Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Accounting Information Systems
6-1
CHAPTER 6
COMPUTER FRAUD AND ABUSE TECHNIQUES
SUGGESTED ANSWERS TO DISCUSSION QUESTIONS
6.1 When U.S. Leasing (USL) computers began acting sluggishly, computer operators
were relieved when a software troubleshooter from IBM called. When he offered to
correct the problem they were having, he was given a log-on ID and password. The
next morning, the computers were worse. A call to IBM confirmed USL’s suspicion:
Someone had impersonated an IBM repairman to gain unauthorized access to the
system and destroy the database. USL was also concerned that the intruder had
devised a program that would let him get back into the system even after all the
passwords were changed.
What techniques might the impostor have employed to breach USL’s internal
security?
The perpetrator may have been an external hacker or he may have been an employee with
knowledge of the system.
It seems likely that the perpetrator was responsible for the sluggishness, as he called soon
after it started. To cause the sluggishness, the perpetrator may have:
• Infected the system with a virus or worm.
Ch. 6: Computer Fraud and Abuse Techniques
What could USL do to avoid these types of incidents in the future?
• Determine how the perpetrator caused the sluggishness and implement the controls
need to prevent it from happening again.
Other control considerations that could reduce the incidence of unauthorized access
include:
• Improved control of sensitive data.
Accounting Information Systems
6.2 What motives do people have for hacking? Why has hacking become so popular in
recent years? Do you regard it as a crime? Explain your position.
Hacking is the unauthorized access, modification, or use of an electronic device or some
element of a computer system. Hacking represents illegal trespassing and is punishable as
a federal crime under the 1986 Computer Fraud and Abuse Act.
Ch. 6: Computer Fraud and Abuse Techniques
6.3 The UCLA computer lab was filled to capacity when the system slowed and crashed,
disrupting the lives of students who could no longer log into the system or access data
to prepare for finals. IT initially suspected a cable break or an operating system
failure, but diagnostics revealed nothing. After several frustrating hours, a staff
member ran a virus detection program and uncovered a virus on the lab’s main
server. The virus was eventually traced to the computers of unsuspecting UCLA
students. Later that evening, the system was brought back online after infected files
were replaced with backup copies.
What conditions made the UCLA system a potential breeding ground for the virus?
• Many computers, providing numerous potential hosts.
What symptoms indicated that a virus was present?
• Destroyed or altered data and programs.
Accounting Information Systems
6-5
SUGGESTED ANSWERS TO THE PROBLEMS
6.1 A few years ago, news began circulating about a computer virus named Michelangelo
that was set to “ignite” on March 6, the birthday of the famous Italian artist. The
virus attached itself to the computer’s operating system boot sector. On the magical
date, the virus would release itself, destroying all of the computer’s data. When
March 6 arrived, the virus did minimal damage. Preventive techniques limited the
damage to isolated personal and business computers. Though the excitement
surrounding the virus was largely illusory, Michelangelo helped the computer-using
public realize its systems’ vulnerability to outside attack.
a. What is a computer virus? Cite at least three reasons why no system is
completely safe from a computer virus.
A computer virus is a segment of executable code that attaches itself to an application
program or some other executable component. When the hidden program is
triggered, it makes unauthorized alterations in the way a system operates.
There are a number of reasons why no one is completely safe from a virus:
• Viruses are contagious and are easily spread from one system to another. A virus
spreads when users share programs or data files, download data from the Internet,
b. Why do viruses represent a serious threat to information systems? What
damage can a virus do to a computer system?
Viruses are a significant threat to information systems because they make
unauthorized alterations to the way a system operates and cause widespread damage
Ch. 6: Computer Fraud and Abuse Techniques
c. How does a virus resemble a Trojan horse?
A virus is like a Trojan horse in that it can lie dormant for extended periods,
d. What steps can be taken to prevent the spread of a computer virus?
Focus 6-1 lists the following steps individuals can take to keep their computers virus
free:
• Make sure that the latest versions of the antivirus programs are used. National
City Bank in Cleveland, Ohio, installed some new laptops. The manufacturer and
the bank checked the laptops for viruses but did not use the latest antivirus
software. A virus spread from the laptop hard drives to 300 network servers and
12,000 workstations. It took the bank over two days to eradicate the virus from all
bank systems.
Accounting Information Systems
6-7
Ch. 6: Computer Fraud and Abuse Techniques
6.2 The controller of a small business received the following e-mail with an authentic-
looking e-mail address and logo:
From: Big Bank [antifraud@bigbank.com]
To: Justin Lewis, Controller, Small Business USA
Subject: Official Notice for all users of Big Bank!
A week later, the following e-mail was delivered to the controller:
From: Big Bank [antifraud@bigbank.com]
To: Justin Lewis, Controller, Small Business USA
Subject: Official Notice for all users of Big Bank!
a. What should Justin do about these e-mails?
This is an attempt to acquire confidential information so that it can be used for illicit
purposes such as identity theft. Since the email looks authentic and appears
authoritative, unsuspecting and naïve employees are likely to follow the emails
instructions.
Justin should:
• Notify all employees and management that the email is fraudulent and that no
information should be entered on the indicated website.
Accounting Information Systems
• Notify Big Bank regarding the email.
b. What should Big Bank do about these e-mails?
• Immediately alert all customers about the email and ask them to forward any
suspicious email to the bank security team. But this needs to be done via the
bank’s web site, not by an email message. Banks need to consistently never use
email in ways similar to this type of attack.
c. Identify the computer fraud and abuse technique illustrated.
This computer fraud and abuse technique is called phishing. Its purpose is to get the
information need to commit identity theft. The perpetrator probably also used brand
spoofing of Big Bank’s web site.
Ch. 6: Computer Fraud and Abuse Techniques
6.3 A purchasing department received the following e-mail.
Dear Accounts Payable Clerk,
You can purchase everything you need online—including peace of mind—when you
shop using Random Account Numbers (RAN). RAN is a free service for Big Credit Card
customers that substitutes a random credit card number in place of your normal credit
card number when you make online purchases and payments. This random number
provides you with additional security. Before every online purchase, simply get a new
Banks actually offer a service like this. For example, Citi Bank offers a program called
Virtual Account Numbers.
Students will likely present many different solutions to this problem. Table 6-1 in the text
provides a comprehensive list of computer fraud and abuse techniques that the students
may draw upon. Potential solutions should at least include:
• identity theft
Using RAN can help prevent identity fraud. Since the card is only linked to the actual
customer at the bank, the identity of the customer is shielded to anyone who steals the card
or the card number. The thief would need to hack into the bank’s system to find the
identity of the RAN cardholder since it would not be printed on the card itself.
Accounting Information Systems
6-11
Also, RAN can frustrate those who capture card numbers through packet sniffing, spyware,
and eavesdropping. These techniques may capture the card number, but once the thieves
have it, their ability to exploit the card for monetary gain is severely restricted.
PERHAPS MORE IMPORTANT: even though banks offer these types of services, this
email may be a clever Phishing expedition and a recipient should not respond to the email
Ch. 6: Computer Fraud and Abuse Techniques
6.4 Match the internet related computer fraud and abuse technique in the left column
with the scenario in the right column. Terms may be used once, more than once, or
not at all.
1. Adware
i. Software that collects consumer surfing and purchasing data.
2. Botnet
o. A network of hijacked computers.
3. Bot herder
r. Hackers that control hijacked computers.
4. Click fraud
u. Inflating advertising revenue by clicking online ads numerous times.
8. Internet
misinformation
s. Circulating lies or misleading information using the world’s largest
network.
9. Internet
terrorism
m. Using the Internet to disrupt communications and e-commerce.
10. Key logger
q. Use of spyware to record a user’s keystrokes.
11. Pharming
n. Diverting traffic from a legitimate Web site to a hacker’s Web site to
gain access to personal and confidential information.
