Computer Fraud

computing device FraudT take on 1(6.c)Importance and Effectiveness of Legal Regulation in data processor FraudIntroductionIn todays world due to the advancement in the modern technology there has been al shipway problem arising related with reckoners curiously ready reckoner fraud misuse. People who atomic numeral 18 using estimators argon deceived in many ways like program fraud, system hacking, email hoax, auction, retail sales, investment funds schemes, cultivation hacking, virus/worm attacks and people claiming to be experts on discipline areas. Anyone who uses the nurture processing system with an internet connection is a potential quarterdidate for being a victim of computer fraud. The computer fraud commit is increasing every day as the internet usage among the people increases, approximately of the people are using the computers and internet for a good cause moreover there are some people who are intention whollyy using the computers to bring kill some organizations or business firms or to get peoples personal information. But due to the implementation of current legal regulations in each and every handle the crime people started to get tracked down and are punished under the Computer Misuse Act, which may ultimately reduce the number of computer fraud rate in the future.BackgroundOver the past decades the amount of financial, military and intelligence information, business info and personal information is stored on and convey by computers has increased by tremendous growth. All the major sectors like government and military operations entirely depend upon computers / internet for their reach work pop out and entropy transmission. The information which is stored and transmitted via internet allow be vulnerable to attack from any unk at one timen source almost every organization has been affected in some way due to the computer fraud. The British National Computer Centre reported that more than 80% of British organization s suffered trade trade protection flagellum in the last two years 5, most of the investigation revealed that the computer fraud occurred involves unauthorised gravel to computers via the internet. The current growth in the technology nominate that inwardly a decade it will be possible for every person in the world to access all the information network including the security measures defence data and government departments personal information but it is in the hand of the people to learn sure that they do non misuse the ready(prenominal) information. Other than the increase in the number of computer users, there will be as well increase in the number of computers per person. Each person will own and connect to hundreds of computers for information processing through network environment. In thefuture all the people will use computers in home appliances, phones, televisions, offices and automobiles all these computers share the information to optimize the use of resources an d to provide convenience in daily life which might result in a threat for computer fraud.In this context we will discuss nearly the detailed term of* Computer fraud* Causes for computer fraud* Types of computer fraud/attacks* Basic ways to prevent computer fraud apart from legal regulation.* Importance / Effectiveness of the legal regulation in computer fraud.Computer FraudBasically computer fraud is defined as taking control access ineligiblely or stealing information without another(prenominal)s knowledge, computer fraud can take come in any form it includes fraud committed by an employee of a company using the computer to steal funds or information from the work company, whereas some people use deception to gain access to individual resources. Therefore the suit and the method carried out to do the computer fraud commute from people to people depending upon the need to do it.Causes for computer fraudMost of the computer fraud is through for the main purpose of gaining mone y either by stealing the needed information from big organizations/firms or directly stealing funds from big organizations/firms. There are few people who are not concerned about the money or information but they wanted to bring down the fame of the organization/firm so they reveal all the secrets of the specific organization and few people like hackers does the computer fraud/crime moreover for a fun.Types of computer fraudComputer fraud can be classified into many types depending upon the fraud committed but the major categorisations of fraud are mentioned below. All the computer crime/fraud taking place now a day comes under these main categories.o Internet auction/Bid sales fraudo Retail saleso investing schemeso Identity thefto Phisingo Credit poster fraudo Information hackingo Email hoaxo computer virus/Worm attacko Letter scamo Ad wareAll these types of computer frauds are caused mainly due to the advancement in the technology and crime is still growing around the world.B asic ways to prevent computer fraud apart from legal regulationThe most beta thing to do to prevent computer fraud is to be alert to the scams that are circulated over the internet so that it suffices to safeguard the system and the information stored within the system, there are some basic rules to be followed in order to prevent the system from computer fraudo Users should be awake of not to publish any of their personal details on the sacksites or forums.o The organization/firms should not broadcast much of their business details on the internet.o Organizations/firms should ensure that they follow security policies, and procedures.o People working at homes or organization should ensure that before sending any personal information on the net should check for valid signatures.Internet auction/bid sales fraudo Understand the way how the auction/bidding plant on the internet, think what is the need for the seller to sell it.o Check out what will be enactmentions taken by the on line seller if something goes wrong during consummation and shipment.o Try to find more information about the seller if the only information you hold is the business email id, check the Better course Bureau where the seller/business is locatedo Examine the sellers feedback on previous sales, if the seller has good history and good feedback on previous sales then there is no need to worry about the purchase.o Determine what method of payment the seller is asking for during the transaction.o Be aware of the difference in law of natures governing auctions between the U.K. and other countries like U.S, China. If a problem occurs with the auction transaction that has the seller in one country and a buyer in another country, it might result in a dubious outcome leaving you empty handed.o Be sure to ask the seller about when delivery can be expected and warranty/exchange information for the product.o To avoid unexpected costs, find out whether rapture and delivery cost are included in the auction price or are additional.o Finally, avoid giving out your social security or drivers license number to the seller, as the sellers have no need for this information.Credit Card Fraudo Do not give out credit card number online unless the site is both prepare and reputable. Sometimes a tiny icon of a padlock appears to symbolize a higher(prenominal) level of security to transmit data. The icon is not a guarantee of a ready site, but may provide you some assurance.o in advance using the site, check out the security computer software it uses make sure your information will be protected.o Make sure you are purchase product from a reputable/legitimate source. Once again investigate the person or company before purchasing products.o Try to fix a physical address rather than merely a post office box and a phone number, call the seller to see if the number is correct and working.o Send them e-mail to see if they have an active e-mail address and be cautious about the sellers who use free e-mail service where a credit card was not required to open the account.o Do not purchase from sellers who will not provide you with this type of information.o Check with the Better Business Bureau to see if there have been any complaints against the seller before.o Check out other web sites regarding this person/company details.o Be cautious when responding to special offers.o Be cautious when dealing with individuals/companies from outside your own country.o If you are expiration to purchase an item via the Internet, use a credit card since you can often dispute the charges if something does go wrong.o Make sure the transaction is ensure when you electronically send your credit card somewhere.o You should keep a list of all your credit cards and account information along with the card issuers contact information. If anything looks suspicious or you lose your credit card contact the card issuer immediately.Investment Fraudo Do not invest in anything based on appeara nces. Just because an individual or company has a flashy web site does not mean it is legitimate. Web sites can be created in just a few days. After a short period of taking money, a site can vanish without a trace.o Do not invest in anything you are not absolutely sure about. Thoroughly investigate the individual or company to ensure that they are legitimate.o Check out other web sites regarding this person/company.o Be cautious when responding to special investment offers inquire about all the cost and conditions dealing with the investors and the investment.Importance of the legal regulation in computer fraudAfter all the basic discussion about the concepts and the causes of computer fraud, we are divergence to discuss about the legal regulation issues related with the computer fraud which tells how the legal regulations prevent or reduce the increasing computer fraud rate in todays developing world of technology, Most of the law reform is achieved by modifying and extending ex isting law to cope with new situations rather than by the introduction of completely new legislation.This can sometimes make it difficult to find a single place where the whole of an area of law is clearly set out. The Computer Misuse Act was enacted in 1990 and it remains the primary piece of UK legislation focusing on the misuse of computer systems. It covers computer frauds such as hacking and the reflect spread of viruses and was created to prevent unauthorized access or qualifying of computer systems and to prevent criminal elements from using a computer to assist in the foreign mission of a criminal offence or from impairing or hindering access to data stored in a computer. In 2004, MPs specifically, the All-Party Internet Group (APIG) began a review of the CMA, on the basis that this legislation was created before the emergence of the Internet and therefore required updating 5. The Act was seen to focus too much on individual computers and not enough on computer networks . In addition some of the definitions used in the 1990 Act need updating. The final report adumbrate several recommendations to the government for changes to the CMA. In March 2005, APIG called for amendments to the CMA to address the threat from denial of service attacks.The Computer Misuse Act was passed in 1990 to deal with the problem of hacking/other threats of computer systems. In the early days hacking/other computer fraud related issues was not taken very seriously by the law and the motion picture was that it is mischievous rather than something which causes serious loss to organizations. However, with developments in technology the issue has become more serious and legislation was introduced to recognize three key offenceso unauthorised access to computer material, Example Finding or guessing someones password and then using that to get into a computer system and have a look at the information.o Unauthorized access with intent to commit but offences. The key to this of fence is the addition of intent to commit further offences. It therefore includes guessing or stealing a password and using that to access material or services without the consent of the owner.o Unauthorized modification of computer material. This could include deleting files, changing the desktop set-up or introducing viruses with the deliberate intent to impair the operation of a computer.Effectiveness of legal regulation in computer fraud ( Conclusion)All the above mentioned computer fraud issues was not taken seriously until the legal regulation was make properly, and due to the implementation of legal law of Computer Misuse Act, the effectiveness caused a tremendous change by punishing all the illegal users of the computer system. Below example shows the consequence for an Unauthorized Access to system.Incident Unauthorized Access to Communications SystemsProvision Computer Misuse Act Section 1Description Cause a computer to perform any function with the intention of securin g access to any program or data held in a computer, if this access is unauthorized and if this is known at the time of causing the computer to perform the function.Sanction A fine and/or a term of imprison housement not exceeding 6 months was sentenced for the illegal user.Total number of words in the Task1 report 2500Signed Task 2(2)Do legal developments in law relating to Software copyright and Patents help or harm the cause of information system securityInformation system security acts as the protection of information system against unauthorized access or modification of existing information whether in warehousing, processing or transit stage. The information system ensures to safeguard all the stored information. Information security covers not just information but the entire infrastructures that facilitate access and use of information. The primary concern to organizations is the security of valuable information which can be anything from a saying to a customer list or org anizations valuable information to financial statements. Three widely accepted elements of information system security areo Confidentiality Ensuring information is only accessed by authorized users.o Integrity Safeguarding the accuracy and completeness of information.o Availability To ensure that authorized user have secure access to information when required.Law relating to Software Copyright and PatentsIn early 1970s there was a debate concerning about whether there is a need to make a copyright for the softwares or not, but later on it was decided that all the developed software needed to be copyrighted and if needed it can also be conspicuoused under the UK Copyright, Design and Patents Act 1988. The UK law for copyright and patent helped the organizations from misuse of their developed softwares/concepts. Some organizations try to steal the concepts/ split of work out from developed software of other organization and try to utilize them in their developing software product . But due to the software copyright and patent law, all the leading software organizations like Microsoft started to make copyright for their parts of developed code, so that no other organizations can use their part of code for developing other applications, this helped most of the organizations to develop a unique software product.Legal requirement for Information SecurityKeeping valuable information secure is not only a matter of good organization practice it is also a legal requirement. Since 1999 in UK and most parts of the world, there is a statutory obligation on all organizations to maintain minimum levels of security. Organizations that fail to meet the minimum security requirements may face enforcement action by the UK governing body via the Information Commissioners Office. Enforcement action can take any form and the Information Commissioners powers are not limited. Organizations that want to be relatively safe can demand to implement BS7799 2, that is a voluntary stan dard which helps to ensure that sensitive information is handled by an organization in a professional and secure manner, it can done by making the organization to classify the sensitivity of information and to provide necessary control access to it.Legal developments in laws relating to software copyright and patents help the information system security (Conclusion)As discussed earlier, the main work of information system security is to provide a secure environment for the information storage and processing, in the past decades when there was no legal laws for software copyright and patents, hackers used to break the information system and get the needed information/softwares they are not really afraid of anything because there was not any law stating that taking/hacking the softwares/information was a crime which caused a big problem for the software developing organizations but now due to the development of legal laws if a person tries to hack the information system security, he c an be sentenced to prison due to the current state of law. So the development of the legal laws relating to software copyright and patents did help the information system security to make a secure environment.Total number of words in the Task2 report 500Signed Task 3(4)Evaluate the proposition that data protection laws are an unnecessary substance on legitimate popular and commercial data collectionThe Data protection Act was originally started on 1984 but later the existing act was replaced by the new Data Protection Act of 1998DPA 1998, the new act of 1998 implemented the EU Data protection Directive 95/46 3. The DPA relates to the protection of personal information that includes names, email addresses, financial details, personal documents and photographs. Personal information is everywhere and because it is generally impossible to separate personal information from other organizations information, most observers agree that the security standards required by the Data Protec tion Act are the minimum that must be applied to organization IT Systems as a whole. The security of information is so important to most organizations that, regardless of what the law require, organizations generally implement levels of security that are as high as budgets and technology.Data Protection Act of 1998Personal Data SecurityThe main legal requirements are set out in Principle 7 of the Data Protection Act 1998 says that all organizations must take Appropriate technical and organizational measures against unauthorized or unlawful use and against accidental loss, damage or destruction, of information. 4Today, all computerized processing of personal data, structured manual records, and even some unstructured manual records are subject to provisions of the DPA 1998, including the right of the individual to access the data which is held about them. Together with the Freedom of Information Act 2000 (FOIA 2000), the DPA 1998 has forced a re-think of organizations good practice i n personal data handling, new approaches to records management and made organizations consider more carefully their obligations to those whose data they hold. The FOIA 2000 extends the rights of the individual to access their data which had already existed under the DPA 1998. The definition of data is widened, as far as public authorities are concerned to include all other recorded information held by a public trust. However, there are limits to the data subject rights that apply to this additional category of data.A request by an individual for information about him or herself is exempt under the FOIA 2000 and should be handled as a subject access request under the DPA 1998. In certain circumstances such a request may involve the release of associated information in which case the provisions of sections 7(4) and (5) of the DPA 1998 should be used to determine whether it is appropriate to release the deuce-ace party information. Where an applicant specifically requests information about a third party or where responding to a request for information would involve the disclosure of personal information about a third party which is not also personal information about the applicant, the request falls within the remit of the FOIA 2000. However, the authority must apply the Data Protection Principles when considering the disclosure of information relating to individuals. An authority must not release third party information if to do so would mean breaching one of the Principles.ConclusionEven though the DPA secures the users personal information/data, there are some problems/burden exist for the legitimate users/public facing the Data Protection Act, according to DPA there is no exemption for back-up of data/information. In practice it will be unlikely that a data subject want access to data back-up and there is nothing to prevent a controller confirming that a data subject wishes to access only the most recent records. The back-up data which provides that automat ed data processed to replace other data which has been lost, destroyed or impaired are exempt from section 7 during the first transitional period ending on 23 October 2001 but this is not a general exemption for back-up data in the traditional sense.Total number of words in the Task3 report 500Signed Bibliographyo Andrew Terrett., The Internet, Business Strategies for Law firms, (2000, Law Society, London)o Bobbie Johnson., UK computer laws are ridiculous, April 30, http//technology.guardian.co.uk/news/story/0,,1763989,00.htmlo Computer Fraud and its Acts, April 30, http//www.itwales.com/999573.htmo Concepts of Patent work, May 1, http//www.patent.gov.uk/about/consultations/conclusions.htmo Data protection effect on senior management, May 2, http//www.jisc.ac.uk/index.cfm?name=pub_smbp_dpa1998o Data protection law, The key change, May 1, http//webjcli.ncl.ac.uk/1998/issue4/widdis4.htmlo David Icove. and Karl Seger, Computer Crime, (1995, OReilly Associates, USA)o David S. Wall., Cyberspace Crime, (2003, Darmouth Publishing Company , Hants, England)o Douglas Thomas. and Brian Loader, Cyber crime, (2000, Routledge publication , London)o Facts on copyright, May 1, http//www.intellectual-property.gov.uk/faq/copyright/what.htmo Fraud law reforms, April 30, http//www.bcs.org/server.php?show=conWebDoc.1149o Fraud Tips, April 30, http//www.fraud.org/internet/intset.htmo Hacking and other computer crime, April 30, http//www.met.police.uk/computercrime/SO6o Ian Lloyd., Information Technology Law, (1997, Reed Elsevier Ltd, Halsbury, London)o Joshua Rozenberg., Privacy and the Press, (2005, Oxford university press Inc , USA)o Michael Levi., Regulating Fraud, (1987, Tavistock publication , London)o bracing laws for computer fraud, April 30, http//www.thisismoney.co.uk/news/article.html?in_article_id=400895in_page_id=2o Summary of Intellectual property rights, May 1, http//www.copyrightservice.co.uk/copyright/intellectual_propertyo Susan Singleton., Data protection The New Law, (1998, Jordans Publication , Bristol)o UK Data protection laws are chaotic, May 2, http//www.theregister.co.uk/2004/11/17/data_protection_laws_chaotic/