計(jì)算機(jī)犯罪與職業(yè)道德課件_第1頁(yè)
計(jì)算機(jī)犯罪與職業(yè)道德課件_第2頁(yè)
計(jì)算機(jī)犯罪與職業(yè)道德課件_第3頁(yè)
計(jì)算機(jī)犯罪與職業(yè)道德課件_第4頁(yè)
計(jì)算機(jī)犯罪與職業(yè)道德課件_第5頁(yè)
已閱讀5頁(yè),還剩37頁(yè)未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說(shuō)明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

計(jì)算機(jī)犯罪與職業(yè)道德ComputerCrimeIntroductionHackingOnlineScamsFraud,Embezzlement,Sabotage,InformationTheft,andForgeryCrimeFightingVersusPrivacyandCivilLibertiesIntroductionComputersAreToolsComputersassistusinourwork,expandourthinking,andprovideentertainment.ComputersAreUsedtoCommitCrimesPreventing,detecting,andprosecutingcomputercrimeisachallenge.HackingThePhasesofHackingPhaseOne:Theearlyyears1960sand1970s.Originally,hackerreferredtoacreativeprogrammerwroteclevercode.Thefirstoperatingsystemsandcomputergameswerewrittenbyhackers.Thetermhackingwasapositiveterm.Hackerswereusuallyhigh-schoolandcollegestudents.Q:Describeamodern-dayversionof“clever”hacks.HackingThePhasesofHacking(cont’d)PhaseTwo:Hackingtakesonamorenegativemeaning.1970sthrough1990s.Authorsandthemediausedthetermhackertodescribesomeonewhousedcomputers,withoutauthorization,sometimestocommitcrimes.Earlycomputercrimeswerelaunchedagainstbusinessandgovernmentcomputers.Adultcriminalsbeganusingcomputerstocommittheircrimes.Q:DistinguishbetweenthehackingdonebyKevinMitnickandRobertJ.Morris.HackingThePhasesofHackingPhaseThree:TheWebEraBeginninginthemid-1990s.TheincreaseduseoftheInternetforschool,work,businesstransactions,andrecreationmakesitattractivetocriminalswithbasiccomputerskills.Crimesincludethereleaseofmaliciouscode(virusesandworms).Unprotectedcomputerscanbeused,unsuspectingly,toaccomplishnetworkdisruptionorcommitfraud.Q:Whyaredenial-of-serviceattacksdifficulttoprevent?HackingHactivism…istheuseofhackingexpertisetopromoteapoliticalcause.Thiskindofhackingcanrangefrommildtodestructiveactivities.Someconsiderhactivismasmodern-agecivildisobedience.Othersbelievehactivismdeniesotherstheirfreedomofspeechandviolatespropertyrights.Q:Arguethecasethathactivismisethical.HackingTheLawComputerFraudandAbuseAct(CFAA,1986)Itisacrimetoaccess,alter,damage,ordestroyinformationonacomputerwithoutauthorization.Computersprotectedunderthislawinclude:governmentcomputers,financialsystems,medicalsystems,interstatecommerce,andanycomputerontheInternet.Q:Isyourpersonalcomputerprotectedunderthislaw?HackingTheLaw(cont’d)USAPatriotAct(USAPA,2001)AmendstheCFAA.Allowsforrecoveryoflossesduetorespondingtoahackerattack,assessingdamages,andrestoringsystems.Higherpenaltiescanbeleviedagainstanyonehackingintocomputersbelongingtocriminaljusticesystemorthemilitary.Thegovernmentcanmonitoronlineactivitywithoutacourtorder.Q:Areanti-hackinglawsadequate?HackingCatchingHackers…requireslawenforcementtorecognizeandrespondtomyriadhackingattacks.Computerforensicstoolsmayinclude:Undercoveragents,Honeypots(stingoperationsincyberspace),Archivesofonlinemessageboards,Toolsforrecoveringdeletedorcodedinformation.Computerforensicsagenciesandservicesinclude:siteandtelephonelogs,etc..Q:Whatcomputerforensicstoolsoragencieshavebeeninthenewslately?HackingQuestionsAboutPenaltiesIntentShouldhackerswhodidnotintendtododamageorharmbepunisheddifferentlythanthosewithcriminalintentions?AgeShouldunderagehackersreceiveadifferentpenaltythanadulthackers?DamageDoneShouldthepenaltycorrespondtotheactualdamagedoneorthepotentialfordamage?HackingSecuritySecurityweaknessescanbefoundinthecomputersystemsusedby:businesses,government(classifiedandunclassified),andpersonalcomputers.Causesofsecurityweakness:characteristicsoftheInternetandWeb,humannature,inherentcomplexityofcomputersystems.Q:Howsecureisyourcomputerathome?Atwork?HackingSecuritycanbeimprovedby:Ongoingeducationandtrainingtorecognizetherisks.Bettersystemdesign.Useofsecuritytoolsandsystems.Challenging“others”tofindflawsinsystems.Writingandenforcinglawsthatdon’tstymieresearchandadvancement.Q:Doesweaksecurityjustifyintrusion?OnlineScamsAuctionsSellingandbuyinggoodsonlinehasbecomepopular.Problems:sellersdon’tsendthegoods,sellerssendinferiorgoods,priceisdrivenupbyshillbidding,andillegalgoodssold.Solutions:educatecustomers,Fraud,Embezzlement,Sabotage,IdentityTheft,andForgerySomeCausesofFraudCredit-CardStolenreceipts,mailednotices,andcards.Interceptionofonlinetransactionorweake-commercesecurity.Carelesshandlingbycard-owner.ATMStolenaccountnumbersandPINs.Insiderknowledge.AcounterfeitATM.TelecommunicationsStolenlong-distancePINs.Clonedphones.Q:Whatisthelegaldefinitionoffraud?Embezzlement?Sabotage?Theft?Fraud,Embezzlement,Sabotage,IdentityTheft,andForgerySomeDefensesAgainstFraudCredit-CardInstantcredit-cardcheck.Analysisofbuyingpatterns.Analysisofcreditcardapplications(todetectidentitytheft).VerifyuserwithCallerID.ATMRedesignedATMs.Limitedwithdrawal.Telecommunicationsmatchphone“signature”withserialnumber.identifyphonewithoutbroadcastingserialnumber.Q:Identifyabusiness’defenseagainstfraudthatyouhavewitnessed.Fraud,Embezzlement,Sabotage,IdentityTheft,andForgeryForgerySomeCausesPowerfulcomputersanddigitalmanipulationsoftware.High-qualityprinters,copiers,andscanners.SomeDefensesEducateconsumersandemployees.Useanti-counterfeitingtechniquesduringproduction.Usecounterfeitdetectionmethods.Createlegalandproceduralincentivestoimprovesecurity.Q:Howwouldyoueducateyourpeersabouttherisksofdigitalforgery?Aparent?Achild?CrimeFightingvs

PrivacyandCivilLibertiesScamsCrimeFightingAutomatedsurveillancesoftwaretolookforsuspiciousWebactivity.PrivacyandCivilLibertiesNosearchwarrantnorproofofprobablecause.BiometricsCrimeFightingExactmatchofbiologicalcharacteristicstoauniqueperson.PrivacyandCivilLibertiesEasytobuildcompletedossieronpeople.Q:Howmuchofyourprivacyandcivillibertiesareyouwillingtogiveupinordertoallowlawenforcementtobetterfightcomputercrime?CrimeFightingvs

PrivacyandCivilLibertiesSearchandSeizureofComputersCrimeFightingObtainevidenceofacrime.PrivacyandCivilLibertiesDay-to-daybusinessceases;non-criminalcontactwithothersends.TheCybercrimeTreatyCrimeFightingU.S.andEuropeangovernmentsagreetocooperatewithinvestigations.PrivacyandCivilLibertiesPotentialforgovernmentspyingisgreat.Q:MighttherebeincriminatingdatastoredaboutyouinthelogsofyourISP?Currentsituation

ofcybercrimeinChina

ThedevelopmentofInternetAcowwaslostinJan14th2003.Ifyouknowwhereitis,pleasecontactwithme.MyQQnumberis87881405.

QQisoneofthemostpopularIMinChina.NumberofcasesAgeoftheoffendersComputerCrimeVsComputerfacilitatedcrimeMajorcategoriesof

cyberfacilitatedcrimeHackingcase:HOW?

MajorcategoriesofintrusiontechnologyusedbyhackersinthecasesweinvestigatedHackingcase:HOW?ThefollowingintrusionmethodsincreasedrapidlyinrecentyearandbecameoneofthemajorintrusiontechnologyLarge-scaleintrusionbyexploitingvulnerabilityofclientsoftwareLarge-scaleintrusionbydecoyinguserstoinstallmaliciouscodethroughP2P,IM,EmailnetworkCaseexampleAvirusonQQ(amostpopularIM)werecreatedtospreadmalwareinordertocreatanIRCbotnet:60,000hostswereinfected.“Pleasevisit”WHowdidthecriminal(“hackers”)occupythevictimhosts?Thosewhodon’tknowalotabouttechnologymakeprofitbydamagethenetworksecuritydirectly.Thosewhoknowtechnologymakeprofitbysellingtechnology.“Hacking”withoutknowledgeoftechnology

Caseexample:NetbankaccountsstealingCaseoutline:InAugust,amaliciouscodewerewidelydistributedandmorethan300Netbankaccountswerestolen.Thesuspectintrudedintoawebsiteandputmaliciouscodeonthemainwebpage.Whenusersbrowsingthewebsite,themaliciouscodewillbeinstalledautomaticallyontotheuser’shosts.ThemaliciouscodewillstealallkindofNetbankaccountsandpostontoanotherwebsitehackedbythesuspect.However:Thesuspectknownothingabouthackingtechnology.Thesuspectboughtthemaliciouscodeandvictimwebsitestotallyfromotherhackers.Thesuspectonlyworkingstepbystepaccordingtothemanualprovidedbyotherhackers.Hackingcases:WHY?Hackingcases:WHERE?

HowdidtheyconnectedtoInternet?Mobile/Wirelesscrimeincreasedatthesametime.Hackingcases:TARGET?Personalcomputersbecomethemajorpartofvictimincomputercrimeinrecentyear.“Preference”ofhackersSmalldamageLessprofit.(Newbie)SeveredamageLessprofit.(Exploitbuyer)SmallDamageMoreProfit(Experiencedhacker)SeveredamageMoreprofit.(Almostnone)DamagetoInternetSecurityProfitWhydidtheybecomecriminal?Theythink:It’snotacrime,it’sjustagame.AlotofpeopledoitonInternet,soIcandoit.Iknowit’sacrime,butIneedmoney.Icanhidemyselfverywell.Noonewillinvestigateit.WhatwelearnfromthesedataComputercrimeandtraditionalcrimeareinterminglewitheachother.XSSvulnerabilitywithphishingDDOS/IRCbotnetwithextortion…Currentprotectiontechnologyhavenotsuccessfullyprotectagainstfollowingattackyet.SqlinjectionXSSDistributemalwareoverP2P/IMnetworkSocialengineering…WhatwelearnfromthesedataThosewhodon’tknowalotoftechnologycausemostofthedamagetoInternetdirectly.Theirmajoraimistomakeprofitbystealingidentity,Netbankaccount,onlinestockaccount,onlinegameaccountetc.Mostofthemdon’trealizedthatthereactivitycauseseveredamagetoInternetsecurity.WhatwelearnfromthesedataExploit/Maliciouscodesellerisoneofthemostbigthreattocybersecurity.Investigationofexploitandmaliciouscodeshouldbeemphasizedbycyberpolice.Personalcomputerisbecomingthemajortargetofcomputercrime.Antivirussoftwarewillplayamoreimportantroleincyberprotection.Howcananti-virusindustryhelpcyberpolice?Reporttopoliceauthoritybeforepublishingthedetailinformationaboutthemalcode/virusWehaveinvestigatethesourceofseveralvirusthisyear.However,thedetailinformationabouttheviruswerepublishedandthesuspectneveraccesstherelatednetworkresourceanymore.Ifyoureportingtousbeforehand,thesourceofmostidentitystealingma

溫馨提示

  • 1. 本站所有資源如無(wú)特殊說(shuō)明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁(yè)內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫(kù)網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論