StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Computer Crime and Security - Essay Example

Cite this document
Summary
The paper "Computer Crime and Security" discusses that the imperatives of not recording network access information will be stressed upon all employees. The authority to elevate access levels will be removed from all employees and kept within the IT department…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.1% of users find it useful
Computer Crime and Security
Read Text Preview

Extract of sample "Computer Crime and Security"

Interoffice Memo 05/05/2008 CEO Eze, CISCO RE: Incident Report Situation Summary Having been the flu season, last January we were forced to hire temporary workers for our call centre. All came highly recommended and were interviewed by the HR department. All temporary workers sat for an orientation session and their work duties were explicitly outlined for them. There appeared to be no problems with either their understanding of their tasks or their references and qualifications. Shortly, thereafter, however, the ICT Department detected unusual IT activities and launched an investigation. The Secret Service was informed as initial investigations indicated that patients' files were being accessed and data contained therein, copied. Later investigations revealed that it was an insider incident, involved the theft of subsequent selling of patients' credit card numbers, and that the activities emanates from the Call Centre. Having provided you with a general overview of the situation, I will now explain its potential and actual consequences, summarize the results of the post-mortem and clarify both lessons learnt and future action. 2 Background In regulating conduct related to the use of computers, the United States government currently defines a computer as "an electronic, optical, electrochemical, or other high-speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such a device" (United States Computer Fraud and Abuse Act (e)(l), 1984, cited in Kipper, 2007, p. 194). This definition accounts for the way in which IT has fused data storage, computing and telecommunications technologies and in so doing, touches upon the potential of both the computing and telecommunications technologies to violate the integrity and confidentiality of the stored data. The United States Department Of Commerce (2000) highlighted this threat in its report on the proliferation of computer use and internet access, not just in the United States but, across the world. As the greater majority of corporations, both in the United States and worldwide, are relying on IT for data storage and processing, increased popular access to IT renders corporate systems vulnerable to unauthorized penetration and the associate accessing of private and confidential data (U.S. Department of Commerce, 2000). While it is the responsibility of corporate entities to ensure the securitization of their networks, absolute inviolability is practically impossible to achieve. It is, thus, that recent years have witnessed the ever-increasing adoption of computers in the commission of crimes of fraud and theft (Power, 2000). Our company has recently fallen victim to one such incident. 3 Incident Overview On January 16th, 2008, a periodic review of our IT activities logs evidenced a string of unusual activities. Almost 10,000 patient files had been accessed and the data they contained had been transferred to an external medium, possibly an external hard drive. The IT department had no record of authorizing any individual this level of access and, indeed, there was no legitimate justification for the access of 10,000 patient files. The incident was terribly worrisome as these files contain sensitive data such as patients' social security, insurance and credit card numbers, not to mention home and place of employment addresses and contact information. The IT department immediately contacted the Legal Department and appraised its Director of the situation who, in turn, contacted law enforcement and did the same. 4 Post Mortem After reporting the incident to the Legal Department and law enforcement officials, the IT department launched an intensive post mortem investigation. The investigation, which followed standard procedures which will be described shortly, had several objectives. These were the identification of the source, as in whether it was an insider or outsider incident; the personal identification of the attacker and the strategy by which s/he gained access to the files; the data accessed and downloaded; and the attacker's intent. The scale of the incident necessitated the involvement of several departments in the investigation. Accessing confidential files which contained social security and credit card numbers immediately indicated that there was a criminal intent to the transgression and that the attacker either intended to sell the information for the purposes of facilitating credit card fraud or identity theft. Hence, apart from the involvement of the Secret Services, the Legal Department, the Security Department and, of course, the IT Department were involved in all stages of the investigation. Adhering to established digital forensics procedures recommended by noted security experts such as Stephenson (2003), the first step involved a detailed and comprehensive review of available logs. IT department employees collected all logs dating prior to the detection of the suspicious activities and throughout it. A review of the logs against our corporate network map established that the incident had not been launched by an outsider but, by an insider. Furthermore, the logs clearly indicated that access had been granted in response to the entry of a valid, high level password. This finding, in itself, was quite problematic because even though we had narrowed down suspects to insiders, the net we had cast was still very wide and encompassed several hundred employees. Therefore, at the direction of the Secret Service personnel involved in the investigation, we narrowed down our suspect list to insiders who had this level of access. All were interviewed by the Security Department in the presence of representatives from the Legal Department and, without exception, all were cleared. They were cleared for two reasons. Firstly, had their passwords been used to access the data in question, the logs would have identified them as having accessed the data. The logs, however, identified none of these individuals as having accessed the data in question during the time-period under investigation. Secondly, the Security Department had cleared them during the interview process. It was, thus, determined that an unidentified person had accessed one of these passwords to elevate his/her security clearance level. The logs were reviewed once again for determination of the validity of this particular hypothesis and it was, indeed, discovered that elevated access had been granted to a call centre employee by the call centre manager himself. Again, interviews conducted by the Security Department with the call centre manager, cleared him of complicity although not of carelessness as it was discovered that he stored his network access data on his mobile phone which he often left unattended. At this point, the digital forensics investigation came to an abrupt halt as the logs did not reveal any additional information pertaining to the identity of the individual in question or even the computer terminal which had been used to either elevate the access level or access the data in question. The Security Department and the Secret Service stepped in at this point and began to interview all call center employees. Extensive interviews eventually led to the identification of a recently hired temporary worker. Although she had come with high recommendations and had no prior citations for involvement in computer crime, she fit the bill. The certificates in her personnel file indicated that she had received extensive IT training and, accordingly, had the requisite knowledge to commit the acts in question (elevation of access level and accessing files). The Secret Service placed the suspect under surveillance for the purposes of either absolving her or gathering incriminating evidence. The surveillance established her complicity and she was subsequently arrested by the Secret Service. At the court hearing, which is set for next month, members of the investigation team are required to give evidence. To date it appears that the credit cards and social security numbers accessed have not yet been used. There is, however, no way to determine that they have not been sold and will not be used in the near future. Table 1: Summary of Findings Objective Results of the Investigation Source of Attack Insider Identity of Attacker A female temp call center employee Strategy Employed Accessed the Call Center manager's login information to elevate her clearance level, enabling unrestricted access to sensitive patient data Data Accessed 10,000 patient files were accessed and the credit card numbers contained therein were downloaded onto an external storage medium. Data Usage Intent Sale of the credit card numbers, including their associate three-digit authorization code. 5 Lessons Learnt The incident is a direct consequence of carelessness and the failure of the IT department to implement an automated log review system which would alert personnel to suspicious activities. The Call Center Manager violating all IT security policies by leaving his password lying around and the IT department was derelict in its duties because the incident was only discovered after 10,000 credit card and social security numbers had been downloaded. Lessons have been learnt as a direct outcome of this incident and the implementation of these lessons will help prevent a similar incident from occurring. First of all, the imperatives of not recording network access information will be stressed upon all employees. Secondly, the authority to elevate access levels will be removed from all employees and kept within the IT department. Lastly, a system for the automated review of network and computer logs will be implemented for the purposes of immediately alerting the department to any suspicious activities. It is believed that the implementation of these lessons will reduce the possibilities of reoccurrence. 6 References Kipper, G. (2007) Wireless Crime and Forensic Investigations. NY: Auerbach Publications. Power, R. (2000). CSI/FBI Computer Crime and Security Survey. San Francisco, CA: Computer Security Institute. Stephenson, P. (2003) Conducting Incident Post Mortems. Computer Fraud and Security, 2003(4), 16-19. United States Department of Commerce. (2000). Falling Through the Net: Toward Digital Inclusion. Washington, DC: National Telecommunications and Information Administration. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Computer Crime and Security Essay Example | Topics and Well Written Essays - 1500 words”, n.d.)
Retrieved from https://studentshare.org/miscellaneous/1510025-computer-crime-and-security
(Computer Crime and Security Essay Example | Topics and Well Written Essays - 1500 Words)
https://studentshare.org/miscellaneous/1510025-computer-crime-and-security.
“Computer Crime and Security Essay Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/miscellaneous/1510025-computer-crime-and-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Computer Crime and Security

Major Threats in Cybersecurity

Salomon (2010) reports 40% chance of this occurrence according to reports from the FBI Computer Crime and Security findings.... Name: Title: Course: Tutor: Date: Cyber security Topic 1 Companies globally continue to record increasing incidences of cyber attacks with the recent years recording remarkable increase in both the rate and sophistication.... Training employees adequately on security and dividing critical functions among them limits frauds or sabotage committed solely (Cappelli, Moore, Shimeall & Trzeciak, 2006)....
3 Pages (750 words) Coursework

Steps you can take to make online system safe for customers

Steps to ensure secured online transaction for the customers According to the Computer Crime and Security Survey of 2009- 2010, Malware infection was regarded as the most common type of security attack, with almost 67.... However, the biggest disadvantage of technology that has become a topic of discussion these days refers to the security threats faced by the users of the advanced technologies.... % of the people reported that they had been the target of at least one security threat....
3 Pages (750 words) Research Paper

Denial of Service Attacks

2] The TCP/IP protocols form the basis of today's Internet, but these protocols lack even the basic mechanisms for security, such as validation or encryption.... Newer versions of these protocols such as IPV6 do have better security features but currently TCP/IP protocols are the ones most widely used and common protocols and so their lack of built-in security has become increasingly challenging.... Even though the technical laws of different countries vary, still denial-of-service attacks are considered as a crime in most of the countries....
4 Pages (1000 words) Essay

What Is Meant and Understood by the Term Computer Misuse

The focus of this analysis is to consider the definition of the term “computer misuse” within the context of UK criminal law.... It is submitted at the outset that closely linked to the consideration of computer misuse is the growth of online use.... hellip; Finally, the All-Party Internet Group report was extremely useful in adding another dynamic to the assignment content by considering the industry perspective on the computer Misuse Act and legislative provisions....
6 Pages (1500 words) Article

Security in E-Business

2001 Computer Crime and Security Survey IBM.... The author of the paper “security in E-Business” presents that the main objective of a security plan in e-business is to “protect the privacy of the people with whom you do business and safeguard your IT and other information assets.... rdquo;… This essay will begin with the statement that security plays an important role in e-business solutions.... Be it removal or sabotage of valuable information, infiltration of spam or unsolicited mail, or distribution of other illegal activities over the Internet, security is very much essential as a practical and technical solution to online business enterprises....
1 Pages (250 words) Essay

The CSI Computer Crime and Security Survey

The Computer Security Institute (CSI) Computer Crime and Security Survey for 2008 as reported by Robert Richardson, CSI Director outlined the latest important facts and trends in regard to network and computer crime. The study was conducted from over 500 respondents –… The respondents were pooled from organizations covering a number of industries, which include government, manufacturing, transportation, telecommunication, education, health services, and The CSI Computer Crime and Security Survey 2008 Summary The Computer Security Institute (CSI) Computer Crime and Security Survey for 2008 as reportedby Robert Richardson, CSI Director outlined the latest important facts and trends in regard to network and computer crime....
1 Pages (250 words) Essay

Rootkits, Computer Attacks and Cybercrime

CCH Group (2009) included figures from a survey that took place in 2006; Computer Crime and Security survey concluded their study and stated that $241,150 is the average loss on an annual basis for organizations in the US.... (2005), Computer security and Rootkits, University of Washington.... computer attacks and cybercrime has been present in the world of computing in one form or the other since the emergence of the invention of computers....
2 Pages (500 words) Research Paper

Quiz in Computer Technique

orensic soundness(or forensically sound)_ A general term used to describe placing an emphasis on documenting, processing, and analyzing digital evidence (in the context of Computer Crime and Security) in such a way as to preserve its usefulness in any potential litigation or criminal investigation.... Digital Evidence and computer crime: Forensic Science, Computers, and the Internet.... Small computer System Interface (SCSI)g.... Zero insertion force (ZIF) Universal Serial Bus (USB)Mobile Devise External SATA (eSATA) Thumb Drive Workstation Zero insertion force (ZIF)Firewire 800 Serial ATA (SATA) (Type A) Small computer System Interface (SCSI)Firewire 400Hard disk drive_ Server Serial attached SCSI2....
2 Pages (500 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us