978-0133428537 Chapter 6 Solution Manual Part 1

CHAPTER 6

COMPUTER FRAUD AND ABUSE TECHNIQUES

SUGGESTED ANSWERS TO DISCUSSION QUESTIONS

6.1 When U.S. Leasing (USL) computers began acting sluggishly, computer operators

were relieved when a software troubleshooter from IBM called. When he offered to

correct the problem they were having, he was given a log–on ID and password. The

next morning, the computers were worse. A call to IBM confirmed USL’s suspicion:

Someone had impersonated an IBM repairman to gain unauthorized access to the

system and destroy the database. USL was also concerned that the intruder had

devised a program that would let him get back into the system even after all the

passwords were changed.

What techniques might the impostor have employed to breach USL’s internal

security?

The perpetrator may have been an external hacker or he may have been an employee with

What could USL do to avoid these types of incidents in the future?

6.2 What motives do people have for hacking? Why has hacking become so popular in

recent years? Do you regard it as a crime? Explain your position.

6.3 The UCLA computer lab was filled to capacity when the system slowed and crashed,

disrupting the lives of students who could no longer log into the system or access data

to prepare for finals. IT initially suspected a cable break or an operating system

failure, but diagnostics revealed nothing. After several frustrating hours, a staff

member ran a virus detection program and uncovered a virus on the lab’s main

server. The virus was eventually traced to the computers of unsuspecting UCLA

students. Later that evening, the system was brought back online after infected files

were replaced with backup copies.

What conditions made the UCLA system a potential breeding ground for the virus?

What symptoms indicated that a virus was present?

6.1 A few years ago, news began circulating about a computer virus named Michelangelo

that was set to “ignite” on March 6, the birthday of the famous Italian artist. The

virus attached itself to the computer’s operating system boot sector. On the magical

date, the virus would release itself, destroying all of the computer’s data. When

March 6 arrived, the virus did minimal damage. Preventive techniques limited the

damage to isolated personal and business computers. Though the excitement

surrounding the virus was largely illusory, Michelangelo helped the computer-using

public realize its systems’ vulnerability to outside attack.

a. What is a computer virus? Cite at least three reasons why no system is

completely safe from a computer virus.

b. Why do viruses represent a serious threat to information systems? What

damage can a virus do to a computer system?

c. How does a virus resemble a Trojan horse?

d. What steps can be taken to prevent the spread of a computer virus?

6.2 The controller of a small business received the following e-mail with an authentic-

looking e-mail address and logo:

From: Big Bank [antifraud@bigbank.com]

To: Justin Lewis, Controller, Small Business USA

Subject: Official Notice for all users of Big Bank!

Due to the increased incidence of fraud and identity theft, we are asking all bank

customers to verify their account information on the following Web page:

www.antifraudbigbank.com

Please confirm your account information as soon as possible. Failure to confirm

your account information will require us to suspend your account until confirmation

is made.

A week later, the following e-mail was delivered to the controller:

From: Big Bank [antifraud@bigbank.com]

To: Justin Lewis, Controller, Small Business USA

Subject: Official Notice for all users of Big Bank!

Dear Client of Big Bank,

Technical services at Big Bank is currently updating our software. Therefore, we

kindly ask that you access the website shown below to confirm your data. Otherwise,

your access to the system may be blocked.

web.da-us.bigbank.com/signin/scripts/login2/user_setup.jsp

We are grateful for your cooperation.

a. What should Justin do about these e-mails?

b. What should Big Bank do about these e-mails?

c. Identify the computer fraud and abuse technique illustrated.

6.3 A purchasing department received the following e-mail.

Dear Accounts Payable Clerk,

You can purchase everything you need online—including peace of mind—when you

shop using Random Account Numbers (RAN). RAN is a free service for Big Credit Card

customers that substitutes a random credit card number in place of your normal credit

card number when you make online purchases and payments. This random number

provides you with additional security. Before every online purchase, simply get a new

number from RAN to use at each new vendor. Sign up for an account at

www.bigcreditcard.com. Also, take advantage of the following features:

Automatic Form automatically completes a vendor’s order form with the RAN, its

expiration date, and your shipping and billing addresses.

Set the spending limit and expiration date for each new RAN.

Use RAN once or use it for recurring payments for up to one year.

Explain which computer fraud and abuse techniques could be prevented using a

random account number that links to your corporate credit card.

6.4 Match the Internet-related computer fraud and abuse technique in the left column

with the scenario in the right column. Terms on the left may be used once, more

than once, or not at all.

1. Adware

i. Software that collects consumer surfing and purchasing data.

2. Botnet

o. A network of hijacked computers.

3. Bot herder

r. Hackers that control hijacked computers.

4. Click fraud

u. Inflating advertising revenue by clicking online ads numerous times.

5. DoS

t. Overloading an Internet service provider’s e-mail server by sending

hundreds of e-mail messages per second from randomly generated false

addresses.

6. E-mail threats

c. Sending an e-mail instructing the recipient to do something or they will

suffer adverse consequences.

7. Hijacking

l. Gaining control of a computer to carry out unauthorized illicit activities.

8. Internet

misinformation

s. Circulating lies or misleading information using the world’s largest

network.

9. Internet terrorism

m. Using the Internet to disrupt communications and e-commerce.

10. Key logger

q. Use of spyware to record a user’s keystrokes.

11. Pharming

n. Diverting traffic from a legitimate Web site to a hacker’s Web site to gain

access to personal and confidential information.

12. Phishing

j. E-mails that look like they came from a legitimate source but are actually

from a hacker who is trying to get the user to divulge personal information.

13. Spamming

e. E-mailing an unsolicited message to many people at the same time.

14. Splog

h. A spam blog that promotes affiliated Web sites to increase their Google

PageRank.

15. Spyware

a. Software that monitors and reports a user’s computing habits.

16. Spoofing

k. Making an e-mail look like it came from someone else.

17. Typosquatting

f. Creating Web sites with names similar to real Web sites so users making

errors while entering a Web site name are sent to a hacker’s site.

6. 5 Match the computer fraud and abuse technique in the left column with the scenario

in the right column. Terms on the left may be used once, more than once, or not at

all.

1. Bluebugging

i. Making phone calls and sending text messages using another user’s phone

without physically holding that phone.

2. Bluesnarfing

k. Capturing data from devices that use Bluetooth technology.

3. Eavesdropping

f. Intercepting and/or listening in on private voice and data transmissions.

4. Evil twin

m. A rogue wireless access point masquerading as a legitimate access point.

5. Packet sniffing

a. Intercepting Internet and other network transmissions.

6. Phreaking

j. Using telephone lines to transmit viruses and to access, steal, and destroy

data.

7. Piggybacking

d. Gaining access to a protected system by latching on to a legitimate user.

8. Vishing

b. E-mails instructing a user to call a phone number where they are asked to

divulge personal information.

9. War dialing

h. Searching for modems on unprotected phone lines in order to access the

attached computer and gain access to the network(s) to which it is attached.

10. War driving

c. Searching for unprotected wireless networks in a vehicle.

6.6 Match the computer fraud and abuse technique in the left column with the scenario

in the right column. Terms on the left may be used once, more than once, or not at

all.

1. Chipping

e. Inserting a chip that captures financial data in a legitimate credit card

reader.

2. Data diddling

i. Altering data during the IPO (Input-Process-Output) cycle.

3. Data leakage

f. Copying company data, such as computer files, without permission.

4. Identity theft

a. Illegally obtaining confidential information, such as a Social Security

number, about another person so that it can be used for financial gain.

5. Round-down

fraud

j. Placing truncated decimal places in an account controlled by the

perpetrator.

6. Salami technique

d. Embezzling small fractions of funds over time.

7. Scavenging

b. Searching through garbage for confidential data.

6.7 Match the computer fraud and abuse technique in the left column with the scenario

in the right column. Terms on the left may be used once, more than once, or not at

all.

1. Dictionary attack

j. Using software to guess company addresses, send them blank e-mails, and

adding unreturned messages to spammer e-mail lists.

2. Hacking

w. Gaining access to a computer system without permission.

3. Logic bomb

s. Software that sits idle until a specified circumstance or time triggers it.

4. Malware

l. Software used to do harm.

5. Masquerading

n. Pretending to be a legitimate user, thereby gaining access to a system and

all the rights and privileges of the legitimate user.

6. Password cracking

c. Capturing and decrypting passwords to gain access to a system.

7. Piggybacking

e. Using a wireless network without permission.

8. Posing

x. Creating a seemingly legitimate business, collecting personal information

while making a sale, and never delivering the item sold.

9. Pretexting

u. Acting under false pretenses to gain confidential information.

10. Rootkit

q. Software that conceals processes, files, network connections, and system

data from the operating system and other programs.

11. Shoulder surfing

v. Observing or listening to users as they divulge personal information.

12. Skimming

f. Covertly swiping a credit card in a card reader that records the data for later

use.

13. Social

engineering

r. Methods used to trick someone into divulging personal information.

14. Software piracy

p. Unauthorized copying or distribution of copyrighted software.

15. Steganography

g. Concealing data within a large MP3 file.

16. Superzapping

a. Special software used to bypass system controls.

17. Trap door

i. Entering a system using a back door that bypasses normal system controls.

18. Trojan horse

k. Unauthorized code in an authorized and properly functioning program.

19. Virus

b. A segment of executable code that attaches itself to software.

20. Worm

m. A program that can replicate itself and travel over networks.

21. Zero-day attack

h. Attack between the time a software vulnerability is discovered and a patch

to fix the problem is released.