Pertemuan 7 Computer Crime MK Etika Profesi Pertemuan 7 Computer Crime
Definition Computer Crime : An illegal act that involves a computer system or computer related system like any mobile device microwave, satellite or other telecommunication systems that connect one or more computers or computer related systems
Definisi Kegiatan penggunaan komputer untuk melakukan tindakan ilegal Hak pengaksesan komputer Contoh : mencuri waktu pada komputer perusahaan, membobol situs web pemerintah, pencurian informasi kartu kredit
Example Intrusions into public packet networks Network integrity violations(pelanggaran) Privacy violations Industrial or financial espionage Pirated computer software Computer-aided fraud Internet/e-mail abuse(penyalahgunaan) Using computers technology to commit murder, terrorism, pornography and many others
Siapa yang berkomitmen melakukan kejahatan komputer?
Kejahatan Komputer Jenis-jenis kejahatan komputer : Data diddling : manipulasi atau pemalsuan data Salami slicing : bagian program yang memotong sebagian kecil dari nilai transaksi yang besar dan mengumpulkan-nya dalam suatu periode tertentu Phreaking : making free long distance calls Cloning : penyalahgunaan telpon selular menggunakan scanner
Kejahatan Komputer Jenis-jenis kejahatan komputer : Carding : pencurian nomor kartu kredit secara online Piggybacking : pencurian nomor kartu kredit dengan memata-matai Social enggineering : menipu pegawai untuk mendapatkan akses Dumper diving : pencarian informasi pribadi di bak sampah Spoofing : pencurian password melalui pemalsuan halaman login
Kejahatan Komputer Virus Komputer dan Kode yang merusak Virus – program yang bersifat merusak yang mengganggu fungsi normal sistem komputer Jenis-jenis : Worm : biasanya tidak merusak file; mampu memperbanyak diri Trojan horses : kegiatan tak terdeteksi; tidak memperbanyak diri Logic bomb atau time bombs : sejenis Trojan Horse yang aktif setelah dipicu oleh suatu kejadian atau setelah selang waktu tertentu
Computer resources target Hardware (computers, printers, servers, communication media) Software (application, systems program, system backup, special program) Data in storage, transition or undergoing modification
History of Computer Crimes Computer virus : a self propagating computer program designed to alter or destroy a computer system’s resources. It attaches to software, grows, reproduces many times & spread in the new environment. Attacks system weakening capacity bringing the system down Hacking : computer attack technique utilizes the internetworking between computers and communication devices.
History of Computer Crimes Mid 1980 : 414 club in San Francisco started series of attacks via a Stanford University computer 1984: first hacker magazines launched 1988: a Cornel graduate student created a computer virus that crashed 6.000 computers and shutdown the internet for two days 1991: michelangelo virus crashed computers on March 6,1992. 1995: Kevin Mitnick arrested by the FBI on charges of computer fraud by stealing thousands credit card access End of 20th century Y2K bug http://www.kaskus.co.id/thread/512aafee48ba54af36000003/y2k-millenium-bug-bencana-internet-dunia/ Masalah millenium bug Y2K pendapat Onno W.Purbo Y2K Bug adalah Masalah Tahun 2000 atau lebih dikenal dengan singkatan Inggrisnya Y2K (Year 2 Kilo) adalah kesalahan perhitungan oleh komputer yang disebabkan oleh sistem penyimpanan tanggal yang hanya menyediakan dua digit untuk tahun, dengan asumsi bahwa kedua digit pertama adalah “19″. Hal ini dilakukan di tahun 60-an ketika komputer pertama dirancang untuk menghemat media penyimpan, tapi ketika tahun baru 2000 tiba, komputer dapat menunjukkan tanggal yang berubah dari 31 Desember 1999 ke 1 Januari 1900.
Major Types of Computer System Attack Penetration Breaking into a computer system using known vulnerabilities to gain access to a cyberspace resource Source: insider, hackers, criminal group, hacktivism Denial of Service (DDoS) Diminishing the system’s ability to function. Capable of bringing system down without destroying its resources Aim to exhaust the network bandwidth, router processing capacity, breaking down the network Example: ip spoofing, syn flooding, smurfing, buffer overflow, sequence number sniffing
Motives Political Activism Vendetta Joke/Hoax The Hackers ethics https://www.maxmanroe.com/inilah-4-kelompok-black-hat-hacker-yang-paling-ditakuti-di-dunia.html Joke/Hoax The Hackers ethics Terrorism Political Espionage Business Espionage Hate Game/Fun
Cost & Social Consequences Cybercrime growing because of: Rapid technology growth Easy availability of hacker tools Anonymity Cut and paste programming technology Communication speed High degree of internetworking Increasing dependency on computers
Mengapa Kejahatan Komputer Semakin Meningkat? Aplikasi bisnis berbasis TI dan jaringan komputer meningkat online banking, e-commerce, Electronic data Interchange (EDI). Desentralisasi server. Transisi dari single vendor ke multi vendor. Meningkatnya kemampuan pemakai (user). Kesulitan penegak hokum dan belum adanya ketentuan yang pasti. Semakin kompleksnya system yang digunakan, semakin besarnya source code program yang digunakan. Berhubungan dengan internet.
Prevention Strategies Three entities involved: The computer as a tool The criminal The innocent victim
Protect the computer Physical protection Procedural and operational protection Antivirus Protection
Anticipate the criminal Pass computer Crime Prevention laws Enforcement of Criminal Laws Moral education
Monitor the innocent victim Personal policies Monitor employee activities Change security password regularly Establish rules Educate
Keamanan Komputer Merupakan tindakan pencegahan yang diambil untuk menjaga komputer dan informasi yang ada di dalam nya tetap aman dari pengaksesan yang tidak berhak
Keamanan Komputer Pengamanan yang disarankan : Terapkan rencana pengamanan untuk mencegah pembobolan Miliki rencana jika pembobolan terjadi Buatlah backup Hanya ijinkan akses untuk pegawai tertentu Ubah password secara teratur Jagalah informasi yang tersimpan dengan aman Gunakan software antivirus Gunakan biometrik untuk mengakses sumberdaya komputasi Rekrut tenaga kerja/pegawa yang bisa dipercaya
Case: Kevin David Mitnick August 63 – Born At 12 – by pass the punch card system used in the Los Angeles bus system At 16 - He broke into DEC's computer network and copied their software, a crime he was charged with and convicted of in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voice mail computers. Mitnick fled, becoming a fugitive for two and a half years. Mitnick gained unauthorized access to dozens of computer network. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country's largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mail. Mitnick was apprehended on February 15, 1995 in Raleigh, North Carolina.[4] He was found with cloned cellular phones, more than 100 clone cellular phone codes, and multiple pieces of false identification
The FBI arrested Mitnick on February 15, 1995, on federal offenses related to a 2½-year period of computer hacking.[6] In 1999, Mitnick confessed to four counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication. He was sentenced to 46 months in prison plus 22 months for violating the terms of his 1989 supervised release sentence for computer fraud. He admitted to violating the terms of supervised release by hacking into PacBell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Lewis De Payne. Mitnick served five years in prison — four and a half years pre-trial and eight months in solitary confinement — because, law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistling into a pay phone“ [8] He was released on January 21, 2000.
During his supervised release, which ended on January 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. Mitnick fought this decision in court, eventually winning a ruling in his favor, allowing him to access the Internet. Mitnick now runs Mitnick Security Consulting LLC, a computer security consultancy.
http://www.bbc.com/indonesia/majalah/2015/07/150709_majalah_finnish_hacker http://www.liputan6.com/tag/cybercrime
Referensi Heru Priyanto, S.T.,MBA, “Materi Kuliah Computer Crime”