LearnTechNews.com Computers have grown to become the most common and important tools of usage in the current society; socially, scientifically, economically and professionally. This has however come with challenges and growing need for change with the advancing technology. As technology grows each day, practice of computer crimes and cybercrimes require that much more is done so to ensure security of information now and in the future.
Computer crime can be described as any crime that involves a computer and a network. A computer may have been used in the commission of a crime, or it may be the target. Criminals have discovered computer technology and they have resorted to investing heavily in the same. Cybercrimes on the other hand are defined as: “Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS)”. The problems caused by such crimes could as harmful as destabilizing a state’s security and the financial sector. Issues surrounding these types of crime have become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming. These crimes have also presented problems of privacy when classified information is lost or intercepted, lawfully or otherwise.
TYPES OF COMPUTER CRIMES
Malicious code: This includes a number of threats to cyber-security. In essence it could be any hardware, software or firm ware among others, that is knowingly included in a system for a harmful purpose. This is commonly referred to as malware and includes computer viruses, worms, Trojan horses Rootkits or any other software exploits.
Social engineering: This is the act of manipulating people into performing actions or divulging confidential information in a way that does not involve breaking in or using technical cracking techniques
Network attacks: This is any action taken to disrupt, deny, degrade or destroy information that resides in computer networks. The attack could come in form of a fabrication, interception, interruption, and modification.
Network abuse: these are generally fraudulent activity that is committed with the aid of a computer are. The most common forms of network abuse include SPAM.
CURRENT TRENDS FOR COMPUTER SECURITY
The need to have computers protected over time has resulted to various measures being taken to curb the ever changing challenges. There are a variety of different technical countermeasures that can be deployed to thwart cybercriminals and harden systems against attack. These include:
Firewalls: Firewalls, network or host based, are the first line of defense in securing a computer network by setting Access Control Lists (ACLs) determining which and what services and traffic can pass through the check point.
Antivirus: Antivivisectionist used to prevent and handle the propagation of malicious code. Commonly, computer viruses will exhibit, to a great extent, similar characteristics that would allow for signature based detection. Heuristics such as file analysis and file emulation are also used to identify and remove malicious programs. Virus definitions should be and have in the recent past been, updated regularly besides applying operating system hotfixes, service packs and patches to keep computers on a network secure.
Physical deterrents: such as locks, card access keys, or biometric devices have been used to prevent criminals from gaining physical access to a machine on a network. Strong password protection both for access to a computer system and the computer’s BIOS are also effective countermeasures to against cyber-criminals with physical access to a machine.
Cryptography techniques:these are commonly applied to encrypt information using algorithm to mask information in storage or in transit. According to Mica Owen, a technical homework writer at EssayMojo.com, “Tunneling takes a payload protocol such as Internet Protocol (IP) and summarize it in an encrypted delivery protocol over a Virtual Private Network (VPN), Secure Sockets Layer (SSL), Transport Layer Security (TLS), Point-to-Point Tunneling Protocol (PPTP), or Internet Protocol Security (IPSec) to ensure data security during transmission”.
Network vulnerability testing: These are performed by technicians or automated programs. It is used to test on a full-scale or targeted specifically to devices, systems and passwords used on a network to assess their level of security. Network monitoring tools are also used to detect intrusions or suspicious traffic both large and small networks.
Security by design: This is another approach to computer security. It is to consider security as one of the base features. Some of the techniques in this approach include:
The principle of least privilege, where each part of the system has only the privileges that are needed for its function, that way even if an attacker gains access to that part, they have only limited access to the whole system.
Default secure settings, and design to “fail secure” rather than “fail insecure”. Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.
Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
Hardware mechanisms that protect computers and data:
Hardware based or assisted computer security offers an alternative to software-only computer security. Devices such ascase intrusion detection, drive locks, or disabling USB ports, or CD ROM Drives may be considered more secure due to the physical access required in order to be compromised.
FUTURE TRENDS FOR COMPUTER SECURITY
The ever changing technology requires that each day is faced a new. The future promise to revolutionize the computer world and this comes with its challenges. A renewed focus on layered security and detection across the entire threat lifecycle, not just the point of initial entry, is likely to be a significant theme in the coming years. The following trends will factor into the computer security landscape in the prospective future:
Basic web server mistakes: there has been an increase in SQL injection hacks of web servers and databases to steal large volumes of user names and passwords .With the uptick in these kinds of credential-based extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment
Advanced techniques:Enterprises will look towards this for establishing and maintaining their trusted identities on cyber space. This will include federated identity management in complex hybrid cloud environments, context aware authentication particularly in business scenarios related to mobile and social computing, and next generation biometrics-based authentication systems in mission-critical applications.
Active cyber defense measures:There will be widespread use of active cyber defense measures, especially in government. Active defense takes on another level of sophistication by automatically shutting down threats based on pre-defined business rules. This approach allows an organization to stop an attack before it causes damage to their infrastructure or ex-filtrates data from their network.
Data cloaking:In line with the current trend towards zero-trust security models, we expect organizations will look to new tools and techniques to hide their sensitive data, even from inside their own organizations, so that only trusted communities of interest can gain visibility and access to data where needed. This will be implemented not only within the corporate network, but out to external cloud and mobile environments as a key strategy to protect against today have advanced threats.
Computer crime is part of us and grows with us as our technology grows. This requires that each time we are celebrating new growth in computer technology we should be preparing ourselves equally to deal with the crimes that arise hereby. The future promises great developments in terms of cyber technology and this comes along with advanced security threats. Corrective and immediate appropriate steps should be put into consideration so as to deal with the same immediately they come. Cybercrime weakens economies by a big margin and this is the more the reason we should tirelessly work to tame it.