COMPUTER AND INTERNET CRIME
QUESTIONS TO CONSIDER
1. Peter Gumble, European editor for Fortune magazine, comments, "Kerviel is a stunning example of a trader breaking the rules, but he's by no means alone. One of the dirty little secrets of trading floors around the world is that every so often, somebody is caught concealing a position and is quickly - and quietly - dismissed... [This] might be shocking for people unfamiliar with the macho, high-risk, high-reward culture of most trading floors, but consider this: the only way banks can tell who will turn into a good trader and who even the most junior traders to take aggressive positions. This leeway is supposed to be matched by careful controls, but clearly they aren't foolproof." What is your reaction to this statement by Mr. Gumble?
Answer:
When
first starting to trade, you need to manage risk and to trade a well defined
trading plan with clearly specified entry and exit strategies. You need a
detailed risk management plan and a detailed money management plan. No building
is built without a plan. Why would you attempt to trade without a detailed
trading plan? Often the reason is that novice traders want to believe that a
charting program or a trading program in itself will give them unlimited money.
2. What explanation can there be for the failure of SocGen's internal
control system to detect Kerviel's transactions while Eurex detected
many suspicious transactions?
Answer:
Jérôme Kerviel had put together a first portfolio (A) composed of
futures and representing the evolution of the European stock indexes
(Eurostoxx, Dax, FTSE….) while at the same time he was establishing a second
portfolio (B) composed of warrants which had the same characteristics as those
of the futures but with a different value, these variances in value explain the
losses or the gains of such activities. Because of their close characteristics,
these two portfolios compensate each other and lower the market risks. Société
Générale had established internal controls to manage these risks. The fraud
committed by Jérôme Kerviel has consisted of evading internal controls or
making them inefficient. Jérôme Kerviel had registered and then cancelled
fictitious transactions in the second portfolio. The fictitious transactions
were registered in Société Générale systems but were economically unreal.
Within the framework of this fraud the financial instruments of
portfolio (A) were seemingly compensated with the fictitious operations
accommodated within portfolio (B) which showed only a very little residual
risk. He gave to his fictitious operations some characteristics which limited
the opportunities of control. He usurped computing access codes belonging to
operators to cancel certain operations. He falsified the documents allowing him
to justify his fictitious operations. He made sure that his fictitious
operations related to a financial instrument different from those which he had
just canceled to avoid control.
http://www.hg.org/article.asp?id=6028
Discussion Questions
1. Identify and briefly discuss four
reasons why computer incidents have become more prevalent.
Answer:
Programming
style while typos in the program code are often caught by the compiler, a bug
usually appears when the programmer makes a logic error. Various innovations in
programming style and defensive programming are designed to make these bugs
less likely or easier to spot. In some programming languages, so-called typos,
especially of symbols or logical/mathematical operators, actually represent
logic errors, since the mistyped constructs are accepted by the compiler with a
meaning other than that which the programmer intended. Programming techniques
Bugs often create inconsistencies in the internal data of a running program.
Programs can be written to check the consistency of their own internal data
while running. If an inconsistency is encountered, the program can immediately
halt, so that the bug can be located and fixed. Alternatively, the program can
simply inform the user, attempt to correct the inconsistency, and continue
running. Development methodologies There are several schemes for managing
programmer activity, so that fewer bugs are produced. Many of these fall under
the discipline of software engineering (which addresses software design issues
as well). For example, formal program specifications are used to state the
exact behavior of programs, so that design bugs can be eliminated.
Unfortunately, formal specifications are impractical or impossible for anything
but the shortest programs, because of problems of combinatorial explosion and indeterminacy
[disambiguation needed]. Programming language support Programming languages
often include features which help programmers prevent bugs, such as static type
systems, restricted name spaces and modular programming, among others. For
example, when a programmer writes (pseudo code) LET REAL_VALUE PI = "THREE
AND A BIT", although this may be syntactically correct, the code fails a
type check.
2.
A successful distributed denial-of-service attack requires downloading software
that turns unprotected computers into zombies under the control of the
malicious hacker. Should the owners of the zombie computers be fined as a means
of encouraging people to better safeguard their computers? Why or Why not?
Answer:
So,
why do you need security? There are several reasons:
To
prevent loss of data: You don’t want someone hacking into your system and
destroying the work done by your employees (and remember, the hacking doesn’t
have to be direct, it can be a computer virus, worm, or Trojan horse sent out
against random targets). Even if you have good back-ups, you still have to
identify that the data has been damaged (which can occur at a critical moment
when an employee has an immediate need for the damaged data), and then restore
the data as best you can from your backup systems. Downtime to fix damage costs
you money. A lesser example of this category is when the data isn’t completely
lost, but just partially corrupted.
To
prevent corruption of data: A lesser example of loss of data is when the
data isn’t completely lost, but just partially corrupted. This can be harder to
discover, because unlike complete destruction, there is still data. If the data
seems reasonable, you could go a long time before catching the problem, and
cascade failure (where failure in one system taakes down an adjoining system,
which in turn takes down another adjoining system) could result in serious
problems spreading far and wide through your systems before discovery. Tracking
down the initial problem could take substantial effort, delaying your ability
to restore your systems from backups (and complicating the back-up, because
some parts will be bad before other parts are).
To
prevent compromise of data: Sometimes it can be just as bad (or even worse)
to have data revealed than to have data destroyed. Imagine the consequences of
key trade secrets, corporate plans, financial data, etc. ending up in the hands
of your competitors. Or imagine sensitive personal data (such as pay records or
other employee records) becoming public.
To
prevent theft of data: Some kinds of data are subject to theft. An obvious
example is the list of credit card numbers belonging to your customers. Just
about anything associated with money can be stolen.
To
prevent sabotage: A disgruntled employee, an unscrupulous competitor, or
even a stranger with a mean streak could use any combination of the above
activities to maliciously harm your business. Because of the thought and
intent, this is the most dangerous kind of attack, the kind that has the
potential for the greatest harm to your business.
3. Do you believe that spam is
actually harmful? Why or why not?
Answer:
Yes!!! Spam can hurt people,
companies and the Internet. Here are three reasons why:
- Phishing: Spam emails are often used in order to engage in phishing - a practice in which links are used to collect personal information (financial data, social security numbers, account information) from unsuspecting users. That information can then be used for Identity Theft.
- Malware: Another harmful thing that spam emails often include is malware - computer viruses, spyware, and malicious programs that can silently infiltrate a user's computer and cause major problems. Simply by clicking on a link, you can expose yourself (and your computer) to harmful viruses that can affect the functioning of your computer.
- Loss of Productivity:While checking and deleting spam emails can be annoying, it is the time consumption and loss of productivity that really costs you.
4.
How ca installations of a firewall give an organization a false sense of
security?
Answer:
Firewalls
can be one of the most effective forms of computer security. In order to do
this, they need to be configured properly, by someone with intimate knowledge
both of the network and of computer security in general. Too many large
organizations will buy a firewall, have it installed, and leave it at that.
They feel that just because the firewall is "out there" that they
will be safe.
5.
Some IT security personnel believe that their organizations should always
employ whatever resources are necessary to capture and prosecute criminals. Do
you agree? Why or why not?
Answer:
In
today’s digital world, many organizations heavily rely on computers to run
their businesses efficiently every day. Without a good functioning of the
computer systems, these organizations wouldn’t be able to deliver goods and
services adequately. On large scale, the national or world economy would feel
the pain of the disruptions. Just imagine the impact of a disruption of
computers in a bank, at a school, at the airport or even in a
supermarket!
Each
organization must protect its major assets. There are no more valuable assets
for any organization than information and data stored in computers. Should
these assets be stolen, destroyed or mishandled, the organization will have
tremendous difficulties to survive or to be trusted by the public.
Consequently, anybody who would try to harm the organization through its computer
system should be dealt with in the most aggressive way.
Discussion Questions
1. There are some who
think that the techniques tools used in the Dark Web project could be used in a
way that could negatively affect our way of life. The executive director of the
Electronic Privacy Information Center, Marc Rotenberg fear "the very same
tools that can used to track terrorist can also be used to track political
opponents. " What are some negative ways such tools can be used against
U.S citizens? Do you think that this is reasonable fear?
Answer:
All tools and techniques are
really useful but it only depends on how the user uses it or handles it. Yes,
it is reasonable fear because we are all a user of technology in order o make
things possible but there is also a negative way that can also make other
people miserable because of this there some people using this for blackmailing
and other destructive intentions.
2. Identify three positive ways that this
technology could be used to improve the performance
organizations or to help us i our daily lives.
then you can easily uninstall it and try Norton antivirus software free version Norton support number in uk
ReplyDelete