Module 12 - Computer Crimes
When a country institutes laws against computer abuses, a computer abuse becomes a computer crime. Not all abuses, however, constitute a crime. For example, consider a hacker who breaks into someone's computer system without permission. If the hacker steals confidential data from the system, this is considered a crime in some countries. A hacker who simply gets into the system to explore it—that is, to see how it works and what files it contains, may have breached privacy but has not necessarily committed a crime. Both acts, however, are unethical. Below we show actual examples of computer crimes. These cases happened in the
Credit Card Fraud
A person in the
On
Creating a Virus and Unleashing It To a Network
A man accused of unleashing the "Melissa" computer virus in 1999, caus ing millions of dollars in damage and infecting untold numbers of computers and computer networks, was sentenced to 20 months in feden prison. He was also ordered to serve three years of supervised releas after completion of his prison sentence and was fined $5,000. He we further ordered, upon release, to keep away from computer network the Internet, and Internet bulletin boards, unless authorized by the Court. At the plea hearings, the virus creator admitted that he created the Melissa virus and disseminated it from his home computer. He said that he constructed the virus to evade anti-virus software and to infect cor puters using the Windows 95, Windows 98, and Windows NT operating systems and the Microsoft Word 97 and Word 2000 word processing programs.
The Melissa virus appeared on thousands of email systems on
Because each infected computer could infect 50 additional computers, which in turn could infect another 50 computers, the virus proliferated rapidly and exponentially, resulting in substantial interruption or impairment of public communications and services. According to reports from business and government following the spread of the virus, its rapid distribution disrupted computer networks by overloading email servers, resulting in the shutdown of networks and significant costs for repairing computer systems.The virus creator described in state and federal court how, using a stolen America Online account and his own account with a local Internet service provider, he posted an infected document on the Internet newsgroup "Alt.Sex." The posting contained a message enticing readers to download and open the document with the hope of finding passwords to adult-content websites. Opening and downloading the message caused the Melissa virus to infect victim computers. The virus altered Microsoft word processing programs such that any document created using the programs would then be infected with the Melissa virus. The virus also lowered macro security settings in the word processing programs. The virus then proliferated via the Microsoft Outlook program, causing computers to send electronic email to the first 50 addresses in the computer user's address book.[U.S. v. Smith (D. NJ) May 2, 2002]
Hacking
A Boston man was charged with using his home computer to illegally gain access to a number of computers, including those controlled by NASA and an agency of the U.S. Department of Defense, where, among other things, he intercepted login names and passwords and intentionally caused delays and damage in communications. In April 1999, the hacker obtained unauthorized access to a corporate Internet account, which he then used to illegally access a computer controlled and operated by the U.S. Defense Logistics Agency. He then concealed his actual computer address through a service known as "telnet proxy" which made it seem like his address was that of the government's computer. Once "hidden", he accessed, without authorization, the web site of Internet service provider ZMOS, and recklessly caused damage to the ZMOS computer located in the State of
Beginning in May 1999 and continuing until August 1999, the hacker obtained unauthorized access to the same corporate Internet account, this time using it to access the NASA computer research project web server located in
Stock Fraud
Two former Cisco Systems, Inc. accountants were each sentenced to 34 months in prison for exceeding their authorized access to the computer systems of Cisco Systems in order to illegally issue almost $8 million in Cisco stock to themselves.In pleading guilty, both accountants admitted that between October 2000 and March 27, 2001, they participated together in a scheme to defraud Cisco Systems in order to obtain Cisco stock that they were not authorized to obtain. As part of the scheme, they exceeded their authorized access to computer systems at Cisco in order to access a computer system used by the company to manage stock option disbursals; used that access to identify control numbers to track authorized stock option disbursals; created forged forms purporting to authorize disbursals of stock; faxed the forged requests to the company responsible for controlling and issuing shares of Cisco Systems stock; and directed that stock be placed in their personal brokerage accounts. The two defendants admitted that the first time that they did this, in December 2000, they caused 97,750 shares of Cisco stock to be placed in two separate Merrill Lynch accounts, with 58,250 of the shares deposited in an account set up by one of them and 39,500 shares deposited in an account set up by the other accountant. In February 2001, they caused two additional transfers of stock, in amounts of 67,500 shares and 65,300 shares, to be transferred to brokerage accounts in their names. The total value of the Cisco stock that they took on these three occasions (at the time that they transferred the stock) was approximately $7,868,637,[U.S. v. Osowski (N.D. Cal) November 26, 2001]
Spamming
In a 1998 lawsuit brought by America Online against an unsolicited commercial e-mail sender, the judge awarded AOL compensatory and punitive damages and permanently barred the commercial e-mail sender from sending bulk unsolicited commercial e-mail to AOL members or through AOL services.[America Online Inc. v. Prime Data Systems Inc., 1998 U.S. Dist. LEXIS 20226 (E.U Va. Nov. 20, 1998).]In another lawsuit, Hotmail sued a company for allegedly providing false e-mail header information in unsolicited commercial e-mail which made it appear that the messages originated from Hotmail accounts. In that lawsuit, a federal court in
Hate and Vengeance Case
A former employee in the Human Resources department at Marsh Inc., an insurance company located in Manhattan, was sentenced in a Manhattan federal court to 18 months in prison for illegally accessing and deleting hundreds of computer records at Marsh. On October 31, 2001, the hacker pled guilty to a one-count indictment charging him with accessing a protected computer without authorization and deleting approximately 950 files relating to employee compensation.A female employee at Marsh had complained that the hacker was harassing her because she rebuffed his romantic advances. He was later terminated from Marsh and obtained employment at Viacom, Inc. In January 2001, he used a password belonging to another employee at Marsh to obtain unauthorized access to Marsh's computer database and deleted approximately 800 files relating to the compensation of Managing Directors at Marsh and approximately 150 files relating to compensation of other Marsh employees. He also altered the female employee's compensation record to reflect a $40,000 increase in her salary and a $100,000 bonus. In February and March 2001, senior managers at Marsh received an email attached to which was a file containing information from the deleted salary files. The email appeared to have been originally sent from an e-mail account established at Hotmail.com. The user ID of that account contained the female employee's last name. The female employee denies having established that account. A forensic image of hacker's computer at Viacom revealed that the e-mails to the senior managers at Marsh were sent from that computer.[
0 Comments:
Post a Comment
<< Home