1. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-1 10 Chapter Managing Information Systems Ethics and Crimes Worldwide losses due to software piracy in 2005 exceeded $34 billion. Business Software Alliance, 2006

2. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-2 Learning Objectives

3. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-3 Learning Objectives

4. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-4 The Three Waves of Change (I) The Third Wave by Alvin Toffler describes three phases or “waves of changes” First wave o A civilization based on agriculture and handwork o Relatively primitive stage o Lasted thousands of years

5. The Three Waves of Change (II) Second wave o The Industrial Revolution o Began at the end of the 18 th century and lasted about 150 years Third wave o The Information Age o Information becomes the currency Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-5

6. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-6 Computer Literacy Computer literacy o Necessary skill in today’s world o May be the difference between being employed or unemployed o Many different jobs involve the use of computers

7. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-7 Digital Divide Major ethical challenge New class system of power o Power comes from knowledge The gap in the US is shrinking o Rural communities, the elderly, people with disabilities, and minorities lag behind national averages Widening gap between developed and developing countries

8. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-8 Learning Objectives

9. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-9 Computer Ethics Issues and standards of conduct pertaining to the use of information systems 1986 – Richard O. Mason article o Most ethical debates relate to Information privacy Information accuracy Information property Information accessibility

10. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-10 Information Privacy What information should you have to reveal? Information you might want to keep private: o Social security number o Medical history o Family history Identity theft o Fastest growing “information” crime o Biometrics for better protection

11. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-11 Information Privacy Companies seem to know about our every move – how much information do we need to reveal? Amazon.com is famous for personalization What are the costs?

12. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-12 How to Maintain Your Privacy Online Review the privacy policy of the company with which you are transacting The policy should indicate: o What information is being gathered about you o How the seller will use this information o Whether and how you can “opt out” of these practices Additional tips: o Choose Web sites monitored by independent organizations o Avoid having cookies left on your machine o Visit sites anonymously o Use caution when requesting confirmation email

13. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-13 Avoid Getting Conned in Cyberspace U.S. Federal Trade Commission compiled a list of advices (List of top 10 things not to do)

14. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-14 Top 10 List of Things Not to Do (II)

15. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-15 Information Accuracy Ensuring of the authenticity and fidelity of information High costs of incorrect information o Banks o Hospitals Difficult to track down the person who made the mistake

16. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-16 Information Property Who owns information about individuals? How can this information be sold and exchanged?

17. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-17 Data Privacy Statements Company maintaining the database with customer information legally owns it o Is free to sell it o Cannot sell information it agreed not to share o Must insure proper data handling practices Information Property

18. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-18 Spam, Cookies and Spyware Three additional ways to gather information about individual Spam o Unsolicited e-mail promoting products or services o CAN-SPAM Act of 2003 o Little protection available Cookies o Text file storing Web browsing activity o Can opt for cookies not to be stored o Web sites might not function properly without cookies Spyware o Software used for data collection without the users’ knowledge o Unlikely this activity will become illegal anytime soon

19. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-19 Combating Spyware Windows defender o Spyware monitoring and removal Others Include: o Ad-aware o Spybot Search & Destroy

20. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-20 Cybersquatting The practice of registering a domain name and later reselling it Some of the victims include o Panasonic, Hertz, Avon Anti-Cybersquatting Consumer Protection Act in 1999 o Fines as high as $100,000 o Some companies pay the cybersquatters to speed up the process of getting the domain

21. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-21 Information Accessibility Who has the right to monitor the information? E.g., email capture by Carnivore

22. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-22 Carnivore Developed to monitor all communication by the government In 2005 FBI abandoned Carnivore for commercially available software

23. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-23 Legal Support for Electronic Communication Privacy Little support available 1986 – Electronic Communications Privacy Act (ECPA) o Mostly geared towards protecting voice communication privacy o No other laws protect e-mail privacy o Some states define rules for companies Need to be open about monitoring policies Need to use good judgment

24. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-24 Need for a Code of Ethical Conduct Many businesses have guidelines for appropriate use Universities endorse guidelines proposed by EduCom Responsible computer use (based on work of the Computer Ethics Institute) prohibits: 1. Using a computer to harm others 2. Interfering with other people’s computer work 3. Snooping in other people’s files

25. Information Systems Today: Managing in the Digital World 10-25 Need for a Code of Ethical Conduct Responsible computer use prohibits (continued): 4. Using a computer to steal 5. Using a computer to bear false witness 6. Copying or using proprietary software without paying for it 7. Using other people’s computer resources without authorization 8. Appropriating other people’s intellectual output 10-25 Information Systems Today: Managing in the Digital World -Dr. Ali Zolait

26. 10-26 Learning Objectives

27. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-27 Computer Crime Using a computer to commit an illegal act o Targeting a computer – unauthorized access o Using a computer to commit an offense o Using a computer to support a criminal activity Overall trend of computer crime declining

28. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-28 Types of Computer Crimes and Financial Losses Figures based on a survey of 639 organizations

29. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-29 Financial Impact of Virus Attacks Losses from computer crime can be tremendous o $14.2 billion in estimated losses due to viruses alone in 2005

30. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-30 Unauthorized Computer Access Using computer systems with no authority to gain such access Other examples from the media o Employees steal time on company computers to do personal business o Intruders break into government Web sites and change information displayed o Thieves steal credit card numbers and buy merchandise

31. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-31 Unauthorized computer access Frequency of successful attacks is declining

32. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-32 Federal and State Laws Two main federal laws against computer crime 1. Computer Fraud and Abuse Act of 1986 Prohibits Stealing or compromising data Gaining access to computers owned by the U.S. government Violating data belonging to financial institutions Intercepting communication between foreign countries Threatening to damage computer systems in order to gain profit o 1996 Amendment prohibits Dissemination of computer viruses and other harmful code

33. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-33 Federal and State Laws (II) Electronic Communications Privacy Act of 1986 o Breaking into any electronic communication service is a crime USA PATRIOT Act of 2002 o Controversial law o Investigators may monitor voice communication Other laws o Patent laws protect some software and hardware o Right to Financial Privacy Act o All 50 states passed laws prohibiting computer crime

34. 10-34 Computer Forensics Use of formal investigative techniques to evaluate digital information o Evaluation of storage devices for traces of illegal activity Now common in murder cases o Restoration of deleted files Information Systems Today: Managing in the Digital World -Dr. Ali Zolait

35. 10-35 Hacking and Cracking Hackers o Individuals gaining unauthorized access o Motivated by curiosity o No intentions to do harm Crackers o Break into computers with the intention of doing harm Hacktivists o Break into computer systems to promote political or ideological goals

36. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-36 Who Commits Computer Crimes? No clear profile Four groups of computer criminals 1. Current or former employees 85-95% of theft from businesses comes from the inside 2. People with technical knowledge committing crimes for personal gain 3. Career criminals using computers to assist them in crimes 4. Outside crackers hoping to find information of value About 12% of cracker attacks cause damage

37. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-37 Types of Computer Crimes

38. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-38 Types of Computer Crimes (II)

39. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-39 Software Piracy Legal activities o Making one backup copy for personal use o Sharing free software (shareware or public domain software) Illegal activities o Making copies of purchased software for others o Offering stolen proprietary software (warez peddling) Applicable copyright laws o 1980 Computer Software Copyright Act o 1992 Act making software piracy a felony o 1997 No Electronic Theft Act

40. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-40 Software Piracy Is a Global Business Worldwide losses for 2005 estimated at $34 billion Some factors influencing piracy around the world o Concept of intellectual property differs between countries o Economic reasons for piracy o Lack of public awareness about the issue

41. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-41 Computer Viruses and Other Destructive Code Malware (malicious software) o 1,400 new pieces released in one month o Viruses Reproduce themselves Usually delete or destroy files Boot sector viruses File infector viruses Viruses can spread through e-mail attachments

42. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-42 How a Computer Virus is Spread

43. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-43 Worms, Trojan Horses and Other Sinister Programs Worm o Does not destroy files o Designed to copy and send itself o Brings computers down by clogging memory Trojan horse o Does not copy itself o Often remains hidden to the user Logic bombs and time bombs o Variations of Trojan horse o Do not disrupt computer function until triggering event/operation

44. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-44 Internet Hoaxes False messages circulated online o New viruses (that don’t exist) 2004 e-mail told recipients to erase a file that was actually a part of Windows operating system o Collection of funds for certain group Cancer causes o Possible consequences Spammers harvesting e-mail addresses from hoaxes

45. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-45 Learning Objectives

46. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-46 Cyberwar Military’s attempt to disrupt or destroy other country’s information and communication systems o Goal is to diminish opponent’s communication capabilities o Used in concert with traditional methods

47. Cyberwar vulnerabilities 1. Command and control systems 2. Intelligence collection and distribution systems 3. Information processing and distribution systems 4. Tactical communication systems and methods 5. Troop and weapon positioning systems 6. Friend-or-foe identification systems 7. Smart weapons systems Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-47

48. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-48 Cyberterrorism Governments not involved Lunched by individuals or groups. Can be launched from anywhere in the world Goal is to cause fear, panic and destruction Cyberterrorism will likely become weapon of choice

49. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-49 Categories of Potential Cyberterrorist Attacks

50. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-50 Use of Internet in Terrorist Attacks

51. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-51 Use of Internet in Terrorist Attacks (II)

52. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-52 Assessing the Cyberterrorism Threat The U.S. Department of Defense o Popular target for hackers and crackers o 60-90 attempts a day o Some successful attacks 1991 – Gulf War oDutch crackers stole information about the movement of U.S. troops and offered it for sale to Iraq oIraqis turned down the offer 2000 – United States presidential elections oWeb sites targeted with political motives oDoS attacks launched 2003 – Romanian cracker compromised systems housing life support control for 58 scientists and contractors in Antarctica

53. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-53 Obstacles to Cyberterrorism 1. Computer systems are complex and attacks may not have desired outcome 2. Fast changing security measures 3. Cyberattacks rarely cause physical harm to victims

54. Information Systems Today: Managing in the Digital World -Dr. Ali Zolait 10-54 The Globalization of Terrorism Increasing dependence on technology Increasing possibilities of cyberterrorism International laws and treaties must evolve Likelihood of large attacks is small o Successful large attack would require Intelligence information Years of preparation At least $200 million

55. End of Chapter Content 10-55 Information Systems Today: Managing in the Digital World -Dr. Ali Zolait