Chapter 3 Computer and Internet Crime

Chapter 3 Computer and Internet Crime  Additional Resources  1. The CERT/CC website: http://www.cert.org/ 2. The SANS website newsletter, with links to articles on Internet Security: http://www.sans.org/newsletters/newsbites/newsbites.php?vol=5&issue=42 3. The Defcon website: http://www.defcon.org 4. The CIDDAC website: http://www.ciddac.org

Key Terms  chargeback – a disputed (online) transaction. collusion – fraud committed by an employee in cooperation with a person outside of the organization. Computer Emergency Response Team Coordination Center (CERT/CC) – established in 1988 at the Software Engineering Institute (SEI) to coordinate communication among experts during computer security emergencies and to prevent future incidents. cracking – a form of hacking with clear criminal intent, such as theft of personal information, or destruction of property. cybercriminal – a hacker that breaks into corporate computers and steals, often by transferring money from one account to another. cyberterrorist – a hacker that intimidates or coerces a government or organization to advance a political or social objective by launching computer-based attacks against other computers. denial-of-service attack – an attack in which a malicious hacker takes over computer on the Internet and causes it to flood a target site with demands for data and other small tasks, causing the target system to be so busy responding to the stream of automated requests that legitimate users cannot use the target system. egress filtering – a process by which a network can prevent packets with false IP addresses from leaving the network. exploit – an attack on an information system that takes advantage of a particular system vulnerability. firewall – software or hardware that limits network access based on an organizations access policy. hacker – a computer programmer who tests the limitations of a system out of intellectual curiosity. honeypot – provides would-be hackers with false information about a network by means of a decoy server that is well isolated from the rest of the network. Ethics in Information Technology, Second Edition

 

Chapter 3

Page 1

industrial spies – insiders in an organization that use illegal means to obtain trade secrets from competitors of their firm. ingress filtering – a process by which an Internet service provider can prevent incoming packets with false IP addresses from being passed on. intrusion detection system – monitors system and network resources and activities, and then notifies the proper authority when it identifies possible intrusions. lamer – a derogatory term for a hacker with poor skills, used by hackers with better skills. logic bomb – a type of Trojan horse that executes under specific conditions, such as a change in a particular file, or a particular combination of keystrokes. macro virus – a virus written in an application macro language that infect documents and templates. reasonable assurance – a concept that recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved. risk assessment – an organization’s review of potential threats to its computers and network and the probability of those threats occurring. script kiddy – a derogatory term for a hacker with poor skills, used by hackers with better skills. security policy – defines an organization’s security requirements and the controls and sanctions needed to meet those requirements. smart card – a credit card that contains a memory chip that is updated with encrypted data every time the card is used. Software Engineering Institute (SEI) – a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. spoofing – attaching a false return address to a packet sent over a network to disguise the true origin of the packet. Trojan horse – a program that a hacker secretly installs on a computer. virus – a piece of programming code, usually disguised as something else, that causes some unexpected and usually undesirable event. virus signature – a specific sequence of bytes indicative of a virus. worm – harmful programs that reside in the active memory of a computer and duplicate themselves. zero-day attack – an attack that takes place before the security community or a software developer knows about a vulnerability or has been able to repair it. zombie – a machine used to launch a denial-of-service attack. 

Ethics in Information Technology, Second Edition

 

Chapter 3

Page 2