I made this widget at MyFlashFetish.com.

Jumaat, 11 Mac 2011

COMPUTER CRIME


What is computer crime?

A computer crime is any illegal action where the data on a computer is accessed without permission. This access doesn't have to result in loss of data or even data modifications.
Computer crime is often attributed to rogue hackers and crackers, but increasingly organized crime groups have realized the relative ease of stealing data with relative low-level of risk. Government organizations are also rumored to be involved with hacking in to computer systems.

According to Great Britain's University of Wolverhampton, computer crime is broadly defined as "a criminal act that has been committed using a computer as the principal tool." These crimes take various forms but often involve some type of theft.

NEW CRIMES IN CYBERSPACE

There are three major classes of criminal activity with computers:

  • Authorized use of a computer, which might involve stealing a user name and password, or might involve accessing the victim's computer via the Internet through a backdoor operated by a Trojan Horse program
  •  
  • Creating or releasing a malicious computer program such as computer virus, worm, and Trojan Horse 

  •
  • Harassment and stalking in cyberspace

UNAUTHORIZED USE

Unauthorized use of computers tends generally takes the following forms:
  • Computer voyeur - The criminal reads (or copies) confidential or proprietary information, but data is neither deleted nor changed. 

  •
  • Changing data  - For example, change a grade on a school transcript, add "money" to a checking account, etc. Unauthorized changing of data is generally a fraudulent act. 
    •  
  • Deleting data - Deleting entire files could be an act of vandalism or sabotage. 

  •
  • Denying service to authorized users - On a modern time-sharing computer, any user takes some time and disk space, which is then not available to other users. 

What is a denial-of-service (DoS) attack?

In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. 

By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts such as banking and etc or other services that rely on the affected computer. 


The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. 
The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a "denial of service" because you can't access that site. 

An attacker can use spam email messages to launch a similar attack on your email account. Whether you have an email account supplied by your employer or one available through a free service such as Yahoo or Hotmail, you are assigned a specific quota, which limits the amount of data you can have in your account at any given time. By sending many, or large, email messages to the account, an attacker can consume your quota, preventing you from receiving legitimate messages. 

What is a distributed denial-of-service (DDoS) attack?

In a distributed denial-of-service (DDoS) attack, an attacker may use your computer to attack another computer. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attack is "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attack.

How do you avoid being part of the problem?

Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS attack, but there are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers:
  • Install and maintain anti-virus software
  •  
    •
  • Install a firewall, and configure it to restrict traffic coming into and leaving your computer
  •  
    •
  • Follow good security practices for distributing your email address. Applying email filters may help you manage unwanted traffic

How a "denial of service" attack works?
 
In a typical connection, the user sends a message asking the server to authenticate it. The server returns the authentication approval to the user. The user acknowledges this approval and then is allowed onto the server.

In a denial of service attack, the user sends several authentication requests to the server, filling it up. All requests have false return addresses, so the server can't find the user when it tries to send the authentication approval. 

The server waits, sometimes more than a minute, before closing the connection. When it does close the connection, the attacker sends a new batch of forged requests, and the process begins again--tying up the service indefinitely.


Typical connection







 
"Denial of service" attack





 


How to block a "denial of service" attack?

 
One of the more common methods of blocking a "denial of service" attack is to set up a filter, or "sniffer," on a network before a stream of information reaches a site's Web servers. 

The filter can look for attacks by noticing patterns or identifiers contained in the information. 

If a pattern comes in frequently, the filter can be instructed to block messages containing that pattern, protecting the Web servers from having their lines tied up.










Malicious software 

Malicious software (malware) is a designed to secretly access a computer system without the owner's informed consent. Viruses, worms, Trojans, spyware and rootkits are all forms of malicious software. In general, malicious software may:

  • Display unwanted advertising banners on web sites or in pop-up windows
  •  
  • Delete, damage or modify your documents and data files
  •  
  • Attempt to reproduce itself automatically and secretly
  •  
  • Modify the operating system or other legitimate software
  •  
  • Allow malicious individuals to monitor your computer remotely over the network
  •  
  • Spread itself to other computers via the network, such as by e-mail, unsecured file shares, password guessing or exploiting security problems on other computers
When malicious software carries some specific traits, computer professionals may give it a special name, such as: 




  • Viruses: copy themselves into other legitimate programs, turning the innocent software into carriers of the virus
  •  
  • Worms: take advantage of operating system bugs and other security problems to copy themselves - usually silently and automatically - to other computers on a network.
  •  
  • Trojans or Trojan Horses: masquerade as legitimate software but engage in various kits of malicious activity.
  •  
  • Rootkits: modify the operating system to hide themselves, then use worm-like methods to propagate to other computers.
  •  
  • Spyware: sends information about the computer, your personal information or your Internet browsing activities to a third party.
  •  
  • Adware: displays unwanted advertisements.




 





 

How to Report Cyber Crimes

The age of computers has opened up numerous possibilities. We can connect with others across the globe in seconds with a few simple keystrokes. 

However, these advancements have lead to a string of new types of crimes. Cyber crimes can include anything from spam to serious charges of child pornography and weapons trafficking. If you are aware of a cyber crime, it is your duty to report it. Read on to learn how to report cyber crimes.

Instructions

1    Get together as many details about the cyber crime as you can. The more information that you can give  the authorities, the more helpful you can be to the case.
2    Contact the Internet Crime Complaint Center. This center was developed with the help of the FBI and makes reporting cyber crimes an easier task.
3    Fill out the complaint form on the Internet Crime Complaint Center's website. After you fill out the form, you'll be e-mailed a case number. The matter will be investigated through the center and they will update you on the status.
4    Call your local police department. If you are unsure of whom exactly you should report the cyber crime to, give the police a call and get their advice. If it is a criminal matter, they'll likely handle it.
5    See if the cyber crime that you are reporting is a FBI matter. Local FBI offices usually handle cases of Internet harassment, Internet bomb threats and cases of Internet child pornography.


Tips & Warnings

  • Don't call the police about minor cyber crimes. They may not appreciate it if you call them about excessive spam in your inbox. Spam problems can usually be handled by your email provider

  • If you feel that you are in serious danger due to a cyber crime, call the police immediately or dial 911

 
















By At
Contributor

Tiada ulasan:

Catat Ulasan

Langgan: Catat Ulasan (Atom)