Computer Crime Responsibilities and Incidents

Questions and Answers

What ethical challenges arise from spreading false information on social media?

• Facilitating accurate information dissemination
• Improving user engagement and satisfaction
• Creating ethical dilemmas and misinformation (correct)
• Enhancing public discourse and dialogue

What is a major concern regarding excessive government surveillance?

• Infringement on civil liberties and freedom of expression (correct)
• Reduction of crime rates
• Increased citizen security
• Promotion of transparency in government

Which of the following best describes the implications of employee monitoring?

• Improvement of employee satisfaction
• Elimination of workplace conflicts
• Balancing productivity with privacy rights (correct)
• Enhancement of employee creativity

What is an ethical concern linked to job displacement due to automation?

Moral and social concerns about replacing human workers (B)

How do manipulative design practices in digital platforms primarily affect users?

They are designed to maximize user engagement and can lead to digital addiction (B)

Which core ethical principle emphasizes taking accountability for one’s actions and shared content?

Responsibility (C)

What is one of the guiding values specifically related to maintaining user privacy?

Security (A)

Which ethical dilemma involves the discussion of whether to report or exploit vulnerabilities?

Cybersecurity Threats (A)

Which of the following best describes the impact of AI and automation concerning hiring practices?

Reinforces existing biases (B)

What issue is exacerbated by limited access to technology and the internet in marginalized communities?

Digital Divide (A)

Which ethical practices are prioritized under the guiding values concerning digital practices?

Respect, honesty, and transparency (C)

What is a major consequence of software piracy?

Violation of intellectual property rights (C)

How do rapid technological advancements relate to ethical concerns?

They offer new challenges and opportunities for ethical dilemmas. (D)

Which of the following strategies is NOT effective in reducing online credit card fraud?

Implementing open-source security protocols (C)

What is the primary focus of a security policy?

To define security requirements and expected behaviors (C)

Which type of motivation is characterized by engaging in an activity for its own sake?

Intrinsic Motivation (D)

What does risk assessment primarily involve?

Identifying security-related investments and threats (D)

What is a primary responsibility of a firm in dealing with computer crime?

Prosecute criminals (D)

Which of the following is an example of extrinsic motivation?

Completing a project for a bonus (D)

Which factor contributes to the increasing prevalence of computer incidents?

Reliance on commercial software (A)

Which component is a part of the response plan during a security breach?

Incident notification (D)

What type of malicious code disguises itself as something else?

Trojan Horse (D)

What role does encryption technology play in online credit card security?

Secures data during transmission (C)

Which of the following is a characteristic of a botnet?

A group of compromised computers controlled without owners' knowledge (A)

Which statement about computer forensics is true?

It combines law and computer science to preserve data integrity. (D)

What distinguishes spear-phishing from other types of phishing?

Targeted fraudulent emails (B)

Which type of attacker is financially motivated in their criminal activities?

Common Criminals (A)

What does the CAN-SPAM Act permit regarding unsolicited emails?

Spam is allowed if it meets basic legal requirements (A)

What is the main function of a Logic Bomb?

To execute on a specific trigger (D)

Which of the following needs are at the base of Maslow's Hierarchy of Needs?

Physiological Needs (B)

What is a characteristic of Herzberg's motivational factors?

Lead to job satisfaction (A)

What does McGregor's Theory Y assume about employees?

They are self-motivated and creative (C)

Which of the following factors is NOT considered a hygiene factor in Herzberg's Two-Factor Model?

Recognition (A)

In Maslow's Hierarchy, which need relates to feelings of love and friendship?

Belonging Needs (B)

What is the primary concern associated with sharing personal data without consent?

Potential harm or mistrust (A)

Which aspect does not characterize Theory X in McGregor's model?

Assumes workers are self-directed (C)

Which of the following is NOT a suggested solution to algorithmic bias in AI?

Increasing reliance on single-source data (D)

What is a primary function of hygiene factors in Herzberg's Two-Factor Model?

Prevent job dissatisfaction (C)

What is the focus of Maslow’s self-actualization need?

Personal growth and fulfillment (C)

What is a common impact of cyberbullying?

Emotional distress (D)

What is the main suggested approach to address job displacement due to AI?

Focusing on retraining programs (C)

Which of the following describes the term 'digital addiction'?

Mental health issues from excessive technology use (D)

What is an effective solution for combating the spread of false information online?

Increasing platform accountability (A)

What is the primary risk associated with neglecting security protocols?

Exposing data to risks (D)

What best describes the issue of piracy?

Unauthorized use of copyrighted materials (D)

Flashcards

Motivation

The process that starts, guides, and keeps us working towards goals.

Intrinsic Motivation

This kind of motivation comes from inside us. We do things simply because we enjoy them.

Extrinsic Motivation

This kind of motivation comes from outside us. We do things to get rewards or avoid punishment.

Online Credit Card Fraud Prevention

The use of encryption, address verification, and transaction scoring to protect against unauthorized credit card use.

Trustworthy Computing

Computing that's secure, private, and reliable, built on good business practices.

Risk Assessment

The process of identifying and evaluating risks to security, both internal and external.

Security Policy

A document that lays out rules for security, controls, and consequences. It defines what needs to be done, but not necessarily how.

Security Incident Response Plan

A plan to respond to security incidents, including steps like notification, containment, eradication, and follow-up.

BYOD (Bring Your Own Device)

The practice of incorporating personal devices into a company's IT infrastructure, potentially introducing security risks.

Trojan Horse

A type of attack where malicious code is disguised as a harmless program to gain access to a system.

Lamers/Script Kiddies

Individuals with little hacking experience who often use pre-made tools and scripts to cause harm.

Botnet

A group of compromised computers controlled remotely by an attacker without their owners' knowledge, often used for spreading spam or harmful code.

Spear-phishing

A type of phishing attack that targets specific individuals or organizations with personalized and often highly convincing emails.

Zero-day Attack

Attacks exploiting vulnerabilities in software before patches are released, making them particularly dangerous.

Worm

Malicious software that can duplicate itself and spread to other computers, often causing damage or disrupting networks.

Logic Bomb

A malicious code that executes a harmful action when a specific trigger, like a date or time, is met.

Physiological Needs

These needs are essential for survival, including things like food, water, sleep, and shelter.

Safety Needs

These needs involve feeling safe and secure in your environment, including things like having a stable job, health insurance, and a safe place to live.

Belonging Needs

These needs involve feeling a sense of belonging and connection with others, including things like having friends, a supportive family, and feeling accepted by a group.

Esteem Needs

These needs involve feeling good about yourself and having a sense of accomplishment, including things like achieving goals, receiving recognition for your work, and being respected by others.

Self-Actualization

This need involves reaching your full potential as a person and living a meaningful life, including things like pursuing your passions, being creative, and making a difference in the world.

Hygiene Factors

These factors can prevent dissatisfaction but don't necessarily motivate employees. They are often related to the work environment or conditions, such as salary, job security, working conditions, and company policies.

Motivational Factors

These factors can lead to job satisfaction and motivation. They are often related to the content of the work itself, such as recognition, achievement, advancement opportunities, responsibility, and the nature of the work.

Theory X

This theory assumes that employees are inherently lazy and need constant supervision and control. Managers adopt a strict and authoritarian style.

Theory Y

This theory assumes that employees are motivated and responsible and can contribute significantly to the organization. Managers adopt a participative and collaborative style.

Sharing personal data without consent

Sharing personal information without the person's knowledge or permission, potentially causing harm or mistrust.

Algorithmic bias in AI

Discriminatory outcomes from AI systems due to biased or incomplete data.

Cyberbullying

Online harassment or bullying, often leading to emotional distress.

Digital Addiction and Overuse of Technology

Excessive use of technology causing mental health issues and reduced productivity.

Spread of False or Misleading Information Online

Proliferation of false or misleading information on social platforms.

Piracy

Unauthorized use of copyrighted content, causing financial losses and reduced innovation.

Deepfakes and Synthetic Media

Realistic AI-generated content used maliciously for misinformation or reputational harm.

Neglecting Security Protocols

Ignoring security measures, exposing data to risks.

Misinformation and Disinformation

The spread of false information online, often intentionally, to manipulate public opinion or cause harm.

Content Moderation

Platforms like Facebook and Twitter have a responsibility to remove harmful content like misinformation, hate speech, and violence.

Employee Monitoring

Using technology to monitor employees' work activities, such as emails, internet use, and location.

Surveillance and Government Oversight

Governments may use surveillance technology to monitor citizens, potentially violating privacy and limiting freedom of expression.

Digital Addiction and Manipulative Design

When technology, like social media, is designed to keep users engaged, often at the expense of their mental health.

Unwanted Access (Data Privacy)

Collecting and sharing personal data without the user's knowledge or consent.

Lack of Control (Data Privacy)

When individuals lack understanding about how their data is used or protected.

Cybersecurity Threats

Ethical challenges arising from hacking, malware, and exploiting vulnerabilities.

Reporting vs. Exploiting (Cybersecurity)

Debating whether vulnerabilities should be disclosed to protect users or exploited for personal gain.

Hiring Bias (AI & Automation)

Algorithms used in hiring can perpetuate existing biases in hiring practices.

Lending Bias (AI & Automation)

AI-driven lending systems unfairly discriminating against certain racial or socioeconomic groups.

Unequal Access (Digital Divide)

Unequal access to technology and the internet, widening social inequality.

Limited Opportunities (Digital Divide)

Limited access to technology restricting education and economic opportunities for marginalized communities.

Study Notes

Firm's Responsibilities Regarding Computer Crime

• Prosecute criminals involved in computer crimes
• Maintain a low public profile to avoid negative publicity
• Inform affected customers of the incident
• Allocate resources to protect against further computer crime
• Address software susceptible to hacking
• Manage increased costs associated with security safeguards

Prevalence of Computer Incidents

• Increasing complexity of computer systems with more entry points
• Cloud computing: Data and software storage via the internet
• Virtualization software: Running multiple virtual machines on a single computer
• High expectations from users regarding online services
• Expansion and changes in systems with new technology
• Bring Your Own Device (BYOD) policies that allow personal devices access to company resources
• Reliance on commercial software with exploitable vulnerabilities
• Zero-day attacks: Attacks leveraging vulnerabilities before patches are released

Types of Exploits

• Virus: Malicious code disguised as legitimate software
• Worm: Self-replicating harmful programs
• Logic Bomb: Code that executes on a specific trigger
• Spam: Unsolicited bulk emails
• Trojan Horse: Malicious code hidden within a legitimate program
• CAPTCHA: Test to distinguish between humans and bots
• DDoS Attack: Flood of requests to overwhelm a target site
• Rootkit: Allows unauthorized access to a system
• Phishing: Fraudulent emails to extract personal information

CAN-SPAM Act

• Allows spam under specific legal requirements
• Prohibits the use of deceptive practices in spam

Botnet

• A group of compromised computers controlled without the owner’s knowledge
• Used for spam distribution and delivering malicious code

### Types of Phishing

• Spear phishing: Targeted fraudulent emails
• Smishing: Fraudulent text messages
• Vishing: Fraudulent voice messages

Types of Perpetrators

• Thrill seekers: Driven by a desire for a challenge
• Common criminals: Motivated by financial gain
• Industrial spies: Seeking competitive advantages
• Terrorists: Aiming to cause destruction
• Hackers: Wanting to test system limitations
• Script kiddies: Inexperienced hackers using pre-made tools
• Malicious insiders: Employees or contractors causing harm
• Negligent insiders: Causing harm due to negligence
• Hacktivists: Motivated politically or socially
• Cyberterrorists: Seeking intimidation or coercion

Strategies to Reduce Online Credit Card Fraud

• Encryption technologies
• Address verification with issuing banks
• Obtaining card verification value (CVV)
• Transaction risk scoring software
• Using smart cards with encrypted data updates

Trustworthy Computing

• Secure, private, and reliable computing based on sound practices

Risk Assessment

• Assessing internal and external security risks
• Identifying investments for likely and severe threats
• Key terms:
  • Asset (hardware, software, systems, databases)
  • Loss event (negative impacts on assets)

Security Policy

• Defines security requirements, controls, and sanctions
• Clarifies responsibilities and expected behaviors
• Focuses on actions to take, not technical guidelines

Establishing a Security Policy

• Key areas: emails, wireless devices, VPNs (Virtual Private Networks)
• VPN: Encrypts data during transmission

Prevention

• Corporate firewalls and intrusion detection systems
• Antivirus software to detect viruses
• Safeguards against malicious insider threats
• Conduct regular IT security audits
• Collaboration with government agencies

Response Plan

• Incident notification to appropriate parties
• Incident containment, determining if systems should be shut down
• Eradication, using logs and backups to resolve
• Follow-up by analyzing breaches, reviewing responses and assessing financial damages

Computer Forensics

• Combines law and computer science
• Identifies, gathers, examines, and preserves data
• Ensures data integrity for legal proceedings

Summary of Lecture on Motivation

• High performance comes from motivated individuals prepared to exercise discretionary effort
• Motivation is a psychological process that drives, guides, and maintains goal-oriented behavior

Types of Motivation

• Intrinsic Motivation: Engaging in a behavior due to inherent satisfaction
• Extrinsic Motivation: Engaging in a behavior to earn a reward or avoid punishment

Maslow's Hierarchy of Needs

• Physiological: Basic needs (food, water, sleep)
• Safety: Security, stability, health
• Belonging: Friendship, love, social connection
• Esteem: Respect, recognition, self-esteem
• Self-Actualization: Reaching one's full potential

Herzberg's Two-Factor Model

• Hygiene Factors: Prevent dissatisfaction but don't directly motivate
• Motivational Factors: Lead to job satisfaction and motivation

Summary of Lecture on Ethical Problems in the IT Field

Invasion of Privacy

• Unauthorized access, use, or sharing of personal information
• Solution: Strong security measures (encryption, secure servers, regular audits)

Sharing Personal Data Without Consent

• Disclosing personal information without permission
• Solution: Clear and user-friendly consent forms

Algorithmic Bias in AI

• Discriminatory outcomes from AI systems due to biased data
• Solution: Use diverse datasets, implement fairness checks, ethical AI practices, diverse teams

Cyberbullying

• Online harassment leading to emotional distress
• Solution: Educate on online safety, stricter policies, reporting tools

AI and Job Displacement

• Automation leading to job loss and economic inequality
• Solution: Retraining programs, ethical AI development, policies for a fair transition

Digital Addiction and Overuse of Technology

• Excessive use of IT platforms causing mental health issues and reduced productivity
• Solution: Promote ethical platform design, encourage screen time management, protect vulnerable users

Spread of False or Misleading Information Online

• Proliferation of misinformation and disinformation on social platforms
• Solution: Strengthen media literacy, increase platform accountability, fact-checking initiatives

Neglecting Security Protocols

• Ignoring security measures, delaying updates, exposing data to risks
• Solution: Regular audits, timely updates, employee training, advanced cybersecurity tools

Piracy

• Unauthorized use of copyrighted content, causing financial losses
• Solution: Enforce copyrights, provide legal alternatives, educating the public

Deepfakes and Synthetic Media

• Realistic AI-generated content for malicious purposes
• Solution: Develop detection technologies, educate on risks, enforce legal accountability

Surveillance and Government Oversight

• Governments engaging in practices that violate civil liberties
• Excessive surveillance

Unequal Access / The Digital Divide

• Limited access to technology and the internet exacerbates social inequality
• Limited opportunities due to the digital divide restricting education and economic advancement

Intellectual Property Infringement

• Software piracy (unauthorized copying/sharing of software)
• Patent disputes (conflicts over ownership/infringement of intellectual property)

Misinformation and Disinformation

• Spreading false information on social media, creating ethical challenges
• Role of platforms in combating misinformation and disinformation

Employee Monitoring

• Monitoring employee activities (emails, browsing history, movements) for productivity
• Balancing productivity with employee privacy rights

Summary of Lecture on Navigating the Ethical Landscape of the Digital Age

• Addresses complex ethical challenges of the digital era, including:
• Privacy violations, cybersecurity threats, algorithmic bias, the digital divide, intellectual property infringement
• Misinformation, employee monitoring, and government surveillance
• Emphasizes the need for thoughtful strategies to address these issues and promote ethical practices in technology use