Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computers Are Your Future Twelfth Edition Chapter 9: Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Computers Are Your Future Twelfth Edition Chapter 9: Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall."— Presentation transcript:

1 Computers Are Your Future Twelfth Edition Chapter 9: Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 1

2 Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 2

3 Objectives Understand how technological developments are eroding privacy and anonymity. List the types of computer crime and cybercrime. List the types of computer criminals. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 3

4 Objectives Understand computer system security risks. Describe how to protect your computer system and yourself. Define encryption and explain how it makes online information secure. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 4

5 Objectives Describe the issues the government faces when balancing the need to access encrypted data and the public’s right to privacy. Distinguish between electronic discovery and computer forensics. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 5

6 Privacy in Cyberspace Privacy o Individual’s ability to restrict or eliminate the collection, use, and sale of confidential personal information Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 6

7 The Problem: Collection of Information Without Consent Anonymity o Means to communicate without disclosing one’s identity o More difficult with the use of computers and the Internet Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 7

8 The Problem: Collection of Information Without Consent Technologies that jeopardize anonymity o Cookies o Global unique identifiers o Ubiquitous computing o Radio frequency identification Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 8

9 The Problem: Collection of Information Without Consent Cookies o Small files written to your hard disk by Web sites visited o Examples include: Track your browsing habits Gather personal information without your consent o Can be disabled o Banner ads—targeted display ads based on cookies Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 9

10 The Problem: Collection of Information Without Consent Global unique identifer (GUID) o Identification number produced by software or a piece of hardware o Web servers read the GUID. o Users are not always aware of the GUID. o If used, companies typically allow users to opt out. o Civil liberties groups and public concern have decreased the use of GUIDs. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 10

11 The Problem: Collection of Information Without Consent Ubiquitous computing o Interacting with multiple networked devices Example: adjusting heat or light based on signals sent by monitors built into clothing o Active badge—transmits infrared signals to create an electronic trail o Current devices—hold private information that can be exploited if the device is lost or stolen Example: smartphones Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 11

12 The Problem: Collection of Information Without Consent Radio frequency identification (RFID) o Uses radio waves to track a chip or tag o Used for inventory control in stores o Recognizes microchips in pets o May compromise anonymity and privacy if information stored on RFID tags attached to U.S. passports Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 12

13 The Problem: Collection of Information Without Consent Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 13

14 The Problem: Collection of Information Without Consent European Union o Be informed when information about them is being collected and how it will be used. o Give or deny consent to have their information collected and choose how collected information will be used. o Request that information about themselves be removed from marketing and other databases. United States o Legislation currently in place includes: Fair Credit Reporting Act Health Insurance Portability and Privacy Act Family Education Rights and Privacy Act o No comprehensive federal law governing the overall privacy rights of U.S. citizens. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 14

15 The Problem: Collection of Information Without Consent SPAM o Unsolicited messages sent in bulk over electronic mailing systems o CAN-SPAM Act of 2003 U.S. law that provided tools to combat spammers. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 15

16 The Problem: Collection of Information Without Consent Protecting privacy online o Use products such as Anonymous Surfing or IronKey Secure USB flash. o Use free Web-based throwaway e-mail addresses in chat rooms and for mailing lists. o Tell children not give out personal information. o Complete forms only if you see a privacy statement. o Turn off cookies Prevent the activity of Web beacons o Transparent graphic images placed on a Web site or in an e-mail—used to monitor Web or e-mail behavior Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 16

17 The Problem: Collection of Information Without Consent Protecting privacy at home o Create logins and passwords for each person using the computer. o Do not save account numbers or passwords. o Close a secured account site when not using a computer. o Use strong passwords Do use: difficult to guess passwords; at least 14 characters or more long; uppercase letters, lowercase letters, numbers, and special characters Don’t use: a recognizable word or phrase; name of anything or anyone close to you, including names of family members or pets; recognizable strings of numbers, such as social security numbers or birth dates Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 17

18 The Problem: Collection of Information Without Consent Do not leave cell phones in public places. Turn off services not in use, especially Bluetooth. Verify that devices have secure configurations. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 18

19 The Problem: Collection of Information Without Consent Employee monitoring o Majority of large U.S. employers observe employee phone calls, e-mails, Web browsing habits, and computer files Protecting privacy at work o Refrain from making personal calls on a work phone o Avoid using company e-mail for personal purposes o Assume you are monitored o Be aware of shoulder surfing o Do not allow others to tailgate Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 19

20 The Problem: Collection of Information Without Consent Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 20

21 Computer Crime and Cybercrime Computer crimes o Computer-based activities that violate the law Cybercrimes o Crimes perpetrated through the Internet o Many Web sites educate users about cybercrime and cybercriminals Cyberlaw o Area of law dedicated to computer crime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 21

22 Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 22

23 Computer Crime and Cybercrime Types of computer crime o Identify theft—criminal access to personal information in order to impersonate someone o Dumpster diving—disgruntled employees or thieves go through a company’s trash to find information they can steal o Phishing attacks—legitimate-looking e-mails or Web sites created in an attempt to obtain confidential data about a person o Spear phishing (similar to phishing)—uses targeted fake e- mails and social engineering to trick recipients into providing personal information to enable identity theft Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 23

24 Computer Crime and Cybercrime Types of computer crime (cont.) o Malware (short for malicious software)—programs that intentionally harm a computer system or allow individuals to gain access without permission Tips to protect yourself from malware: o Know who you are dealing with o Keep your Web browser and operating system up to date o Back up important files o Protect children online o Use security software tools and keep them up to date o Use strong passwords o Learn what to do if something goes wrong Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 24

25 Computer Crime and Cybercrime Types of computer crime (con’t.) o Spyware—software that gathers private information and tracks Web use Adware—form of spyware that generates annoying pop-up and banner ads Keyloggers—record keystrokes to provide cybercriminals with confidential data Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 25

26 Computer Crime and Cybercrime Types of computer crime (con’t.) o Computer virus—code concealed inside a program that can harm or destroy files Many spread through e-mail attachments File infectors—attach themselves to files Payload—refers to the dangerous actions a virus performs. Macro viruses—attach to data files and take advantage of application macros Boot sector viruses—execute each time you start the computer SPIM—spam text message sent via a cell phone or instant messaging service Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 26

27 Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 27

28 Rogue programs o Logic bomb—hidden computer code that sits dormant on a system until triggered o Time bomb—virus program that remains dormant on a computer system until activated o Worm—similar to a virus but does not need action of a user to execute Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 28

29 More rogue programs Denial of service (DoS) attack—assaults an Internet server with so many requests it can’t function o Distributed denial of service (DD0S)—attack involves multiple computer systems Commandeered computers form a botnet (robot network) Bot (short for robot)—connects individual computers to the controller, usually a server under the control of the botnet controller The individual computers are called zombies. Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 29

30 More rogue programs (con’t.) o Syn flooding—form of denial of service attack in which synchronization packets are repeatedly sent to every port on the server Uses up all available network connections Locks them until they time out o Rootkit—malicious program that is disguised as a useful program Enables attacker to gain administrator level access Allows attacker to have repeated and undetected access o Trojan horse—normal-looking program that includes concealed instructions to cause harm Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 30

31 Computer Crime and Cybercrime Fraud, theft, and piracy o Memory shaving o Software piracy Cybergaming crime Tricks for obtaining passwords Salami shaving and data diddling Forgery Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 31

32 Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 32 The attackers o Hackers—computer hobbyists attempting unauthorized access, generally subscribing to an unwritten code of conduct—hacker ethic o Cybergangs—groups of hackers working together to coordinate attacks o IP spoofing—sends a message with an IP address disguised as a message from a trusted source o Honeypots—computers baited with fake data and purposely left vulnerable to study how intruders operate to prepare stronger defenses

33 Computer Crime and Cybercrime Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 33 The Attackers (con’t.) o Crackers (also called black hats)—attempt to enter highly secure computer systems to destroy data or steal information o Ethical hackers (also called white hats) use expertise to shore up computer system defenses o Computer virus authors—create viruses and other types of malware to vandalize computer systems o Swindlers perpetuate frauds: Bogus work-at-home opportunities Illegal pyramid schemes Bogus franchises Phony goods that won’t be delivered Over-priced scholarship searches

34 Computer Crime and Cybercrime Cyberstalkers o Use the Internet, social networking sites, and e-mail to harass or threaten o Most perpetrators are men o Most victims are college-age women Cyberbullying o Sending threatening messages via e-mail or text message o Usually involves minors Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 34

35 Security Computer security risk o Any intentional or unintentional action resulting in damaging a computer system or its data o Increased by wireless LANs because transmissions occur over shared airwaves instead of dedicated lines Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 35

36 Security Computer security risk (con’t) o Wireless LAN security options include: WEP (Wired Equivalent Privacy) WPA (WiFi Protected Access) WPA2 o Vacation hacking—tricking travelers into using phony WiFi hot spots—evil twins Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 36

37 Security Computer system security threats o Corporate espionage—unauthorized access of corporate information, usually to the benefit of a competitor Pod slurping—using removable storage media to create unauthorized copies of confidential data Trap doors—security holes created by employees allowing entry to company systems after leaving the firm o Information warfare—use of information technologies to corrupt or destroy an enemy’s information and industrial infrastructure o Security loophole detection programs o Attacks on safety-critical systems o Terrorism Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 37

38 Protecting your computer system o Uninterruptible power supply (UPS)—provides additional power during outages or electrical current fluctuations o Control access to computer systems through appropriate password selection and know-and-have authentication, which requires using tokens to generate a login code.Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 38

39 Security Protecting your computer system (con’t.) o Biometric authentication—use of voice recognition, retinal scans, and fingerprint scans for authentication o Firewalls, hardware or software, to prevent unauthorized access Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 39

40 Protect yourself—avoid scams o Do business with reputable companies. o Read documents carefully. o Don’t give out personal information o Do not post a user profile. o Be skeptical of chat room information. o Be cautious if meeting someone you’ve contacted online. o If you become uncomfortable or afraid, contact the policeSecurity Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 40

41 The Encryption Debate Cryptography o Study of transforming information into an encoded or scrambled format Cryptographers o Individuals who practice cryptography Encryption o Coding or scrambling process that renders a message unreadable by anyone other than the intended recipient Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 41

42 The Encryption Debate Plaintext o Readable message that has not been encrypted Encryption key o Formula that makes a plaintext message unreadable Ciphertext o Coded message Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 42

43 The Encryption Debate Symmetric key encryption o Uses same key for both encryption and decryption Key interception o Occurs when a symmetric key encryption is stolen, allowing others to decrypt messages encrypted with that encryption key Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 43

44 Public key encryption o Also referred to as asymmetric key encryption o Uses two keys: Public key to encrypt Private key to decrypt o Essential for e-commerce o Used to implement: Digital signatures—guarantee messages are secure Digital certificates—validate identity Secure electronic transaction (SET) o Uses digital certificates o Enable parties engaged in Internet-mediated transactions to confirm each other’s identities The Encryption Debate Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 44

45 The Encryption Debate Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 45

46 Public key infrastructure (PKI) o Uniform set of encryption standards o No dominant standard o Public fear of a monopoly if a PKI is chosen The Encryption Debate Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 46

47 Encryption and public security issues o U.S. government continues search for ways to balance the public’s right to privacy and the government’s need to know The Encryption Debate Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 47

48 Prosecuting Violators E-discovery o Obligation of parties to a lawsuit to exchange documents existing only in electronic form Computer forensics o Legal evidence found in computers and digital storage media Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 48

49 Summary Understand how technological developments are eroding privacy and anonymity. List the types of computer crime and cybercrime. List the types of computer criminals. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 49

50 Summary Understand computer system security risks. Describe how to protect your computer system and yourself. Define encryption and explain how it makes online information secure. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 50

51 Summary Describe the issues the government faces when balancing the need to access encrypted data and the public’s right to privacy. Distinguish between electronic discovery and computer forensics. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 51

52 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Copyright © 2012 Pearson Education, Inc. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 52 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

Download ppt "Computers Are Your Future Twelfth Edition Chapter 9: Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall."

Similar presentations

Computers Are Your Future

Computers Are Your Future
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Information Technology INT1001

Information Technology INT1001
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.

Class 11: Information Systems Ethics and Crime MIS 2101: Management Information Systems Based on material from Information Systems Today: Managing in the.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.

Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an email from a stranger – it may contain viruses that.

Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Computer Viruses.

Computer Viruses.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Computers Are Your Future Tenth Edition

Computers Are Your Future Tenth Edition
Chapter 10 Privacy and Security McGraw-Hill

Chapter 10 Privacy and Security McGraw-Hill
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved. 10-2 Competencies Describe concerns associated with computer.

1010 CHAPTER PRIVACY AND SECURITY. © 2005 The McGraw-Hill Companies, Inc. All Rights Reserved Competencies Describe concerns associated with computer.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Computers Are Your Future Twelfth Edition Chapter 9: Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Computers Are Your Future Twelfth Edition Chapter 9: Privacy, Crime, and Security Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Discovering Computers 2010

Discovering Computers 2010

Similar presentations

Ads by Google