1. By: Reshma M R
Mannam Foundation Centre for
Education Technology
Social Science
Reg No: 16915373009
2. Short for “malicious software.”
Designed to infiltrate a system
without owner’s consent.
General term that defines a variety of
hostile, intrusive, or annoying
program code.
Creator’s perceived intent
defines software as malware.
3. A 2008 report released by Symantec suggested:
Releases of malicious code may be exceeding rates of
legitimate software applications.
Primarily released through the Internet.
Email
Web sites
Shaoxing, China was named the malware
capital of the world by Symantec in 2010.
4. Early malware, including worms & viruses
were written as pranks.
Today, most malware possesses intent to
destroy systems including:
Files
Web pages
Estimated that about 1 in 10 web pages contain
malicious code.
5. Many others create “zombie computers” that
aid in advertising for profit motive.
Tells infected computers to send spam email.
Spyware is a form of malware.
It monitor’s web browsing & displays unsolicited
advertisements.
Do not spread like viruses.
Simply exploit security holes
7. The basis for cybercrime laws is large in scope.
As endless as non-cyber crime laws.
U.S. laws continually get passed at the state &
Federal levels of government.
Protect users of the web.
Civil and criminal means of prosecution
Example:
http://www.informationweek.com/news/security/
cybercrime/showArticle.jhtml?articleID=210602182
8. US cybercrime laws are catching up.
Some that help to combat malware are not as archaic.
However, there are still hurdles when the courts are
out touch with reality.
Example: Virginia anti-spam law struck down by the
state’s Supreme Court
oSaid it violated 1st
Amendment right to freedom of speech.
ohttp://www.cybercrimelaw.org/2008/09/12/virginia-
supreme-court-strikes-down-states-anti-spam-law/
9. Technology is constantly changing.
Creates concern that at any given time, cybercrime
legislation falls out of date.
Large amounts of malware originate in foreign
countries.
Extradition laws not always up-to-date.
New treaties help to combat problems.
http://www.arnnet.com.au/article/345145/efa_cyberc
rime_treaty_will_trigger_tougher_laws/
10. Google said malicious
software has been used to spy
on Vietnamese computers
The malware targeted tens of
thousands of people.
The malware has been used
to attack blogs containing
messages of political dissent.
11. Security Issues
The prevalence of broadband internet has allowed for a
wave of malware solely intended to reap benefits.
Downloading programs & sharing software has
created opportunities for malware
12. Use of a standard password for access control
can create vulnerabilities
A large percentage of users do not change their
passwords from that established by the manufacturer
causing the passwords to be easily obtainable
Public access points, such as airports & coffee
shops, offer little or no security.
13. Penalties are depend on the level of severity of the
attack.
In some cases, credit & debit card data is stolen; this
level of mayhem constitutes malware fraud felony, which
can lead the perpetrators to serve numerous years in
prison as well as pay enormous fines.
If a site has links to malware sites, then the link is
removed from their name in the SERPs (search engine
results pages).
This feature is designed so that the site owners become
aware of the malware issue.
14. Google Penalty Types
There are various penalty types that have been found
as follows;
I. The “Minus Thirty” Penalty
II. The “950 Penalty”
III. The Position 6 Penalty
A Google penalty is a punishment Google gives to sites
they feel do not meet certain quality standards.
This can spell disaster for companies who run their
business through their web sites.
15. Very difficult to identify the criminals who spy on
Vietnamese’s websites as the other side are Chinese
government.
Using Malware for damaging
purposes:
To attack blogs containing messages of
political dissent. (Invasion of Privacy)
Vietnam is lack of laws & investigators with the requisite
experience or even the equipment to collect evidence to
fight cyber crime which include malware through google.
16. Compromising Confidentiality: 18 U.S.C. § 1030(a)(2)
(c)
Intentionally access a computer
without or in excess of authorization
Penalties:
Violations of section 1030(a)(2) are misdemeanors punishable by a fine
or a one-year prison term, unless aggravating factors apply.
A violation or attempted violation of section 1030(a)(2) is a felony if:
committed for commercial advantage or private financial gain,
committed in furtherance of any criminal or tortuous act in violation of the
Constitution or laws of the United States or of any State, or
the value of the information obtained exceeds $5,000.
17. Historical Data: Computer crime cost Vietnam US$1.76 billion
in 2008
Vietnam should have security systems& computer crime
laws as fast as possible by using the U.S. laws as a
benchmarking.
With penalties, cyber crime might be reduce.
Source:http://www.straitstimes.com/Breaking%2BNews/SE%2BAsia/Story/STIStory_354440.html
18. Must be aware at all times of potential attacks.
Must make employees aware of the dangers of
malware.
Must take preventive measures against
malware attacks.
Must be aware of the legal & reporting
measures to stop the spread of malware.