Computer Security and
vehicle for extortion
Safety, Ethics, and
Privacy
Computer Security Risks
• Any event or action that could cause
a loss of or damage to computer
hardware, software, data,
information, or processing capability
• Maybe accidental however mostly
are
• Merely access data, information, or
programs on the computer
• Maybe for leaving a message or by
deliberately altering or damaging
data
Seven Basic Categories of
Cybercrime
Hacker
someone who accesses a computer
or network illegally
script kiddie
as the same intent as a cracker but
does not have the technical skills
and knowledge
cracker
Accesses a computer or network
illegally but has the intent of
destroying data, stealing information,
or other malicious action
Cyberterrorist
someone who uses the Internet or
network to destroy or damage
computers for political reasons
cyber extortionist
someone who uses Email as a
unethical employee
Exploits a security weakness, seeks
financial gain from selling
confidential information or take
revenge
corporate spy
practice known as corporate
espionage, to gain a Competitive
advantage
Internet and Network Attacks
Computer Viruses
affects, or infects, a computer
negatively by altering the way the
computer works without the user’s
knowledge or permission.
Trojan Horses
hides within or looks like a legitimate
program.
Worms
copies itself repeatedly, for example
in memory or on a network, using up
resources and possibly shutting
down the computer or network.
Rootkits
hides in a computer and allows
someone from a remote location to
take full control of the computer.
Botnets
a group of compromised computers
connected to a network such as the
Internet that are used as part of a
network that attacks other networks,
usually for nefarious purposes.
Zombie
 an assault whose purpose is to
disrupt computer
access to an Internet service such
as the Web or e-mail
Denial of Service Attacks
an assault whose purpose is to
disrupt computer access to an
Internet service such as the Web or
e-mail
Back Doors
a program or set of instructions in a
program that allow users to bypass
security controls when accessing a
program, computer, or network
Spoofing
a technique intruders use to make
their network or Internet
transmission appear legitimate to a
victim computer or network.
Firewalls
hardware and/or software that
protects a network’s resources from
intrusion by users on another
network
Intrusion Detection Software
Automatically analyzes all network
traffic, assesses system
vulnerabilities, identifies any
unauthorized access, and notifies
network administrators
Unauthorized Access and Use
Unauthorized Access
The use of a computer or network
without permission.
Unauthorized Use
The use of a computer or its data for
unapproved or possibly illegal
activities.
Identifying and Authenticating Users
Access control
a security measure that defines who
can access a computer, when they
can access it, and what actions they
can take while accessing the
computer
audit trail
the computer should maintain an
audit trail that records in a file both
successful and unsuccessful access
attempts.
Usernames and Passwords
User Name, or User ID
A unique combination of characters,
such as letters of the alphabet or
numbers, that identifies one specific
user.
Password
A private combination of characters
associated with the user name that
allows access to certain computer
resources.
Possessed Objects & Biometric
Devices
Possessed Objects
Any item that you must carry to gain
access to a computer or computer
facility. A personal identification
number (PIN) is a numeric
 password, either assigned by a
company or selected by a user.
Biometric Devices
authenticates a person’s identity by
translating a personal characteristic,
such as a fingerprint, into a digital
code
Hardware Theft and Vandalism
Hardware Theft
The act of stealing computer
equipment.
Hardware Vandalism
The act of defacing or destroying
computer equipment.
Software & Information Theft
Software theft
Occurs when someone steals
software media, intentionally erases
programs, illegally copies a program,
or illegally registers and/or activates
a program.
Information Theft
Occurs when someone steals
personal or confidential information.
• involves the examination of
computer media, programs, data
and log files on computers, servers,
and networks
• digital forensics examiner must have
knowledge of the law, technical
experience with many types of
hardware and software products,
superior communication skills,
familiarity with corporate structures
and policies, a willingness to learn
and update skills, and a knack for
problem solving.
Health Concerns of Computer Use
A repetitive strain injury (RSI) is an injury or
disorder of the muscles, nerves, tendons,
ligaments, and joints. Computer-related
RSIs include tendonitis and carpal tunnel
syndrome.
Computer Addiction
• Craves computer time
• Irritable when not at the computer
• Overjoyed when at the computer
• Unable to stop computer activity
• Neglects family and friends
• Problems at work or school

Digital Forensics

• computer forensics, network

forensics, or cyber forensics, is the
discovery, collection, and analysis of
evidence found on computers and
networks.
• Used in law enforcement, criminal
prosecutors, military Intelligence,
insurance agencies, and information
security departments in the private
sector