Pure cybercrime: crimes directed at computers or other ICT such as unauthorized access to, modification of or impairment of electronic communications, data or confidential information. Technology-enabled crime: crimes where computers or ICT are an integral part of an offence, such as online fraud, online identity theft and the online distribution of child exploitation material. Cybersecurity can be by antivirus and firewalls

4 Types of cyber attacks Denial-of-service (DOS): - DOS occurs when criminals attempt to bring down or cripple individual websites, computers or networks, often by flooding them with messages. Spam s: - spam s are unsolicited s or junk newsgroup postings. Spam s are sent without the consent of the receiver, potentially creating a wide range of problems if they are not filtered appropriately. Common types of cyber attacks can be handled using windows defender.

5 Types of cyber attacks (Cont.…)
Viruses and worms: - viruses and worms are computer programs that affect the storage devices of a computer or network, which then replicate information without the knowledge of the user. Computer virus and worms affect storage devices and networks without user knowledge

6 Types of cyber attacks (Cont.…)
Trojan: - a Trojan is a program that appears legitimate. However, once run, it moves on to locate password information or makes the system more vulnerable to future entry. It simply destroy programs or data on the hard disk. Malware: - malware is a software that takes control of any individual’s computer to spread a bug to other people’s devices or social networking profiles. Schedule scanning by windows defender for any malwares.

7 Types of cyber attacks (Cont.…)
Fiscal fraud: - by targeting official online payment channels, cyber attackers can hamper processes such as tax collection or make fraudulent claims for benefits. Carders: - stealing bank or credit card details is another major cybercrime. Duplicate cards are then used to withdraw cash at ATMs or in shops. It is important to modify the antivirus in the windows defender.

8 Types of cyber attacks (Cont.…)
Phishing: - phishing attacks are designed to steal a person’s login and password. For instance, the phisher can access the victims’ bank accounts or assume control of their social network. There is need for cyber security to protect users from loosing passwords and bank detail

9 Cyber criminals around the world
Insiders: disgruntled insiders are a major source of cybercrimes. This group tend to use the system everyday and they don’t not need a great deal of knowledge of the victim computer system. Hackers: these are computer enthusiasts who know more about computers and networking. They use their skills for criminal intent. Hacking has been on the increase since 1980s due to the increasing technologies and society’s demand for internet. Criminal groups: some of the cybercrimes are accomplished by criminal groups that have different motives which usually range from settling scores to pure thievery. You can also use the windows defender in offline mode.

10 Cyber criminals around the world (Cont.…)
Disgruntled ex-employees: studies have also shown that ex-employees disgruntled pose a serious threat to companies by targeting former employers on a revenge missions. Thus increased cybercrimes around the globe. Economic espionage spies: due to growth of cyberspace and e-commerce and the forces of globalization, new sources of cybercrime syndicates. The organized economic spies navigate through the internet looking for company secrets and confidential information. As the price tag for original research skyrockets, and competition in the market place becomes global, companies around the globe are ready to pay any amount for stolen commercial, marketing, and industrial secrets. Use personal windows firewalls and set up security notifications all the time.

11 CONTROLS AND PROCEDURES TO PREVENT CYBER CRIMES AND FRAUD
Control and prevention of cybercrimes consists of three components; Prevention, Detection, Recovery (Analysis and response) Setting up detailed rules

12 CONTROLS AND PROCEDURES TO PREVENT CYBER CRIMES AND FRAUD (Cont.…)
Prevention - this is probably the best system security policy. Being the best policy every employee need to know what he/she is to prevent the system from. Some include; A security policy, risk management, perimeter security, encryption, legislation, self-regulation, mass education. Detection - in case prevention by the company fails, the next strategy should be early detection. This constitute a 24hour monitoring of the system to alert system personnel whenever unusual patterns occur. Recovery – this is the last component where prevention and detection seem to have been deployed. Analysis is done for response. It is a stage where cybercrime has occurred and a recovery plan instituted and spelled out in security plan followed. Building a simple firewall with iptables and knowing what is on your network

13 CONTROLS AND PROCEDURES TO PREVENT CYBER CRIMES AND FRAUD (Cont.…)
To install and update security software: - softwares to be installed should be equipped with anti-phishing, anti-virus, firewalls and anti-spywares. Moreover, the software should have a backup and the ability for restoration for the company to be able to recover data and vital information in case of lose. Avoid opening unknown , websites or links that seem suspicious: - if employees are not sure about s, links or even attachment, they should ignore and report to it personnel. It may not be worth for the business to take such risks when not sure. Use smart passwords for employees: - as a company, employees should ensure passwords are robust and never less than eight characters and should incorporate symbols letters and numbers. For every account, ensure that different passwords are used and changed regularly after a period of time. Scanning the network hosts, services with Nenmap

14 CONTROLS AND PROCEDURES TO PREVENT CYBER CRIMES AND FRAUD (Cont.…)
Employee education and training: - it can be very unfortunate and very risky when employees do not have necessary basic knowledge and understanding of cyber security. All employees should be taken for training on issues of cyber security and to be up to date with information due to the evolving technology. Simplified processes: - there is always time value of money and therefore to save time on getting services from providers in areas of security portfolios and purchasing other products from different vendors. It will be better for the company to get a full portfolio of security options from one service provider.

15 ETHICAL BEHAVIOUR IN THE COMPANY
We need to be teaching children, starting at a very young age, to shun all forms of cybercrime, from making illegal copies of software to stealing user names and passwords and trespassing into systems that don’t belong to you. The company should in this case have code of conduct when it comes to use of computers and in case of restriction to areas prone to attack, all employees should adhere to it. Also incase of any suspicious patterns, employees should act ethically by reporting to IT personnel Setting up a honeypot with Netcat to detect intruders during file transfers

16 EXAMPLES AND CASES Zeus botnet in 2007–2011: this botnet steals personal information by infecting computers and capturing data entered into internet banking sites, including passwords. Currently, the program has evolved more, and can produce 700 variants every day, including mobile capabilities. In july 2010, major UK banks reported being affected by Zeus. Within a month, it stole US$1.1 million from 3,000 online customers. Scanning for vulnerability with Nessus software when it comes to host network

17 EXAMPLES AND CASES (Cont.…)
In 2014, the ACSC received a report from an Australian state government agency that had discovered a compromise of one of its servers when performing an annual penetration test. An ACSC investigation confirmed the presence of java server page rat (jRAT) on four servers. This had allowed remote administrator- level access to the servers and confidential files stored on them. The default administrator credentials had not been changed after a recent software upgrade. To remediate, the servers were removed from the network and rebuilt. Web security scanning to detect and correct common web mistakes

18 conclusion Corporate device and networks are always under attack by cybercriminals. They have come up with ingenious and effective methods for installing malwares on endpoints of companies that end up stealing controls from end users. Business people and technology providers should realize they are in cyber war because cybercriminals are preying on industry’s lack of awareness around the globe. Users have to be educated and actively engaged in computer and network security. The key to eliminating cybercrime is to eliminate malware. And the key to eliminating malware is to fight it head on. Companies must root it out the moment it “goes live” on the endpoint and destroy it It is also important to use Wireshark in monitoring network activities.

19 references Clough, J. (2015). Principles of Cybercrime. London: Cambridge University Press. Doyle, C. (2011). Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws. London: DIANE Publishing, 2011. Mark G. Simkin, C. S. (2014). Core Concepts of Accounting Information Systems. New York: John Wiley & Sons. It is better to prevent than handling an occurrence of cybercrime through Antivirus and Firewalls

20 END

Download ppt "Cybercrime ACC/210."

Similar presentations

How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crimes.

Cyber Crimes.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.

Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice e-mail safety Learn how to protect yourself against common e-mail attacks.

Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.

Similar presentations

Ads by Google