Pp Unauthorized use of a computer, which might involve stealing a username and password, or might involve accessing the victim’s computer via the Internet through a backdoor operated by a Trojan horse program.
New crimes in cyberspace
There are three major classes of criminal
activity with computers
Pp Unauthorized
use of a computer, which might involve stealing a username and password, or might involve accessing
the victim’s computer via the Internet through a backdoor operated by a Trojan
horse program.
Pp Creating or releasing a malicious computer
program (e.g., computer virus, worm, Trojan Horse).
Pp Harassment and stalking in cyberspace.
Unauthorized Use
Unauthorized use of computers tends generally takes the following
forms Computer voyeur The criminal reads (or copies) confidential or
proprietary information, but data is neither deleted nor changed.
In 1999, the Melissa virus infected a [possibly
confidential] document on a victim’s computer, and then automatically sent that
document and copy of the virus via e-mail to other people. Subsequently, the
SirCam and Klez malicious programs made a similar release of [possibly
confidential] documents from a victim’s computer. These malicious programs are
a new way to release confidential information from a victim’s computer, with
the confidential information going not
to the author of the malicious program, but to some person unknown to the
author of the malicious program.
Pp Changing data. For example, change a grade
on a school transcript; add “money” to a checking account, etc. Unauthorized
changing of data is generally a fraudulent act.
Pp Deleting data. Deleting entire files could
be an act of vandalism or sabotage.
Pp Denying service to authorized users. On a
modern time-sharing computer, any
user takes some time and disk space, which is then not available to other
users. By “denying service to authorized users”, we mean gobbling unreasonably
large amounts of computer time or disk space, for example by sending large
amounts of junk e-mail in one day, a so-called “mail bomb”, by having the
computer execute a malicious program that puts the processing unit into an
infinite loop, or, by flooding an
Internet server with bogus requests for webpages, thereby denying legitimate
users an opportunity to download a page and also possibly crashing the server.
This is called a denial of service (DoS)
attack.
Altering Websites
In recent years, there have been a large number
of attacks on websites by hackers who are angry with the owner of the website.
Victims of such attacks include various Government agencies.
In a typical attack, the hacker will delete
some pages or graphics, then upload new pages with the same name as the old
file, so that the hacker controls the message conveyed by the site.
This is not the worst kind of computer crime.
The proper owner of the site can always close the website temporarily, restore all of the files from backup media,
improve the security at the site, and then re-open the site. Nonetheless, the
perpetrator has committed a computer crime by making an unauthorized use of someone else’s computer or computer account.
The Internet is a medium for freely sharing
information and opinions. However the criminals who trash other people’s websites
are acting as self-appointed censors who deny freedom of speech to those with
whom they disagree. These criminals often make the self-serving excuse for
their actions that they only attack sites sponsored by bad corporations or bad
people. However, this excuse makes these criminals into vigilantes who serve as
legislature, judge, jury, and executioner arrogantly determining what is in the
best interests of society.
Ethical Hacking
The science of testing your computers and
network for security vulnerabilities and plugging the holes you find before the
bad guys get a chance to exploit them
Hacker is a
Word that has two Meanings
Traditionally, a hacker is someone who likes to
tinker with software or electronic systems. Hackers enjoy exploring and
learning how computer systems operate. They love discovering new ways to work
electronically. Recently, hacker has
taken on a new meaning — someone who maliciously breaks into systems for
personal gain. Technically, these criminals’ are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent.
They are out for personal gain fame, profit, and even revenge. They modify,
delete, and steal critical information, often making other people miserable.
The good-guy (white-hat) hackers
don’t like being in the same category as the bad-guy (black-hat) hackers. (These terms come from Western movies where
the good guys wore white cowboy hats
and the bad guys wore black cowboy hats.) Whatever the case, most people give hacker a negative connotation. Many
malicious hackers claim that they don’t cause damage but instead are
altruistically helping others. Yeah, right. Many malicious hackers are
electronic thieves.
Common hacking tactics include
Password Crackers
Software that can guess passwords
Social Engineering
Gaining access to computer systems
By talking unsuspecting company employees out
of valuable information such as passwords
Dumpster Diving
Sifting through a company’s garbage to find
information to help break into their computers