10.2 The effects of cybercrime
Previous
Chapter 9: Database design
|
Next
Chapter 11: Internet and www
|
CHAPTER OVERVIEW
Learning outcomes
At the end of this chapter, you will be able to:
- discuss the effects of inaccurate and invalid – data input, unverified data, software bugs and incorrect hardware/software configurations
- discuss the effects of identity theft, business data theft and virus attacks to companies (ransomware and malware).
INTRODUCTION
Database design and management takes a team to ensure quality data and valuable information is used to make decisions in a company. In the previous chapters we discussed these concepts and what it takes to create a database. In this unit, we will look at the social issues applicable to databases content.
SOCIAL ISSUES IN A NUTSHELL
One type of computer threat is caused by human error. Below are some examples:
- weak password security and sharing of passwords
- careless handling of data or accidently deleting files
- inadequate software security and neglecting updates
- low security awareness
- ineffective data access management.
Activity 10.1 Revision activity
10.1.1Can you remember how to create a strong password? Discuss this with a partner and come up an example of a strong password.
10.1.2 a.In pairs, discuss how you can accidently delete files.
b.Is it a common occurrence for people to handle data carelessly? Explain why you say so.
10.1.3Explain to your partner what a firewall is and how software security can make it stronger.
10.1.4Explain phishing and how it can affect a security breach.
10.1.5Controlling access to sensitive data is a basic part of any security. However, many organisations are granting complete access to all employees by default unless it is specifically restricted. Discuss how this can be dangerous to security within a company.
UNIT
10.1 The effects of computer and human error
Sometimes the reported computer problem is not really a computer problem, but rather a human problem. The truth is that in many situations, a computer problem is not caused by a virus, a bug or a software problem, but rather by a user making a mistake.
The table below summarises four types of computer problems, two of which are caused by computer users.
Activity 10.2
10.2.1At Cedar High School, safety, documentation and the international issues are considered and discussed at the school governing body meeting. The safety of the data in the school can be threatened, therefore taking away the trust that the parents have in the school management. Human errors, hardware and software issues may also damage the school’s data.
a.Explain hardware that can damage data on a computer.
b.List THREE common human errors that contribute to loss of data.
c.Explain the GIGO (Garbage In, Garbage Out) concept, which also contributes to messy data.
d.Suggest THREE physical measures that can be taken by the school to protect the data on the computers
e.Social networking poses a threat to data. Describe TWO ways in which social networking can become a threat to data.
UNIT
10.2 The effects of cybercrim
Most people working online experienced cybercrime. Cybercrime not only affects individuals and organisations, but also society. Cybercrime can have long lasting effects on the people targeted. As a result, governments need to spend significant amounts of time and money fighting these criminals.
In this unit we will discuss the effects of identity theft, business data theft and virus attacks on a company.
IDENTITY THEFT
Identify theft is the collection of the victim’s personal information by hackers to enable someone to masquerade as the victim. This could be the hacker or some other person he sold the information to. Examples of stolen data and a possible effect on the victim:
- Financial information like credit card numbers, retail store account numbers will allow the cybercriminal to run up debt in the victim’s name.
- Medical insurance information will allow the cybercriminal to get treatment in the victim’s name and could use up all the medical cover due to the victim.
- Driver’s license information will allow the cybercriminal to run up traffic fines in the victim’s name.
The victim could end up with a criminal record, a poor credit rating and not being able to pay for medical treatment.
BUSINESS DATA THEFT
Many businesses are exposed to email threats, malicious software, or spam bots. Intellectual property and trade secrets are compromised.
- A business could lose their client information, trade secrets and data that could give their competitors.an edge when sold to their competitors.
- A business would have to spend on cleaning out its information system and securing it from further attacks.
- A business would not be able to function effectively whilst its information system is under reconstruction which in turn leads to time and money lost.
- A business may have to close down as a result of business data theft.
- KFC store its recipe in a vault to protect the trade secret from this kind of cybercrime
VIRUS ATTACK TO BUSINESS
MALWARE
Malware is malicious software written to destroy a computer system, to obtain business data theft or personal information.
Types of malware viruses, worms, Trojan viruses, spyware, and ransomware.
Malware viruses and worms usually spread and slow down the operation of the computer system. This decreases the efficiency of all aspects of the business that depends on the computer system.
Malware Trojans and spyware are usually use to obtain data and grant access. It is used for identity theft and business data theft.
RANSOMWARE
Ransomware is software that encrypts the business data. The business must then pay the ransom to have their data decrypted. All operation that needs this data comes to a halt. Business loses a lot time and money.
In all these cases the business has to spend to clean the system and protect it from more attacks. Good updated antivirus software would be required.
Activity 10.3
10.3.1Explain three effects of cybercrime.
a.Why do criminals hack into computers?
b.Who are the most common targets?
10.3.2Research examples of cybercrime. Choose at least TWO examples and create a poster in which you explain what the crime is, and what people can do to help prevent themselves from becoming victims.
10.3.3Umlazi High School’s computer server has been hacked and there is a virus on their system that has infected most of the files. Come up with a plan that the school administrator can use to get rid of the virus, and protect the school’s data from any future cyber-attacks.
CONSOLIDATION ACTIVITY Chapter 10: Social Implications
1.Read the case studies on human error and answer the following questions.
a.What type of human error happened?
b.How could it have been avoided?
c.What is the effect of the error?
Case Study 1
Both government agencies and private companies keep vast databases containing very sensitive and very personal information about tens or hundreds of millions of subjects. For example, the FBI’s National Crime Information Center (NCIC) keeps records on arrests, outstanding warrants, criminal histories, and other data that might be of use in investigating crime. It currently processes an average of 7.5 million transactions each day. When subjects are stopped by the police, their identities are often checked against the NCIC to see if they are currently wanted for a crime, on probation, or considered dangerous. In the private sector, large credit agencies such as TransUnion and Equifax, keep computerized credit histories on close to a hundred million people. These are searched hundreds of thousands of times each day by thousands of subscribers, whenever a customer requests credit of any kind, whether it is to apply for a loan or simply make a credit card payment.
These databases are used to make many critical decisions affecting peoples’ lives. Someone can be arrested and detained or denied a mortgage or the use of a credit card based on the data stored in them. Yet the sheer size of these databases, as well as the procedures used to collect, process and maintain the data in them, ensure that they will contain many inaccuracies. A study done by Kenneth Laudon for the Office of Technology Assessment (OTA) found that only 25.7 percent of the records sent by the FBI’s identification division were ‘complete, accurate and unambiguous.’ A higher percentage, about 46 percent, of the criminal history records in the NCIC met these standards. When Laudon checked a sample of open arrest warrants on file with the FBI against records in the local court houses where they originated, he found that over 15 percent of them were invalid, either because there was no record at all of them or they had already been cleared or vacated. Thus 15 percent of the warrants on record put their subjects at risk of being arrested for no justifiable reason.
Case Study 2
Michael DuCross was stopped for a routine traffic violation, when a check with the NCIC showed that he was AWOL from the Marine Corps. DuCross was arrested and held for five months before it was found that he had not been AWOL at all, but had been discharged legitimately.
In 1999, Phillip Cummings, a help desk worker at a software firm, took a spreadsheet of logins and passwords when he quit, granting him access to a number of credit reports. The criminals he sold the reports to stole $50 to $100 million – no small sum for the 33,000 people whose reports were stolen.
Malcolm Byrd was sitting at home in 2003 when police officers came to his home and arrested him on a warrant for cocaine possession. Though eventually his name was cleared, Byrd learned that a criminal had used his name when he was arrested. He spent some time in jail before finally being released.
2.Read the case studies on cybercrime and answer the following questions.
a.What type of cybercrime happened?
b.How could it have been avoided?
c.What is the effect of the cybercrime?
Case Study 1
Alina got hit by a ransomware attack that encrypted and locked 5,726 files. The malware was so powerful that it was almost impossible to recover the information.
She contacted the attacker through the ransomware’s communication feature. The ransomware creators, told her she can either pay to get her files back or lose them forever. Despite backing up her files 6 months ago, she decided that losing half a year’s worth of photos, documents and other files was too much, and so decided to pay the ransom. The price to unlock her files was $500.
Case Study 2
Andy Greenberg, once took part in a ground-breaking experiment which tested how car hacking could be done. His car would be remotely hacked while he was behind the wheel. As Andy drove on the highway, the hackers started to take control of the car. First, they activated the air vents and windshield wipers. Next, the transmission was cut and finally, they remotely activated the breaks. Even though Andy tried to control his car, the hackers had more power. The experiment uncovered a massive flaw cars which was later fixed.
Previous
Chapter 9: Database design
|
Table of Contents |
Next
Chapter 11: Internet and www
|