Professional Responsibility in Information Technology ITBP 370 - Fall 2024 UAE University

Document Details

DextrousErudition747

Uploaded by DextrousErudition747

United Arab Emirates University

2024

null

null

Tags

computer crime information security cybersecurity it security

Summary

This document provides an overview of computer and internet crime, exploring reasons why these incidents are common and methods for improving IT security. It also introduces different types of perpetrators and risk levels in the growing field of information technology.

Full Transcript

PROFESSIONAL RESPONSIBILITY IN INFORMATION TECHNOLOGY ITBP 370 UNIT 3 COMPUTER AND INTERNET CRIME Fall 2024 CIT, UAE University 2 Unit Objectives  In this chapter we will learn:  What key trade-offs and ethical issues are associated...

PROFESSIONAL RESPONSIBILITY IN INFORMATION TECHNOLOGY ITBP 370 UNIT 3 COMPUTER AND INTERNET CRIME Fall 2024 CIT, UAE University 2 Unit Objectives  In this chapter we will learn:  What key trade-offs and ethical issues are associated with the safeguarding of data and information systems?  Why has there been a dramatic increase in the number of computer-related security incidents in recent years?  What are some characteristics of common computer criminals, including their objectives, available resources, willingness to accept risk, and frequency of attack?  What actions must be taken in response to a security incident? 3 IT Security Incidents: A Worsening Problem  Security of information technology is of utmost importance  Protect confidential data Safeguard private customer and employee data  Protect against malicious acts of theft or disruption  Must be balanced against other business needs and issues  Number of IT-related security incidents is increasing around the world 4 IT Security Incidents: A Worsening Problem Question WHY COMPUTER INCIDENTS ARE SO COMMON? 5 Increasing Complexity Increases Vulnerability Why computer incidents are so common?  Computing environment is enormously complex  Continues to increase in complexity  Number of possible entry points to a network expands continuously 6 Higher Computer User Expectations Why computer incidents are so common?  Computer help desks  Under intense pressure to provide fast responses to users’ questions  Sometimes forget to Verify users’ identities Check whether users are authorized to perform the requested action  Computer users share login IDs and passwords 7 Expanding and Changing Systems Introduce New Risks Why computer incidents are so common?  Network era Past  Personal computers connect to networks with millions of other computers  All capable of sharing information  Information technology  Ubiquitous (everywhere) Now  Necessary tool for organizations to achieve goals  Increasingly difficult to keep up with the pace of technological change Challenge to properly carry out a continuous evaluation of emerging security risks Challenge to put strategies in place to address such risks 8 Perpetrators  Organized attacks by groups, not only an individual  Motives are the same as other criminals  Different objectives and access to varying resources  Different levels of risk to accomplish an objective Hacker Industr s ial Spies Cracke Cyber- rs crimina ls Insider Cyber- s terrrori sts 9 Classifying Perpetrators of Computer Crime Hackers Crackers Insiders Test the limitations of An individual who causes An employee or contractor who information systems out of problems, steals data, and attempts to gain financially and/or intellectual curiosity to gain corrupts systems disrupt a company’s information publicity (form of hacking) systems and business operations Limited Resources Limited Resources Knowledge of systems and passwords High Frequency of attack Medium Frequency of attack Low Frequency of attack 10 Classifying Perpetrators of Computer Crime Industrial Cybercrimin Cyberterroris Spies als ts An individual who captures Someone who attacks a Someone who attempts to destroy trade secrets and attempts computer system or network for the infrastructure components of to gain an unfair financial gain governments, financial institutions, competitive advantage and other corporations, utilities, and emergency response units Well funded and well trained Well funded and well trained Not necessarly well funded and well trained Low Frequency of attack Low Frequency of attack Low Frequency of attack 11 Reducing Vulnerabilities  Security of any system or network is  Combination of technology, policy, and people  Requires a wide range of activities to be effective  A strong security program begins by:  Assess threats to an organization’s computers and network  Identify actions that address the most serious vulnerabilities  Educate users  Monitor systems to detect a possible intrusion  Create a clear reaction plan to address any intrusion event 12 Risk Assessment Security Program  Organization’s review of:  Potential threats to computers and network  Probability of threats occurring  Identify investments that can best protect an organization from the most likely and serious threats  Reasonable assurance  Managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved  Improve security in areas with:  Highest estimated cost  Poorest level of protection 13 Establishing a Security Policy Security Program  A security policy defines  Organization’s security requirements  Controls and sanctions needed to meet the requirements  Identify responsibilities and expected behavior  Defines who is responsible for what and how employees are expected to behave  Outlines what needs to be done  Not how to do it  Automated system policies should mirror written policies 14 Establishing a Security Policy (continued) Security Program  Trade-off between  Ease of use  Increased security  When a decision is made to prefer the ease of use, then security incidents sometimes increase  Areas of concern be addressed in a security policy  E-mail attachments  Wireless devices  VPN uses the Internet to relay communications but maintains privacy through security features  Additional security includes encrypting originating and receiving network addresses 15 Educating Employees, Contractors, & Part-Time Workers Security Program  Educate users about the importance of security  Motivate them to understand and follow security policy  Discuss recent security incidents that affected the organization  Help protect information systems by:  Guarding passwords Maintain the confidentiality of passwords  Not allowing others to use passwords  Applying strict access controls to protect data  Reporting all unusual activity 16 Prevention  Implement a layered security solution  Make computer break-ins harder  Firewall  Limits network access  Antivirus software  Scans for a specific sequence of bytes Known as the virus signature  Examples: Norton Antivirus Dr. Solomon’s Antivirus from McAfee 17 Response  Response plan  Develop well in advance of any incident  Approved by Legal department Responsible for all legal related matters such as disputes investigations, mergers and acquisitions Senior management  Primary goals  Regain control  Limit damage 18 Response (continued)  Incident notification defines  Who to notify  Who not to notify  Questions to cover include the following:  Within the company, who needs to be notified  Under what conditions should the company contact customers and suppliers?  When should local authorities or the police be contacted?  Security experts recommend against releasing specific information about a security compromise in public forums  Document all details of a security incident  All system events  Specific actions taken  All external conversations 19 Response (continued)  Act quickly to contain an attack  Eradication effort  Collect and log all possible criminal evidence from the system  Verify necessary backups are current and complete  Create new backups  Follow-up  Determine how security was compromised Prevent it from happening again 20 Response (continued)  Review  Determine exactly what happened  Evaluate how the organization responded  Capture the perpetrator  Consider the potential for negative publicity  An organization must determine if it is ethically or legally required to notify clients or customers of a cyberattack that might have put their financial information or personal data at risk  Legal precedent (court decision)  Hold organizations accountable for their own IT security weaknesses 21 Summary  Why computer incidents are so common?  Increasing Complexity which will lead to Increasing in the Vulnerability of the system  Higher Computer User Expectations  Expanding and Changing Systems will introduce New Risks  Perpetrators  How to reduce the vulnerabilities and weaknesses of information systems  Risk Assessment  Establishing a Security Policy  Educating Employees, Contractors, & Part-Time Workers  Prevention and Response plans 22 Hackers and Crackers  Hackers  Person skilled in information technology who uses computers to gain unauthorized access to data  Test limitations of systems out of intellectual curiosity  Types: Black Hat Hackers and White Hat Hackers  Crackers  Cracking is a form of hacking  23 Malicious Insiders  Top security concern for companies  Extremely difficult to detect or stop  Authorized to access the very systems they abuse  Knows how the system works and knows the weaknesses  Estimated 85 percent of all fraud is committed by employees  Usually due to weaknesses in internal control procedures  Many frauds are found accidentally by chance through: Tips Resolving payment difficulties with contractors or suppliers Management change.  Collusion is cooperation between an employee and an outsider  Example: an employee in accounting department, might engage in collusion with a company supplier  Insiders are not necessarily employees  Can also be consultants and contractors 24 Cybercriminals  Hack into corporate computers and steal  Engage in all forms of computer fraud  Chargebacks are disputed transactions  Loss of customer trust has more impact than fraud  To reduce the potential for online credit card fraud sites:  Use encryption technology  Verify the address submitted online against the issuing bank  Request a card verification value (CVV)  Use transaction-risk scoring software

Use Quizgecko on...
Browser
Browser