.. throughout a network. Cisco Secure IDS is an ideal solution for companies who need to know if their network us under attack from internal or external sources. Real Secure Manager is an intrusion detection system with capabilities within a familiar network and systems management environment. All RealSource management options include real-time views of suspicious activity, such as external and internal attacks or internal misuse, real-time alarm management through propagated display of network security activity, Realsecure online help for incident response and detailed information abut events, secured communications between the Realsecure manager and all Realsecure engines and agents, and control functions are authenticated, verified, and encrypted using RSA, Certicom Elliptical Curve, or user-selected algorithms.NFR security offers several different options in security products.
The NFR Intrusion Detection System (NFR IDS) comprises several products that operate independently or together as an integrated suite with a common administration, architecture, interface, data formats, management, and analysis and reporting tools. Each product can operate as a stand-alone system, and as part of a distributed configuration serving large or geographically dispersed organizations. NFR IDS includes NFR Network Intrusion Detection (NID), NFR Secure Log Repository (SLR) and NFR Host Intrusion Detection (HID). NID monitors networks and subnets and raises alerts when known attacks and anomalous activity are detected.
NFR SLR is NFR’s secure log storage and management systems, NFR HID monitors servers and workstations and raises alerts when known attacks and anomalous activity are detected. There are also programs available that will protect your home computer from security breaches caused by hackers.One such program is called Freedom Internet Privacy Suite 2.0. Standard features include a personal firewall (especially for those with DSL and cable modems), form filler (to speed up and secure online registrations and transactions), cookie manager (to prevent websites from tracking your activities), ad manager (controls ads and speed up browsing), keyword alert (to prevent personal information from leaving your computer), as well as offering untraceable encrypted email (to secure and privatize your email) and anonymous browsing and chat (to go online undetected). Unfortunately, most computer crimes are discovered by chance, particularly in small businesses. Some means of detection include suspicious employees, physical inventory shortages detected by an audit, an error made by a greedy associate, an employee living a lifestyle obviously beyond what could be supported by his income and other resources, and disgruntled employees.
Hiring and firing practices, effective employee training, and managing disgruntled employees properly can help make crime less likely to occur.Most people imagine a “hacker” as an anonymous cyber-intruder writing endless lines of code to penetrate a system from outside. But half of the unauthorized system intrusions involve insiders who have, or had legitimate access to the system. In addition, hacking has entered the mainstream, spurred by downloadable “hacking tools” that can enable even computer novices to launch devastating cyber-assaults. A hacker must also find an vulnerability human or technical that he then exploits to circumvent security measures. “Social Engineering”, tricking staff into providing information that can help establish access, often entails posing as a member of the computer or MIS department to obtain passwords from unsuspecting employees. As previously stated, hackers also employ “sniffers” and other software prog5rams to gain access to victim systems.Nobody can predict which companies will be attacked and businesses want to know, how serious is the threat? In truth, know one knows.
A system isn’t immune to attack just because the information inside has little value. And, any attack brings obvious costs: lost computer time, employee hours spent on investigation or repairs, lost revenues for e-commerce firms. One key point in fighting computer crime is to design an effective compliance program. An effective compliance program addresses both human and technical vulnerabilities, and protects against both outside and inside attacks.Background and security checks should be performed on key computer network personnel, including outside contractors who build or service the network. All personnel, from the CEO to the stock clerk must understand the risks of social engineering and learn what to do in the event of attack – whom to notify, and how to preserve evidence that may prove useful to company counsel or law enforcement. There are six strategies to follow in deterring computer crime: a.
making the crime less likely to occur; b. increasing the difficulty of successfully committing the fraud; c. improve detection methods; d.
prosecuting and incarcerating perpetrators; e. using forensics accountants; and f. reducing the losses. (Allen 1977) When all else fails .. .call in the law.Hackers, or those committing crimes via the computer can be charged with fraud, invasion of privacy, embezzlement, and many other charges through your local law enforcement office.
However , there are at least 26 states that have laws specific to computer crime (Arkansas, Kentucky, Michigan and Vermont are among some of the states that do not have specific laws regarding computer crime). In fact, let’s take a look at a few of these laws. In Texas, s. 33.
03 “Harmful Access” states: (a) A person commits an offense if the person intentionally or knowingly and without authorization from the owner of the COMPUTER or a person authorized to license access to the COMPUTER: (1) damages, alters, or destroys a COMPUTER, COMPUTER program or software, COMPUTER system, data, or COMPUTER network; (2) causes a COMPUTER to interrupt or impair a government operation, public communication, public transportation, or public service providing water or gas; (3) uses a COMPUTER to: (a) tamper with government, medical, or educational records; or (b) receive or use records that were not intended for public dissemination to gain an advantage over business competitors; (4) obtains information from or introduces false information into a COMPUTER system to damage or enhance the data or credit records of a person; (5) causes a COMPUTER to remove, alter, erase, or copy a negotiable instrument; or (6) inserts or introduces a COMPUTER virus into a COMPUTER program, COMPUTER network, or COMPUTER system.An offense under this section is a: (1) felony of the second degree if the value of the loss or damage caused by the conduct is $20,000 or more; (2) felony of the third degree if the value of the loss or damage caused by the conduct is $750 or more but less than $20,000; or (3) Class A misdemeanor if the value of the loss or damage caused by the conduct is $200 or more but less than $750. In Iowa, one of the laws “on the books” is noted as: 716A.2 Unauthorized access. A person who knowingly and without authorization accesses a computer, computer system, or computer network commits a simple misdemeanor. In the Hawaiian state Legislature, house bill 524, House Draft 1, was passed, to update the laws relating to prohibited computer activity, nearly a decade after the laws were created.
One of the provisions includes unauthorized computer access in the first degree: when a person knowingly access a computer or system without authorization in order to obtain information for commercial or private gain, to advance any other crime, to take information valued at more than $5,000 or if the information is already protected against unauthorized disclosure.The violation is a Class B felony punishable by up to ten years in prison. Unauthorized computer access in the second degree is classified as a Class C felony punishable by up to five years in prison, and a third-degree violation is a misdemeanor. In conclusion, computer crime needs to be prevented and halted through increased computer network security measures as well as tougher laws and enforcement of those laws in cyberspace. If new laws and enforcement of those laws are not soon established, along with heightened security measures, the world will have a major catastrophe as a result of computer activity. The world is becoming increasingly dependant on computers, and the crimes committed will have greater and greater impact as the need for computers (or use of) rises. The possible end of the world was narrowly averted, but was caused by a computer crime.The United States defense computer system was broken into, and the opportunity existed for the hacker to declare intercontinental nuclear war; thus leading to death of the human race.
Another event like this is likely to occur if laws, enforcement of the laws and security of computers are not beefed up. The greatest creation of all time, the computer, should not lead to the destruction of the race that created it. References Abreu, E.M. (1999, September). Experts find Microsoft Hotmail hack easier than claimed.
Company Business and Marketing. Bernardo, R. (May 4, 2001). State law moves to address technology crime. Honolulu Star-Bulletin Cisco Secure IDS (2001).[On-line].
Available: http://www.cisco.com Eaton, J.W.
(1986). Card-carrying Americans. Privacy;, Security, and the national i.d card debate. United States of America: Rowman & Littlefield. Farrow, R.& Power, R.
(2001). Five vendors some no-nonsense questions on IDS. CSI Intrusion System Resource Goodwin, B. (2000, August ).Safeway site is still down after hack attack. Company Business and Marketing.
Network ICE Corporation (1998-2000). Password theft [On-line]. Available: http://www.netice.
com Niccolai, J.(02/11/2000). Analyst puts recent hacker damage at $1.2 billion and rising [On-line]. Available: http://www.nwfusion.comn/news Real Secure (2001).
[On-line]. Available: http://www.securehq.com Schindler, D.J. (2000, March). E-Crime and what to do about it.
Los Angeles Business Journal. SilentRunnerTM. SilentRunnerTM [On-line].
Available: http://www.silentrunner.com/about/index.html. Teach, E. (1998, February).
Look who’s hacking now. CFO, The Magazine for Senior Financial Executives.Computers and Internet.