Impacts of computer crimes in Businesses 41736 Essay Example

Sloan-Kettering Cancer Institute in New York City (Rep, S 1986 P. 24). They altered files on the computer, endangering the lives of patients. This incident served as a stark reminder that hacking is a serious problem that requires proper attention and action.

According to De W. (2007), the loss of data and other cyber vulnerabilities are causing significant financial harm to businesses, but many are not concerned. These crimes result in approximately 40 billion US dollars in annual losses for affected companies and individuals. Joris, E (2006) also states that a survey conducted by the FBI revealed that businesses are spending significant resources on addressing worms, viruses, Trojan horses, computer theft, financial fraud, and network intrusion.

According to the survey, organizations spent a total of nearly 12 million dollars on virus-type incidents, 3.2 million dollars on theft, 2.8 million dollars on financial fraud, and 2.7 million dollars on network intrusions. Despite using security products, 90% of the respondents stated that they had experienced a security incident.

Currently, there is a lack of precise and reliable statistical data on the amount of computer crimes and the economic losses suffered by victims. This can be attributed to several factors. Firstly, many of these crimes remain undetected by the victims due to their discreet and skilled nature. Additionally, a significant number of computer crimes are not reported to authorities, impeding action. Lastly, quantifying the losses incurred by victims in certain cases proves challenging.

Law enforcers and computer specialists specializing in security agree that the number and complexity of computer crimes are rapidly increasing. In the majority of computer crimes, apprehending the perpetrator is challenging due to the fact that the disruption of

machine operations occurs predominantly through networks.

Business attacks

According to Agnes, M (2002), numerous businesses have experienced attacks from interested parties or jealous rivals seeking to hinder their progress. A study conducted in February 2001 revealed that there are approximately 4000 denial of service attacks occurring daily. Remarkably, the majority of these incidents go unreported by the media and the perpetrators are rarely held accountable in legal proceedings. As a stark example, Agnes, M (2002) cites the case of the Yahoo website being subjected to a three-hour attack on Monday, 7 Feb 2000 (Agnes, M 2002).

According to Agnes (2002), multiple websites, including Amazon, Buy, CNN, and eBay, were attacked on Tuesday, February 8, 2000. Each attack endured for over one hour. Additionally, the websites of E-Trade, a stock broker, and ZDNet, a computer information company, were targeted on Wednesday, February 9, 2000.

In March 1997, a young teenager caused significant disruption to the Worcester, Massachusetts airport by disabling the telephone operations for up to six hours. This action not only affected the air-traffic control system but also other critical services (James, 2004). The same individual, as reported by James (2004), illegally accessed records of several parents from a computer in a drug store on four separate occasions in January, February, and March of that year. Additionally, this criminal became the first juvenile to be prosecuted by the U.S. Government for computer crime (p. 101). The offender pleaded guilty and was subsequently sentenced to two years of probation and ordered to provide 250 hours of community service. Furthermore, all computer accessories used during the criminal activity were voluntarily handed over by the individual (James, 2004, p. 103).

According to Carol,

C. L (2006), in March, 2005, a man named Heim confessed to using the username and password given to Facility Automation Systems Company. He redirected all of the company's internet traffic, including electronic mail, to a server at his new employer (P.21).

Different categories of criminal activities

There are three main types of computer-related criminal activities that significantly impact businesses. The first is unauthorized computer use, which entails stealing a username and password or accessing a victim's computer through the World Wide Web. The second involves releasing harmful computer programs such as viruses or worms, which constitutes a criminal offense. Lastly, cyber harassment is another severe crime. All three of these activities cause substantial damages to business operations, leading to economic implications.

Changing data in the original format or altering the amount can be carried out remotely, which is considered as fraudulent activity. Similarly, committing a crime involves denying authorized users access to services by overwhelming the disk space with excessive consumption. This can be achieved by sending a significant number of bulk emails within a short time, running improper programs that cause the processing unit to be stuck in an infinite loop, or inundating an internet server with ambiguous requests for web pages, thereby preventing potential customers from downloading a page and potentially causing the server to crash.

The organization faces difficulty in getting their computers back to working order due to the attack. Additionally, the attack has also highlighted potential threats, causing the organization to once again focus on finding ways to relocate and move on from this situation.

There are negative impacts on businesses.

Hackers target computer systems in order to obtain sensitive client or

customer information, as well as other valuable business data such as credit card details and social security numbers. This is primarily done for the purpose of identity fraud and theft.

Computer crimes have negative impacts on businesses, such as remote alteration of existing data. Manipulating the account information of customers can lead to severe consequences. Once the customer's background is modified, it becomes difficult to determine the extent of their owed liabilities. Additionally, critical business files are vulnerable to attack, either through content manipulation or complete deletion. These actions have detrimental effects on organizations as they create bookkeeping problems and hinder easy access and retrieval of necessary files, resulting in wasted time.

The utilization of malicious programs is prevalent in emails and other computer software. In numerous cases, messages are sent under someone's name without their consent or knowledge. For instance, as described by Barnes (2004), in 1999, 2001, and 2002, emails containing fake addresses were automatically sent through a malicious program, resulting in significant harm to computer software across various organizations.

Using the internet to post messages with a fake author's name in order to damage the reputation of a real individual or business is a serious crime that can harm businesses. Such actions are subject to punishment under existing criminal laws, which prohibit impersonation, forgery, deceit, and fraud.

The use of computer malicious programs has caused harm to businesses on numerous occasions. A notable instance occurred in 1999 when the Melissa virus infected a confidential document on a victim's computer. Subsequently, the program automatically sent that document and a copy of the virus via email to other individuals who suffered losses as a result.

These malicious programs are

a recent creation employed by criminals to transmit confidential information from a person's computer. The confidential information does not only reach the creator of the malicious program but also an unknown third party.

In 2003, a dissatisfied employee in Nigeria illicitly accessed his employer's computer using his valid login credentials. This unauthorized intrusion severely affected the business's functionality, as the employee was able to modify bank account details. Consequently, customers unknowingly deposited money into the employee's personal account instead of the employer's. The employer only became aware of these activities after a significant four-month period, during which he suffered substantial financial losses amounting to millions of naira.

This can be highly harmful if it occurs in other industries, especially when the dissatisfied employee holds the role of a system administrator. As administrators possess the password to their employer's account and can access any user's files, they have the ability to engage in illegal activities while being physically present in the employer's premises, rather than remotely accessing a computer via modem. Such malicious actions have detrimental consequences on the functioning of a business.

Many criminals have utilized technology to make free long distance telephone calls, concealing their location while hacking into computers. This occurrence persists worldwide, causing businesses to suffer financial losses due to the accumulating phone bills from criminal calls. In London, a business was even compelled to shut down because they couldn't afford to pay the enormous bill. The consequences of these intrusions are detrimental to numerous businesses.

In another incident, a criminal intentionally modified and erased data from a computer at a cyber cafe, resulting in significant harm. The deleted data pertained to the network and the

customers who were connected through the server. The owner expressed resentment over the incident, as it had caused considerable financial loss. He had to take immediate action to satisfy the customers and ensure their continued patronage.

The alteration of websites is another crime that aims to cause damage in the business community. In recent times, there have been numerous attacks on websites by hackers who pretend to be dissatisfied with the website owner. They achieve this by inserting false information into the organization's website, with the intention of causing confusion among potential customers.

The hacker's usual approach involves deleting certain pages and graphics, and then replacing them with new ones having identical names. By doing this, the hacker gains control over the message displayed on the site. Additionally, some hackers introduce unwanted content such as pornography in order to scare customers who may be wary of such material. Others may entirely compromise the login section, preventing anyone from accessing it, whether authorized or not.

Recent targets of these attacks have included several U.S. Government agencies like the White House and FBI. Nevertheless, this is not the most severe form of cybercrime. To address this security breach, the website owner can temporarily shut down the site and restore all files from backup media. Simultaneously, they can enhance site security before reopening it. Ultimately, the perpetrator has committed a crime by illegally exploiting someone else's device.

A denial of service attack happens when a business server is overwhelmed with an ongoing flow of nonspecific requests for web pages, preventing potential users from downloading a page and potentially causing the web server to crash. To execute this malicious act, criminals initially

install remote controlled programs on numerous computers with internet access.

On command, this control program will continuously send pings to a designated site, as instructed by the hacker. Once the attacking process is initiated, the program will begin pinging a specific target address.

Security Measures

Online computer services require strong security measures for accessing them. To log in, users must provide a user name and a password. However, it is common for people to use their last name as their user name, making it easy to guess. Therefore, it is important to be cautious when creating passwords.

When selecting a password, it is important to avoid using personal information such as one's name, someone else's first name, nickname, telephone number, or date of birth, as these can be easily guessed. Similarly, it is also a risk to write these details backwards.

According to Barnes (2004), the most secure password is a combination of random lowercase and uppercase letters along with digits. However, Barnes warns that such a password can be challenging to remember due to the complexity of the characters. As a suggestion, it is advisable to select uncommon foreign jargon that cannot be found in the local language dictionary.

It is important to keep your password secure and not share it with anyone. Additionally, when setting up a new computer, it is crucial to follow the system administrator's instructions on creating a password.

To prevent hacking on your organization's site, it is recommended to use a unique password for each site or computer account. Oloo, H (1987) suggests that changing passwords every few weeks is a common practice, but it also increases the risk of forgetting your password. Additionally, Oloo

emphasizes that the decision to change passwords frequently is up to you and depends on the importance you assign to it.

Many people store their passwords either in a script on their hard disk or in various programs. While this practice is convenient, it can pose a security risk. If your username and password are stored this way, it is advisable to enable the password setting on your computer. This means you will need to enter it each time the machine is switched on.

If there are times when other people can access your computer, either in your presence or when you are absent and your computer is running, it is recommended to install and activate a screen saver software that requires a password to access the original operating system or applications software. Additionally, in cases of theft or vandalism of your computer, it is possible for the perpetrator to gain unauthorized access to all of your accounts. Therefore, it is crucial to log into each account and change the password for each one as soon as the theft is detected.

When it comes to private data, the same precautions that apply to passwords also apply to confidential information on your computer. Oloo, H (1987) explains that there is no simple solution for destroying the value of confidential data in files on a stolen or vandalized machine. For businesses with highly sensitive and valuable data, it is advisable to code or encrypt all of their data files (Oloo, H 1987 P. 45).

During the 1980s, viruses were commonly transmitted among users through defective floppy disks. Therefore, businessmen and women from that era believed that they did not require anti-virus

software as long as they purchased software from trusted sources and refrained from copying programs from these faulty floppies shared by friends and colleagues (Barnes, 2004 P. 34).

According to Barnes (2004), advancements in the 1990s made it vital for computer users to have anti-virus software. This was due to the widespread use of downloaded files from the Internet for software distribution and updates. Additionally, hackers created malicious programs that were concealed within applications such as Microsoft Word. These malicious programs could also be disguised within email attachments. When users clicked on these files, the harmful computer program would activate, resulting in computer infection (P. 35).

Using email and downloading executable software/files from the internet is a part of our daily routine. Therefore, it is important to have an anti-virus program running on our machines. These programs scan all files for viruses and will automatically delete or clean infected files if they don't pose a significant threat. It is recommended to activate the anti-virus software as soon as new software is installed.

In order to safeguard your business from virus threats, it is important to regularly update the anti-virus software. This is necessary because new malicious programs are discovered on a daily basis. The frequency of software updates should be determined based on your tolerance to risk. If you believe that your machines are vulnerable to attacks, it is advisable to update the software. Additionally, when news media reports an outbreak of a virus, it is prudent to update the anti-virus software as soon as the developer revises their definition files to detect the new virus. If possible, daily updates should be implemented until new variants of the

virus cease to emerge.

To protect your business from this threat, never open any executable file attached to an email without knowing its contents and source. It is advisable to wait a few minutes, hours, or even days before opening the file and contacting the sender to inquire about its contents and source.

Richmond, S (2000) highlighted the significance of the Melissa and I love you incidents in March 1999 and May 2000. These incidents serve as reminders that even individuals or organizations we trust can unknowingly transmit malicious programs. This occurs when their systems have been infected with a virus that automatically sends emails under their name.

Be cautious when receiving email attachments with a double extension, especially if the right-side extension is for an executable file. According to James (2004), some examples of such files include Filename.jpg.vbs, filename.doc.exe, filename.zip.com, filename.gif.bat, filename.txt.pif, filename.mp3.scr, and filename.htm.lnk, among others (p. 105). It's worth noting that these attached emails often contain text with numerous grammatical and punctuation errors, as well as misspelled words. Such significant mistakes from someone claiming to be an English speaker should raise suspicion of a forged address and potential virus in the email.

Besides the control measures mentioned previously, one option is to create a free e-mail account through Yahoo, HotMail, or another provider. If someone harasses or disrupts your activities, you can easily close the account and select a different one from the numerous available. Essentially, this is akin to obtaining a disposable identity in cyberspace.

In order to safeguard business files and other important materials from potential loss caused by computer crimes, it is crucial to create backups. These backups protect the files from threats like

accidental deletion or hard disk failure. It is recommended to perform a full backup of all files at least twice a year, and immediately after completing a major project.

In order to implement the mentioned security measures, both employers and employees need to be educated about the importance of computer security. This is crucial for organizations and businesses to achieve desirable outcomes. The success of information and security efforts relies on the development of effective working practices and the establishment of procedures to ensure their adherence. Creating a disciplined approach and fostering a security-conscious atmosphere is essential to cater to all staff members.

If a business deals with confidential information, it is crucial to have trustworthy and reliable individuals who are also screened to a level commensurate with the sensitivity of the information they will handle.

Restricting access to all of the business's information is necessary for employees to only have access to what is necessary for them to perform their job. Specifically, sensitive material should be divided and organized so that only authorized staff members can access it. Overall, no staff member should have access to all of the information that pertains to the entire organization.

Furthermore, in order for security measures based on business rules and regulations to be effective, proper training of all staff members is essential. It is crucial that the problem is comprehended by everyone. This can be accomplished primarily through in-house staff training. Additionally, individual users must receive training on network usage, handling confidential information, and creating backups.

To enhance security, it is important to educate employees on how to respond to and combat threats, as well as instructing them on what actions to

avoid and who to contact for assistance. Employees should be urged to report any threat incidents so that appropriate measures can be implemented by authorities to mitigate potential harm.

It is important to provide introductory training to new and temporary employees when they start working for the company. This training should focus on the importance of data security and data integrity. Furthermore, it could be beneficial to include a section in employees' contracts that outlines their security and confidentiality obligations, in order to raise awareness among them.

To achieve functional and cost-effective computer security, several steps need to be taken into consideration by management. Firstly, it is crucial to analyze the risks associated with certain threats in order to enable management to develop policies aligned with the initial security goals of the organization. These policies should include the main security objectives, information classification principles, responsible individuals, and the principles required to achieve the objectives.

The policy should be both written and approved by management in order to ensure necessary resources are allocated. Furthermore, a plan must be developed to outline how the targets and intentions outlined in the policy document will be achieved. It is important to note that not all aspects of the policy may be implemented simultaneously, so a priority list should be established. The individual responsible for security within the organization should review and analyze this plan.

During the implementation phase, it is crucial to pay attention to the main points and ensure inclusivity. Senior managers must have sufficient knowledge of the computer security systems in use to understand the process and its rationale. Users need to be provided with clear instructions on their expected behavior

and responsibilities. The guidelines should be distributed to them in writing after they have been signed.

The purpose of this is primarily to combat the arrogance of individuals who claim to be unaware of the guidelines. An example of such guidelines can be provided to users as follows: do not access information without proper authorization, do not make any changes to computer systems without proper authority, refrain from using company computers for personal matters unless explicitly permitted, always remember to turn off computers when finished, familiarize yourself with procedures for dealing with malicious programs on the system. Additionally, use antivirus software, be cautious of virus codes, and maintain the confidentiality of your login credentials. Never allow anyone else to use your password, and always remember that any actions performed on the system using your ID and password are solely your responsibility.

To summarize, computer crimes targeting businesses greatly hinder their operations by depleting resources. These crimes require significant time and money to repair the damage caused. Experts are often hired to fix the aftermath and internal training is necessary. Moreover, such attacks scare away potential customers and prevent access to essential information. The management also faces numerous challenges due to the corruption of files and data during these criminal acts.

It is crucial to understand that certain information is sensitive and plays a vital role in the success of a business. If this information is stolen, it greatly damages the reputation and integrity of the business. Therefore, it is of utmost importance to strongly condemn such actions.

Works cited

The text below is from the book "Internet in today's world" written by Agnes, M. in 2002. The book was published

by General Printers in Nairobi. The page range is from 101 to 131.

Barnes, S. (2004). Hackers in the Business World: Why they intrude and how they can be bared. London: Longhorn, 20-41.

According to Carol, C. L. in the book "Computer Security: The underlying issues", published in 2006 by Akron University Press, the discussion about computer security spans pages 21-27.

De W. (2007) states that cyber crime has become a $105 billion business. According to the article from http://www.crime-research.org/news/26.09.2007/2912, accessed on September, 27 2007.

James, in his book The future of Computer Security (2004), discusses the future of computer security and the various perceptions surrounding it. The book specifically focuses on what the future holds for computer security. Penguin published this book in Melbourne, and it covers information from pages 102 to 110.

Joris, E. (2006). Computer Crime costs $67 billion, according to the FBI. The Daily Nation, September 25, 2007.

Michael, T. (2001). Securing your Computer from the Ever increasing Crime. Nairobi: General Printers, P.2-15

Oloo, H. 1978. Business Threats. How to handle these threats. Baltimore, Maryland: John Hopkins University Press

According to Richmond (200), in his book "Computer Crimes: How the criminals orchestrate the offence," he explains that the criminals behind computer crimes are becoming increasingly sophisticated. This information can be found on page 26 of the Nairobi Government Press publication.

Rep, S. 1986. Is there any future in hacking? The modern world appears to be unconcerned about the consequences of hacking. London: Longhorn, P. 24-31