Information Security

Computer Crime
Cyber criminals steal intellectual property and commit fraud, unleash viruses and commit acts of cyber terrorism. Computer crime is defined by Association of Information Technology Professionals (AITP) as including Unauthorized use, access, modification and destruction of hardware, software, data or network resources Unauthorized release of information Unauthorized copying of software Denying an end user access to his/her own computer or networking resources Using or conspiring to use computer or network resources to obtain information or tangible property illegally AITP promoted this definition in a Model Computer Crime Act and is reflected in many computer crime laws. Cyber thieves use many tools, from scans that ferret out weakness in Website software programs to sniffers that snatch passwords.

Hacking and Cracking

Hacking is obsessive use of computers or unauthorized access and use of networked computer systems. Hackers can be outsiders or company employees who use Internet and other networks to steal or damage data and programs. Hackers can monitor e-mail, Web server access or file transfers to extract passwords, steal network files, or plant data that will cause a system to welcome intruders. They have used telnet remote services to access a computers email port and monitor messages for passwords and other information about privileged user accounts and network resources. Internet security measures like encryption and firewalls are vital to success of e-commerce and other e-business applications. A cracker (also called a black hat or dark side hacker) is a malicious or criminal hacker. He/she maintains knowledge of vulnerabilities he/she finds and exploits them for private advantage, not revealing them to general public or manufacturer for correction. Denial of service: By hammering a Websites equipment with too many requests for information, an attacker can clog it slowing performance.

Hacking tactics
Scans: Widespread probes of Internet to determine types of computers, services and connections. Sniffer: Programs that covertly search individual packets of data as they pass through Internet, capturing passwords or entire contents. Spoofing: Faking an email address or Web page to trick users into passing along critical information like passwords or credit card numbers. Trojan horse: A program, unknown to user, contains instructions that exploit known vulnerability in some software. Back doors: In case original entry point has been detected, having a few hidden ways back makes reentry easy and difficult to detect. Malicious applets: Tiny programs, sometimes written in popular Java language, that misuse your computers resources, modify files on hard disk, send fake email or steal passwords. War dialing: Programs that automatically dial thousands of phone numbers in search of a way through modem connection. Logic bombs: A program instruction that triggers a malicious act.

Software piracy
Buffer overflow: A technique for crashing or gaining control of computer by sending too much data to buffer in computer memory. Password crackers: Software that can guess passwords. Social engineering: A tactic used to gain access to computer systems by talking unsuspecting company employees out of valuable information such as passwords. Dumpster diving: Sifting through companys garbage to find information for breaking into their computers. Unauthorized copying of software, or software piracy, is major form of software theft. Software Publishers Association files lawsuits against major corporations that allowed it. Software is intellectual property protected by copyright law and user licensing agreements. Public domain software is not copyrighted. Only 65% of software purchases in 2006 was legally acquired.

Computer virus and worms

A virus is program code that cannot work without being inserted into another program. A worm is distinct program that can run unaided. These programs copy annoying or destructive routines into networked computer systems of anyone who accesses computers infected with virus or who uses copies of magnetic disks taken from infected computers. Copies of shareware, software downloaded from Internet can be another source of viruses. A virus usually copies itself into files of computers operating system. Then it spreads to main memory and copies itself onto hard disk and any inserted removable media. It also spreads to other computers through email, file transfer, or other telecom activities. One should use antivirus programs that can help diagnose and remove computer viruses from infected files. Adware is software that allows Internet advertisers to display ads as banners and pop-up ads without consent of computer user. Spyware programs collect specific information about you, ranging from name to credit card, user name and password. All adware programs are not spyware.

Raymond James Financial

Focus on leak of sensitive customer data or proprietary information, through e-mail messages, instant messaging, blogs, FTP transfer, and message boards. Network-based outbound content monitoring and control system examines contents of each network packet in real mode and issues alerts when policy violations are found. System uses linguistic analysis to detect complete documents and derivative documents such as IM message in which user has pasted document fragment. Security tools look for 3 types of information. Personal identification system such as SSN and credit card Confidential company information such as product specs, payroll information, legal files or supplier contracts Inappropriate use of company resources, such as potentially offensive communications involving race

Raymond James Financial

Most tools can uncover patterns of language and presentation based on enough samples. BCD Travels and Houston Texans found people were unaware of security risks, such as sending customers credit card number by email to book a flight or room from a vendor who did not have online reservation system. Fidelity Bancshares use message-blocking feature to intercept and return message to user, along with instructions on how to send email securely. Tools cannot detect information that flows through Skype VoIP or SSL connections. They can also flood logs with false positives. These tools augment intrusion-detection and firewall systems that control and block specific ports.