21.3 Hackers and Computer Crimes

	A hacker is the one who intends to unlicensed access to a computer system.
	Cracker is an hacker who intend to do criminals acts, and the two terms hacker and cracker are both used interchangeably by media.
	Unauthorized access to computer system happened when both hackers and crackers trying to find weakness in the security protections, or take advantage of different features of the internet such as emails, advertisements, links click, because the internet is considered as an open system for all to use.
	Hacking activities include theft of information and goods, system intrusion or damage, and cybervandalism.

Spoofing and Sniffing

	Spoofing refers to hackers who use false identity for representing themselves, and this happened by using for example, fake email address or disgusting as someone else.
	They also redirect links to fake websites as the intended destination.
	Sniffer is a type of programs that hackers used to eavesdrop and monitor travelling of information over network, and that enables hackers to steal private information such as emails, files, or other proprietary staff.

21.3 Hackers and Computer Crimes

Denial-of-Service Attacks

	Denial-of-service (DoS) attack means that hackers work to crash the network by flooding server with thousands of requests.
	A distributed denial-of-service (DDoS) attack uses many computers for launching a DoS. DoS not even access information and destroy it, but it can cause a Web site to shut down, and this will be costly if it happened in e-business.
	Criminals of DoS attacks use thousands of zombie PCs which infected with bot malware.

Computer Crime

	Activities are done by hackers and targeting the computer systems considered as computer crime.
	Computers may be targeted or used as an instrument of crime.
	The U.S department of Justice define computer crime as “ any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or persecution”
	The U.S department of Justice define computer crime as “ any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or persecution”
	This kind of crimes hurts the reputation of companies.

21.3 Hackers and Computer Crimes

Identity Theft

	The growth of internet use and e-businesses made it possible for identity theft.
	Identity theft is a crime and theft of personal information, driver’s license numbers, or credit card numbers. Identity theft happened to impersonate someone else, and hackers use the information in the name of victims for doing their purposes.
	One of the popular tactics that hackers used for identity theft is phishing.
	Phishing refers to hackers who set up fake websites or send email messages that look like legitimate businesses to ask users for confidential personal data.
	Evil twins is a new phishing technique and it is harder to detect.
	Evil twins are wireless networks which pretend for offering trustworthy Wi-Fi connections to the internet.
	Pharming is a technique used to redirect users to a bogus Web page, even when individual types the correct Web page address into his or her browser.

21.3 Hackers and Computer Crimes

Click Fraud

	Clicking on advertisement make the advertiser to pay a fee for each click, and that helps for obtaining potential buyers to its products.
	Click fraud happened when computer programs or individuals fraudulently click on an online advertisement without having enough learning about the advertiser or making a purchase.

Internal Threats: Employees

	It is important to know that security threats to a business originate not only outside the organization, but employees inside the company may cause serious security problems.
	Employees can access information and in the presence of internal security measurements, they are able to roam throughout an information system without leaving a trace.
	Lack of users' knowledge is the mainly cause of network security breaches. Also forgetting passwords or allowing other employees to use them compromises the system.
	End users and information system analysts both are a major source of errors.
	When end users enter faulty data or not to follow the proper instructions for processing data, errors will be introduced into system.
	Information system analysts introduce errors during their design and developing new software or maintain existing one.

21.3 Hackers and Computer Crimes

Software Vulnerability

	Errors of software cause threats to information systems.
	These threats cause losses in corporate productivity.
	The factors that increase software flaws are size of software and complexity in addition to demands for timely delivery to markets.
	Hidden bugs or program code defects are the major software problem.
	It is not possible to eliminate all bugs from large software programs. Complexity of decision-making code is the main cause of bugs.
	Small programs of various hundred lines may contain tens to hundreds of decisions leading or may thousands of different paths.
	Programs in most corporations which are important are much larger and contains tens of thousands or millions of lines of codes.
	In large programs, developers are seeking to achieve zero defects but it is useless and could not be achieved, also complete testing is impossible.
	Full testing of programs which contain millions of paths require thousands of years!

21.3 Hackers and Computer Crimes

	Patches are small pieces created to repair the software flaws without disturbing the proper operation of the software.
	Sometimes maintaining the patches on all devices and services used by a company is costly and time consuming and that enables malicious software to exploit the vulnerability.