SlideShare ist ein Scribd-Unternehmen logo

Computer Crimes

Als PPTX, PDF herunterladen
Upekha Vandebona
Upekha Vandebona

Professional Issues in IT - Cyber Crimes

Bildung
1 von 43
Chapter 5 - Legal Issues in Computing IT 5105 – Professional Issues in IT Upekha Vandebona upe.vand@gmail.com Ref : Tavani, Herman T., “Ethics and technology: controversies, questions, and strategies for ethical computing” , 4th Edition. [Cyber Crime]
Instructional Objectives  Identify methods by which computing services can be compromised.  Discuss the legal implications of compromising computing services.  Discuss the types of policies that should be included for system use and monitoring.  Describe the basic elements of compliance laws – such as ADA508, FERPA, HIPAA, and Sarbanes-Oxley.  Describe the differences in accountability, responsibility, and liability.  Describe current approaches to managing risk, and describe the legal implications of compromising computing services.  Evaluate an acceptable use policy. COMPUTER CRIME ACT, No. 24 OF 2007 2
Introduction - Cyber Crime  When was the last time you heard about cyber crimes in Sri Lankan news media?  What was about it?  A Virus?  Break into financial and government institution network?  Digital Piracy?  Cyber Stalking and Cyber Bullying?  Cyber Pornography?  Phishing?  Were we more focused on financial crimes and neglected interpersonal criminal behaviors? 3
Globally it is more than that…  Hacking pacemakers.  http://www.computerworld.com/article/2981527/cybercrime- hacking/researchers-hack-a-pacemaker-kill-a-man-nequin.html Ref: http://null-byte.wonderhowto.com/forum/is-hacking- implanted-medical-devices-next-big-cyber-crime-0149205/ 4
In Earlier Days…  Disgruntled employees who altered files in computer databases or who sabotaged computer systems to seek revenge against employers.  Computer-savvy teenagers, sometimes described in the media as “hackers”, breaking into computer systems, either as a prank or for malicious purposes.  “Hackers” who used computers to transfer money from wealthy individuals and corporations to poorer individuals and organizations. 5
Many Cybercrimes Go Unreported  Organizations are reluctant to report cybercrimes because of the embarrassment it might cause them.  Because the victims fear the negative repercussions: reporting the crimes would be tantamount to admitting that their computer security practices are inadequate. What might happen if a customer discovered that the bank where she deposits and saves money had been broken into; She might decide to transfer her funds to a bank that she perceives to be more secure. If cyber-related crimes committed by employees working inside a financial institution were reported and publicized, the institution could also suffer a loss of customer confidence. 6
Hackers; Were They Countercultural Heroes?  Stereotypical computer hackers, unlike most professional criminals, are not generally motivated by greed; some seem to thrive on a kind of “joyriding” (the thrill experienced in figuring out how to break into unauthorized systems).  Inclined to attack computers merely to prove that they could and “show off” to one another. 7
Hackers; Were They Countercultural Heroes?  However, it is also worth noting that many malicious hackers do not possess outstanding technical skills but are savvy enough to locate sophisticated “hacking tools” that can be downloaded from the Internet for free, and many of these individuals are sufficiently astute to take advantage of “holes” in computer systems and programs. 8
Hacking vs. Cracking  Meaning of “hacker” began to change in the 1980s when the media started applying the term to criminals using computers.  In order to avoid confusion with virus writers and intruders into information systems, traditional hackers began calling these destructive computer users crackers.  Crackers often engage in theft and vandalism once they have gained access to computer systems. According to Hacker Jargon; Hacker - “an expert or enthusiast of any kind.” Cracker - “who breaks security on a system.” 9
White Hat & Black Hat  “White hat hackers” is used to refer to those “innocent,” or non-malicious, forms of hacking, while “black hat hackers” refers roughly to “cracking.” But for the General Public, It is one term: hacking and it is always bad… 10
Counter Hacking  Active defense hacking, sometimes also referred to as “hacking back against hackers.”  Counter hacking activities have been carried out both by individuals and corporations; they are directed against those who are suspected of originating the hacker attacks.  Case of “two wrongs making a right”? Should counter hacking be legalized? Can it ever be ethically justified? 11
Ethical Hackers  Individuals who successfully complete those certification programs are trained and certified not only in the use of defensive measures to ensure the security of their employers, but also appear to be authorized to engage in security-related activities. According to Hacker Jargon; • The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all the while staying within legal limits . . . • An Ethical Hacker is very similar to a Penetration Tester . . . • When it is done by request and under a contract between an Ethical Hacker and an organization, it is legal. 12
Counter Hacking : Bad Effects  Can cause harm to innocent individuals.  Hacking back against those who launch DDoS attacks, many innocent persons are adversely affected because the attacks are routed through their computer systems.  Perpetrators of DDoS attacks use “host computers, ”which often include the computers of innocent persons, to initiate their attacks (a technique sometimes referred to as “IP spoofing”).  This would suggest to the victims of these attacks that they originated from the host computer, as opposed to the computer of the initiator of the attack.  So when victims hack back, they can unintentionally cause the intermediate computer to be assaulted. 13
Do we need a separate category in our legal systems to handle crimes with computers?  Individual who uses surgeon’s scalpel to commit a murder would not consider as a medical crime. It’s a murder even though a medical instrument was being used.  People use automobiles to assist criminals in “getaway” operations, but we don’t have a category called automobile crimes.  People steal televisions, but we don’t say television crime.  So why do we need a separate category, cybercrime, for criminal acts involving cyber technology? 14
Cyber/Computer Crimes  Yet law-makers have determined it necessary, or at least useful, to enact specific laws for crimes involving computers and cyber technology.  Are the following computer crimes? a.) Boralugoda steals a computer device (e.g., a laser printer) from a computer lab. 15
c.) Shaggy enters a computer lab that he is authorized to use and then places an explosive device, set to detonate a short time later, on a computer system in the lab. b.) Madapaatha breaks into a computer lab and then snoops around. 16
Definition  By thinking about cybercrimes in terms of their unique or special features—conditions that separate them from ordinary crimes—we could distinguish authentic or “genuine” cybercrimes from other crimes that merely involve the use or the presence of cyber technology. “Crime in which the criminal act can be carried out only through the use of cyber technology and can take place only in the cyber realm.” 17
Cyber Piracy using cyber technology in unauthorized ways to • reproduce copies of proprietary information • distribute proprietary information (in digital form) across a computer network. Cyber Trespass using cyber technology to gain unauthorized access to • an individual’s or an organization’s computer system • a password-protected Web site Cyber Vandalism using cyber technology to unleash one or more programs that • disrupt the transmission of electronic information across one or more computer networks, including the Internet • destroy data resident in a computer or damage a computer system’s resources, or both 18
Example Cases  Activities involving the unauthorized exchange of copyrighted music on the Internet via Napster and subsequent P2P-relatedfile-sharing sites are examples of………….  The launching of the Conficker virus is an instance of ………..  The DDoS attacks on government and commercial Web sites illustrate an example of…………… , because they involved the breaking into, as well as the unauthorized use of, third- party computer systems to send spurious requests to commercial Web sites (as opposed to the kind of “genuine” requests sent by users who wish to access those sites for legitimate purposes). Since DDoS attacks also cause serious disruption of services for the targeted Websites, they can also be classified as …………………….. cyber piracy (Category 1); cyber vandalism(Category 3); cyber vandalism (Category3); cyber trespass (Category 2) 19
Cyber-related Crimes  Crimes involving stalking, and pornography can each be carried out with or without computers and cyber technology;  There is nothing about them that is unique to cyber technology, so crimes such as, cyber stalking, and Internet pornography would not qualify as genuine cybercrimes. 20
Cyber-Exacerbated vs. Cyber-Assisted Crimes  This distinction enables us to differentiate between a crime in which someone merely uses cyber technology from crimes, which are significantly affected by computers and cyber technology.  Due to the technology, these types of crime rates are going higher. Specifically in Cyber Exacerbated Crimes. 21
22
Identity Theft  Cyber Exacerbated Crime in which an imposter obtains key pieces of personal information in order to impersonate someone else.  The information can be used to obtain credit, merchandise, and services in the name of the victim, or to provide the thief with false credentials.  In the past, identity thieves have combed through dumpsters (and some still do) looking for copies of bank statements and for papers containing account information on credit card bills that people dispose of in their trash. (This behavior is sometimes referred to as “dumpster diving.”) 23
Identity Theft  Factors such as lax security and carelessness involving customer information contained in computer databases made it easy for some identity thieves to acquire personal information about their victims.  Information brokering has become a lucrative business. Make connect professional criminals and employees in organizations that have access to sensitive information about people’s financial records. 24
Identity Theft From Emails  A scheme involving e-mail that appears to have been sent by a reputable business.  For example, you may receive e-mail that looks as if it were sent by eBay, Amazon, or PayPal.  Often these e-mail messages include the official logos of the companies they purport to represent and might look legitimate; the message informs you that your account is about to expire and that you need to update it by verifying your credit card number as well as other kinds of personal information. 25
26
Avoid Identity Theft from Emails  How can a potential victim differentiate legitimate e-mail sent from businesses such as eBay or PayPal from that sent by identity thieves?  Typically, e-mail from identity thieves will not address the potential victim by name; so this can be an indication that the e-mail is not from a legitimate source.  Users wishing to verify the authenticity of the e-mail can contact the company by phone, or through the company’s legitimate e-mail address, if they are in doubt. 27
Phishing and Identity Theft  Many e-mail messages sent from identity thieves are generated through spam.  Using spam to gather personal information is sometimes referred to as phishing or “automated identity theft”.  An automated version of phishing, sometimes called “pharming,” automatically “redirects the victim to the offending site”.  Activities involving pharming and phishing, along with conventional e-mail spam, increase the amount of identity theft that can be accomplished over the Internet. 28
Combat Cyber Crime - Tools  Packet Sniffing  Track criminals and their activities.  A packet sniffer or “sniffer” is a program that Monitors the data traveling between networked computers;  However, these kinds of software programs have also been used by malicious hackers to capture user IDs and passwords. 29
Combat Cyber Crime - Tools  Keystroke Monitoring  To track the activities of criminals who use cyber technology.  A specialized form of audit-trail software that records every key struck by a user and every character of the response that the system returns to the user.  It is especially useful in tracking the activities of criminals who use encryption tools to encode their messages. 30
Combat Cyber Crime - Techniques  Sting Operations and Entrapment  To catch members of organized crime involved in drug dealing, gambling, pornography, and so forth.  Would such kind of techniques are ethically justifiable?  Can save many innocent lives and can significantly lessen the harm that might otherwise occur to some individuals. 31
Surveillance  On Telephones  Pen Registers : When a suspect makes a phone call, displays the number being dialed  Trap-and-Trace Devices : when the suspect receives a phone call, displays the caller’s phone number.  A pen register used on the Internet can reveal the URLs of Web sites visited by a suspect.  http://vesess.com/warrantless-wiretapping-sri-lanka/ 32
Surveillance is Ethical?  Critics argue that this increased domestic surveillance will erode basic civil liberties.  Could be abused by those in power, under the convenient excuse of crime prevention and national defense, to achieve certain political ends.  http://www.cpalanka.org/freedom-of-expression-on-the- internet-in-sri-lanka/  http://www.cpalanka.org/the-internet-as-a-medium-for- free-expression-a-sri-lankan-legal-perspective/ 33
Biometrics  Biometric technologies have also been used by law enforcement agencies to combat crime and terrorism.  the biological identification of a person, which includes eyes, voice, hand prints, finger prints, retina patterns, and hand-written signatures.  Through biometric technologies, one’s iris can be read in the same way that one’s voice can be printed.  The digital representation of these biometric data is usually transformed via some algorithm to produce a template, which is stored in a central computer database. 34
Biometrics  As biometric technologies used for authenticating an individual’s identity, as passports.  While biometric devices are a highly accurate means for validating an individual’s identity, they are also controversial.  Biometric identification tool using face-recognition technology can scan the faces of people entering a public place. The scanned images can then instantly matched against the facial templates of suspected criminals and terrorists, which were contained in a central computer database. 35
Biometrics - Issues  Some supports this, even it violates civil liberties.  Point to at least three problems: error, abuse, and privacy.  Errors occur in matches resulting, will make innocents the guilty.  Purposes for which biometric technologies are originally authorized can expand significantly and can lead to possible abuses.  Loss of privacy and civil liberties for individuals.  Those who favor using biometric technology argue that it provides increased security, even if using this technology undercuts some civil liberties for ordinary citizens. 36
Global Reach  Laws are typically limited in jurisdiction to nations where they are enacted. Traditionally, crimes are prosecuted in the legal jurisdictions in which they were committed.  In certain cases, suspected criminals have been extradited from one legal jurisdiction to another (and sometimes from one country to another) to stand trial for an accused crime.  As cyberspace has no physical boundaries, it can be difficult to prosecute cybercrimes involving multiple nations, as well as multiple states within nations.  So, it is a question whether the concept of legal jurisdiction makes any sense in cyberspace. 37
Enforcing Cybercrime Laws Globally  Criminal enforcement has been hampered by the lack of international legal agreements and treaties on cyber crime.  E.g.: ILOVEYOU virus in 2001 - Originated in Philippines but effect was global.  Budapest Convention  https://en.wikipedia.org/wiki/Convention_on_Cybercrime  http://www.coe.int/en/web/cybercrime/home 38
Software Contracts - Case Study  MegaTech Corporation, a major computer company in the United States, has developed and released a new software product that has been distributed globally.  However, this product has a serious defect that causes computer systems using it to crash under certain conditions. These system crashes, in turn, result in both severe disruption and damage to system resources.  MindWaves, a company headquartered in eastern Asia that purchased this product from MegaTech, has experienced multiple system crashes since installing it, which has also resulted in a severe loss of revenue for that company.  What legal recourse does/should MindWaves have in its complaint against MegaTech Corp., given that its complaint involves companies in two sovereign nations? 39
Software Contracts - Case Study  Disclaimers and caveats issued by manufacturers to protect themselves against litigation.  Applicable Jurisdiction clause for tailor made software contract agreements. 40
Cybercrime and Free Press  A relatively recent challenge for law enforcement in cyberspace, especially at the international level, has emerged in response to controversial “journalistic” practices involving some new online media outlets and organizations.  Should they be viewed as journalistic activities that are protected by a free press?  E.g.: WikiLeaks controversy 41
42 Sri Lankan Police Website
43 Sri Lanka Computer Emergency Readiness Team

Empfohlen

12 security policies
12 security policies12 security policies
12 security policiesSaqib Raza
 
Cyber law-it-act-2000
Cyber law-it-act-2000Cyber law-it-act-2000
Cyber law-it-act-2000Mayuresh Patil
 
Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000V'vek Sharma
 
Cyber law
Cyber lawCyber law
Cyber lawArnab Roy Chowdhury
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Cyber law In India: its need & importance
Cyber law In India: its need & importanceCyber law In India: its need & importance
Cyber law In India: its need & importanceAditya Shukla
 
Computer Crimes
Computer CrimesComputer Crimes
Computer CrimesIvy Rose Recierdo
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 

Empfohlen

12 security policies
12 security policies12 security policies
12 security policiesSaqib Raza
 
Cyber law-it-act-2000
Cyber law-it-act-2000Cyber law-it-act-2000
Cyber law-it-act-2000Mayuresh Patil
 
Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000V'vek Sharma
 
Cyber law
Cyber lawCyber law
Cyber lawArnab Roy Chowdhury
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
Cyber law In India: its need & importance
Cyber law In India: its need & importanceCyber law In India: its need & importance
Cyber law In India: its need & importanceAditya Shukla
 
Computer Crimes
Computer CrimesComputer Crimes
Computer CrimesIvy Rose Recierdo
 
E Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesE Commerce -Security Threats and Challenges
E Commerce -Security Threats and ChallengesInderjeet Singh
 
Cyberspace slide show
Cyberspace slide showCyberspace slide show
Cyberspace slide showBeckusq
 
Computer crime
Computer crime Computer crime
Computer crimeAnika Rahman Orin
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdfAnupmaMunshi
 
Cyberlaw and Cybercrime
Cyberlaw and CybercrimeCyberlaw and Cybercrime
Cyberlaw and CybercrimePravir Karna
 
COBIT and IT Policy Presentation
COBIT and IT Policy PresentationCOBIT and IT Policy Presentation
COBIT and IT Policy PresentationSarah Cortes
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law. PROF. PUTTU GURU PRASAD
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management Ersoy AKSOY
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber TerrorismSai praveen Seva
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspectiveShoeb Ahmed
 
IT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUIT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUShrey Patel
 
Presentation on Software Piracy
Presentation on Software PiracyPresentation on Software Piracy
Presentation on Software PiracyPallavi Agarwal
 
Cyber crimes in the digital age
Cyber crimes in the digital ageCyber crimes in the digital age
Cyber crimes in the digital ageatuljaybhaye
 
Computer Ethics
Computer EthicsComputer Ethics
Computer EthicsRamki M
 
Social and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsSocial and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsDyuti Islam
 
Cyber crime final report
Cyber crime final report Cyber crime final report
Cyber crime final report Shishupal Nagar
 
Cybercrime
CybercrimeCybercrime
Cybercrimepromit
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyberspace slide show
Cyberspace slide showCyberspace slide show
Cyberspace slide showBeckusq
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdfAnupmaMunshi
 
Cyberlaw and Cybercrime
Cyberlaw and CybercrimeCyberlaw and Cybercrime
Cyberlaw and CybercrimePravir Karna
 
COBIT and IT Policy Presentation
COBIT and IT Policy PresentationCOBIT and IT Policy Presentation
COBIT and IT Policy PresentationSarah Cortes
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management Ersoy AKSOY
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspectiveShoeb Ahmed
 
IT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUIT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUShrey Patel
 
Presentation on Software Piracy
Presentation on Software PiracyPresentation on Software Piracy
Presentation on Software PiracyPallavi Agarwal
 
Cyber crimes in the digital age
Cyber crimes in the digital ageCyber crimes in the digital age
Cyber crimes in the digital ageatuljaybhaye
 
Computer Ethics
Computer EthicsComputer Ethics
Computer EthicsRamki M
 
Social and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsSocial and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsDyuti Islam
 

Was ist angesagt? (20)

Cyberspace slide show
Cyberspace slide showCyberspace slide show
Cyberspace slide show
 
Computer crime
Computer crime Computer crime
Computer crime
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Cyberlaw and Cybercrime
Cyberlaw and CybercrimeCyberlaw and Cybercrime
Cyberlaw and Cybercrime
 
COBIT and IT Policy Presentation
COBIT and IT Policy PresentationCOBIT and IT Policy Presentation
COBIT and IT Policy Presentation
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Information risk management
Information risk managementInformation risk management
Information risk management
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
 
Cyber security
Cyber securityCyber security
Cyber security
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspective
 
IT ACT 2008 ALA GTU
IT ACT 2008 ALA GTUIT ACT 2008 ALA GTU
IT ACT 2008 ALA GTU
 
Presentation on Software Piracy
Presentation on Software PiracyPresentation on Software Piracy
Presentation on Software Piracy
 
Cyber crimes in the digital age
Cyber crimes in the digital ageCyber crimes in the digital age
Cyber crimes in the digital age
 
Computer Ethics
Computer EthicsComputer Ethics
Computer Ethics
 
Social and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsSocial and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - Ethics
 

Ähnlich wie Computer Crimes

Cyber crime final report
Cyber crime final report Cyber crime final report
Cyber crime final report Shishupal Nagar
 
Cybercrime
CybercrimeCybercrime
Cybercrimepromit
 
Cyber crime
Cyber crimeCyber crime
Cyber crime24sneha
 
Cyber security and cyber laws
Cyber security and cyber lawsCyber security and cyber laws
Cyber security and cyber lawsDr. Prashant Vats
 
English in written
English in writtenEnglish in written
English in writtenazhar manap
 
Aspects of Cyber Crime theory | Criminal or a Noncriminal offense
Aspects of Cyber Crime theory | Criminal or a Noncriminal offenseAspects of Cyber Crime theory | Criminal or a Noncriminal offense
Aspects of Cyber Crime theory | Criminal or a Noncriminal offenseRohit Revo
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar ReportArindam Sarkar
 

Ähnlich wie Computer Crimes (20)

Cyber crime final report
Cyber crime final report Cyber crime final report
Cyber crime final report
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber law in bangladesh
Cyber law in bangladeshCyber law in bangladesh
Cyber law in bangladesh
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
A report on cyber Crime
A report on cyber CrimeA report on cyber Crime
A report on cyber Crime
 
Cyber crime report
Cyber crime reportCyber crime report
Cyber crime report
 
cyber crime.pptx
cyber crime.pptxcyber crime.pptx
cyber crime.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Ethical Hacking Essay
Ethical Hacking EssayEthical Hacking Essay
Ethical Hacking Essay
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber security and cyber laws
Cyber security and cyber lawsCyber security and cyber laws
Cyber security and cyber laws
 
English in written
English in writtenEnglish in written
English in written
 
Aspects of Cyber Crime theory | Criminal or a Noncriminal offense
Aspects of Cyber Crime theory | Criminal or a Noncriminal offenseAspects of Cyber Crime theory | Criminal or a Noncriminal offense
Aspects of Cyber Crime theory | Criminal or a Noncriminal offense
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
12 c business i environment i society mba 2016
12 c business i environment i society mba 201612 c business i environment i society mba 2016
12 c business i environment i society mba 2016
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime & law
Cyber crime & lawCyber crime & law
Cyber crime & law
 
Research Paper On Cybercrime
Research Paper On CybercrimeResearch Paper On Cybercrime
Research Paper On Cybercrime
 

Mehr von Upekha Vandebona

Software Engineering Ethics
Software Engineering EthicsSoftware Engineering Ethics
Software Engineering EthicsUpekha Vandebona
 
Need for Software Engineering
Need for Software EngineeringNeed for Software Engineering
Need for Software EngineeringUpekha Vandebona
 
Characteristics of Software
Characteristics of SoftwareCharacteristics of Software
Characteristics of SoftwareUpekha Vandebona
 
Introduction to Software Engineering
Introduction to Software EngineeringIntroduction to Software Engineering
Introduction to Software EngineeringUpekha Vandebona
 
Porter Forces and eBusiness Models
Porter Forces and eBusiness ModelsPorter Forces and eBusiness Models
Porter Forces and eBusiness ModelsUpekha Vandebona
 
Porter Forces and eBusiness Strategies
Porter Forces and eBusiness StrategiesPorter Forces and eBusiness Strategies
Porter Forces and eBusiness StrategiesUpekha Vandebona
 
Revenue Models for e-Business on The Web
Revenue Models for e-Business on The WebRevenue Models for e-Business on The Web
Revenue Models for e-Business on The WebUpekha Vandebona
 
Michael Porter’s Five Forces
Michael Porter’s Five ForcesMichael Porter’s Five Forces
Michael Porter’s Five ForcesUpekha Vandebona
 
eCommerce Business Strategies
eCommerce Business StrategieseCommerce Business Strategies
eCommerce Business StrategiesUpekha Vandebona
 
Supply Chain Management, Customer Relationship Management and Knowledge Manag...
Supply Chain Management, Customer Relationship Management and Knowledge Manag...Supply Chain Management, Customer Relationship Management and Knowledge Manag...
Supply Chain Management, Customer Relationship Management and Knowledge Manag...Upekha Vandebona
 
Direct to Customer Interaction through eBusiness
Direct to Customer Interaction through eBusinessDirect to Customer Interaction through eBusiness
Direct to Customer Interaction through eBusinessUpekha Vandebona
 
eBusiness Benefits and Issues
eBusiness Benefits and IssueseBusiness Benefits and Issues
eBusiness Benefits and IssuesUpekha Vandebona
 
Orientation of eBusiness Applications
Orientation of eBusiness ApplicationsOrientation of eBusiness Applications
Orientation of eBusiness ApplicationsUpekha Vandebona
 
Professional and Ethical, Issues and Responsibilities
Professional and Ethical, Issues and ResponsibilitiesProfessional and Ethical, Issues and Responsibilities
Professional and Ethical, Issues and ResponsibilitiesUpekha Vandebona
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil LibertiesUpekha Vandebona
 
Organizational Context - Processes
Organizational Context - ProcessesOrganizational Context - Processes
Organizational Context - ProcessesUpekha Vandebona
 
Professional Communication in Computing - Writing
Professional Communication in Computing - WritingProfessional Communication in Computing - Writing
Professional Communication in Computing - WritingUpekha Vandebona
 
Professional Communication in Computing
Professional Communication in ComputingProfessional Communication in Computing
Professional Communication in ComputingUpekha Vandebona
 

Mehr von Upekha Vandebona (20)

Software Engineering Ethics
Software Engineering EthicsSoftware Engineering Ethics
Software Engineering Ethics
 
Need for Software Engineering
Need for Software EngineeringNeed for Software Engineering
Need for Software Engineering
 
Characteristics of Software
Characteristics of SoftwareCharacteristics of Software
Characteristics of Software
 
Introduction to Software Engineering
Introduction to Software EngineeringIntroduction to Software Engineering
Introduction to Software Engineering
 
Porter Forces and eBusiness Models
Porter Forces and eBusiness ModelsPorter Forces and eBusiness Models
Porter Forces and eBusiness Models
 
Porter Forces and eBusiness Strategies
Porter Forces and eBusiness StrategiesPorter Forces and eBusiness Strategies
Porter Forces and eBusiness Strategies
 
Revenue Models for e-Business on The Web
Revenue Models for e-Business on The WebRevenue Models for e-Business on The Web
Revenue Models for e-Business on The Web
 
Michael Porter’s Five Forces
Michael Porter’s Five ForcesMichael Porter’s Five Forces
Michael Porter’s Five Forces
 
eCommerce Business Strategies
eCommerce Business StrategieseCommerce Business Strategies
eCommerce Business Strategies
 
Supply Chain Management, Customer Relationship Management and Knowledge Manag...
Supply Chain Management, Customer Relationship Management and Knowledge Manag...Supply Chain Management, Customer Relationship Management and Knowledge Manag...
Supply Chain Management, Customer Relationship Management and Knowledge Manag...
 
eBusiness Roadmap
eBusiness RoadmapeBusiness Roadmap
eBusiness Roadmap
 
eBusiness Environment
eBusiness EnvironmenteBusiness Environment
eBusiness Environment
 
Direct to Customer Interaction through eBusiness
Direct to Customer Interaction through eBusinessDirect to Customer Interaction through eBusiness
Direct to Customer Interaction through eBusiness
 
eBusiness Benefits and Issues
eBusiness Benefits and IssueseBusiness Benefits and Issues
eBusiness Benefits and Issues
 
Orientation of eBusiness Applications
Orientation of eBusiness ApplicationsOrientation of eBusiness Applications
Orientation of eBusiness Applications
 
Professional and Ethical, Issues and Responsibilities
Professional and Ethical, Issues and ResponsibilitiesProfessional and Ethical, Issues and Responsibilities
Professional and Ethical, Issues and Responsibilities
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil Liberties
 
Organizational Context - Processes
Organizational Context - ProcessesOrganizational Context - Processes
Organizational Context - Processes
 
Professional Communication in Computing - Writing
Professional Communication in Computing - WritingProfessional Communication in Computing - Writing
Professional Communication in Computing - Writing
 
Professional Communication in Computing
Professional Communication in ComputingProfessional Communication in Computing
Professional Communication in Computing
 

Kürzlich hochgeladen

IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 

Kürzlich hochgeladen (20)

IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 

Computer Crimes

  • 1. Chapter 5 - Legal Issues in Computing IT 5105 – Professional Issues in IT Upekha Vandebona upe.vand@gmail.com Ref : Tavani, Herman T., “Ethics and technology: controversies, questions, and strategies for ethical computing” , 4th Edition. [Cyber Crime]
  • 2. Instructional Objectives  Identify methods by which computing services can be compromised.  Discuss the legal implications of compromising computing services.  Discuss the types of policies that should be included for system use and monitoring.  Describe the basic elements of compliance laws – such as ADA508, FERPA, HIPAA, and Sarbanes-Oxley.  Describe the differences in accountability, responsibility, and liability.  Describe current approaches to managing risk, and describe the legal implications of compromising computing services.  Evaluate an acceptable use policy. COMPUTER CRIME ACT, No. 24 OF 2007 2
  • 3. Introduction - Cyber Crime  When was the last time you heard about cyber crimes in Sri Lankan news media?  What was about it?  A Virus?  Break into financial and government institution network?  Digital Piracy?  Cyber Stalking and Cyber Bullying?  Cyber Pornography?  Phishing?  Were we more focused on financial crimes and neglected interpersonal criminal behaviors? 3
  • 4. Globally it is more than that…  Hacking pacemakers.  http://www.computerworld.com/article/2981527/cybercrime- hacking/researchers-hack-a-pacemaker-kill-a-man-nequin.html Ref: http://null-byte.wonderhowto.com/forum/is-hacking- implanted-medical-devices-next-big-cyber-crime-0149205/ 4
  • 5. In Earlier Days…  Disgruntled employees who altered files in computer databases or who sabotaged computer systems to seek revenge against employers.  Computer-savvy teenagers, sometimes described in the media as “hackers”, breaking into computer systems, either as a prank or for malicious purposes.  “Hackers” who used computers to transfer money from wealthy individuals and corporations to poorer individuals and organizations. 5
  • 6. Many Cybercrimes Go Unreported  Organizations are reluctant to report cybercrimes because of the embarrassment it might cause them.  Because the victims fear the negative repercussions: reporting the crimes would be tantamount to admitting that their computer security practices are inadequate. What might happen if a customer discovered that the bank where she deposits and saves money had been broken into; She might decide to transfer her funds to a bank that she perceives to be more secure. If cyber-related crimes committed by employees working inside a financial institution were reported and publicized, the institution could also suffer a loss of customer confidence. 6
  • 7. Hackers; Were They Countercultural Heroes?  Stereotypical computer hackers, unlike most professional criminals, are not generally motivated by greed; some seem to thrive on a kind of “joyriding” (the thrill experienced in figuring out how to break into unauthorized systems).  Inclined to attack computers merely to prove that they could and “show off” to one another. 7
  • 8. Hackers; Were They Countercultural Heroes?  However, it is also worth noting that many malicious hackers do not possess outstanding technical skills but are savvy enough to locate sophisticated “hacking tools” that can be downloaded from the Internet for free, and many of these individuals are sufficiently astute to take advantage of “holes” in computer systems and programs. 8
  • 9. Hacking vs. Cracking  Meaning of “hacker” began to change in the 1980s when the media started applying the term to criminals using computers.  In order to avoid confusion with virus writers and intruders into information systems, traditional hackers began calling these destructive computer users crackers.  Crackers often engage in theft and vandalism once they have gained access to computer systems. According to Hacker Jargon; Hacker - “an expert or enthusiast of any kind.” Cracker - “who breaks security on a system.” 9
  • 10. White Hat & Black Hat  “White hat hackers” is used to refer to those “innocent,” or non-malicious, forms of hacking, while “black hat hackers” refers roughly to “cracking.” But for the General Public, It is one term: hacking and it is always bad… 10
  • 11. Counter Hacking  Active defense hacking, sometimes also referred to as “hacking back against hackers.”  Counter hacking activities have been carried out both by individuals and corporations; they are directed against those who are suspected of originating the hacker attacks.  Case of “two wrongs making a right”? Should counter hacking be legalized? Can it ever be ethically justified? 11
  • 12. Ethical Hackers  Individuals who successfully complete those certification programs are trained and certified not only in the use of defensive measures to ensure the security of their employers, but also appear to be authorized to engage in security-related activities. According to Hacker Jargon; • The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all the while staying within legal limits . . . • An Ethical Hacker is very similar to a Penetration Tester . . . • When it is done by request and under a contract between an Ethical Hacker and an organization, it is legal. 12
  • 13. Counter Hacking : Bad Effects  Can cause harm to innocent individuals.  Hacking back against those who launch DDoS attacks, many innocent persons are adversely affected because the attacks are routed through their computer systems.  Perpetrators of DDoS attacks use “host computers, ”which often include the computers of innocent persons, to initiate their attacks (a technique sometimes referred to as “IP spoofing”).  This would suggest to the victims of these attacks that they originated from the host computer, as opposed to the computer of the initiator of the attack.  So when victims hack back, they can unintentionally cause the intermediate computer to be assaulted. 13
  • 14. Do we need a separate category in our legal systems to handle crimes with computers?  Individual who uses surgeon’s scalpel to commit a murder would not consider as a medical crime. It’s a murder even though a medical instrument was being used.  People use automobiles to assist criminals in “getaway” operations, but we don’t have a category called automobile crimes.  People steal televisions, but we don’t say television crime.  So why do we need a separate category, cybercrime, for criminal acts involving cyber technology? 14
  • 15. Cyber/Computer Crimes  Yet law-makers have determined it necessary, or at least useful, to enact specific laws for crimes involving computers and cyber technology.  Are the following computer crimes? a.) Boralugoda steals a computer device (e.g., a laser printer) from a computer lab. 15
  • 16. c.) Shaggy enters a computer lab that he is authorized to use and then places an explosive device, set to detonate a short time later, on a computer system in the lab. b.) Madapaatha breaks into a computer lab and then snoops around. 16
  • 17. Definition  By thinking about cybercrimes in terms of their unique or special features—conditions that separate them from ordinary crimes—we could distinguish authentic or “genuine” cybercrimes from other crimes that merely involve the use or the presence of cyber technology. “Crime in which the criminal act can be carried out only through the use of cyber technology and can take place only in the cyber realm.” 17
  • 18. Cyber Piracy using cyber technology in unauthorized ways to • reproduce copies of proprietary information • distribute proprietary information (in digital form) across a computer network. Cyber Trespass using cyber technology to gain unauthorized access to • an individual’s or an organization’s computer system • a password-protected Web site Cyber Vandalism using cyber technology to unleash one or more programs that • disrupt the transmission of electronic information across one or more computer networks, including the Internet • destroy data resident in a computer or damage a computer system’s resources, or both 18
  • 19. Example Cases  Activities involving the unauthorized exchange of copyrighted music on the Internet via Napster and subsequent P2P-relatedfile-sharing sites are examples of………….  The launching of the Conficker virus is an instance of ………..  The DDoS attacks on government and commercial Web sites illustrate an example of…………… , because they involved the breaking into, as well as the unauthorized use of, third- party computer systems to send spurious requests to commercial Web sites (as opposed to the kind of “genuine” requests sent by users who wish to access those sites for legitimate purposes). Since DDoS attacks also cause serious disruption of services for the targeted Websites, they can also be classified as …………………….. cyber piracy (Category 1); cyber vandalism(Category 3); cyber vandalism (Category3); cyber trespass (Category 2) 19
  • 20. Cyber-related Crimes  Crimes involving stalking, and pornography can each be carried out with or without computers and cyber technology;  There is nothing about them that is unique to cyber technology, so crimes such as, cyber stalking, and Internet pornography would not qualify as genuine cybercrimes. 20
  • 21. Cyber-Exacerbated vs. Cyber-Assisted Crimes  This distinction enables us to differentiate between a crime in which someone merely uses cyber technology from crimes, which are significantly affected by computers and cyber technology.  Due to the technology, these types of crime rates are going higher. Specifically in Cyber Exacerbated Crimes. 21
  • 22. 22
  • 23. Identity Theft  Cyber Exacerbated Crime in which an imposter obtains key pieces of personal information in order to impersonate someone else.  The information can be used to obtain credit, merchandise, and services in the name of the victim, or to provide the thief with false credentials.  In the past, identity thieves have combed through dumpsters (and some still do) looking for copies of bank statements and for papers containing account information on credit card bills that people dispose of in their trash. (This behavior is sometimes referred to as “dumpster diving.”) 23
  • 24. Identity Theft  Factors such as lax security and carelessness involving customer information contained in computer databases made it easy for some identity thieves to acquire personal information about their victims.  Information brokering has become a lucrative business. Make connect professional criminals and employees in organizations that have access to sensitive information about people’s financial records. 24
  • 25. Identity Theft From Emails  A scheme involving e-mail that appears to have been sent by a reputable business.  For example, you may receive e-mail that looks as if it were sent by eBay, Amazon, or PayPal.  Often these e-mail messages include the official logos of the companies they purport to represent and might look legitimate; the message informs you that your account is about to expire and that you need to update it by verifying your credit card number as well as other kinds of personal information. 25
  • 26. 26
  • 27. Avoid Identity Theft from Emails  How can a potential victim differentiate legitimate e-mail sent from businesses such as eBay or PayPal from that sent by identity thieves?  Typically, e-mail from identity thieves will not address the potential victim by name; so this can be an indication that the e-mail is not from a legitimate source.  Users wishing to verify the authenticity of the e-mail can contact the company by phone, or through the company’s legitimate e-mail address, if they are in doubt. 27
  • 28. Phishing and Identity Theft  Many e-mail messages sent from identity thieves are generated through spam.  Using spam to gather personal information is sometimes referred to as phishing or “automated identity theft”.  An automated version of phishing, sometimes called “pharming,” automatically “redirects the victim to the offending site”.  Activities involving pharming and phishing, along with conventional e-mail spam, increase the amount of identity theft that can be accomplished over the Internet. 28
  • 29. Combat Cyber Crime - Tools  Packet Sniffing  Track criminals and their activities.  A packet sniffer or “sniffer” is a program that Monitors the data traveling between networked computers;  However, these kinds of software programs have also been used by malicious hackers to capture user IDs and passwords. 29
  • 30. Combat Cyber Crime - Tools  Keystroke Monitoring  To track the activities of criminals who use cyber technology.  A specialized form of audit-trail software that records every key struck by a user and every character of the response that the system returns to the user.  It is especially useful in tracking the activities of criminals who use encryption tools to encode their messages. 30
  • 31. Combat Cyber Crime - Techniques  Sting Operations and Entrapment  To catch members of organized crime involved in drug dealing, gambling, pornography, and so forth.  Would such kind of techniques are ethically justifiable?  Can save many innocent lives and can significantly lessen the harm that might otherwise occur to some individuals. 31
  • 32. Surveillance  On Telephones  Pen Registers : When a suspect makes a phone call, displays the number being dialed  Trap-and-Trace Devices : when the suspect receives a phone call, displays the caller’s phone number.  A pen register used on the Internet can reveal the URLs of Web sites visited by a suspect.  http://vesess.com/warrantless-wiretapping-sri-lanka/ 32
  • 33. Surveillance is Ethical?  Critics argue that this increased domestic surveillance will erode basic civil liberties.  Could be abused by those in power, under the convenient excuse of crime prevention and national defense, to achieve certain political ends.  http://www.cpalanka.org/freedom-of-expression-on-the- internet-in-sri-lanka/  http://www.cpalanka.org/the-internet-as-a-medium-for- free-expression-a-sri-lankan-legal-perspective/ 33
  • 34. Biometrics  Biometric technologies have also been used by law enforcement agencies to combat crime and terrorism.  the biological identification of a person, which includes eyes, voice, hand prints, finger prints, retina patterns, and hand-written signatures.  Through biometric technologies, one’s iris can be read in the same way that one’s voice can be printed.  The digital representation of these biometric data is usually transformed via some algorithm to produce a template, which is stored in a central computer database. 34
  • 35. Biometrics  As biometric technologies used for authenticating an individual’s identity, as passports.  While biometric devices are a highly accurate means for validating an individual’s identity, they are also controversial.  Biometric identification tool using face-recognition technology can scan the faces of people entering a public place. The scanned images can then instantly matched against the facial templates of suspected criminals and terrorists, which were contained in a central computer database. 35
  • 36. Biometrics - Issues  Some supports this, even it violates civil liberties.  Point to at least three problems: error, abuse, and privacy.  Errors occur in matches resulting, will make innocents the guilty.  Purposes for which biometric technologies are originally authorized can expand significantly and can lead to possible abuses.  Loss of privacy and civil liberties for individuals.  Those who favor using biometric technology argue that it provides increased security, even if using this technology undercuts some civil liberties for ordinary citizens. 36
  • 37. Global Reach  Laws are typically limited in jurisdiction to nations where they are enacted. Traditionally, crimes are prosecuted in the legal jurisdictions in which they were committed.  In certain cases, suspected criminals have been extradited from one legal jurisdiction to another (and sometimes from one country to another) to stand trial for an accused crime.  As cyberspace has no physical boundaries, it can be difficult to prosecute cybercrimes involving multiple nations, as well as multiple states within nations.  So, it is a question whether the concept of legal jurisdiction makes any sense in cyberspace. 37
  • 38. Enforcing Cybercrime Laws Globally  Criminal enforcement has been hampered by the lack of international legal agreements and treaties on cyber crime.  E.g.: ILOVEYOU virus in 2001 - Originated in Philippines but effect was global.  Budapest Convention  https://en.wikipedia.org/wiki/Convention_on_Cybercrime  http://www.coe.int/en/web/cybercrime/home 38
  • 39. Software Contracts - Case Study  MegaTech Corporation, a major computer company in the United States, has developed and released a new software product that has been distributed globally.  However, this product has a serious defect that causes computer systems using it to crash under certain conditions. These system crashes, in turn, result in both severe disruption and damage to system resources.  MindWaves, a company headquartered in eastern Asia that purchased this product from MegaTech, has experienced multiple system crashes since installing it, which has also resulted in a severe loss of revenue for that company.  What legal recourse does/should MindWaves have in its complaint against MegaTech Corp., given that its complaint involves companies in two sovereign nations? 39
  • 40. Software Contracts - Case Study  Disclaimers and caveats issued by manufacturers to protect themselves against litigation.  Applicable Jurisdiction clause for tailor made software contract agreements. 40
  • 41. Cybercrime and Free Press  A relatively recent challenge for law enforcement in cyberspace, especially at the international level, has emerged in response to controversial “journalistic” practices involving some new online media outlets and organizations.  Should they be viewed as journalistic activities that are protected by a free press?  E.g.: WikiLeaks controversy 41

Hinweis der Redaktion

  1. most computer crimes involve either fraud or abuse, or both, distinguishes between the two notions in the following way: He identifies computer fraud as computer-related crimes involving “deliberate misrepresentation or alteration of data in order to get something of value”;he defines computer abuse, on the contrary, as “willful or negligent unauthorized activity that affects the availability, confidentiality, or integrity of computer resources.”Power notes that these abuses can include “embezzlement, theft, malicious damage, unauthorized use, denial of service, and misappropriation.”
  2. Can we construct a profile for a typical cybercriminal? Some people associate cyber criminals with “hackers,” “malicious hackers.” Many people think of the typical computer hacker as the very bright, technically sophisticated and Young. Is such a portrayal accurate? A problem solver rather than as a criminal.” we should carefully distinguish hackers who commit crimes. People who are primarily nonprofessional or amateur criminals, and “professional criminals.”
  3. Although many malicious hackers are considered amateur criminals, some possess an expertise with computers comparable to that of the best technical experts in computer science.
  4. computer criminals are often referred to in the media as hackers, and that, as a result, “hacker” now has a negative connotation. “Hacker” meant anyone who “programmed enthusiastically” and who believed that “information sharing is a powerful positive good.” Hacker as “an expert or enthusiast of any kind.”Note that, according to this definition, a hacker need not be a computer enthusiast; for example, someone could be an astronomy hacker. In fact, a hacker, in the generic sense of the term, might have no interest in computers or Cyber technology at all.
  5. However, distinctions between hacking and cracking, and between white-hat and black-hat hackers, are generally not recognized and observed in the world beyond the computer community. So themedia often refers to crackers, or“black hat hackers,” simply as hackers. This, in turn, has perpetuated the negative image of hackers and hacking in society at large.
  6. In some cases, counter hacking has been preemptive; in other cases, it has been reactive.
  7. It is difficult to provide a moral justification for counter hacking; and from a legal perspective, it is not clear whether “hacking back” can be viewed in a way that is not criminal. For example, if hacking is illegal, then it would seem that hacking back would be no less illegal. However, until a case of counter hacking—especially one that involves a pre-emptive attack in the form of a DDoS—is officially tried in court, it is difficult to say how our legal system will respond.
  8. Clearly, (a)–(c) are criminal acts, but should any of these acts necessarily be viewed as a computer crime or cybercrime? One could point out that it would not have been possible to commit any of them if computer technology had never existed, and this might initially influence some to believe that the three criminal acts are somehow unique to computer technology. Even though each act involves the presence of computer technoogy, each of them can easily be understood and prosecuted as a specific example of ordinary crime involving theft, breaking and entering, and vandalism, respectively. So we might infer that there are no legitimate grounds for having a separate category of computer crime. Can we justify such an inference?
  9. Some cybercrimes will span more than one category.
  10. Disclaimers : a statement that denies something, especially responsibility. Caveats : a warning or proviso of specific stipulations, conditions, or limitations.