CHAPTER 5 :

COMPUTER
NETWORK
AND SECURITY

1
OUTLINE

1. Computer Security & Cybercrime

2. Types Of Cybercrimes
3. Computer Protections

2
COMPUTER SECURITY

 Computer security is a technique developed to safeguard

information and information systems stored on computer.
 Potential threats such as 1) destruction of computer hardware and
software and the loss, 2) modification, 3) theft, 4) unauthorized use,
and 5) observation, or disclosure of computer data.

3
CYBERCRIME = COMPUTER
CRIME

 Computer crime is criminal action perpetrated primarily through the

use of computer or all crimes performed or resorted to by abuse of
electronic media or otherwise, with the purpose of influencing the
functioning of computer or computer system.
 COMPUTER CRIME is any crime where – computer is a target,
computer is a tool of crime, and computer is incidental to crime.

4
CYBERCRIME

Example of Cybercrime acts:

1. Stealing people’s identities online
2. Attacks on corporate website
3. Online auction fraud
4. Non-delivery of ordered items
5. Online child pornography
6. Credit card stolen by phishing (tricking people into revealing
credit card info / send virus to gather credit card data)
5
 CYBERCRIME

Cybercriminals - individual
who uses computers/ networks/
Internet to perpetrate crime

6
WHY LEARN ABOUT CYBER
CRIME ?

• EVERYBODY is using COMPUTERS!!

• We live in an age of cyber crime.
• The incident rates of reported cyber crimes are exploding.
• From white collar criminals to terrorist organisations and from
Teenagers to Adults.

7
WHY LEARN ABOUT CYBER
CRIME ?

• Conventional crimes like forgery, extortion, kidnapping etc.. are

being committed with the help of computers.
• New generations are growing up with computers.
• MOST IMPORTANTLY – Monetary transactions are moving on to
the INTERNET

8
LIST OF TOP 20 COUNTRIES WITH THE
HIGHEST RATE OF CYBERCRIME IN 2011
(source: BusinessWeek/Symantec)

9
PROFILE OF
CYBERCRIMINALS

1. Disgruntled employees
2. Teenagers
3. Political Hactivist
4. Professional Hackers
5. Business Rival
6. Ex-Boy/Girl Friends
7. Divorced ex-Husband/Wife/Fiancee.. etc

10
WHO ARE THE VICTIMS??

1. Gullible/innocent/easy to fool
2. Desperados and greedy people
3. Unskilled & Inexperienced
4. Unlucky people

Have you been a victim of cybercrime?

11
COMPUTER CRIMES ARE
VULNERABLE
BECAUSE ....

Anonymity Computer’s
storage capacity

Weakness in User’s lack of 12

OS awareness
TYPES OF CYBERCRIMES (THIS IS
NOT AN EXAUSTIVE LIST OF CYBER
CRIME)

1. Hacking 6. Software Piracy

2. Phishing 7. Spoofing
3. Pornography 8. IRC Crime
4. Virus Dissemination 9. Cyber Stalking
5. Credit Card Fraud 10.Salami Attack

13
HACKING

 Hacking in simple terms means illegal intrusion into a computer

system without the permission of the computer owner/user.
 A hacker is someone who just want to know everything from a
system just for the joy of it!!
 Some hackers focus on networks, protocols and security.
 Use this knowledge to find security holes in a system.
 A HACKER will be considered a CRACKER when break into
system and spread viruses.

14
HACKING

 Crackers are the evil hackers in

the view of most hackers --
"black hats".
 Good" hackers think of
themselves as "white hats".

15
PHISHING

 Phishing is a way of
attempting to acquire
information such as
usernames, passwords
and credit card details by
masquerading as a
trustworthy entity in an
electronic
communication.

16
PHISHING

17
PORNOGRAPHY

 Pornography or porn is the explicit portrayal of

sexual subject matter for the purposes of sexual
arousal and erotic satisfaction.
 Pornography may use any of a variety of media,
ranging from books, magazines, postcards, photos,
sculpture, drawing, painting, animation, sound
recording, film, video, or video game.
 The Internet saw booms in a porn industry that today
generates billions

18
VIRUS DISSEMINATION

 A computer virus is a
computer program that can
replicate itself and spread from
one computer to another.
 Can spread in exe code when
its host is taken to the target
computer
 Spread through network or the
Internet, carried on a
removable medium - floppy
disk, CD, DVD, or USB drive
19
CREDIT CARD FRAUD

 Credit card fraud is a wide-ranging term for theft and fraud

committed using a credit card or any similar payment mechanism as a
fraudulent source of funds in a transaction.
 Card printers and encoders are widely available

20
SOFTWARE PIRACY

 The copyright infringement of software (often referred to as

software piracy) refers to several practices which involve the
unauthorized copying of computer software.
 Most countries have copyright laws which apply to software, but the
degree of enforcement varies.
 In 2011, the Business Software Alliance announces that 83%
percent of software deployed on PCs in Africa has been pirated
(excluding South Africa).
 Traian Băsescu, the president of Romania, stated that "piracy helped
the young generation discover computers. This statement sets off
the development of the IT industry in Romania."
21
SOFTWARE PIRACY
What’s the best punishment and enforcement for software piracy?

22
SPOOFING

 Spoofing attack is a situation in which one person or program

successfully masquerades as another by falsifying data and thereby
gaining an illegitimate advantage.
 Types of spoofing :- Email Spoofing (most common), TCP/IP
Spoofing, URL Spoofing and Phishing, Referrer Spoofing, Caller
ID Spoofing.
 Email Spoofing making an e-mail message appear to have come
from one place when really it came from another.

23
SPOOFING

 It is generally used by spammers, who do not want their real address

to appear in the e-mails they send.
 Since the messages they send out have web links in them, they do
not care if people click 'reply’ and send an e-mail to the wrong
place.
 It also makes it a lot harder for ISP to track them down and close
their accounts.

24
IRC CRIME

25
CYBER STALKING

 Cyber stalking is the use of the Internet or other electronic

means to stalk or harass an individual, a group of individuals,
or an organization.
 Cyber stalking can be in any number of disguises.
1. Threatening or harassing emai
2. Flaming (online verbal abuse)
3. Mass unsolicited email
4. Identity theft
5. Leaving improper messages at guest books or newsgroups
26
CYBER STALKING

6. Initiating directed computer viruses

7. Pedophile activity
8. Email forgery (sending false or damaging to people you know like
coworkers, employers, neighbors, etc)

27
 SALAMI ATTACK!!

 Salami slicing is a series of many

minor actions.
 The classic story about a salami
attack is the old " collect-the-
roundoff " trick.
 A programmer modifies arithmetic
routines.
 Taking advantage of rounding to the
nearest cent (or other monetary unit)
in financial transactions.
28
SALAMI ATTACK!!

 The culprit removed 20 cents to 30 cents from

hundreds of accounts two or three times a
year.
 These thefts were not discovered or reported;
most victims wouldn't bother finding the
reasons for such small discrepancies.
 Other salamis have used bank service charges,
increasing the cost of a check by 5 cents.
 Always Go UNDETECTED

29
AMAN SHAH OF HOCK HUA
BANK 1991

 Aman Shah headed Hock Hua bank money market processing

department.
 Given authority to transmit messages for transfer of funds through
SPEEDS of up to RM50mill.
 Instructed staff to transfer funds through SPEEDS to Bistro
Advertising Agencys Bank Bumiputra account.
 Seven transfers totaling RM4.01mill were made.
 Manipulated accounting entries to cover-up the transfers.
 Fraud discovered 2 months after perpetrator left the bank.
30
WHAT
MOTIVATE
D HIM??

31
 32
Source : KPMG Fraud and Forensic Auditing
 33
Source : KPMG Fraud and Forensic Auditing
 COMPUTER
PROTECTION

34
MALWARE

 Malware, short for malicious software

 Consists of programming (code, scripts, active content, and other
software)

How does it work?

 Designed to disrupt or deny operation
 Gather information that leads to loss of privacy or exploitation gain
unauthorized access to system resources other abusive behavior

35
TYPES OF MALWARE

Adware
Botnet
Keylogger Spyware
Trojan Horse
Virus
Worm
36
VIRUS

 A computer virus is a computer program that can replicate itself and

spread from one computer to another.
 Computer viruses usually spread in one of three ways:
1. removable media
2. downloads off the Internet
3. e-mail attachments.
 Although the Internet gets a bad rap as a source of viruses, you're no
more likely to contract a virus from the Web than you are from
packaged software.
 To avoid : Scan everything you download, and update your
antivirus software regularly. 37
TROJAN HORSE

 Trojan Horse is simply a program

that pretend to be something else.
 It appears to perform a desirable
function for the user prior to run
or install, but (in addition to the
expected function) steals
information or harms the system.
 Unlike viruses, Trojan horses do
not replicate themselves

38
WORM

 A self-replicating malware program, which uses a computer

network to send copies of itself to other nodes (computers on the
network)

How does it function?

 Increase network traffic
 Causes computer to become Zombie
 Delete files on host system
 Send documents via email
39
BOTNET

 A group of computers infected by a malware like robot software that

presents a huge threat to the computer owner.
1. aid in distributing denial-of-service (DDoS) attack against a major
website;
2. It steals the info from your computer.
3. The botmaster turn your computer into a spamming machine, a spying
machine or even a cash machine!
4. It steals your money, bandwidth and identity (social security numbers,
credit card numbers, passwords, addresses, telephone numbers etc).

5. Your computer is a ZOMBIE!!!

40
BOTNET

Preventive measures:
1. You can save your PC from getting infected with proper
maintenance and some common sense!
2. Get an anti-virus and an anti-spyware from a trusted source and
keep them updated on a regular basis
3. Use strong passwords and keep them secret.
4. Never turn off your firewall.
5. Use pen-drives, external hard disks cautiously. Scan them before
opening a file.
6. Don’t open stuff you aren’t supposed to! 41
SPYWARE AND ADWARE

 SPYWARE and ADWARE are programs that

are installed on your computer unknowingly
for specific purposes.
 SIMILARITY: Spyware and adware can also
record your keystrokes to steal your passwords,
monitor your emails, and download your
private files.

42
SPYWARE AND ADWARE

DIFFERENCES:

SPYWARE ADWARE
to capture certain information to expose user to targeted
such as user’s surfing habits, advertisements (pop up ads,
shopping routines, sometimes changing your home page,
even credit card information etc.)
for marketing or other
purposes

43
KEYLOGGER

 Keystroke logging (often called keylogging) is the action of

tracking (or logging) the keys struck on a keyboard, typically in a
covert manner so that the person using the keyboard is unaware that
their actions are being monitored.
 Key logger rely on actual keyboard keys to be pressed for them to
store the data.
HOW TO AVOID?
 If you use virtual/soft keyboard, it shows up as nothing pressed to
the key logger.

44
PROTECT YOUR COMPUTER

Take these simple precautions:

 NEVER open an attachment in an email UNLESS you are sure you
understand what it is and why it's been sent to you.
 INSTALL PROTECTION SOFTWARE -- NOW!
 BLOCK PORN and other spam, as well as viruses, with a program
called MailWasher Pro.
 Find out what's NOT a virus and don't clog up the internet spreading
false alarms. Here's a great site for this research:
http://urbanlegends.miningco.com/library/blhoax.htm
 BEWARE OF SPIES, HACKERS & KEY LOGGERS!
45
 PROTECT YOUR COMPUTER

Anti-
Anti- Anti-key- Anti-
hacker-
spyware loggers worms
tools

to block your
(to prevent to safeguard your
personal to hack away at
hijackers from passwords and
information from hacker tools that
accessing your PC other private stuff
being taken can exploit your
without your computer even
permission after they're gone

46
DISCUSS

CYBERCRIME: IS IT OUT OF
CONTROL?
Spam, phishing, viruses, malware and identity theft etc…
cyber criminals are getting more audacious. Can anything
be done?

47
Define these
terms

48