Chapter 5: Major Issues in Computer and IS

Impact of IS
 The impact of IS means the affect/impact of information system on society. These can
be in terms of the following:
Security issue
 Security issues go right to the basic workability of computer and communications
system in the information society. Some threats/dangers to IT environments are
 Crime against computers and communications
 Crime using computers and communications
 Worms and viruses
Quality of Life issue
 Environment problems : Pollution , Radiation
 Mental Health problems: Isolation , Gambling, Net addiction , Stress
 Work place problems. Misuse/mismanagment of technology
 Impact of IS
Economical Issue
 May people worry that the effects of IT are reducing jobs, they also worry that it is
widening/spreading the gap between the haves and have-nots.
It will give the opportunity to worry about
= Technology the job killer or job creator
= Gap between rich and poor
If your job is replaced by computer that means human is not fittest for that job, it is not
worthy for human that is what the interpretation should be, not in the other way.
Privacy issue
 Privacy is the claim of individuals to be left alone, free from Interference from other
individuals or organizations, including the state.
 Privacy is the ability of an individual or group to seclude themselves, or information
about themselves, and thereby express themselves selectively
 Privacy is the right of people not to reveal/make public information about them.
 Impact of IS
Computer Ethics
 ETHICS - Can be defined as a branch of philosophy dealings with the determination of what
is right or wrong, good or bad. Simply if we define” ethics are moral standards that help to
guide, behavior, actions, and choices. Ethics are grounded in the notion of:-
Responsibility
 Accepting the potential costs, duties and obligations for the decisions one makes
Accountability
 The mechanisms for assessing responsibility for decisions made and actions taken
Liability
 The existence of laws that permit individuals to recover the damages done to them by
other actors, systems, or organizations
Due process
 A process in which laws are well known and understood and there is an ability to appeal to
higher authorities to ensure that laws are applied correctly
 Computer Ethics
 Standards of conduct as they pertain to the use of information systems
 Computer ethics deals with the procedures, values and practices that govern the process
of consuming computing technology and its related disciplines without damaging or
violating the moral values and beliefs of any individual, organization or entity.
 Impact of IS
Computer Crime
 The term computer crime includes any unauthorized use of a computer system – including
software piracy( act of illegally reproducing copyrighted material) – or theft of system
resources for personal use – including computer processing time and network access time.
 Actions intended to alter data and programs or to damage or destroy data, software, or
equipment is also crimes
Most common types of computer crimes are:-
 Data diddling: modifying data
 Salami slicing: skimming small amounts of money, taking tiny fractions of every
transaction that builds into a large sum of illegally gained money.
 Carding: stealing credit card numbers online
 Piggybacking: stealing credit card numbers by spying
 Social engineering: tricking/misleading employees to gain access
 Dumpster diving: finding private info in garbage cans
 Spoofing: stealing passwords through a false login page
 Data leakage: Erasing or removing data and files from a system without indicating
that they were removed or leaving any trace, they ever existed.
 LOGIC BOMB: A program designed to execute when certain conditions occur.
Designed to sabotage/disrupt/damage system data, programs or processing
 Impact of IS
 TRAPDOOR: An illicit/illegal and unknown point of entry into a program or network that can be
used to gain access to the system
 TROJAN HORSE: A program that appears to do one thing, but actually does something very
different. Named after Trojan horse of ancient Greek lore because the program masquerades as a
harmless application and then does its damage after it is loaded onto a disk or into computer
memory.
 WIRETAPPING: Using any device to capture data transmission electronically or to listen in on
network conversations, especially those transmitted using wireless methods or over copper cables.
All these crimes are committed through intrusion, forced and unauthorized entry into the system.
Computer crime through intrusion can occur by following ways.
Hackers
Crackers
Viruses
Hackers
 A hacker is a person who gains access to a system illegally. Hackers usually gain access to a
system through a network, but sometimes they will physically enter a computer or network
facility but they are harmless. gain unauthorized access to systems or networks in order to
commit crimes.
Protection against intrusion by hackers
 Preventing unauthorized access to a system entails having good physical security. Hiring
honest, reliable people is an obvious starting point.
 Impact of IS
Techniques helpful in deterring intrusion by hackers
 Change access passwords frequently
 Allow workers access to only the system functions they need to use
 Permit workers to access only the data that they need to use
 Establish physical security systems
 Separate critical processing functions so that more than one person must be involved
 Encrypt data by scrambling or coding information.
 Adopt procedural controls
 Keep staff well informed through education programs
 Audit system activities
 Keep a log of all transactions and user activities
Crackers
 Crackers also gain unauthorized access to information technology but do so for
malicious/hateful purposes. Crackers attempt to break into computers and deliberately
obtain information for financial gain, shut down hardware, pirate software, destroy.
 Impact of IS
Computer viruses
 Virus – a destructive program that disrupts the normal functioning of computer systems
 VIRUS: A hidden program that alters, without the user’s knowledge the way a computer
operates or modifies the data and program stored on the computer.
Types of viruses:
WORMS
Trojan horses
Logic or time bombs:
 WORMS: A Worm is a program that copies itself repeatedly into memory or onto a disk drive
until no more space is left. Some worms erase, destroy, and change the data.
 Trojan horses: Activates without being detected; does not copy itself
 Logic or time bombs: A type of Trojan horse that stays dormant for a period of time before
activating
 A virus is a typical program that attaches itself to a computer system and destroys or corrupts data.
Viruses are passed in three ways
 By diskette [copying ]
 By network [data sharing]
 By internet [ e-mail ]
 Impact of IS
Methods of virus detection
 All types of computers are vulnerable/weak/susceptible to viruses. To protect
against them, companies must buy and use virus detection software. There are
three methods of virus detection.
 Scanning programs – search the computer and main memory to detect a virus
 Detection Programs – monitor processing activities and signal the user when a
virus tries to infect the system
 Digital signature encryption – uses a mathematical coding scheme designed to
foil a virus’s attempt to attack programs and data. Alternatively, we can say
published programs are encoded with mathematical key, making it difficult for
virus to attack data or programs. Also makes detection of alterations caused by
viruses easier.
Names of some viruses are
 Christmas or X-Mas
 Friday the 13th
 Falling letters
 Disk killers
 Mis-Speller
 Impact of IS
Computer Security
 Computer Security – precautions/ defenses taken to keep computers and the information they
contain safe from unauthorized access
Recommended Safeguards
 Make backups!
 Only allow access to key employees
 Change passwords frequently
 Keep stored information secure
 Use antivirus software
 Hire trustworthy employees
Security management strategies in e-business applications
 E-business or Electronic business may be defined broadly of any business process that runs
on the Internet.
 In more general way, it can be said that any business using computer is e-Business.
 But today it is mostly done using web, Intranets, Internet, Extranets or any
combination of these so e-business refers exclusively to Internet business
 Impact of IS
 E-business includes informational websites that are being fielded on an almost daily
basis by companies.
 It is not limited to just buying and selling But also servicing customers and
collaborating with business partners
E-Business security management strategy modes are the following:
Identify Security plan: _ Identify the security plan and process owner before
starting.
Evaluate Risk: _ Evaluate- what is at risk & its value?
Evaluate Expenses: _ Evaluate- what the company should spend on risk
protection.
Find Attacker: _ Find- who wants to damage through access?
Decide Security Vulnerabilities: _ Decide- the company security vulnerabilities
(through self-exam and outside audit).
 Impact of IS
Evaluate Technologies: _ Evaluate- technologies & procedures (to close the drawbacks &
tighten prevention).
Consider Attack Detection: Consider- how attacks will be detected.
Decide Action on Attack: Decide- what actions will be triggered on attacks
Educate Employees: it is clear that there is no defense better than a comprehensive
Security strategy that embraces user education,
Impact of IS

THANK
YOU