Refers to any use of a computer for a purpose for which it was not intended. Abusive acts may include: * sending messages or making available files containing offensive language or pornographic materials; repeated sending of unwanted messages; * any act considered unacceptable by the community sharing the resources Computer Crime Any illegal or unauthorized behavior in connection with computers and computer networks.

Examples of computer crime include: * computer sabotage * unauthorized access * computer forgery * damage to computer data or programs * computer fraud * computer espionage * unauthorized use of a computer * unauthorized use of a protected computer program * hacking Today the computer has replace both the gun and the pen as the weapons of choice for many criminals. Technology. Some attacks are made by employees and other insiders ex clerks, cashiers, programmers computer operators. The typical computer crime is a trusted employee with no criminal records who is tempted by an opportunity such as discover of a loophole in system security.Some are former employees seeking revenge on their bosses others are pranksters looking for a challenge.

These thefts are performed through various techniques; the two most important are Salami technique. A program fraud that involves spreading the haul over a large number of small transactions like slices of salami. Trojan horse technique: involves he insertion of false information into a program in order to profit from the outcome Another technique is data diddling: which the fraudster swaps one piece of information for another of the same type. Computer Crime vs..Normal Crime Crime happened before computers, but computers "help" criminals: are easier to commit.

* The results can be devastating. * A an average armed bank robber gets $5. 000 in the USA * An average bank hacker gets $100. 000. * A credit card is more valuable than a wallet.

Identity theft * Some crime Doesn't require a computer, but computers generally play a role in the process. One of the most common types today is the actual theft of computers: ex laptops and handheld computers. The most practiced type of computer related theft is software piracy.Computer theft Theft is the most common form of computer crime, computers are used to steal money, goods, info and come resources. Some type of computer crime are so common they've been given names.

Sees a common student scam uses a process called Spoofing to steal passwords. Sometimes thieves use computers and other tools to steal whole identities by collecting personal info, credit card numbers, drivers license embers, social security numbers, so a thief can effectively pose as someone else even committing crimes in that persons name. Who are the Computer Criminals ?Hackers and crackers. Dishonest employees (that were trusted). Some facts: * Volkswagen lost more than $200 million in a foreign exchange fraud by high-level company (containing 2 million names). Some solutions to employee's fraud Rotation of trusted employees.

Transactions should ask for an ID ; password. Transactions should be named and recorded. There is a trade off between security and efficiency. Credit card frauds FACT: Losses from credit cards are estimated to be between 1 and 4 billion dollars per year. Ways of obtaining credit card numbers: * Hacking via internet.

Calling people (lying and asking the number). * Credit bureau databases. * Receipts from garbage cans near stores. Security: before they used printed books, now they use special telephone devices. Lets analyses the change! Card delivery issues Automated Teller Machines (ATM) Examples here are Bancroft, Redrawn, Redbook, etc. Losses from ATM scams have been estimated at $60 million a year.

" READ this!! : The first is an "insider" case. A man who worked for a company that installed ATM machines had access to the machines using the installer's password.He wrote software to capture the account numbers and PINs (personal identification numbers) used by customers, then made fake cards encoded to mimic the real ones. He and a small group of friends planned to withdraw cash from the accounts on a holiday weekend, when they would have time to raid many accounts and get away.

A tip from a friend who had been told of the plan led to a raid where 6000 counterfeit cards were found. 12 Another group of thieves, lacking insider access to a real ATM system or the capture of account numbers, set up their own machine.They installed an ATM in a shopping mall in Connecticut. Initially, to gain customer confidence, the machine gave out cash. Later, after reading each customer's card and requesting the customer's PIN, it displayed a message saying that the transaction could not be processed.

After about two weeks, the machine was removed. It had served its purpose, which was to read the account numbers magnetically recorded on the cards and store the PIN typed by the customer. It was not connected to any banking system. They stole IS$SASS,OHO from their victims.

Old problems or new problems? Supermarket or taxi bills can be corrupted easily by software. NEW The butchers used to hold down the balance with their thumb to increase the weight reading. OLD Some of the problems are not new, they existed before computers were even imagined. Viruses and other invaders. Also sabotage of hardware or software. The word sabotage comes from the early days of the industrial revolution where rebellions workers shut down new machines (sabots).

Modern computer saboteurs commonly use software.The name given to the saboteurs destructive programs are viruses, worms and Trojan roses. They mimic the behavior of living organisms. Trojan Horse Is a program that performs a useful task while at the same time carrying out some secret destructive act. Software hides an enemy in an attractive package. Trojan horses are often posted on prop on the web sites with names that make them sound like games or utilities.

When an unsuspected person downloads and runs such a program, it might erase files, change data or cause other damage.Other type of Trojan horses. Logic bomb: is programmed to attack in response to a particular logical event or sequence of events. A logic bomb might be activated when a certain user logs in, a special code is entered in a database files or a particular sequence of action is performed by the user. Time bomb: When the logic bomb is activated by a time-related event. Trojan horses can cause serious problems in computer systems of all sizes.

To make it worse, many Trojan horses carry software viruses.Viruses A biological virus is unable to reproduce by itself, but it can invade the cells of another organism and use the reproductive machinery of each host cell to make copies of itself, the new copies leave the host and seek out new host to repeat the recess A software virus works in the same way, it spreads from program to program, or from disk to disk and uses infected programs or disk to make more copies of itself Virus software is usually hidden in the operating system of a computer or in application programs A virus is usually operating system specific There are exceptions: Macro viruses attach themselves to documents that contain macros (Microsoft office) Email viruses they spread through emails, ex: Melissa, I love you and Coherency.Worms Like viruses worms use computer host to reproduce themselves. But unlike viruses, rooms programs travel independently over computer networks, seeking out uninfected workstations to occupy A typical worm resides in a workstation's memory rather than on disk, so the worm can be eliminated by shutting down all of the workstations of the network Most press don't distinguish among Trojan horses, viruses and worms, they are all called computer viruses. Antivirus programs also called vaccine or disinfectant programs are designed to search for viruses, notify users when they are found and remove them from infected disks or files. You must update your antivirus program.

Sabotage & information theft Sabotage = willful damage to machinery or materials; or damage at work. Often done by angry employees, they leave logic bombs on computers. Industrial espionage by unethical competitors (this can be done remotely). Information Theft often involves: * Plans for new products * Market research * Customer lists * Pricing policies Hackers and Crackers Hacker: A person who enjoys the details of programming, is often obsessive about programming and can work quickly. The term cracker should be used for the negative application of programming skills. Cracker: A person who attempts to gain unauthorized access to a computer system, often for malicious purposes.

The term was coined by hackers to defend against misuse of the term 'hacker' Facts on Ha & Cra-Akers The targets of hackers include individuals, businesses, universities, and government (including military) agencies. Here is a sampling of hacking activities, illustrating their range. In 1986, a hacker broke into at least 30-60 computers on the Stanford University campus, several other universities, 1 5 Silicon Valley companies, three government laboratories, and several other sites. It appeared that his goal was imply to get into as many computers as he could.

Hackers spoofed mail from the premier of Ontario, Canada, sending out unflattering comments about Notation's parliament. A World Wide Web page set up by a British government department was hacked within minutes after it went online; the hackers redesigned the page.Kevin Paulsen manipulated telephone connections so that he would win thousands of dollars in prizes in a radio station contest. Paulsen also broke into a computer and got a list of undercover businesses operated by the FBI. '4 Using programs called "snifters" hackers can read information traveling over computer networks and extract passwords. Some security analysts estimate that one million passwords may have been compromised in 1994.

In only one day at the University of California at Berkeley, a hacker program collected more than 3000 passwords The Secret Service reported that a 1 5-year-old hacked a credit reporting service and the telephone system in a scheme to get Western Union to wire money to him from other people's accounts.He is also believed to have hacked a McDonald's payroll computer and given raises to his friends. Arguments harmless recreation, an intellectual challenge. * Hackers are performing a service y exposing security weaknesses in the system.

* If the owners of the system want to keep outsiders out, it is their responsibility to provide better security. (This argument is used sometimes when harm is done as well. ) * "Information wants to be free". Copying information does not deprive anyone else of the use of it; hackers who read or copy files are not stealing anything. Hackers are providing a public service by exposing internal documents of corporations and government.

* Phone companies are ripping us off.Getting a few free calls is different from selling access codes. Hackers are not doing it for profit. Most popular Hacking Techniques Piggybacking: the hacker invades a computer system by pretending to be a legitimate user of the network.

The hacker uses the user's identification and password and logs into the network illegally. Scavenging: in this technique, the hacker searches through stray data for clues that might unlock the secrets of a targeted computer system. A similar technique is Dumpster diving, wherein the hacker searches electronic garbage in order to find discarded documentation that may include user names and passwords. Password guessing: the hacker aims Just to crack the password.Guessing he password may involve various techniques, such as Dictionary attacks ( searching with a dictionary file for words fitting to the password); Hybrid attacks (adding numbers or symbols to the filename to successfully guess the password); brute force attacks (long-time guessing a password) Autodial: the hacker systematically dials with his/her computer until answered by the computer on the other side of the line. Zapping: ( a sabotage method) the hacker penetrates a computer system by unlocking the master key to its program, then self-destroying it by activating its own emergency program.

Computer Security reducing risks With computer crime on the rise computer security has become an important concern for systems administrators and computer users. * Computer security refers to protect computer systems and information they contain against unwanted access damage, modification or destruction.