• CYBERCRIME is formally defined as any criminal action perpetrated primarily through the use of a computer. • CYBERCRIMINALS are individuals who use computers, networks, and the Internet to perpetrate crime. • The existence of cybercrime means that computer users must take precautions to protect themselves.
TYPES OF CYBERCRIME
• The Internet Crime Complaint Center (IC3) processed more than 336,000 complaints related to Internet crime in 2009 in the United States. • Many complaints were related to fraud, including nondelivery of ordered items, credit and debit card fraud, and advanced fee scams. Much of the credit card fraud was perpetrated when credit card numbers were stolen by criminals tricking people into revealing sensitive information or by computer programs that gather credit card data. • Non-fraud-related complaints pertained to issues such as computer intrusions, unsolicited e-mail, and child pornography.
COMPUTER THREATS: VIRUSES
• A COMPUTER VIRUS is a computer program that attaches itself to another computer program (known as the host program) and attempts to spread itself to other computers when files are exchanged. • Creating and disseminating computer viruses is one of the most widespread types of cybercrimes. Tens of thousands of new viruses or modified versions of old viruses are released each year. • Viruses normally attempt to hide within the code of a host program to avoid detection. Viruses, by definition, have a method to spread themselves. • Any computing device such as a smartphone, notebook, netbook, or iPad can be infected with a virus. Even your car, which now contains embedded computer systems, could catch a virus, especially if it connects to the Internet for software updates.
WHAT VIRUSES DO
• A computer virus’s main purpose is to replicate itself and copy its code into as many other files as possible. Although virus replication can slow down networks, it is not usually the main threat. • The majority of viruses have secondary objectives or side effects, ranging from displaying annoying messages on the computer screen to destroying files or the contents of entire hard drives.
HOW DOES A COMPUTER CATCH A VIRUS?
• If your computer is exposed to a file infected with a virus, the virus will try to copy itself and infect a file on your computer. If you never expose your computer to new files, it will not become infected. However, this would be the equivalent of a human being living in a bubble to avoid getting sick. • Shared disks or flash drives are common sources of virus infection, as is e-mail. Just opening an e-mail message will not usually infect your computer with a virus, although some new viruses are launched when viewed in the preview pane of your e-mail software. • Downloading or running a file that is attached to the e-mail is a common way that your computer becomes infected.
TYPES OF VIRUSES
• Although thousands of computer viruses and variants exist, they can be grouped into broad categories based on their behavior and method of transmission. • BOOT-SECTOR VIRUSES replicate themselves into the hard drive’s master boot record, a program that executes whenever a computer boots up, ensuring that the virus is loaded immediately. Boot-sector viruses are often transmitted by a flash drive left in a USB port. • LOGIC BOMBS are viruses that are triggered when certain logical conditions are met (such as opening a file). • TIME BOMBS are viruses that are triggered by the passage of time or on a certain date. The effects of logic bombs and time bombs range from annoying messages being displayed on the screen to reformatting of the hard drive, causing complete data loss. • WORMS attempt to travel between systems through networks to spread their infections. A virus infects a host file and waits for that file to be executed on another computer to replicate. A worm, however, works independently of host file execution and is much more active in spreading itself. • Some viruses are hidden on Web sites in the form of scripts. SCRIPTS are mini-programs that are often used to perform legitimate functions on Web sites. However, some scripts are malicious. • MACRO VIRUSES are attached to documents (such as Word files) that use macros. A MACRO is a short series of commands that usually automates repetitive tasks. However, macro languages are now so sophisticated that viruses can be written with them. • E-MAIL VIRUSES use the address book in the victim’s e-mail system to distribute a virus. • ENCRYPTION VIRUSES search for common data files and then compress them using a complex encryption key. The user then has to pay to get the files unlocked.
• Viruses can also be classified by the methods they take to avoid detection by antivirus software. • POLYMORPHIC VIRUSES change their code (or periodically rewrite themselves) to avoid detection. Most polymorphic viruses infect one certain type of file (.exe files, for example). • MULTIPARTITE VIRUSES are designed to infect multiple file types in an effort to fool the antivirus software that is looking for them. • STEALTH VIRUSES temporarily erase their code from the files where they reside and hide in the active memory of the computer. This helps them avoid detection if only the hard drive is searched for viruses. Current antivirus software scans memory as well as the hard drive.
• The best defense against viruses is ANTIVIRUS SOFTWARE, which is specifically designed to detect viruses and protect your computer and files from harm. Although antivirus software is designed to detect suspicious activity on your computer at all times, you should run an active virus scan on your entire system at least once a week. • Most antivirus software looks for virus signatures in files. VIRUS SIGNATURES are portions of the virus code that are unique to that particular computer virus. Antivirus software scans files for these signatures and thereby identifies infected files and the type of virus that is infecting them. • Antivirus software scans files when they are opened or executed. If it detects a virus signature or suspicious activity, it stops the execution of the file and notifies you it has detected a virus. Usually it gives you the choice of deleting or repairing the infected file and places the virus in a secure area. This is called QUARANTINING. • Through INOCULATING, an antivirus program records key attributes about files and rechecks these statistics during a scan. • Antivirus software catches known viruses effectively. Thus, your computer can still be attacked by a virus that your antivirus software does not recognize. To minimize this risk, you should keep your antivirus software up to date.
DEALING WITH AN INFECTED COMPUTER
• Boot up your computer with the antivirus installation disc. (Note: If you download your antivirus software from the Internet, it is a good idea to copy your antivirus software to a DVD in case you have problems in the future.) • This should prevent most virus programs from loading and will allow you to run the antivirus software directly from the DVD drive. • If the software does detect viruses, you might want to research them further to determine whether your antivirus software will eradicate them completely or if you need to take additional manual steps to eliminate the virus. • Most antivirus company Web sites contain archives of information on viruses and provide step-by-step solutions for removing viruses.
PREVENT INSTANT MESSAGING VIRUSES
• Virus attacks and other forms of malicious hacking are being perpetrated at an alarming rate via instant messenger (IM) programs such as AOL Instant Messenger and Windows Live Messenger. You should try to hide your instant messaging activity from everyone but people you know. To keep your IM sessions safe, follow these precautions: 1) Allow contact only from users on your Buddy or Friends List. This prevents you from being annoyed by unknown parties.
2) Never automatically accept transfers of data. Although file and video transfers are potentially useful for swapping files over IM, they are a common way of receiving malicious files, which can then infect your computer with viruses. 3) Avoid using instant messaging programs on public computers. If you use a shared computer, such as one in a computer lab at school, be sure you do not select any features that remember your password or connect you automatically. The next person who uses the computer might be able to connect to the instant messaging service as you and impersonate you.
OTHER WAYS TO PROTECT YOUR SYSTEM
• Keep your computer’s antivirus and operating system (OS) software up to date. • Load security patches as soon as they are available. • Enable automatic updates for both the OS and all other software loaded on your computer. Many viruses take advantage of known software vulnerabilities.
• A HACKER is defined as anyone who unlawfully breaks into a computer system, whether an individual computer or a network. • Many hackers who break into systems just for the challenge of it (and who do not wish to steal or wreak havoc on the systems) refer to themselves as WHITE HAT HACKERS. They tout themselves as experts who are performing a needed service for society by helping companies realize the vulnerabilities that exist in their systems. • White hat hackers call hackers who use their knowledge to destroy information or for illegal gain BLACK HAT HACKERS. • Amateur hackers are referred to as SCRIPT KIDDIES. Script kiddies do not create programs used to hack into computer systems; instead, they use tools created by skilled hackers. WHAT HACKERS STEAL • If you perform financial transactions online, credit card and bank account information can reside on your hard drive and may be detectable by a hacker. • Even if this data is not stored on your computer, a hacker might be able to capture it when you are online by using a packet sniffer. • A PACKET SNIFFER is a program that looks at each packet as it travels on the Internet - not just those that are addressed to a particular computer, but all packets. • Some packet sniffers are configured to capture all the packets into memory, whereas others capture only those packets that contain specific content (such as credit card numbers). • A KEYLOGGER is a program that captures all keystrokes made on a computer. • Once a hacker has your credit card information, he or she can either use it to purchase items illegally or sell the number to someone who will. If hackers can gather enough information in conjunction with your credit card information, they may be able to commit IDENTITY THEFT.
HOW COMPUTERS ARE ATTACKED
• To perpetrate widespread computer attacks, hackers need to control many computers at the same time. To this end, hackers often use Trojan horses to install other programs on computers. • A TROJAN HORSE is a program that appears to be something useful or desirable (like a game or a screen saver) but does something malicious in the background without your knowledge. • Often, the malicious activity perpetrated by a Trojan horse program is the installation of BACKDOOR PROGRAMS, which allow hackers to take almost complete control of your computer without your knowledge. Using a backdoor program, hackers can access and delete all files on your computer, send e-mail, run programs, and do just about anything else you can do with your computer. • Computers that hackers control in this manner are referred to as ZOMBIES. • Hackers can also launch an attack from your computer, called a DENIAL OF SERVICE (DoS) attack, in which legitimate users are denied access to a computer system because a hacker is repeatedly making requests of that computer system through a computer he or she has taken over as a zombie. • Because DoS attacks from a single computer are easy to track, savvy hackers launch coordinated attacks from hundreds or thousands of zombies at once. These are known as DISTRIBUTED DENIAL OF SERVICE ATTACKS (DDoS).
HOW HACKERS GAIN ACCESS
• Hackers can gain access to computers directly or indirectly. Direct access involves sitting down at a computer and installing hacking software. • The most likely method hackers use to access a computer indirectly is through its Internet connection. When connected to the Internet, your computer is potentially open to attack by hackers. • LOGICAL PORTS are virtual communications gateways that allow a computer to organize requests for information from other networks or computers. Open logical ports, like open windows in a home, invite intruders. Unless you take precautions to restrict access to your logical ports, other people on the Internet might be able to access your computer through them.
• FIREWALLS are software programs or hardware devices designed to keep computers safe from hackers. • By using a firewall, you can close off open logical ports to invaders and potentially make your computer invisible to other computers on the Internet. • Most current operating systems include a reliable firewall. • Many security suites such as Norton Internet Security, McAfee Internet Security, and ZoneAlarm Internet Security Suite also include firewall software. • Two firewalls running at the same time can conflict with each other and can cause your computer to slow down or freeze up. • Many routers sold for home networks include firewall protection. • For peace of mind (and to ensure that your firewall setup was successful), you can visit several Web sites that offer free services that test your computer’s vulnerability. • One popular site is Gibson Research (grc.com). If the testing program detects potential vulnerabilities and you don’t have a firewall, you should install one as soon as possible. If the firewall is already configured and common ports are detected as being vulnerable, consult your firewall documentation for instructions on how to close or restrict access to those ports.
• BLUESNARFING involves exploiting a flaw in the Bluetooth access software for the purpose of accessing a Bluetooth device and stealing the information contained on it. Unfortunately, Bluesnarfing is relatively easy (and cheap) because a lot of Bluesnarfing software is available on the Internet. • Although much more difficult and expensive to execute, Bluebugging presents more serious dangers. The process involves a hacker actually taking control of a Bluetooth-enabled device. Once a hacker gains control of the device, he or she can make phone calls; establish Internet connections; read phonebook entries; set call forwarding; or send, receive, and read short message service (SMS) messages.
• Most devices with Bluetooth capability give you the option of making your device invisible to unauthorized Bluetooth devices. By making your device invisible to unauthorized devices (say a hacker’s headset), you prevent hackers from connecting to your equipment (your phone) because the hacker’s headset is not an authorized device for your phone.
• Creating strong passwords that are difficult for hackers to guess is an essential piece of security that individuals sometimes overlook. • To create strong passwords, follow these basic guidelines: ➢ Your password should contain at least 14 characters and include numbers, symbols, and upper- and lowercase letters. ➢ Your password should not be a single word or any word found in the dictionary. ➢ Ideally, use a combination of several words with strategically placed uppercase characters. ➢ Your password should not be easily associated with you (such as your birth date, the name of your pet, or your nickname). ➢ Use a different password for each system or Web site you need to access. This prevents access to every account you maintain if one of your passwords is discovered. (If you cannot remember them all, use the password management feature of Windows or the Firefox browser.) ➢ Never tell anyone your password or write it down in a place where others might see it. ➢ Change your password on a regular basis (say every month) or if you think someone might know it.
WIRELESS NETWORKS ON THE ROAD
• Hackers know the areas where people are likely to seek access to wireless networks. They will often set up their own wireless networks in these areas with sound-alike names to lure unsuspecting Web surfers and get them to enter credit card information to gain access. Other times these “evil twins” offer free Internet access and the hackers just monitor traffic looking for sensitive information they can use. • Check with authorized personnel at places where you will be connecting to hotspots to determine the names of the legitimate hotspots. If you run across “free” access to a hotspot that isn’t provided by a legitimate merchant, you are better off not connecting at all because you cannot be sure your information will not be used against you or that malicious files will not be downloaded to your computer.
• The problem with well-constructed passwords is that they can be hard to remember. Password management tools can take the worry out of forgetting passwords because the password management software does the remembering for you. • Windows, Internet security packages, and Web browsers like the Firefox browser make it easy to keep track of passwords by providing password management tools. However, you generally have to turn this feature on.
ANONYMOUS WEB SURFING
• If you use shared computers in such public places as libraries, coffee shops, and college student unions, you should be concerned about a subsequent user of the computer spying on your surfing habits. You also never know what nefarious tools have been installed by hackers on a public computer. Many newer Web browsers include privacy tools that help you surf the Internet anonymously. • Portable privacy devices help to protect your privacy when working on computers away from your home or office. Simply plug the device into an available USB port on the machine on which you will be working. All sensitive Internet files, such as cookies, Internet history, and browser caches, are stored on the privacy device, not the computer you are using. • Take the Linux OS with you on a flash drive and avoid using the public computer’s operating system. This significantly reduces the chance that your flash drive will become infected by any malware running on the public computer. You also avoid reading and writing to the hard disk and thus avoid leaving traces of your activity behind.
BIOMETRIC AUTHENTICATION DEVICES
• BIOMETRIC AUTHENTICATION DEVICES are devices you can attach to your computer that read a unique personal characteristic, such as a fingerprint or the iris pattern in your eye, and convert that pattern to a digital code. • When you use the device, your pattern is read and compared to the one stored on the computer. Only users having an exact fingerprint or iris pattern match are allowed to access the computer. • Because no two people have the same biometric characteristics, these devices provide a high level of security. They also eliminate the human error that can occur in password protection. (You might forget your password, but you will not forget to bring your fingerprint to the computer!)
• MALWARE is software that has a malicious intent (hence the prefix mal). There are three primary forms of malware: adware, spyware, and viruses. Adware and spyware are not physically destructive like viruses and worms that can destroy data. Known collectively as grayware, they are primarily intrusive, annoying, or objectionable online programs that are downloaded to your computer when you install or use other online content such as a freeware program, game, or utility. • ADWARE is software that displays sponsored advertisements in a section of your browser window or as a pop-up ad box and is considered a legitimate (although sometimes annoying) means of generating revenue for those developers who do not charge for their software or information. • SPYWARE is an unwanted piggyback program that usually downloads with other software you want to install from the Internet. It runs in the background of your system. Without your knowledge, spyware transmits information about you, such as your Internet surfing habits, to the owner of the program so that the information can be used for marketing purposes. • Many spyware programs use tracking cookies (small text files stored on your computer) to collect information, whereas others are disguised as benign programs that are really malicious programs (such as Trojan horses). One type of spyware program known as a keystroke logger monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information. • Many Internet security suites now include antispyware software. However, you can also obtain stand-alone spyware removal software and run it on your computer to delete unwanted spyware. It is a good idea to install one or two additional stand-alone antispyware programs on your computer.
SPAM OR SPIM
• SPAM is unwanted or junk e-mail. Companies find your e-mail address either from a list they purchase or with software that looks for e-mail addresses on the Internet. • One way to avoid spam in your primary account is to create a free Web-based e-mail address that you use only when you fill out forms or purchase items on the Web. Another way to avoid spam is to filter it. A spam filter is an option you can select in your e-mail account that places known or suspected spam or junk mail messages into a folder other than your inbox. • Do not reply to spam to remove yourself from the spam list. By replying, you are confirming that your e-mail address is active. Instead of stopping spam, you might receive more. You can also subscribe to an e-mail forwarding service, such as Emailias (emailias.com) or Sneakemail.com (sneakemail.com). These services screen your e-mail messages, forwarding only those messages you designate as being okay to accept. • SPIM are unsolicited instant messages.
PROTECTING YOUR PERSONAL INFORMATION
• Your Social Security number, phone number, and street address are three key pieces of information that identity thieves need to steal an identity. This information should never be shared in a public area on any Web site. • Social networking sites make privacy settings available in their account menus. If you have never changed your privacy settings, you are probably sharing information more widely than you should. Because these sites are designed to foster social interaction, the default privacy settings make it easy to search for people.
BACKING UP YOUR DATA
• Making file BACKUPS - copies of files that you can use to replace the originals if they are lost or damaged - is important. When you back up your files, remember to store the copy in a different place than the original. • Removable storage media such as DVDs, CDs, and flash drives are popular choices for backing up files because they hold a lot of data and can be easily transported.
• Two types of files need backups, program files and data files: ➢ PROGRAM FILES are files you use to install software. They should be on the CDs or DVDs that they originally came on. If any programs came preinstalled in your computer, you should still have received a CD or DVD that contains them. As long as you have the original media in a safe place, you shouldn’t need to back up these files. ➢ DATA FILES are files you create (such as Word files), as well as contact lists, address books, e-mail archives, and your Favorites list from your browser. • You should back up your data files frequently, depending on how much work you can afford to lose. You should always back up data files when you make changes to them, especially if those changes involve hours of work. • To make backups easier, store all your data files in one folder on your hard drive. Then, to back up your files, you simply copy the Data Files folder onto an alternate storage media. • There are plenty of software programs designed for easy file backup. BACKUP SOFTWARE allows you to schedule regular backups that occur automatically, with no intervention on your part. They can back up individual files, folders, or an entire hard drive to another hard drive, such as an external drive connected to your computer by a USB port, or to a CD/DVD in the CD/DVD drive. • A FULL BACKUP will back up all files in a specified location. An INCREMENTAL BACKUP will back up only files that have changed since the last time a backup was performed on the files. • For complete protection, you should create an image backup of your entire system. • Windows 7 backup utilities also provide you with the option of making a copy of your system image for restoration purposes. Taking an image of your entire system and storing it on another hard drive provides you with the ultimate protection.
• With a backup of your entire hard drive, including your system image, you will not need to reinstall all of the program software from the original media. Instead, you just replace the broken hard drive with the backup hard drive (or copy the contents of the backup drive to a new drive). • To be truly secure, backups must be stored away from where your computer is located. • A final backup solution is to store backups of your files online. For a fee, companies can provide you with such online storage. If you store a backup of your entire system on the Internet, you do not need to buy an additional hard drive for backups. This method also takes the worry out of keeping your backups in a safe place because they are always stored in an area far away from your computer. However, if you’d like to store your backups online, make sure you have high-speed Internet access; otherwise, your computer could be tied up as you transfer files. • Backups can also be made to network attached storage devices. The NAS devices are essentially large hard drives that are connected to a network of computers instead of one computer, and they can be used to back up multiple computers simultaneously.
• SOCIAL ENGINEERING is any technique that uses social skills to generate human interaction that entices individuals to reveal sensitive information. • Social engineering often does not involve the use of a computer or face-to-face interaction. Telephone scams are common because it is often easier to manipulate someone when you don’t have to look at them. • Most social engineering schemes use a pretext to lure their victims. Pretexting involves creating a scenario that sounds legitimate enough that someone will trust you.
PHISHING AND PHARMING
• PHISHING lures Internet users to reveal personal information such as credit card numbers, Social Security numbers, or other sensitive information that could lead to identity theft. The scammers send e-mail messages that look like they are from a legitimate business such as an online bank. The e-mail states that the recipient needs to update or confirm his or her account information. When the recipient clicks the provided link, he or she goes to a Web site. The site looks like a legitimate site but is really a fraudulent copy the scammer has created. Once the e-mail recipient confirms his or her personal information, the scammers capture it and can begin using it. • You should never reply directly to any e-mail asking you for personal information. Never click on a link in an e-mail to go to a Web site. Instead, type the Web site address in the browser. Check with the company asking for the information and only give the information if you are certain it is needed. Also, never give personal information over the Internet unless you know the site is secure. • PHARMING is when malicious code is planted on your computer that alters your browser’s ability to find Web addresses. Users are directed to bogus Web sites even when they enter the correct address of the real Web site or follow a bookmark that they previously had established for the Web site. So instead of ending up at your bank’s Web site when you type in its address, you would end up at a fake Web site that looks like your bank’s site but is expressly set up for the purpose of gathering information. Most Internet security packages can detect and prevent pharming attacks.
• A HOAX is an attempt to make someone believe something that is untrue. • Hoaxes target a large audience and are generally perpetrated as practical jokes, agents of social change (poking fun at the established norm in an effort to change it), or merely to waste people’s time. • Most cyberspace hoaxes are perpetrated by e-mail. • Before using the forward button and sending an e-mail to all your friends, first check it out at one of the many Web sites that keep track of and expose e-mail hoaxes. Check sites such as Snopes (snopes.com), Hoax Slayer (hoax-slayer.com), or TruthOrFiction.com (truthorfiction.com).
PROTECT PHYSICAL ASSETS
• Computers are delicate devices and can be damaged by the adverse impact of keeping them in a poor environment or by abusing them. • Sudden movements (such as a fall) can damage your notebook computer or mobile device’s internal components. • Electronic components do not like excessive heat or excessive cold. Unfortunately, computers generate a lot of heat, which is why they have fans to cool their internal components. Make sure that you place your computer so that the fan’s input vents (usually found on the rear of the system unit) are unblocked so that air can flow inside. • A fan drawing air into a computer also draws in dust and other particles, which can wreak havoc on your system. Therefore, keep the room in which your computer is located as clean as possible. • Food crumbs and liquid can damage keyboards and other computer components, so consume food and beverages away from your computer. • Carry your notebook in a padded case to protect it.
• Power surges occur when electrical current is supplied in excess of normal voltage (120 volts in the United States). • Old or faulty wiring, downed power lines, malfunctions at electric company substations, and lightning strikes can all cause power surges. • SURGE PROTECTORS are devices that protect your computer against power surges. • Surge protectors contain two components that are used to protect the equipment that is connected to them. Metal-oxide varistors (MOVs) bleed off excess current during minor surges and feed it to the ground wire where it harmlessly dissipates. • The MOVs can do this while still allowing normal current to pass through the devices plugged into the surge protector. • Because the ground wire is critical to this process, it is important to plug the surge protector into a grounded power outlet. Over time, the MOVs lose their ability to bleed off excess current, which is why you should replace your surge protectors every two to three years.
• Three approaches to deterring computer theft include alarming computers, locking them down, or installing devices that alert you when they are stolen (or destroy data). • To prevent your notebook from being stolen, you can attach a motion alarm to it. If your notebook is moved while the alarm is activated, it emits a wailing 85-decibel sound. • Chaining a notebook to your work surface can be another effective way to prevent theft. A more effective theft deterrent for desktops is a surround (or cage). A surround is a metal box that encloses the system unit, making it impossible to remove the case while still allowing access to ports and devices such as DVD players. • Tracking software such as Computrace Complete or Computrace LoJack for Laptops (absolute.com) and PC or Mac PhoneHome (pcphonehome.com) enables the computer it is installed on to alert authorities as to its location if it is stolen. • This software can be installed in notebook or desktop computers. The files and directories holding the software are not visible to thieves looking for such software so they probably will not know the software is there.