Computer Waste: inappropriate use of computer technology and resources

• Computer related mistakes: errors, failures, and other computer problems that make computer output incorrect or not useful

Causes of computer waste: Improper management of information systems and resources

• Discarding of old software/computer systems when they still have value

• Building and maintaining complex systems that are not used to their fullest extent

• Using corporate time/technology for personal use

• Spam

Preventing computer release waste and mistakes:

• Establishing policies and procedures (for proper waste disposal)

• Implementing policies and procedures

• Monitoring policies and procedures

• Reviewing policies and procedures

Computer Crime: often defies detection, is the theft of intellectual property. Criminals require two tools to be able to commit computer crimes:

1. Knowing how to access computer systems

2. Manipulating the system to produce desired result

Examples:

• Social engineering

• Dumpster diving

• Counterfeit and banking fraud using legitimate desktop publishing programs

Cyberterrorist: someone who intimated or coerces a government or organisation to advance their political or social objectives by launching computer based attacks against computers or networks

• The goal is to gather all information stored in them

Identity Theft: imposter obtains key pieces of personal identification information to impersonate someone else

Illegal access and use of information:

• Hacker: learns about and uses computer systems

• Criminal hacker (cracker): gains unauthorised use or illegal access to computer systems

• Script bunnies: automate the job of crackers

• Insider: employee who compromises corporate systems

• Malware: software programs that destroy or damage processing

• Virus: computer program file capable of attaching to disks or other files and replicating itself repeatedly

  • without the owner’s permission

Worm: parasitic computer program that can create copies of itself on infected computer or send copies to other computers via a network

• Trojan horse: malicious program that disguises itself as a useful application and purposefully does something the user does not expect

• Logic bomb: type of trojan horse that executes when specific conditions occur

• Triggers for logic bombs include a change in a file by a particular series of keystrokes or at a specific time or date

Avoiding viruses and worms:

• Installing antivirus software on your device

• Update antivirus software regularly

• Backup files regularly

• Do not open suspicious files or links

Antivirus program: software that runs in the background to protect your computer from dangers lurking on the internet and other possible sources of infected files

• Tips:

  • Run and update antivirus software

  • Scan all CD’s before using them

  • Only install softwares from well-known websites

  • Take immediate action if a virus is detected

Software Piracy: act of illegally duplicating software

Internet software piracy: illegally downloading software from the internet

• Most rapidly expanding type of software piracy

• Most difficult to combat

• Can be served penalties

• Examples: pirate Websites, auction sites that offer counterfeit software, peer-to-peer networks

Phishing: gaining access to personal information by redirecting user to fake site

Crime prevention by corporations:

• Public key infrastructure (PKI): enables users of an unsecured public network such as the internet to securely and privately exchange data

• Uses public and private cryptographic key pair that is obtained and shared through a trusted authority

• Biometrics: measurement of one of a person's traits, whether physical or behavioural

Using intrusion detection software:

• Intrusion detection system (IDS): software that monitors system and network resources and notifies network security personnel when it senses a possible intrusion

  • Intrusion activities: failed login attempts, suspicious behaviour

  • Can provide false alarms

  • Email or voice message alerts may be missed

• Managed security service provider (MSSP): organisational that monitors, managers, and maintains network security for both hardware and software

  • Sifts through alarms and alerts from all monitoring systems

  • May provide scanning, blocking, and filtering capabilities

Platform for privacy preferences (P3P): Screening technology that shields users from websites that do not provide the level of privacy protection they desire

Ergonomics: science of designing machines, products, and systems to maximise the safety, comfort, and efficiency of the people who use them

Code of ethics: states the principles and core values that are essential to a set of people and thus governs their behaviour