computer and internet crimes Flashcards
Levin reportedly accomplished the break-ins by dialing into Citibank‘s cash management system. This system allowed clients to initiate their own fund transfers to other banks.
Citibank and Vladimir Levin (June-October, 1994)
It is a computer virus discovered in 2012 that attacks computers running the Microsoft Windows operating system. It is also known as Disttrack. Shamoon is capable of wiping files and rendering several computers on a network unusable.
Shamoon (2012)
a self-replicating program that spreads by inserting copies of itself into other executable code or documents.
virus
is a virus that uses an application‘s own macro programming language to distribute itself.
macro virus
a derogatory term for inexperienced crackers who use scripts and programs developed by others for the purpose of compromising computer accounts and files, and for launching attacks on whole computer systems.
script kiddie
are people who are not only capable of writing scripts to exploit known vulnerabilities, but also capable of discovering new ones.
Elite hackers
conducted against information and information processing equipment used by an adversary
Information Warfare
is a protection of networks and their services from unauthorized modification, destruction, or disclosure, and provision of assurance that the network performs its critical functions correctly and there are no harmful side-effects.
Network security
The original goal of computer and network security is to provide (3)
confidentiality, integrity, and availability
refers to the security principle that states that information should not be disclosed to unauthorized individuals.
Confidentiality
is the security principle that requires information to not be modified except by individuals authorized to do so.
Integrity
applies to hardware, software, and data. All of these should be present and accessible when the subject (the user) wants to access or use them.
Availability
deals with the desire to ensure that an individual is who they claim to be.
Authentication
is a concept that complements the idea of various layers of security.
Diversity of defense
is an approach which puts human needs and capabilities at the focus of designing technological systems.
Ergonomics
make it possible to commit unethical acts quickly.
Time Information systems
Ensures access of individuals to personal data collected about them and about government activities in federal agency files.
Freedom of Information Act of 1970.
- General prohibition on pen register and trap and trace device use
- Pen Registers and Trap and Trace Devices
- Standards against fraud by wire, radio, or television
- Standards against Interception and disclosure of wire, oral, or electronic communications prohibited
- Wire and Electronic Communications Interception and Interception of Oral Communications
mail fraud law
is a person who enjoys computer technology and spends time learning and using computer systems.
hacker
also called a ???, is a computer-savvy person who attempts to gain unauthorized or illegal access to computer systems. In many cases, they are people who are looking for fun and excitement – the challenge of beating the system.
A criminal hacker; cracker
The following are the four (4) unique INFORMATION SYSTEM attributes:
● Location
● Time
● Separation of Act from Consequences
● Individual Power
There are basically three overlapping types of Risks:
- bugs/misconfiguration problems
- browser-side risks
- interception of network data (via network eavesdropping)
Bugs or misconfiguration problems that allow unauthorized remote users to: (4)
● Steal confidential documents
● Execute commands on the host machine, allowing them to modify the system
● Gain information about the host machine, allowing them to break into the system
● Launch denial-of-service attacks, rendering the machine temporarily unusable
Browser-side risks, including: (2)
● Active content that crashes the browser, damages the user’s system,
● The misuse of personal information
