4. This technical report will provide the
outline of some forms that computer crime
takes, and examines some of the
perpetrators of these crimes and their
motives.
This technical report also provides an
overview of the security measures that can
be implemented to prevent the threat of
computer crime, including passwords,
encryptions, biometrics, and firewall and
access control software.
I hope that through this study, concern
individuals will be aware that they can be
a victim of computer crime. I also hope
that individuals will have an idea on about
security measures to prevent the threat of
computer crime.
5. History of Computer Crime
In the early decades of modern information
technology (IT), computer crimes were largely
committed by individual disgruntled and dishonest
employees. Physical damage to computer systems
was a prominent threat until the 1980s. Criminals
often used authorized access to subvert security
systems as they modified data for financial gain or
destroyed data for revenge. Early attacks on
telecommunications systems in the 1960s led to
subversion of the long- distance phone systems for
amusement and for theft of services. As
telecommunications technology spread throughout
the IT world, hobbyists with criminal tendencies
learned to penetrate systems and networks.
Programmers in the 1980s began writing malicious
software, including self-replicating programs, to
interfere with personal computers.
6. As the Internet increased access to
increasing numbers of systems worldwide,
criminals used unauthorized access to poorly
protected systems for vandalism, political
action and financial gain. As the 1990s
progressed, financial crime using penetration
and subversion of computer systems
increased. The types of malware shifted during
the 1990s, taking advantage of new
vulnerabilities and dying out as operating
systems were strengthened, only to succumb
to new attack vectors. Illegitimate applications
of e-mail grew rapidly from the mid-1990s
onward, generating torrents of unsolicited
commercial and fraudulent e-mail.
7. Definition of Terms
Computer
A device that computes, especially
a programmable electronic machine
that performs high-speed
mathematical or logical operations
or that assembles, stores, correlates,
or otherwise processes information.
It is a machine used in computer
crime.
8. Crime
Any act that violates the law
using a computer.
9. Computer crime, or cybercrime.
It refers to any crime that involves a computer
and a network, where the computers may or may
not have played an instrumental part in the
commission of a crime. Net crime refers, more
precisely, to criminal exploitation of the Internet.
Issues surrounding this type of crime have
become high-profile, particularly those
surrounding hacking, copyright infringement,
child pornography, and child grooming. There are
also problems of privacy when confidential
information is lost or intercepted, lawfully or
otherwise.
10. Security
Security is the degree of protection
against danger, damage, loss, and
criminal activity.
11. Computer security
Computer security. A branch of computer
technology known as information security as
applied to computers and networks. The
objective of computer security includes
protection of information and property from
theft, corruption, or natural disaster, while
allowing the information and property to
remain accessible and productive to its
intended users. The term computer system
security means the collective processes and
mechanisms by which sensitive and valuable
information and services are protected from
publication, tampering or collapse by
unauthorized activities or untrustworthy
individuals and unplanned events
respectively.
12. Computer software
Computer software or just
software. The collection of computer
programs and related data that provide
the instructions telling a computer what to
do. The term was coined to contrast to the
old term hardware (meaning physical
devices). In contrast to hardware, software
is intangible, meaning it "cannot be
touched". Software is also sometimes
used in a more narrow sense, meaning
application software only. Sometimes the
term includes data that has not
traditionally been associated with
computers, such as film, tapes and
14. Types of Attacks
Computer Virus
A computer virus is a program or piece of code that
is actually loaded on your computer without your
permission or knowing and runs against your wishes.
Some viruses are only made to be a nuisance, while
others are simply out there to destroy. Some viruses can
literally damage all your hardware, software and files on
your computer. Almost all viruses are attached to an
executable file, which means the virus is on your
computer but it has no power to do anything unless you
open or execute that specific file. A virus cannot be
spread without a human action, (such as running an
infected program) to keep it going. People continue the
spread of a computer virus, mostly unknowingly, by
sharing infecting files or sending e-mails with viruses as
attachments in the email.
15. Worm
A worm is a program or algorithm that
can duplicate itself. A worm has the
capability to travel without any help from a
person from PC to PC and have ability to
duplicate itself on your system, so rather
than your computer sending out a single
worm, it could send out hundreds or
thousands of copies of itself, creating a
massive problem for you and people you
are sending infected files to. Its like a true
infestation.
16. Trojan Horse
A Trojan Horse is a destructive program
that “working” as a benign application (like
changing your desktop, adding silly active
desktop icons) or can cause serious
damage by deleting files and destroying
information on your system. Trojans are
also known to create a back door on your
computer that gives malicious users access
to your system, possibly allowing
confidential or personal information to be
compromised. Trojans do not reproduce by
infecting other files nor do they self-
replicate.
17. Computer Crime (Theft, Forgery and Piracy
Concerns)
“Theft” is used here in the sense of the
second meaning defined in Webster’s Third
New International Dictionary, which states, “
the taking of property unlawfully.” “Piracy”
is used here in a sense of the third meaning
defined in Webster’s Third New International
Dictionary, which states, “an unauthorized
appropriation and reproduction of another’s
production, invention, or conception, esp., in
infringement of a copyright” (Barger, 2008).
18. Fake ID’s
Computers can be used to
make fake identification
cards that are used for
purposes of
misrepresentation.
19. Identity Theft
It is achieved by stealing personal
information about an individual and
using it to appear to be that person in
order to change purchases to that
person’s credit card account.
20. Intellectual Property
It is something produced by
using one’s mind, such as
invention, a literary work, a work
of art, a piece of music, a
photograph, or a computer
program.
21. Peer-to-Peer Music Sharing
Music sharing by computer
can involve a violation of
copyright. One of the things
that make unethical music
sharing so tempting is the ease
of acquiring music off the web.
It requires little more than a
simple download operation on
the computer.
22. Phishing
An activity where the phisher sends
spam email or pop-up messages to multiple
addresses, disguising his/her identity as a
legitimate entity (such as a bank). -Attempts
to deceive users into providing others with
their personal information that can then be
used to steal from them. The object of the
phisher is to lure recipients into revealing
personal data that may then be used by the
phisher for identity theft (Barger, 2008).
24. Firewall
A firewall consists of hardware and/or software
that is designed to insulate an organization’s
internal network (or ‘intranet’) from the wider
Internet, by putting a boundary around it (a
‘firewall’). Firewall software gives access only to
entrusted Internet (IP) addresses and scrutinizes
data for irregularities or signs of danger. Ideally,
firewalls are configured so that all connections to
an internal network go through relatively few, well-
monitored locations. A firewall cannot only serve
to protect against hacking from outside, but also
to restrict access to the Internet form inside a
network, for example by blocking access to certain
websites. The main shortcoming of firewalls,
however, is that they provide no protection against
crimes by insiders (Dequenoy, 2008).
25. Anti-virus Software
Anti-virus programs are therefore an
essential aspect of computer security. Anti-
virus software works by searching the
computer’s hard disk and storage media for
virus patterns and signatures, and matching
them against its own database of virus
definitions. If a match if found and an
existing virus is detected, an appropriate
course of action is suggested to remove the
virus. Anti-virus programs also prevent
infected files from being downloaded
(whether from a disk or an e-mail
attachment) and prevent viruses from
inserting themselves into a computer
system (Dequenoy, 2008).
26. Passwords
One of the simplest and most widely used
computer security measures involves the use
of passwords which authenticate authorized
users and allow access to a system or
network. Passwords represent the first line of
defense in network security. However, they
have a number of inherent weaknesses.
Perhaps the most serious of these is that
passwords are often too obvious and easy to
guess. People tend to choose the names of
their partners, spouses or family pets, or a
favourite hobby. If a password cannot be
guessed, then password-cracking software is
relatively easy to obtain (Dequenoy, 2008).
27. Encryption
In computer networks, whether local are
networks of the wider internet, one of the
more complicated problems is to secure
information in transit between the server
and the end user, and between sender and
receiver. This is important in the
transmission of any kind of sensitive or
confidential information which must be
protected adequately from the risk of being
intercepted. It applies to eCommerse
transactions and submission of credit card
numbers, private e-mails, or any kind of
security, military or business
communication. One way to secure this
data is through encryption (Dequenoy,
2008).
28. Audit control software
Audit control software is
used to closely monitor the use
of computer. This enables
auditors to trace and identify
any operator who gains access
to the system, and the exact
time that this occurred –such
as after working hours.
29. Biometrics
Another weapon in the fight against
computer crime is biometrics, or the
digitizing of biological characteristics.
These technologies work by sampling
‘unique’ biological features, such as
the voice, the pattern of blood vessels
in the retina, or fingerprints. They then
extract and convert these features
into a mathematical code and store
them as a biometric template.
30. Computer Crime Perpetrators
There is a commonly held view that a
typical computer is something of a
‘whizz kid’, with highly developed
computing skills and a compulsive
desire to ‘beat the system’. However,
not many crimes demonstrate high
technical ingenuity on the part of the
perpetrator. Most exhibit an
opportunistic exploitation of an inherit
weakness in the computer system being
used (Dequenoy, 2008).
31. Hackers and Crackers
Hackers are individuals who test
the limitations of systems out of
intellectual curiosity –to see
whether they can gain access and
how far they can go. They have at
least a basic understanding of
information systems and security
features, and much of their
motivation comes from a desire to
learn even more.
32. Cracking is a form of hacking
that is clearly a form of criminal
activity. Crackers break into other
people’s networks and systems,
deface Web pages, crash
computers, spread harmful
programs or hateful messages,
and write scripts and automatic
programs that let other people do
these things.
33. Malicious Insiders
The number one security concern for
companies is the malicious insider –an ever
percent adversary. Indeed, it is estimated
that more than 70 percent of network
intruders come from inside the organization.
Insiders are not necessarily employees;
they can be consultants and contractors
and contractors as well. Nor do they need to
be employees in IT-related positions; they
may just be experienced IT users. Their risk
tolerance ranges from low to high,
depending on whether they are motivated
by financial gain, revenge on their
employers, or publicity (Reynolds, 2006).
34. Cyber terrorism
Cyber terrorism is a phrase
used to describe the use of
Internet based attacks in terrorist
activities, including acts of
deliberate, large-scale disruption
of computer networks, especially
of personal computers attached to
the Internet, by the means of tools
such as computer viruses.
36. • 1. Install a anti-virus scanner or firewall and
run it often.
• 2. Update it often.
• 3. Scan all diskettes/flasks disks before
copying or running programs from them.
• 4. Install software only from a sealed
package produced by a known software
company.
• 5. Follow careful downloading practices.
• 6. If you detect a virus, take immediate
action.
37. Actual Case
New times bring new crimes. It's a
stor y as old as humanity and as new as
the Internet. First comes cars, then car
thieves follow. Telephones are followed by
telephone fr aud. Now we've got computer s.
To make home, school, and office life
easier, society relies on computer s. A s a
r esult of this dependency, computer use
gr ows everyday. A long with the gr owing
use of computer s comes widespr ead
computer crime.
38. With the Internet becoming incr easingly
popular , more and more people ar e becoming
computer literate, and networks ar e becoming
mor e readily accessible. The rise in computer
cr ime can easily be blamed upon the incr easing
number of users. The Inter net is widely deemed
as a new community and "wild" electr ic
fr ontier. Either way you look at it, the Inter net
offer s cover for con ar tists, ground for
gr ifter s, and plenty of places wher e lar ceny can
lur k. It provides the same oppor tunities for
cr ime that the real wor ld offer s.
39. Internet crimes, however, car r y their own
intr icacies and innovations. These online
cr imes take advantage of the ver y same
technologies that make the Inter net possible.
The most common cr imes committed on the
Internet are the same basic var iations of the
four main time-tested, r eal-world cr imes:
For ger y (of E-mail), assault (on your Web
site, E-mail box, or computer system), fr aud
(cyberscams), and robber y (theft of valuable
infor mation). Various types of people commit
computer crimes. The two most familiar
being hacker s and crackers.
40. A hacker is a per son who enjoys
ex ploring the details of a programmable
system and how to stretch their
capabilities; one who pr ograms
enthusiastically, even obsessively. A
cracker is one who br eaks secur ity on a
system. A lthough hackers and cr ackers
both break into computer systems, their
motives are differ ent. Hackers seem to
br eak into computer systems for the
intellectual challenge. Crackers ar e
considered malicious with the intention of
41. Other computer criminals include terrorists,
company competitors, and aggravated employees.
A ggravated employees are a company's worst
nightmare since they have easy access to the
company's system, and are usually fired or leave
on bad terms. Competitors will often do whatever
is necessary to get an edge on their industry
leaders by riffling through their competitors'
trash, bugging phone lines, and now breaking
into their competitors' networks in an attempt to
gather inside information. Terrorists are
becoming more computer literate because they
realize the amount of information regarding the
government defense are stored and found on
computers. Terrorists are also targeting
42. The fundamental issue in most
computer cr ime is the criminals'
lack of respect for the property
or privacy of other people. I hope
that society will recognize the
ser iousness of computer cr ime
and demand more severe
punishment for such cr iminals.
43. Summary
This study heightens one’s awar eness that
computer cr imes (Dequenoy, 2008) ar e cr iminal
acts committed using a computer for computer -
based har dwar e as the pr incipal tool. When most
people talk about computer cr ime, they ar e
usually r efer r ing to the ‘act that a computer has
either been the object, subject, or instr ument of
a cr ime.
The types of computer cr ime ar e theft,
for ger y and pir acy which include theft of goods,
infor mation or money, theft or computer time,
identity theft, cyber squatting, fake id’s, peer -to-
peer music shar ing, open sour ce softwar e,
phishing, softwar e bombs and web spoofing.
Other types of computer cr imes ar e computer
44. Computer secur ity is also included in the study.
It showed that some var ious measur es to enhance
computer secur ity ar e the fir ewalls, antivir us
softwar e, passwor ds, encr yption, access contr ol
softwar e, audit contr ol softwar e, and biometr ics.
Pr eventive measur e on how to secure your own
computer system depends on the per son’s own
decision whether he himself does the installing
pr ocess on his own system or just let other s do it
for him. Systems can be secur ed by applying those
computer secur ity measur es mentioned in the study.
Computer cr ime cannot be ex ecuted without
those computer cr ime per petr ator s. They ar e called
hacker s, cr acker s, malicious insider s, industr ial
spies, cyber cr iminals and cyber ter r or ists.
One over -r iding point to note is that no computer
system is 100% secur e and whatever secur ity
measur es ar e taken, people will always find a way