In order to fully secure our systems. It is important for us to first of all know the various methods of computer related crime.I have listed and briefly explained a few of the most common ones.
- DATA DIDDLING
A simple and common computer related crime which involves changing data prior to or during input to a computer. Data can be changed by anyone involved in the process of creating, recording, encoding, examining, checking, converting, or transporting computer data. To minimize the risk of diddling it is essential to apply internal security controls.
- TROJAN HORSE
A Trojan Horse involves the placement of unwanted computer instructions in a program so that the host computer will perform some undesired/unauthorized function. The instructions enter the target system hidden in some other message or program, thus the name Trojan Horse.
Minimize the risk of attack by a Trojan Horse by implementing security control measures for all incoming data containing hidden content.
- LOGIC BOMB
A Logic Bomb is a computer program executed at a specific time to cause damage to computer programs or data. Logic Bombs often enter a computer system using the Trojan Horse method, but differ because their presence is detected only after the bomb “blows up.”
For example, a disgruntled employee may write a computer program to cause the company’s computer system to crash at a particular date. At the specified date and time, the system crashes costing hundreds of hours and thousands of dollars to restore.
Minimize the risk by using security methods that verify the system for inappropriate content.
- IMPERSONATION
When access to a computer system is controlled by passwords and user identifiers, the most common method to gain access to the system is to impersonate an authorized user.
Impersonation in the workplace may be accomplished as easily as taking an authorized user’s place at an unattended terminal which has not been logged off. However, impersonation usually requires that the intruder has access to two or three pieces of information:
- User I.D. or account number;
- Password of the authorized user.
- A dial port number (i.e. computer’s telephone number), if access is attempted from a remote location.
Minimize the risk of unauthorized access by implementing security measures and password maintenance. Passwords should be of adequate length to maximize security and maintenance systems should force a change of passwords at regular intervals. In addition, the system should be programmed to generate a minor alarm after an unusual number of invalid sign-on attempts.
- THE INTERNET AND BULLETIN BOARDS
The Internet and Bulletin Boards can be used by hackers to exchange information necessary to commit criminal acts on computer systems. Both the Internet and Bulletin Boards allow users to communicate and exchange information on a wide range of topics. Therefore, a system access password obtained by a hacker in one city could be provided to any number of like-minded individuals around the world. Once this information is shared, hundreds of hackers may attempt to gain unauthorized access to the computer system.
In a similar manner, payment card information or telecommunications calling card information can be shared with interested individuals around the world in a moment.
- COMPUTER VIRUS
A computer virus is program code which can attach itself to other programs and corrupt data and damage hardware. In addition to infecting other programs, the virus may damage data by way of Data Diddling, Trojan Horses or Logic Bombs. A virus may do nothing more than temporarily interrupt the computer service to display a message on the screen, or it may bring down the infected computer system. Software or hardware containing a virus can come from many sources such as public domain software, bulletin boards, the Internet, computer club software, a friend or colleague’s diskette, or commercial packages that have been tampered with.
Minimize the risk of infection by incorporating virus scanning into the start-up of the computer system and scan any new software prior to use.
