Page 135 - DCAP306_DCAP511_E-COMMERCE_AND

Page 135 - DCAP306_DCAP511_E-COMMERCE_AND_E-BUSINESS

P. 135

E-Commerce and E-Business

11.1 Cyber Security

Individuals and groups engage in crime by utilizing the tools provided by Internet for the benefit of
people. It is extremely difficult to trace the criminals, and even when they are traced it is difficult to
prosecute the culprits due to lack of laws. The governments are gradually trying to regulate the Internet
through cyber laws. Law enforcement agencies are given the power to intercept online communications
to curb cybercrime.

The Regulation of Investigatory Powers Act in Britain gives law enforcement
agencies the power to intercept online communications. South Korea has blocked
access to gambling sites and Singapore has blocked access to pornography sites.

11.1.1 Cyber Attacks
A cyber threat is an intended or unintended illegal activity that could lead to unpredictable,
unintended, and adverse consequences on a cyberspace resource. Cyber attacks are classified as
network based and executable based attacks. Executable based attack happens when a program is
executed on a target computer system through either of the following ways:
1. Trojan: Trojan is a computer program with hidden and potentially malicious functions that evade
security mechanisms. They exploit authorizations of a system entity that invokes the program.
Trojans pretend to do one thing while actually they do something different. Modifying a normal
program to perform fraudulent activities in addition to its usual function is known as a Trojan
horse attack. An attacker accesses the source code of an editor program, modifies it to steal
someone’s files, compiles it and saves it in the victim’s computer. The next time the victim
executes the editor program, the intruder’s version gets executed. The editor apart from
performing its normal functions transmits the victim’s files to the attacker.

Dmsetup.exe and LOVE-LETTER-FOR-YOU.TXT.vbs are examples of Trojan
programs.
2. Virus: Virus attaches itself to a legitimate program with the intention of infecting other files. A
virus cannot run by itself. It requires a host program to get executed and to make it active. It is
hidden by nature and propagates by infecting a copy of itself into another program. A virus writer
first produces a new useful program, often a game, which contains the virus code hidden in it. The
game is then distributed to unsuspecting victims through the available networks. When the victim
starts the game program, it examines all the binary programs on the hard disk to see if they are
already infected. When an un-infected program is found, the virus program infects it by attaching
the virus code to the end of the file and makes the first instruction jump to the virus code. In
addition to infecting other programs a virus can also erase and modify files.

Polyboot.Band AntiEXE are boot viruses.

Virus Creates Cyber Threat

Caselet
A programmer was accused of unleashing a computer virus named Melissa from a stolen AOL
account. The programmer constructed the virus to evade anti-virus software and to infect computers
using Microsoft Windows and Word programs. The virus appeared on thousands of e-mail
systems on March 26, 1999 disguised as an important message from a colleague or friend. The virus
was designed to send an infected e-mail to the first 50 e-mail addresses on the address book of the
users’ Microsoft Outlook. Each infected computer would send out e-mails to 50 additional computers
which in turn would infect Contd…

128 LOVELY PROFESSIONAL UNIVERSITY

130 131 132 133 134 135 136 137 138 139 140