Computer and Internet Crime

1st Topic for midterm

Lecturer: AL john E. Badayos, LPT.

Introduction to Computer and Internet Crime

Computer and Internet crime, often referred to as cybercrime, involves illegal activities
conducted through digital devices, networks, and the internet. These crimes can range
from financial fraud to data theft, hacking, identity theft, cyberstalking, and
cyberterrorism. With the rapid advancement of technology and the increased reliance
on the internet for communication, commerce, and social interaction, cybercrime has
become a significant global threat, impacting individuals, businesses, and governments.

Cybercrime refers to criminal activities that involve the use of computers, networks, or
the internet. These crimes can target individuals, businesses, governments, or even
entire infrastructures. Cybercrime often involves exploiting weaknesses in digital
systems to commit fraud, theft, extortion, or other illegal activities. As society becomes
more reliant on technology, the scope and sophistication of cybercrime continue to
evolve, making it a critical area of concern for law enforcement, cybersecurity
professionals, and policymakers.

Characteristics of Cybercrime:

1. Use of Technology: Cybercrime typically involves the use of computers, mobile

devices, or networks to commit offenses. It can include hacking, deploying
malicious software, or manipulating digital systems for unlawful purposes.
2. Cross-Border Nature: Cybercrimes are often transnational, as criminals can
operate from anywhere in the world, targeting victims across different countries.
This poses challenges for law enforcement agencies that must navigate different
legal jurisdictions to apprehend cybercriminals.
3. Anonymity: The internet allows cybercriminals to hide their identities, making it
difficult to track and apprehend them. Techniques such as using the dark web,
encrypting communications, and spoofing IP addresses can make cybercrime
investigations complex.

Key Aspects of Computer and Internet Crime:

 1. Types of Cybercrime: Cybercrime can be categorized into several types:
o Hacking: Unauthorized access to computer systems or networks, often to
steal or manipulate data.
o Malware: The creation and distribution of malicious software, such as
viruses, worms, and ransomware, designed to damage or control
computers.
o Phishing and Social Engineering: Deceptive practices to trick individuals
into revealing personal information, such as login credentials or credit card
numbers.
o Identity Theft: Stealing personal information to impersonate someone
else, often for financial gain.
o Cyberbullying and Harassment: Using the internet to harass, stalk, or
threaten individuals.
o Fraud and Scams: Using online platforms to deceive people, including
online shopping scams, auction fraud, and Ponzi schemes.
2. Legal Framework: Cybercrime is addressed through various national and
international laws and regulations. Countries have developed laws to combat
cybercrime, often working together to address transnational issues. International
treaties, such as the Budapest Convention on Cybercrime, aim to facilitate
cooperation between nations in prosecuting cybercriminals.
3. Impact: The consequences of cybercrime are far-reaching. Individuals can suffer
financial loss, emotional distress, and loss of privacy. Businesses face the risk of
data breaches, financial losses, and reputational damage. Governments are also
vulnerable to cyberattacks, which can compromise national security and critical
infrastructure.
4. Prevention and Protection: Combating cybercrime requires a multi-faceted
approach. This includes strong cybersecurity measures, such as firewalls,
encryption, and intrusion detection systems. Public awareness and education
about safe online practices are also essential. Additionally, law enforcement
agencies and cybersecurity experts work together to track and apprehend
cybercriminals.

IT Security Incidents: A Major Concern

In today's digital age, IT security incidents have become a significant concern for
individuals, businesses, and governments alike. These incidents, which can range from
minor data breaches to major cyberattacks, threaten the confidentiality, integrity, and
availability of information systems and the data they hold. As our reliance on digital
infrastructure grows, so does the risk of security incidents that can disrupt services, lead
to financial losses, and compromise sensitive information.

The Growing Threat Landscape:

The threat landscape for IT security incidents is constantly expanding due to several
factors:

 Increased Connectivity: The proliferation of internet-connected devices (IoT) has

expanded the attack surface for cybercriminals. From smart home devices to
industrial control systems, every connected device can become a potential entry
point for attackers.
 Sophisticated Cyber Attacks: Cybercriminals are becoming more sophisticated in
their methods. Advanced Persistent Threats (APTs), zero-day vulnerabilities, and
targeted ransomware attacks are increasingly common, making it harder for
organizations to defend against them.
 Human Error: Despite advances in technology, human error remains a major
cause of security incidents. Mistakes such as weak passwords, misconfigurations,
and falling for phishing scams can provide an easy way for attackers to gain
access to systems.

Types of IT Security Incidents:

1. Data Breaches: Unauthorized access to sensitive data is one of the most common
and damaging types of security incidents. Data breaches can expose personal
information, financial records, and intellectual property, leading to identity theft,
financial fraud, and reputational damage.
2. Ransomware Attacks: Ransomware is a type of malware that encrypts a victim's
data and demands payment in exchange for the decryption key. These attacks
can cripple organizations by locking them out of critical systems and data.
3. DDoS Attacks: Distributed Denial of Service (DDoS) attacks overwhelm a target's
servers or network with a flood of traffic, rendering them unavailable to
legitimate users. This can disrupt business operations and cause significant
downtime.
4. Insider Threats: Not all security incidents come from external sources. Insider
threats, whether intentional or accidental, can result in data loss, sabotage, or
other damaging outcomes. Employees, contractors, or partners with access to
 sensitive systems can pose significant risks if proper security measures are not in
place.

The Impact of IT Security Incidents:

The consequences of IT security incidents can be devastating. For businesses, a major

incident can result in significant financial losses, legal liabilities, and damage to customer
trust. According to various studies, the average cost of a data breach can run into
millions of dollars, depending on the size and scope of the incident.

Governments and critical infrastructure operators are also at risk. Cyberattacks on

critical systems, such as power grids, transportation networks, and healthcare facilities,
can have far-reaching consequences, potentially putting public safety at risk.

Responding to IT Security Incidents:

Effective response to IT security incidents requires a well-defined incident response plan

that includes:

 Detection: Rapid identification of security incidents is crucial to minimizing

damage. This involves monitoring systems for signs of suspicious activity, utilizing
intrusion detection systems (IDS), and analyzing security logs.
 Containment: Once an incident is detected, it must be contained to prevent
further damage. This may involve isolating affected systems, shutting down
compromised services, or blocking malicious traffic.
 Eradication and Recovery: After containment, the root cause of the incident
must be addressed. This includes removing malware, patching vulnerabilities, and
restoring systems from clean backups. Recovery efforts aim to bring affected
systems back online and ensure normal operations resume.
 Post-Incident Review: After an incident, a thorough review should be conducted
to identify what went wrong and how similar incidents can be prevented in the
future. Lessons learned should be incorporated into security policies and
practices.
Prevention and Mitigation:

Proactive measures are essential to reduce the likelihood of IT security incidents. This
includes implementing strong security policies, regularly updating and patching systems,
conducting employee training on security awareness, and employing advanced security
tools such as firewalls, encryption, and multi-factor authentication.

IT security incidents will remain a major concern as cybercriminals continue to evolve

their tactics. However, with a strong security posture, effective incident response
strategies, and a focus on continuous improvement, organizations can mitigate the risks
and protect themselves against potential threats.

Implementing Trustworthy Computing

Trustworthy Computing is a computing paradigm that focuses on ensuring security,

privacy, reliability, and business integrity in all aspects of software and hardware
development. Introduced by Microsoft in the early 2000s, the initiative aims to address
the growing concerns around cyber threats and the need for computing systems that
users can trust. Implementing trustworthy computing involves embedding these
principles into the design, development, and operation of information systems,
fostering an environment where users can feel confident in the safety and reliability of
the technology they use.

Core Principles of Trustworthy Computing:

1. Security: Ensuring that systems are protected against unauthorized access,

attacks, and breaches. Security must be built into every layer of the computing
process, from the operating system to applications, to prevent vulnerabilities and
protect data from threats.
2. Privacy: Respecting and protecting user data is a fundamental aspect of
trustworthy computing. This means implementing strong privacy policies,
ensuring data is collected and used responsibly, and giving users control over
their personal information.
3. Reliability: Trustworthy systems must be reliable and available when needed.
This requires rigorous testing, robust software development practices, and
contingency plans for system failures, ensuring that systems perform as expected
under all conditions.
 4. Business Integrity: Ethical behavior and transparency are key to maintaining trust
in computing systems. Businesses must be clear about how they use technology,
avoid deceptive practices, and ensure that their actions align with their promises
to users.

Steps to Implement Trustworthy Computing:

1. Security by Design: Security should be integrated into the design and

development process from the start. This involves identifying potential threats,
conducting risk assessments, and applying security best practices such as
encryption, access control, and secure coding techniques. Regular security audits
and vulnerability assessments are essential to maintain security throughout the
system's lifecycle.
2. Data Protection and Privacy: Organizations must implement strong data
protection measures, such as encryption, anonymization, and data minimization.
Privacy policies should be clear and transparent, outlining how data is collected,
stored, and used. Complying with regulations like GDPR (General Data Protection
Regulation) and CCPA (California Consumer Privacy Act) ensures that user privacy
is respected.
3. Reliability Engineering: Ensuring system reliability involves adopting practices
like fault tolerance, redundancy, and automated failover systems to minimize
downtime. Rigorous testing and validation processes, including stress testing and
load balancing, help to identify potential weaknesses in systems before they
become a problem.
4. Ethical Practices and Transparency: Implementing trustworthy computing
requires an ethical approach to how technology is used and how businesses
interact with their customers. Companies should be transparent about their data
collection practices, avoid exploiting user data for unethical purposes, and
engage in fair business practices.
5. Continuous Improvement: Trustworthy computing is not a one-time effort but an
ongoing process. As new threats emerge and technology evolves, organizations
must continuously update their systems, policies, and practices to ensure that
they remain trustworthy. This involves staying up-to-date with the latest security
trends, regularly patching software, and investing in employee training.
Benefits of Trustworthy Computing:

 User Confidence: Implementing trustworthy computing helps build trust with

users, leading to stronger customer relationships and increased user confidence
in technology.
 Reduced Risks: By prioritizing security, privacy, and reliability, organizations can
reduce the risk of security incidents, data breaches, and system failures, which in
turn minimizes financial losses and reputational damage.
 Regulatory Compliance: Trustworthy computing ensures that organizations
comply with laws and regulations related to data protection and security,
avoiding legal penalties and fines.
 Competitive Advantage: Businesses that prioritize trustworthy computing can
differentiate themselves in the market, attracting customers who value security
and privacy.

Challenges in Implementing Trustworthy Computing:

 Complexity: Ensuring security, privacy, and reliability in modern, interconnected

systems can be complex and resource-intensive. It requires significant investment
in technology, processes, and people.
 Evolving Threats: The cyber threat landscape is constantly changing, and
organizations must stay vigilant to new attack vectors and vulnerabilities. This
requires continuous monitoring and updating of security measures.
 Balancing Security and Usability: Implementing strong security measures can
sometimes conflict with user experience and usability. Organizations need to
strike a balance between securing systems and providing a seamless user
experience.