Chapter 8, Problem 1RQ

Program Plan Intro

System vulnerability:

• When huge data amounts are been kept in electronic form, it becomes susceptible to many threats.
• The information systems in many locations are been interconnected through communication networks.
• The unauthorized access can occur at many access points in network and is not limited to single location.
• The data flowing over networks could be accessed; valuable information could be stolen while transmission or data could be altered without authorization.
• The denial-of-service attacks are launched by intruders to disrupt website operations.
• Internets are vulnerable than internal networks as it is open to everyone.

Explanation of Solution

Threats against contemporary information systems:

• The common threats against contemporary information systems are shown below:
  • o Technical threats:
    • It includes unauthorized access and introducing errors.
  • o Communications:
    • It includes tapping of conversations.
    • Message alteration, radiation, fraud and theft.
    • Denial of service attacks
  • o Corporate Systems:
    • Theft of data
    • Data copying
    • Data Alteration
    • Hardware failure
    • Software failure
    • Power failure
    • Natural disasters.
  • o Poor management decisions:
    • Poor design of safeguard
    • It causes valuable data being lost or destroyed.

Explanation of Solution

Malware:

• A malware denotes a program that is harmful to a computer user.
• It includes viruses, worms, Trojan horses and spyware programs that gather information without user permission.
• Virus:
  • o A program that would replicate itself by being copied.
  • o It may initiate copying to another program, document or computer boot sector.
• Worm:
  • o It denotes a virus that is self-replicating and does not alter files but resides in active memory.
  • o It duplicates itself without human intervention.
• Trojan horse:
  • o A program in which malicious code is contained inside data or programming that is harmless.
  • o It is not a virus as it does not replicate, but it denotes a way for other malicious code to be introduced into system.

Explanation of Solution

Security problems created by hacker:

• A hacker denotes an individual who gains unauthorized access to computer system.
• It does so by finding security protection weakness in websites and computer systems.
• A hacker threatens computer system security, steals information, damages systems and commits cyber vandalism.
• They disrupt, deface or destroy a website or information system intentionally.

Explanation of Solution

Computer crime with examples:

• A computer crime denotes any violations of criminal law that involves knowledge of computer technology for perpetration, investigation or prosecution.
• It is defined as commission of illegal acts through use of a computer or against computer system.
• The examples with computers as crime targets are shown below:
  • o Confidentiality breach for protected computerized data.
  • o Unauthorized access to computer systems.
  • o Accessing protected computers for committing fraud.
  • o Accessing protected computers for causing damage intentionally.
  • o Transmission of a program that causes damage to protected computer.
• The examples with computers as instruments of crime are shown below:
  • o Trade secrets theft.
  • o Defraud schemes.
  • o Using threatening mails.
  • o Attempt to intercept electronic communication intentionally.
  • o Illegal access of stored communications including voice mail and email.
  • o Transmission of child pornography using computer.

Explanation of Solution

Identity theft and phishing:

• Identity theft denotes a crime in which personal information pieces are obtained.
• It includes social security number, license number or credit card number to act as behalf of someone else.
• The information might be used for obtaining credit, merchandise or services in name of victim.
• It is a big problem today as internet has made easy for identity thieves to use stolen information.
• The goods could be purchased online without any personal interaction.
• The e-commerce sites become sources for personal information that criminals uses to establish a new identity.
• Phishing denotes setting up fake websites or sending fake mails that look like those from legitimate business.
• It asks users for confidential personal data.
• The user may ask recipients to confirm records by providing social security numbers, credit card information and other personal details.

Explanation of Solution

Security and system reliability problems:

• The employees create financial threats to business. It includes destruction of e-commerce sites, diversion of credit data and personal information.
• Employees has access to privileged information and in presence of weak security procedures, they can check all personal details.
• The system compromise happens when an employee lets coworker use the system.
• Malicious intruders may trick employees into password revealing pretending to be legitimate company members.
• The faulty data could be entered by employees and can introduce errors.
• Information specialists can create software errors while designing and development of new software.

Explanation of Solution

Software defects affect system reliability and security:

• The software could fail to perform well or gives erroneous result because of undetected bugs.
• A control system may fail to carry messages or allow internet access.
• The customers may be wrongly charged due to such failures.
• The business may order more inventory than it requires.
• The bugs or defects caused by incorrect designs denote major quality problems.
• The maintenance of old programs that is caused by changes in organization, system design flaws and software complexity denotes a problem.
• The small bugs in middle of complex programs may create serious issues in testing.