Premium Essay

Theories of Computer Security

In:

Submitted By deity
Words 1209
Pages 5
The Internet growing technologies have created vast opportunities for business growth and likewise increased the exposures of businesses and organizations’ information assets; consequently jeopardizing the key elements of information and systems security—confidentiality, integrity and availability (Kim, Ullrich & Wang, 2012). Online criminality has over the years become a prosperous economic industry especially in the emerging markets; the perpetrators, largely motivated by financial or military interests (Kim et al., 2012; Tuluc, 2012). Kim et al., (2012) observed that there has been a tremendous rise in the threats of malicious attacks globally—a appreciable increase of 71% between 2008 and 2009 was noted.
A specie and very popular scam is Phishing and Identity Theft (IDT). This type of online crime is a fraudulent scheme whereby attackers invade the victims’ privacy and obtain their personally identifying information (PII) such as credit card numbers, CVV numbers, credit card reports, social security numbers, drivers license numbers (usually used in gaining short-term driving jobs), telephone calling cards, ATM card details, Mortgage details, date of birth details, passwords, PIN numbers, etc. (Hedayati, 2012). These details are used by online criminals to perpetrate larceny against their victims who may have compromised their PIIs through social engineering—a preliminary attack technique used by the attackers to trick victims into compromising such details to the criminals (Hedayati, 2012). Over the past decade, a well over 500 million of PIIs belonging to the United States residents kept and stored in various corporate or government and other institutional databases have been found to be stolen or lost to these criminals through privacy breaches (Douglas, 2013). According to Gartner Group, losses associated with phishing and ID theft suffered by US banks

Similar Documents

Premium Essay

Cyber Crime

...Activity Theory Katherine M. Grzybowski Arizona State University 1 March 2012 Cybercrime 1 TABLE OF CONTENTS 1. ABSTRACT .....................................................................................................3 2. INTRODUCTION...........................................................................................4 3. A REVIEW OF CYBERCRIME ...................................................................6 3.1 Cybercrime Legislation ............................................................................7 3.1.1 Federal Laws .................................................................................7 3.1.2 State Laws ......................................................................................9 3.2 Cybercrime Law Enforcement Agencies ................................................11 3.3 Classifying Cybercrime ............................................................................16 3.4 National Levels of Cybercrime ................................................................19 3.4.1 Business Cyber Victimization ......................................................20 3.4.2 Individual Cyber Victimization ...................................................22 4. A REVIEW OF THEORIES..........................................................................26 4.1 Self-control Theory ...................................................................................27 4.2 Routine Activity Theory ......

Words: 13816 - Pages: 56

Premium Essay

This Paper Provides an Overview of the Growing Cybercrime Problem and Reviews Two Criminological Theories That Have Been Applied to the Study of Cybercrime and Cybercrime Victimization. Legislation Which Defines

...and Routine Activity Theory Katherine M. Grzybowski Arizona State University 1 March 2012 Cybercrime 1 TABLE OF CONTENTS 1. ABSTRACT .....................................................................................................3 2. INTRODUCTION...........................................................................................4 3. A REVIEW OF CYBERCRIME ...................................................................6 3.1 Cybercrime Legislation ............................................................................7 3.1.1 3.1.2 Federal Laws .................................................................................7 State Laws ......................................................................................9 3.2 Cybercrime Law Enforcement Agencies ................................................11 3.3 Classifying Cybercrime ............................................................................16 3.4 National Levels of Cybercrime ................................................................19 3.4.1 3.4.2 Business Cyber Victimization ......................................................20 Individual Cyber Victimization ...................................................22 4. A REVIEW OF THEORIES..........................................................................26 4.1 Self-control Theory ...................................................................................27 4.2 Routine Activity Theory ......................

Words: 13816 - Pages: 56

Premium Essay

Twrm Paper

...INFORMATION TECHNOLOGY AND CRIME: AN ANALYSIS 1.Introduction In the era of technology all activities are being conducted with the help of technology in all over the world. Now it is considered that ‘information is power’ and so the widely used term ‘information’ is combined with ‘technology’ that encompasses the term ‘information technology’. Information technology generally means processing and distribution of data using computer hardware and software, telecommunications and digital electronics. So the common medium of information technology is computer, internet, and mostly used cellular phone. This system helps us take the optimum benefit from this ‘Global Ocean of knowledge’ that much our every day needs. The strength of internet in which everybody’s knowledge is open for use by everybody within a global village for better living standards. On the other hand crime is a social and economic phenomenon and is as old as the human society has become a legal concept and has the sanction of the law. So in combination the term of information technology and crime if positive relation then makes a definition that information technological crime is those facts which is made by digital way getting economical and social benefit illegally and legally prohibited by law, on the other hand if opposite relation then make definition is a method if reducing crime by digital way in the digital era. From the view of positive technology stimulates not only a free trade and economic...

Words: 5282 - Pages: 22

Free Essay

Stuxnet

...Over the past couple of decades, the increasing dependence on information technologies has led to a relatively new form of security threat – cyber-attacks. Numerous advantages of the attackers in cyber space and a lack of attribution and awareness has resulted in an increasing number of aggressive operations in the digital realm. Contrary to the beliefs of many, cyber security is not exclusively a technical issue but also a matter of politics and economics. We can observe an increasing number cyber warfare policies in the international realm, which increases the pressure to establish rules of governance in cyber space. The following essay will be concerned with the Stuxnet worm and its role in Operation Olympic Games, which targeted the Iranian nuclear power plant Natanz. The analyses will provide an overview of the attack, including technical comprehension of the attack, and also looks at the attack in term of its political consequences. The first section will discuss the origins of the attack, building on Ralph Langner’s article published in ‘IEEE Software’. Even though numerous cyber offences took place before, it will explain what made Stuxnet stand out. The second part of the essay analyses the political perspective of the attack and two competing theories explaining the presence of malware in the nuclear facilities. The following section analyses the role of cyber warfare as viable military strategy. It will be argued that cyber offences appear to be more applicable...

Words: 2431 - Pages: 10

Free Essay

Paul

...COMPUTER CRIMES A Case Study submitted in partial fulfilment of the requirements for the completion of the course in CIS401M: IT ETHICS AND LEADERSHIP Term 3, Academic Year 2014-2015 by LORETO V. SIBAYAN PAUL MATTHEW G. AVILA Master of Science in Information Technology College of Computer Studies April 2014 TABLE OF CONTENTS ABSTRACT 5 CHAPTER 1 1.0 INTRODUCTION 6 CHAPTER 2 2.0 OVERVIEW OF LITERATURE 8 2.1 CYBERCRIME 9 2.2 THEORIES OF CRIME 2.2.1 CRIMINOLOGICAL THEORIES 10 2.2.2 PSYCHOLOGICAL THEORIES 12 2.3 TYPES OF CRIME 14 2.3 CAUSES CYBERCRIME 19 2.4 CYBERCRIME PREVENTION 22 CHAPTER 3 3.0 ANALYSIS CYBERCRIME CASES 26 SUMMARY OF CYBERCRIME CASES 38 CONCLUSION AND RECOMMENDATION 43 REFERENCES 44 ABSTRACT The 21st century has brought about certain influences in the lives of everyone including the way we do business transactions, the way we gain education and the way we communicate; these influences are mostly revolutionized through the use of modern day technology and though these technologies have been proven to be beneficial to the entire society, it also carries with it aspects that can be worrying for everyone. Certain professionals in the said field use their expertise to illegally develop ways on how to take advantage of others with of course the use of technology hence cybercrime...

Words: 7997 - Pages: 32

Premium Essay

Formulating Information Systems Risk Management Strategies Through Cultural Theory

...The current issue and full text archive of this journal is available at www.emeraldinsight.com/0968-5227.htm IMCS 14,3 Formulating information systems risk management strategies through cultural theory Aggeliki Tsohou, Maria Karyda and Spyros Kokolakis Department of Information and Communication Systems Engineering, University of the Aegean, Samos, Greece 198 Evangelos Kiountouzis Department of Informatics, Athens University of Economics and Business, Athens, Greece Abstract Purpose – The purpose of this paper is to examine the potential of cultural theory as a tool for identifying patterns in the stakeholders’ perception of risk and its effect on information system (IS) risk management. Design/methodology/approach – Risk management involves a number of human activities which are based on the way the various stakeholders perceive risk associated with IS assets. Cultural theory claims that risk perception within social groups and structures is predictable according to group and individual worldviews; therefore this paper examines the implications of cultural theory on IS risk management as a means for security experts to manage stakeholders perceptions. Findings – A basic theoretical element of cultural theory is the grid/group typology, where four cultural groups with differentiating worldviews are identified. This paper presents how these worldviews affect the process of IS risk management and suggests key issues to be considered in developing strategies of risk...

Words: 9716 - Pages: 39

Premium Essay

Computerized Grading System

...CHAPTER 1 INTRODUCTION Overview of the current system Computer world is now at our hands, this give improvement and development of all programs in the different agencies, in offices and in schools. Paper work become easy, computation is faster, record keeping and bringing out is fast. In schools, all works became easily fast to look at record, easily to reproduce student record. Since, computation of grades is one burden of the teachers, computerization made the answer in solving, in recording and computing students performances and achievement. The same is through in keeping records and forms incorporated in their work aside from guidance and advice. Computation of grades in school became easy for modern teacher but for tradition alone they found difficult but now no burden in recording, transmitting, giving the equivalent and the final grades for teachers who are computer literate, where time, effort and energy is minimized. This is the point of this study, to device a program in order to ease the computation of grades and ranking the students basing their subject’s performances. This is now the scenario and dilemma of Buenavista National High School. Now, with the technology which is to be developed, it will enable them to do more with less effort. The program will not continuously find way to improve and expedite the calculation of grades. The use of computer nowadays is necessary to replace the manual system that affects efficiency and effectiveness, accuracy and reliability ...

Words: 1628 - Pages: 7

Free Essay

Introduction to Computing

...Introduction to Computing   Introduction For couple of years, futurists and computer scientists have provided arguments that a collection of evolving technologies—miniature computers named "smart dust" or motes, wireless telecommunication, software agents that are intelligent, antennas, stretchy electronics, and micro-level power systems— embrace the potentiality to convert the work and daily life (Farias et al. 2012). Anyone who eagerly willing in the social impacts and insinuation of new technologies is making intelligence out of this would impose a significant challenge to him. Such type of changes qualitative in nature requires something very different to the conventional tools of analysis for the engineer or economist. Actor-Network Theory (ANT): its definition and suitability in computing studies Actor-Network Theory had emerged from the researches done by Michel Callon and Bruno Latour. The progressive constitution of the network has been described by their analysis on a collection of negotiations where the identities are assumed by not only the human but with the non-human actors as well. In this context, representation is comprehended in its political facet, as a method to delegate (Fenwick et al. 2012). The most significant among these negotiations is the "translation," an interaction multifaceted in nature where the actors (1) build up the definitions and meanings that are common, (2) define representatives, and (3) co-operate each other in the quest of objectives...

Words: 2175 - Pages: 9

Premium Essay

Pert

...Computer science From Wikipedia, the free encyclopedia Jump to: navigation, search Computer science or computing science (abbreviated CS) is the study of the theoretical foundations of information and computation and of practical techniques for their implementation and application in computer systems.[1][2] Computer scientists invent algorithmic processes that create, describe, and transform information and formulate suitable abstractions to model complex systems. Computer science has many sub-fields; some, such as computational complexity theory, study the fundamental properties of computational problems, while others, such as computer graphics, emphasize the computation of specific results. Still others focus on the challenges in implementing computations. For example, programming language theory studies approaches to describe computations, while computer programming applies specific programming languages to solve specific computational problems, and human-computer interaction focuses on the challenges in making computers and computations useful, usable, and universally accessible to humans. The general public sometimes confuses computer science with careers that deal with computers (such as information technology), or think that it relates to their own experience of computers, which typically involves activities such as gaming, web-browsing, and word-processing. However, the focus of computer science is more on understanding the properties of the programs used to implement...

Words: 5655 - Pages: 23

Free Essay

Cyber Crimes

...Computer Crime has become a very large issue in our society today; this paper will look at this issue from a sociological perspective. It will analyze the various crimes that make up computer crime and see what changes it has brought about in the world in which we live in. Computer crime first is a very new problem in our society today and it is crimes that are committed from a computer. These include embezzling, breaking into other computers, cyber porn and various other crimes that have a drastic affect on the society and the institutions that each of us hold to keep our global society running. To first understand computer crime one must understand first what crime is. According to Diana Kendall, "crime is a behavior that violates criminal law and is punishable with fines, jail or other sanctions"(Kendall 1999; 161). Yet since computer technology is so new it has really no laws to govern it. A law is formal norms that are enforced, norms being established rules of behavior. Many of the crimes committed on computers often times go unpunished. As stated by David Pitchford in the London journal Focus when writing on pornography on the Internet, " the only way illegal pornographers can be caught is through chance leads, tip-offs and telephone tracing" (Focus 1995; p10-12). Many of the crimes that are also committed on computers via the Internet are very new also. New subcultures have formed around the Internet for the possibilities it brings. Computer crime despite the many problems...

Words: 1474 - Pages: 6

Free Essay

Solving Real -Life Problem

...John Grant Unit 1 Exercise 1: Solving a Real Life Problem Computer Network Systems Security Problems Observation/Question The problem within my area of study, Computer Network Systems, is maintaining network security. The explosion of the internet and electronic market has made it a challenged to maintain secure systems from malicious intrusion from external or internal customers. It’s not sufficient to periodically change passwords to maintain the company’s network security. The fact is that passwords, as a security technology, are reaching the end of their useful life. Lets look at 3 areas of network security challenges and utilized the scientific method to evaluate. Regularity/Theory State-sponsored espionage and sabotage of computer networks- The current security technologies are not effective at preventing sophisticated, targeted attacks from being successful. The loss of visibility and control created by the ‘cloud’- As workloads move into the ‘cloud’, organizations lose control over individuals who can access the computer systems that those workloads are running on; also lose visibility into what, when and where the resources were accessed. The providers of cloud services and technology conveys the messages of not to worry, but seasoned IT security professionals know better. The password issues- Attackers are constantly scanning the Internet for exposed, password-protected services like Secure Shell (SSH) and Remote Desktop Protocol...

Words: 575 - Pages: 3

Premium Essay

Cost Justified Outline Paper

...performance of company 2. Interested in having a reliable computer system 3. Reputation D. Employees 1. Economic job loss 2. Fear of being blamed for system performance 3. Interest in company performance E. Shareholders 1. Interested in investment 2. Wants company to responsibly manage finances 3. Expectation on a level of return II. Legal Analysis A. Sarbanes Oxley 1. System is used in financial reporting and control 2. If Mary decides not to report facts about the system it may not provide accurate financial data 3. The act requires that officers of the company have certified the information and that the procedures have been followed. The other two laws that were mentioned in the eGuide do not seem to apply to case. It depends on how the reporting of the costs of computers was reported to the shareholders. The Security Act of 1933 and the Security Act of 1934 • Prohibit fraudulent activities in the connection with offer, purchase or sale of securities • These fraudulent activities include insider trading, misrepresentation of disclosure information, and manipulation of securities market prices, stealing funds or securities, and sale of securities without proper registration (eGuide p.5). III. Ethical Analysis A. Categorical Imperative 1. Truth should always be told and you should do the right thing 2. Shareholders should expect a return 3. Employees need to be truthful about computer systems 4. Computer system should function properly B. Utilitarian 1....

Words: 636 - Pages: 3

Premium Essay

Ict Architecture and Security

...ARCHITECTURE AND SECURITY Prepared for: Justin Debuse Submitted: 31. October 2008 Prepared by: André Nordal Sylte University of the Sunshine Coast Word count: 1665 Executive summary This report, authorised by Justin Debuse in Introduction to ICT, BUS108, looks at ICT architecture and security in an organisation. This report found that the major security threats within an organisation’s ICT are; Cracking into an organisation’s wireless intranet in search for vital corporate information; Former employees accessing wireless intranets and extranets without authorization; Information sent via an extranet could be intercepted in its transit; Viruses and Trojans accidentally downloaded by employees and been spread around the LAN. Solutions to these threats are; WiFi protected access (WPA) password and hide the network; ICTs should be protected with a login screen for the users; To secure an extranet, organisations should use a virtual private network (VPN); Any organisation should provide basic training in how to detect viruses and Trojans. This is a proactive way to prevent an infection in a whole organisation’s LAN. This report also found that the major legal and ethical issues within an organisation’s ICT are; Employee monitored by computer technology and in the building; Privacy on e-mail stored on an organisation’s computer; Illegal and offensive use of an organisation’s computer. Solutions...

Words: 2419 - Pages: 10

Premium Essay

A Survey of Career Opportunities in Computer and Information Sciences

...A Survey of Career Opportunities in Computer and Information Sciences Kazim ATASOY SUNY Fredonia Computer Science Author Note This paper was prepared for CSIT 490: Seminar on Selected Topics, Section 01, and Taught by Professor Zubairi. Abstract Computer and information science jobs are becoming to worlds’ biggest job opportunities. Most of the companies already integrated their system with technology and there are still some country side companies that haven’t integrated with technology but day by day this companies will be integrated too. Because, technology is more than being just a machine, it is being our life. Therefore, somebody should invent, produce and adapt our desires to this technology. In this research paper, I am going to find answers to some questions about career opportunities in computer and information sciences that creates all of this technologies. Question List 1. What are the major activities assigned to people employed in the CIS field? 2. What technical skills are necessary in order to be successful in CIS? 3. What educational preparation is required? 4. What kinds of organizations hire people in this occupation? 5. What kind of work would an entry-level bachelor's degree person would likely do? 6. What are the opportunities for advancement? What positions might someone hold as he or she advances? Give a sequence of positions starting from entry level position and also show expected salary in each position. 7. Are the opportunities...

Words: 4626 - Pages: 19

Free Essay

My Paper

...Introduction In a competitive business world, there are two practices to win the competition which so-called competitive intelligence and industrial espionage. In competitive intelligence, a business entity legally gathers information by examining corporate publications, websites, patent filings and the like, to determine its activities. For the same reason, in industrial espionage, it steals trade secrets by removing, copying, or recording of confidential or valuable information in a competing company. Industrial espionage describes hidden activities, such as the theft of trade secrets, bribery, blackmail and technological surveillance. Industrial espionage is most commonly associated with technology-heavy industries, particularly the computer and auto sectors, in which a significant amount of money is spent on research and development (R&D). One of the most notable industrial espionage is “Operation Aurora” which took place in 2009 when some parties hacked Google China operation, stealing intellectual property and, in particular, accessing the email accounts of human rights activists. II. Brief Explanation Operation Aurora was a cyber attack conducted by advanced persistent threats, such as Elderwood Group that based in Beijing China. Elderwood Group was the digital arms dealer that was used against Google, operating since 2009, when Titan was hit. The Elderwood supplier has frequently been linked to the 2009 attacks. Elderwood used against a large number of industries...

Words: 1957 - Pages: 8