Computer Ethics Lecture 3 Computer Hacking

Size: px
Start display at page:

Download "Computer Ethics Lecture 3 Computer Hacking"

Transcription

1 Outline Computer Ethics Lecture 3 Computer Hacking Learning Outcome Definitions of Hacking Hackers Motivation Destructive Programs Trojan horses Worms Time or logic bombs Denial-of-service Hacker Ethics Legal Constraints and its Jurisdiction Professional Constraints Ethical positions on Hacking Case Study Dr. Jehad Al Amri and Dr. Salha Al Zahrani 1 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 2 Learning Outcome Understand and define some conflicting definitions of hacking Understand the application of relevant national and international legislation to hacking Have a basic knowledge of malicious and invasive programs Understand the application of professional codes of conduct to hacking Construct defensible arguments from an ethical point of view concerning the issue of computer hacking. Definitions of Hacking In the 1960s and 1970s: The term hacker was used to describe an individual working with computers who was technically gifted Ahacker was considered to be: an expert, skilled programmer, rewriting code to customise and improve it. There was no implication that someone known as a computer hacker would act illegally. 3 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 4 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 1

2 Definitions of Hacking Hackers Motivation. however nowadays, the term hacker have shifted away from the earlier benignmeaning, towards a legal definition which is used by the authorities Hacking is defined as an obtaining and exploiting unofficial access to a computer system Hacking suggests something malicious or subversive which include: breaking into public and private databases to steal, corrupt or modify data, defrauding banks, stealing credit card details, finding out privateinformation, spreading viruses Financial gain As protest Vandalis m The Computer Hacker The challenge (fun) Public interest Reveal wrongdoi ng 5 Dr. Jehad Al Amri and Dr. Salha Al Zahrani Destructive Programs Computer Viruses Traditionally, hacking involved knowledge of programming and a certain degree of skill Nowadays, hacking software can easily be obtained from the Internet, and hacking accomplished with rudimentary knowledge This Software can be downloaded to crack passwords or serial numbers for software installation bypass other protections and security measures Hackers release, anonymously, destructive software known collectively as computer viruses It is called computer viruses because of the manner and ease of its spread A virus is a self-replicating piece of programming code inserted into other programs to cause some sort of unexpected, usually undesirable event Viruses can be transmitted by downloading a program from another computer or can be present on a disk. The virus lies dormant until circumstances (typically a particular time or date, or the user activating another program) cause its code to be executed by the computer. 7 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 8 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 2

3 Computer Viruses Example of Computer Viruses Some viruses are playful in intent and effect Others can be harmful by erasing data causing a computer s hard disk to require reformatting Viruses can attach themselves to the computer s operating systems other key programs Viruses can use up memory, corrupt or eras files Denial-ofservice Trojan horses Computer Viruses Time or logic bombs Worms 9 Dr. Jehad Al Amri and Dr. Salha Al Zahrani Trojan Horses It is a malicious program or harmful code hide inside some harmless programming or data (perhaps an image or sound file, or attachment). The victim is tricked into executing the program code by 1. opening the file or attachment, then 2. initiating a malicious sequence of events This may include damage to files programs the hard disk or modification of data 11 Dr. Jehad Al Amri and Dr. Salha Al Zahrani Trojan Horses Trojan Horses may enable unauthorised access to a computer, through a back door, in such a way as to gain control of that computer. It can involve the insertion of false information into a program in order to profit from the outcome for example, a false instruction to make payments to a bogus company. 12 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 3

4 Worms Time and Logic Bombs A worm is self-replicating code, that situates itself in a computer system where it can do harm. They usually come in Trojan horses. Worms do not require a specific host computer, but run independently, travelling across networks. They tend to exist in memory and are non-permanent They are network-orientated, with segments of the worm inhabiting different machines. Worm programs entail the deletion of portions of a computer s memory, thus creating a hole of missing information. Crucially, they use up system resources, slowing down a network, or shutting it down completely. Time or logic bombs are programs triggered to act when they detect a certain sequence of events or after a particular period of time has elapsed. They involve the insertion of routines that can be triggered later by the computer s clock or a combination of events When the bomb goes off, the entire system will crash A Time bomb can be activated on a particular date and attaching itself to other programs. A logic bomb is activated by a particular event or set of logical conditions initiates systems damage Time and logic bombs increase the size of the programs or files they attack, using up computer memory, and eventually shutting the computer down Denial-of-Services Hacker Ethics Another hacking tool is a denial-of-service attack in which a server, hosting a particular website, will be targeted with a massive volume of fake traffic in the form of s or requests for pages or other information These overwhelm the server and block legitimate traffic, effectively shutting down the site. The execution of such an attack usually involves the coordination of many linked machines which are often hijacked for this purpose Early hackers took their position seriously enough to establish their own ethical code, known as The Hacker Ethic The Hacker Ethic was comprised of five principal values: 1. Access to computers, and anything which might teach you something about the way the world works, should be unlimited and total. 2. All information should be free 3. Mistrust authority promote decentralisation 4. Hackers should be judged by their hacking, not bogus criteria such as academic excellence, age, race or position 5. You can create art and beauty on a computer. 16 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 4

5 Hackers as public watchdogs Hackers as security consultants The public watchdogs reveal information the public has a right to know, and exposing the truth It is similar to the journalism investigation as it is involving information leaks to the press Hackers can be an intelligent and critical check against governments who withhold information from the public or abuse their power In this sense it could be argued that hackers represent one means by which we can attempt to avoid the creation of a more centralised government This relates to the third principle of the Hacker Ethic which advocates decentralisation of power and information From a hacker s perspective, the breaching of systems can provide more effective security in future Given the possibility of terrorist acts becoming more and more technologically sophisticated, perhaps we can also look to hackers as a resource to be used to foil such acts and to improve our existing security arrangements In the US, convicted hackers are regularly approached by security and intelligence agencies with offers to join them in return for amelioration or suspension of sentences Other hackers have used their notoriety to establish computer security firms and to turn their covertly gained knowledge to the benefit of commercial and public institutions Legal Constraints and their Jurisdiction According to the Computer Misuse Act in the UK, it is a criminal offence 1. To unauthorised access to computer material 2. To unauthorised access to computer material with the intent to commit or facilitate commission of further offences 3. To unauthorised modification of computer material The Computer Misuse attempts to cover international computer crime, for example an individual can be prosecuted in the UK as long as there is at least one significant link with the UK Hacking into a computer outside UK from a computer in UK is illegal, Hacking into a computer in UK from a computer outside UK is illegal, Using the UK as a staging post is also illegal, even if the hacker had never been in England. Legal Constraints and their Jurisdiction The Computer Misuse Act in the UK also includes the offences of conspiracy to commit hacking incitement to commit hacking even discussion of specific hacking actions planning an hacking action suggest carrying out the hacking action gains access to a system containing personal data copies all or some of that data to their own system 19 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 5

6 Professional Constraints The BCS Code of Conduct has a number of parts connect to hacking: 1. Members shall have regard to the legitimate rights of third parties. The term third party includes professional colleagues, or possibly competitors, or members of the public who might be affected by an IS project without their being directly aware of its existence. 2. Members shall ensure that within their professional field/s they have knowledge and understanding of relevant legislation, regulations and standards, and that they comply with such requirements For example, the UK Public Disclosure Act, Data Protection or Privacy legislation, Computer Misuse law Ethical positions on Hacking 1. Information ownership Many organisations and businesses collect our personal information Should we own information about ourselves, and have a right to correct it if it is wrong? Or, as a database operator, should I own any information that I have paid for to be gathered and stored? What if this information is inaccurate? If we imagine a hacker penetrating a system so that they can correct the records of those who have been denied the right to correct it Is the database owner or the hacker has committed the greatest ethical error? Are they both equally guilty? 21 Dr. Jehad Al Amri and Dr. Salha Al Zahrani 22 Dr. Jehad Al Amri and Dr. Salha Al Zahrani Ethical positions on Hacking 2. Hacking as trespassing If computers are viewed as material possessions, then electronic entry to a computer system can be looked on as similar to physical entry into an office or home. Unless there is a specific invitation, or previous permission to enter, this could be considered trespassing, if not unlawful entry. The typical defence that hackers offer to this charge is that they are entering to test for loopholes in the software. But is this realistic or convincing? This is comparable to having a burglar break into your home in the hope that the burglar may reveal security weaknesses. Class Discussion Read (Case 7.4) A Harmless Prank and be prepared for reacting the discussions between the three main actors in the case: Steven Mackey, the student Dean of Students, Dr. Lillian Green Administrators and faculty members 23 Dr. Jehad Al Amri and Dr. Salha Al Zahrani Dr. Jehad Al Amri and Dr. Salha Al Zahrani 24 6

7 Website: 7

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Cracking and Computer Security

Cracking and Computer Security Cracking and Computer Security Ethics and Computing Chapter 4 Summer 2001 CSE 4317: Computer Security 1 Motivation Computer security is crucial for trust Cracking activity is harmful, costly and unethical

More information

Module 5: Analytical Writing

Module 5: Analytical Writing Module 5: Analytical Writing Aims of this module: To identify the nature and features of analytical writing To discover the differences between descriptive and analytical writing To explain how to develop

More information

COB 302 Management Information System (Lesson 8)

COB 302 Management Information System (Lesson 8) COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this

More information

Broadband Acceptable Use Policy

Broadband Acceptable Use Policy Broadband Acceptable Use Policy Contents General... 3 Your Responsibilities... 3 Use of Email with particular regards to SPAM... 4 Bulk Email... 5 Denial of Service... 5 Administration of Policy... 6 2

More information

E-BUSINESS THREATS AND SOLUTIONS

E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were

More information

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1 Threats and Attacks Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to:

More information

CHAPTER 10: COMPUTER SECURITY AND RISKS

CHAPTER 10: COMPUTER SECURITY AND RISKS CHAPTER 10: COMPUTER SECURITY AND RISKS Multiple Choice: 1. In a survey of more than 500 companies and government agencies, percent detected computer security breaches. A. 20 B. 75 C. 85 D. 99 Answer:

More information

Hackers: Detection and Prevention

Hackers: Detection and Prevention Computer Networks & Computer Security SE 4C03 Project Report Hackers: Detection and Prevention Due Date: March 29 th, 2005 Modified: March 28 th, 2005 Student Name: Arnold Sebastian Professor: Dr. Kartik

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

School Web Design Ltd Acceptable Use Policy. 1. Definitions. 2. Resource Usage. 3. Prohibited Uses

School Web Design Ltd Acceptable Use Policy. 1. Definitions. 2. Resource Usage. 3. Prohibited Uses School Web Design Ltd Acceptable Use Policy The Policy below outlines the terms under which you the You, the Client may use the File Hosting Service provided by School Web Design. By using our File Hosting

More information

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

Data Management & Protection: Common Definitions

Data Management & Protection: Common Definitions Data Management & Protection: Common Definitions Document Version: 5.5 Effective Date: April 4, 2007 Original Issue Date: April 4, 2007 Most Recent Revision Date: November 29, 2011 Responsible: Alan Levy,

More information

Willem Wiechers 3 rd March 2015

Willem Wiechers 3 rd March 2015 Willem Wiechers 3 rd March 2015 1 Why do we want Malware & Virus Protection? To make our computers save Wish to keep our data private Wish to have a safe environment to do our online banking, shopping,

More information

Outpost For Home Users

Outpost For Home Users Outpost For Home Users. Scope of This Document In this white paper we analyze potential risks and threats to home computers, as well as discuss some solutions for these computers secure. Scope of This

More information

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc. Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter

More information

DEPARTMENT OF COMMUNITY AND GOVERNMENT SERVICES (CGS) ACCEPTABLE EMAIL & INTERNET USAGE POLICY POLICY STATEMENT

DEPARTMENT OF COMMUNITY AND GOVERNMENT SERVICES (CGS) ACCEPTABLE EMAIL & INTERNET USAGE POLICY POLICY STATEMENT POLICY STATEMENT The purpose of this Policy is to establish the rules of acceptable use of Government of Nunavut networks and Internet services including E-mail, web-browsing, remote access, file transfer,

More information

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats

Malicious Software. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Viruses and Related Threats Malicious Software Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Outline Viruses and Related Threats Malicious Programs The Nature of Viruses Antivirus

More information

Computer Networks & Computer Security

Computer Networks & Computer Security Computer Networks & Computer Security Software Engineering 4C03 Project Report Hackers: Detection and Prevention Prof.: Dr. Kartik Krishnan Due Date: March 29 th, 2004 Modified: April 7 th, 2004 Std Name:

More information

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005

More information

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500 INFO 1500 9. Information Assurance and Security, Protecting Information Resources 11. ecommerce and ebusiness Janeela Maraj Tutorial 9 21/11/2014 9. Information Assurance and Security, Protecting Information

More information

4. Identify the security measures provided by Microsoft Office Access. 5. Identify the methods for securing a DBMS on the Web.

4. Identify the security measures provided by Microsoft Office Access. 5. Identify the methods for securing a DBMS on the Web. Topic 8 Database Security LEARNING OUTCOMES When you have completed this Topic you should be able to: 1. Discuss the important of database security to an organisation. 2. Identify the types of threat that

More information

How To Monitor The Internet In Idaho

How To Monitor The Internet In Idaho Idaho Technology Authority (ITA) ENTERPRISE POLICY P1000 GENERAL POLICIES Category: P1050 EMPLOYEE INTERNET USE, MONITORING AND FILTERING CONTENTS: I. Authority II. Abstract III. Definitions IV. Policy

More information

CYBER CRIME AWARENESS

CYBER CRIME AWARENESS SHIV SHAKTI International Journal in Multidisciplinary and Academic Research (SSIJMAR) Vol. 2, No. 2, March-April (ISSN 2278 5973) CYBER CRIME AWARENESS RITU DHANOA* ABSTRACT: Cyber crime is emerging as

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

Network Security and the Small Business

Network Security and the Small Business Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,

More information

Prospect 365. Terms of Service. Terms of Service

Prospect 365. Terms of Service. Terms of Service Prospect 365 Terms of Service Terms of Service THIS IS AN AGREEMENT BETWEEN YOU OR THE ENTITY THAT YOU REPRESENT (hereinafter You or Your ) AND PROSPECTSOFT LIMITED (hereinafter ProspectSoft ) GOVERNING

More information

STANDARD ON CONTROLS AGAINST MALICIOUS CODE

STANDARD ON CONTROLS AGAINST MALICIOUS CODE EUROPEAN COMMISSION DIRECTORATE-GENERAL HUMAN RESOURCES AND SECURITY Directorate HR.DS - Security Informatics Security Brussels, 21/06/2011 HR.DS5/GV/ac ARES (2011) 663475 SEC20.10.05/04 - Standards European

More information

INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS

INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS Effective Date June 9, 2014 INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS OF THE HELLER SCHOOL FOR SOCIAL POLICY AND MANAGEMENT Table of Contents 1.

More information

Getting a Secure Intranet

Getting a Secure Intranet 61-04-69 Getting a Secure Intranet Stewart S. Miller The Internet and World Wide Web are storehouses of information for many new and legitimate purposes. Unfortunately, they also appeal to people who like

More information

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy 1.0 BACKGROUND AND PURPOSE Information Technology ( IT ) includes a vast and growing array of computing, electronic and voice communications facilities and services. At the Colorado School of Mines ( Mines

More information

GENERAL REGULATIONS Appendix 10 : Guide to Legislation Relevant to Computer Use. Approval for this regulation given by :

GENERAL REGULATIONS Appendix 10 : Guide to Legislation Relevant to Computer Use. Approval for this regulation given by : GENERAL REGULATIONS Appendix 10 : Guide to Legislation Relevant to Computer Use Name of regulation : Purpose of regulation : Approval for this regulation given by : Responsibility for its update : Regulation

More information

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers 2012. Your Interactive Guide to the Digital World Chapter 11 Manage Computing Securely, Safely and Ethically Discovering Computers 2012 Your Interactive Guide to the Digital World Objectives Overview Define the term, computer security risks, and briefly

More information

FMGateway by FMWebschool

FMGateway by FMWebschool FMGateway by FMWebschool Hosting Service Agreement 1. OVERVIEW This Hosting Service Agreement (this Agreement ) is entered into by and between FMWebschool, LLC, a/an Delaware limited liability company

More information

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need

More information

Professional issues. Una Benlic ube@cs.stir.ac.uk

Professional issues. Una Benlic ube@cs.stir.ac.uk Professional issues Una Benlic ube@cs.stir.ac.uk Aims Give a precise meaning of the terms profession and professional Discuss the obligations and privileges which membership of a profession carries Consider

More information

TERMS OF SERVICE TELEPORT REQUEST RECEIVERS

TERMS OF SERVICE TELEPORT REQUEST RECEIVERS TERMS OF SERVICE These terms of service and the documents referred to in them ( Terms ) govern your access to and use of our services, including our website teleportapp.co ( our site ), applications, buttons,

More information

Acceptable Use Policy

Acceptable Use Policy Sell your Products Online and Web by Numbers are brands of Web by Numbers Ltd (hereinafter referred to as Web by Numbers ) Acceptable Use Policy Web by Numbers has created this Acceptable Use Policy (AUP)

More information

Information Technology Cyber Security Policy

Information Technology Cyber Security Policy Information Technology Cyber Security Policy (Insert Name of Organization) SAMPLE TEMPLATE Organizations are encouraged to develop their own policy and procedures from the information enclosed. Please

More information

CS574 Computer Security. San Diego State University Spring 2008 Lecture #7

CS574 Computer Security. San Diego State University Spring 2008 Lecture #7 CS574 Computer Security San Diego State University Spring 2008 Lecture #7 Today s Structure Administrivia Questions Recent News Lecture Administrivia Assignment #1 - AS1_Template.jar Alternative Tools

More information

BOARD OF EDUCATION POLICY

BOARD OF EDUCATION POLICY BOARD OF EDUCATION POLICY IFBGE Internet Safety 7/1/13 It is the policy of the Cobb County School District (District) to: (a) prevent user access over its computer network to, or transmission of inappropriate

More information

Saint Martin s Catholic Academy

Saint Martin s Catholic Academy Saint Martin s Catholic Academy E-Safety Policy - Acceptable Use - Students January 2015 Why have an Acceptable Use Policy? An Acceptable Use Policy is about ensuring that you, as a student at Saint Martin

More information

Acceptable Use Policy. Version 2. August 15 th,

Acceptable Use Policy. Version 2. August 15 th, Acceptable Use Policy Version 2. August 15 th, As a provider of web site hosting and other internet- related services, SulliHosting, Inc., Inc. offers its customers (also known as "Subscribers" or Clients

More information

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12 Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,

More information

Boston University Security Awareness. What you need to know to keep information safe and secure

Boston University Security Awareness. What you need to know to keep information safe and secure What you need to know to keep information safe and secure Introduction Welcome to Boston University s Security Awareness training. Depending on your reading speed, this presentation will take approximately

More information

Conditions of Use. Communications and IT Facilities

Conditions of Use. Communications and IT Facilities Conditions of Use of Communications and IT Facilities For the purposes of these conditions of use, the IT Facilities are [any of the University s IT facilities, including email, the internet and other

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks Security+ Guide to Network Security Fundamentals, Third Edition Chapter 2 Systems Threats and Risks Objectives Describe the different types of software-based attacks List types of hardware attacks Define

More information

If you have any questions about any of our policies, please contact the Customer Services Team.

If you have any questions about any of our policies, please contact the Customer Services Team. Acceptable Use Policy (AUP) 1. Introduction Blue Monkee has created this Acceptable Use Policy (AUP) for hosting customers to protect our resources and the resources of our other customers and hosting

More information

Topic 1 Lesson 1: Importance of network security

Topic 1 Lesson 1: Importance of network security Topic 1 Lesson 1: Importance of network security 1 Initial list of questions Why is network security so important? Why are today s networks so vulnerable? How does Melissa virus work? How does I love you

More information

Malicious Programs. CEN 448 Security and Internet Protocols Chapter 19 Malicious Software

Malicious Programs. CEN 448 Security and Internet Protocols Chapter 19 Malicious Software CEN 448 Security and Internet Protocols Chapter 19 Malicious Software Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa

More information

E-Gap Terms and Conditions of Use

E-Gap Terms and Conditions of Use E-Gap Terms and Conditions of Use User Terms and Conditions The following paragraphs specify the basis on which you may use the e-gap System and provides information on how we will handle your data. This

More information

California State University, Chico. Information Security Incident Management Plan

California State University, Chico. Information Security Incident Management Plan Information Security Incident Management Plan Version 0.8 January 5, 2009 Table of Contents Introduction... 3 Scope... 3 Objectives... 3 Incident Management Procedures... 4 Roles and Responsibilities...

More information

By writing to: Cougar Wireless, Attention: Customer Service, 4526 S. Regal St., Suite A, Spokane, WA., 99224

By writing to: Cougar Wireless, Attention: Customer Service, 4526 S. Regal St., Suite A, Spokane, WA., 99224 COUGAR WIRELESS ACCEPTABLE USE POLICY I. INTRODUCTION Cougar Wireless and its various affiliates and subsidiaries (collectively we, us, our ) are committed to being responsible network citizens. To assist

More information

QUESTION: 1 What is the essential difference between an Ethical Hacker and a Cracker?

QUESTION: 1 What is the essential difference between an Ethical Hacker and a Cracker? 1 EC-Council - EC0-350 Ethical Hacking and Countermeasures Exam Set: 1, Introduction to Ethical Hacking QUESTION: 1 What is the essential difference between an Ethical Hacker and a Cracker? A. The ethical

More information

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER WHITE PAPER CHALLENGES Protecting company systems and data from costly hacker intrusions Finding tools and training to affordably and effectively enhance IT security Building More Secure Companies (and

More information

Monitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012

Monitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012 Monitoring and Logging Policy Document Status Security Classification Version 1.0 Level 1 - PUBLIC Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Change History

More information

Acceptable Use Policy ("AUP")

Acceptable Use Policy (AUP) Acceptable Use Policy ("AUP") Pacificnet Hosting (PacHosting)'s Acceptable Use Policy ("AUP") is provided to give our customers and users a clear understanding of what PacHosting expects of them while

More information

MAINE COMMUNITY COLLEGE SYSTEM. SUBJECT: COMPUTER AND NETWORK USE PURPOSE: To promote the responsible use of college and System computers and networks

MAINE COMMUNITY COLLEGE SYSTEM. SUBJECT: COMPUTER AND NETWORK USE PURPOSE: To promote the responsible use of college and System computers and networks MAINE COMMUNITY COLLEGE SYSTEM GENERAL ADMINISTRATION Section 203 SUBJECT: COMPUTER AND NETWORK USE PURPOSE: To promote the responsible use of college and System computers and networks As with any college

More information

DATA AND PAYMENT SECURITY PART 1

DATA AND PAYMENT SECURITY PART 1 STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of

More information

STRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS

STRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS Policy: Title: Status: ISP-S9 Use of Computers Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1. Introduction 1.1. This information security policy document contains high-level

More information

Statistical Analysis of Internet Security Threats. Daniel G. James

Statistical Analysis of Internet Security Threats. Daniel G. James Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There

More information

BOBCAT COMPUTING POLICY

BOBCAT COMPUTING POLICY BOBCAT COMPUTING POLICY The overarching policy governing computing and networking at Jones is the Policy on Acceptable Use of Electronic Resources. The policy is reprinted in its entirety below. Faculty,

More information

LCC xdsl Usage Policy

LCC xdsl Usage Policy LCC xdsl Usage Policy 1. Introduction For the Internet to operate in a manner that satisfies the majority of its users, all users need to observe some rules and etiquette governing their use of it. These

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

Terms and conditions of use

Terms and conditions of use Terms and conditions of use 1. Introduction 1.1 These terms and conditions govern your use of our website. 1.2 By using our website, you accept these terms and conditions in full; accordingly, if you disagree

More information

Information Security and Electronic Communications Acceptable Use Policy (AUP)

Information Security and Electronic Communications Acceptable Use Policy (AUP) Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern

More information

Penetration Testing Service. By Comsec Information Security Consulting

Penetration Testing Service. By Comsec Information Security Consulting Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your

More information

13. Acceptable Use Policy

13. Acceptable Use Policy To view the complete Information and Security Policies and Procedures, log into the Intranet through the IRSC.edu website. Click on the Institutional Technology (IT) Department link, then the Information

More information

BUSINESS ADVISORY GUIDE TO SPYWARE AND VIRUSES

BUSINESS ADVISORY GUIDE TO SPYWARE AND VIRUSES BUSINESS ADVISORY GUIDE TO SPYWARE AND VIRUSES Cyber criminals lurk everywhere and are constantly finding new ways to harm you. Even legitimate websites have sophisticated methods of snooping into your

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

TECHNOLOGY ACCEPTABLE USE POLICY FOR STUDENTS

TECHNOLOGY ACCEPTABLE USE POLICY FOR STUDENTS TECHNOLOGY ACCEPTABLE USE POLICY FOR STUDENTS PURPOSE This policy provides the procedures, rules, guidelines and codes of conduct for the use of the technology and information networks at Socorro Consolidated

More information

(Self-Study) Identify How to Protect Your Network Against Viruses

(Self-Study) Identify How to Protect Your Network Against Viruses SECTION 24 (Self-Study) Identify How to Protect Your Network Against Viruses The following objective will be tested: Describe What You Can Do to Prevent a Virus Attack In this section you learn about viruses

More information

Terms and Conditions. Acceptable Use Policy Introduction. Compliance with UK Law. Compliance with foreign law

Terms and Conditions. Acceptable Use Policy Introduction. Compliance with UK Law. Compliance with foreign law Terms and Conditions Acceptable Use Policy Introduction (hereafter called Hosted Developments) has created this Acceptable Use Policy (AUP) for hosting customers to protect our resources, and the resources

More information

Computer Security DD2395

Computer Security DD2395 Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare

More information

B R I G H T B Y T E LT D. H O S T I N G T E R M S O F S E R V I C E S

B R I G H T B Y T E LT D. H O S T I N G T E R M S O F S E R V I C E S B R I G H T B Y T E LT D. H O S T I N G TERMS OF SERVICES 1 / 10 BRIGHTBYTE LTD. HOSTING TERMS OF SERVICES 01/01/2014 All services provided by BrightByte Ltd ( BrightByte Ltd ) may be used for lawful purposes

More information

University of Colorado at Denver and Health Sciences Center HIPAA Policy. Policy: 9.2 Latest Revision: 04/17/2005 Security Incidents Page: 1 of 9

University of Colorado at Denver and Health Sciences Center HIPAA Policy. Policy: 9.2 Latest Revision: 04/17/2005 Security Incidents Page: 1 of 9 Security Incidents Page: 1 of 9 I. Purpose, Reference, and Responsibility A. Purpose The purpose of this policy is to define a security incident and to provide the procedures for notification, investigation,

More information

Security and Internet Censorship

Security and Internet Censorship Security and Internet Censorship Computer Literacy 1 Lecture 24 13/11/2008 Topics Security Hacker Viruses Phishing Firewall Censorship of the Internet 2 Examples Hacking or Cracking Cracking = Subverting

More information

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking Hacking Book 1: Attack Phases Chapter 1: Introduction to Ethical Hacking Objectives Understand the importance of information security in today s world Understand the elements of security Identify the phases

More information

1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders.

1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders. Threat Protection Tools and Best Practices Objectives 1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders. 2. Threat Vectors Be familiar

More information

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document

More information

Managed Security Services

Managed Security Services Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Information Security

Information Security Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff

More information

PLEASE READ THIS AGREEMENT CAREFULLY, AS IT CONTAINS IMPORTANT INFORMATION REGARDING YOUR LEGAL RIGHTS AND REMEDIES.

PLEASE READ THIS AGREEMENT CAREFULLY, AS IT CONTAINS IMPORTANT INFORMATION REGARDING YOUR LEGAL RIGHTS AND REMEDIES. Brightcore Consulting Moodle Hosting Service Agreement Last Revised: September 30, 2013 PLEASE READ THIS AGREEMENT CAREFULLY, AS IT CONTAINS IMPORTANT INFORMATION REGARDING YOUR LEGAL RIGHTS AND REMEDIES.

More information

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系

資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 Outline Infosec, COMPUSEC, COMSEC, and Network Security Why do we need Infosec and COMSEC? Security

More information

region16.net Acceptable Use Policy ( AUP )

region16.net Acceptable Use Policy ( AUP ) region16.net Acceptable Use Policy ( AUP ) Introduction By using service(s) provided by region16.net (including, but not necessarily limited to, Internet Services and videoconferencing), you agree to comply

More information

TECHNOLOGY ACCEPTABLE USE POLICY

TECHNOLOGY ACCEPTABLE USE POLICY Policy Statement TECHNOLOGY ACCEPTABLE USE POLICY Reason for Policy/Purpose The purpose of this policy is to provide guidelines to the acceptable and ethical behavior that guides use of information and

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Medina County Policy Manual

Medina County Policy Manual Medina County Policy Manual Policy: Computer & Network Usage Section: Work Rules Number: 7.015 Issued: 09/17/07 Reviewed/Revised: Page #: 1 of 5 A. It is the intent of Medina County to provide local, network,

More information

Agreeing to Shortcut Solutions,llc.. Acceptable Use Policy and Terms of Service is mandatory for Hosting signing up or using our services.

Agreeing to Shortcut Solutions,llc.. Acceptable Use Policy and Terms of Service is mandatory for Hosting signing up or using our services. WEB HOSTING AGREEMENT AND TERMS OF SERVICE Shortcut Solutions, llc. --June 2007-- Acceptable Use Policy and Web Hosting Terms of Service Agreeing to Shortcut Solutions,llc.. Acceptable Use Policy and Terms

More information

Computer Security Maintenance Information and Self-Check Activities

Computer Security Maintenance Information and Self-Check Activities Computer Security Maintenance Information and Self-Check Activities Overview Unlike what many people think, computers are not designed to be maintenance free. Just like cars they need routine maintenance.

More information

I.T. Facilities Acceptable Use Policy

I.T. Facilities Acceptable Use Policy I.T. Facilities Acceptable Use Policy Beacon College status confirms Nelson and Colne as one of the country s best Colleges Nelson and Colne College - Judged OUTSTANDING by Ofsted Nelson and Colne College

More information

PEER-TO-PEER NETWORK

PEER-TO-PEER NETWORK PEER-TO-PEER NETWORK February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

YOU RE IN THE BEST OF COMPANY www.microhire.com Events. Conferences. Exhibitions. Venues. Audio Visual & Computer Rental

YOU RE IN THE BEST OF COMPANY www.microhire.com Events. Conferences. Exhibitions. Venues. Audio Visual & Computer Rental Terms & Conditions CeBIT Wireless Internet Service 1. Binding Agreement: By using the Microhire Wi Fi High Speed Internet Service ( CeBIT WiFi ), you agree to be bound by the following terms and conditions

More information

Acceptable Use Policy Revision date: 26/08/2013

Acceptable Use Policy Revision date: 26/08/2013 Acceptable Use Policy Revision date: 26/08/2013 Acceptable usage Policy for all Services As a provider of web site hosting and other Internet-related services, Corgi Tech Limited offers its customer (also

More information

E-commerce and Legal Compliance

E-commerce and Legal Compliance E-commerce and Legal Compliance Moving all or part of your business online can be an exciting time, opening up a range of opportunities and new markets for you and your business. Hand in hand with these

More information

Computer Scene Technical Ltd ("We") are committed to providing the best service and protecting & respecting all our customers.

Computer Scene Technical Ltd (We) are committed to providing the best service and protecting & respecting all our customers. Computer Scene Technical Ltd ("We") are committed to providing the best service and protecting & respecting all our customers. INFORMATION ABOUT US Our site is operated by Computer Scene Technical Ltd

More information

Security Practices for Online Collaboration and Social Media

Security Practices for Online Collaboration and Social Media Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.

More information

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 What is a firewall? Firewalls are programs that were designed to protect computers from unwanted attacks and intrusions. Wikipedia

More information