COMPUTER CRIMES, SECURITY

& LAW
COMPUTER CRIMES,
SECURITY & LAW
• Computer Crime
• Data security
• Security threats
• Computer virus
• Worms
• Personal computer security
• Backup of data
• Antivirus
• Data Protection Legislation
• Data Protection in Pakistan
• Intellectual Property
 COMPUTER CRIME

• A type of crime in which a computer is either the target or the tool for
an illegal activity is called computer crime.
• A type of crime that refers to an illegal act involving the internet is
called cyber crime.
• It usually involves stealing, using or selling someone else’s data.
 COMPUTER CRIME: COMPUTER
CRIMINALS
• Computer criminals are the persons who commit computer crimes.
• Different type of computer criminals are
• Hacker
• Script Kiddie
• Corporate Spy
• Unethical Employee
• Cyber Extortionist
• Cyber Terrorist
 METHODS USED BY COMPUTER
CRIMINALS
• Bomb: It is a program that triggers under certain conditions. It is
usually activated at a certain date.
• Denial of Service: It slows down a computer system or network. It
floods a computer or network with requests for information or data. The
server under attack receives so many requests that it can not respond to
legitimate user. Most common targets re internet service providers
(ISPs).
 METHODS USED BY COMPUTER
CRIMINALS
• Piggybacking: It is a process of entering the system by riding on the
back of an authorized user. It occurs when an authorized user does not
log off the system properly. An illegal user may continue where original
user left.
• Salami Technique: It is a process of getting a small amount of money
illegally from a large financial system.
 METHODS USED BY COMPUTER
CRIMINALS
• Scavenging: It is a process of searching company’s trash can s to find
useful information. The thieves search garbage and recycling bins of
individuals to find bank account numbers and credit card numbers etc.
• Trap Door: It is an illegitimate program that is left within a completely
legitimate program. It allows subsequent entry by unauthorized user in
the system.
• Zapping: The zapping software is designed to bypass all security
systems.
 SECURITY

• Security is a system that is used to protect a computer system and data.

• It protects from intentional or accidental damage or access by
unauthorized persons.
• With the help of a security system, a computer can detect whether the
user is authorized or not.
 DATA SECURITY

• Protection of data is called data security.

• Data stored in computer can be lost accidentally or someone can
damage it can be lost completely or partially.
• Data is more valuable and important than computer itself, so it should
be saved in such a way that it may not be lost or damaged.
• It is very important to protect data from illegal and unauthorized access.
 SECURITY THREATS

• Computer security threat can be a computer program or a person that

violates computer security.
• It may cause stealing or loss of data.
• It may also affect working of computer
 SECURITY THREATS

• Hacker:
• A person who accesses a computer, network and its resources illegally is
known as hacker.
• Hackers are computer experts and user their computer knowledge for
negative purpose.
• Hackers may steal
• Information of clients or customers.
• Credit card details
• Passwords to access computers illegally
• Email passwords to use email account without user’s knowledge
 SECURITY THREATS

• Hardware Theft and Vandalism:

• Hardware theft is a process of stealing the hardware equipment such as
hard disk or monitor.
• Hardware vandalism is the process of defacing the hardware equipment,
e.g. an employee in an organization may damage the keyboard and cut the
wires etc.
 SECURITY THREATS

• Software Theft:
• Software theft means that a person can steal software media, erase
software program or copy it without permission

• Information Theft:
• Information theft is a process of stealing personal or confidential
information.
• The stolen information can further be used for illegal activities e.g.
stealing credit card details and use it for online shopping.
 SECURITY THREATS

• System failure:
• System failure is an important security threat and it occurs when the
system does not function properly for longer time.
• System failure may further cause loss of data, software and hardware.
• It occurs due to various reasons
• Obsolete hardware
• Natural disaster such as flood, fire or storm
• Fluctuation in power supply
 COMPUTER VIRUS

• A computer virus is a program that may disturb the normal working of

a computer system.
• Virus attaches itself to files stored in flash drives, email attachments
and hard disk.
• A file containing a virus is called an infected file and when it is copied
to a computer, virus is also copied to the computer.
 COMPUTER VIRUS

• Computer viruses can not damage hardware but they can cause many
damages to computer system.
• A computer virus can
• Damage data or software
• Delete some or all of the files
• Destroy all data by formatting hard disk
• Display a false message every few times.
 COMPUTER VIRUS: CAUSES

• A virus is spread on different computers due to following reasons

• Infected flash drives or disks
• Email attachments
• Insecure websites
• Networks
• Pirated software
COMPUTER VIRUS: PROTECTION

• A computer system can b protected from viruses by following these

precautions
• Install latest anti-virus
• Upgrade antivirus regularly
• Scan flash drive before use
• Do not open junk or unknown emails
• Do not install pirated software
• Freeware and shareware software normally contain viruses, so check the
software before using it.
 WORMS

• A worm is a program that copies itself repeatedly in memory or disk

until no space is left there and computer may stop working in this
situation.
• Worms spreads from one computer to another computer through
networks.
• Some examples of worms are SQL Slammer, The Blaster Worm, One-
Half and cascade.
 PERSONAL COMPUTER
SECURITY
• Avoid extreme conditions: The computer system should not be placed
in extreme conditions, it should be safe from direct sun, rain and
extreme temperature.
• Avoid virus: Antivirus software must be installed on the computer and
must be updated regularly.
 PERSONAL COMPUTER
SECURITY
• Firewall:
• A firewall is a set combination of hardware and software that prevents
unauthorized access to a network.
• It works between an organization’s internal network and the internet.
• It protects data, information and storage media from unauthorized access.
• It can also be used to stop internal users from accessing certain sites.
 PERSONAL COMPUTER
SECURITY
• Passwords:
• Password is a secret word that is used to protect a computer system or
program.
• The user has to type the password to access the computer system, therefore
the system can be accessed only by the person who knows the password.
• So the computer and the data stored on it will be safe and protected.
 PERSONAL COMPUTER
SECURITY
• Encryption:
• Encryption is a process of encoding data so that only authorized user may
understand and use it.
• Some strong encryption should be used to protect important files.

• Backup:
• An additional copy of data or information stored on secondary storage
media is called backup.
• It is very important to take backup of data regularly and store it at a safe
and protected place.
 BACKUP OF DATA

• An additional copy of data or information stored on secondary storage

media is called the backup of data.
• The common media for backup are USB flash drives, magnetic tape,
CD and external hard disk.
 BACKUP OF DATA: PURPOSE

• An important file can be deleted accidentally.

• The user may overwrite a part or whole of an existing file.
• A mechanical failure in the computer may result in loss of data.
• A virus may damage the data.
• The computer system may be damaged due to fire or power failure.
 BACKUP OF DATA: TYPES

• Two ways to take the backup of data are

• Complete backup
• Incremental backup

• Complete backup is the backup of all data on the hard disk.

• Advantage of this backup is that entire hard disk is backed-up and
whole data can be restored.
• It takes more time and storage capacity.
 BACKUP OF DATA: TYPES

• Incremental backup creates a copy of only the data that is newly created
or modified since the last backup.
• This process is performed automatically in some software.
• In this type, entire disk is not copied so it takes less time and space.
 ANTIVIRUS

• Antivirus software is used to detect and remove viruses, worms and

adware etc.
• It contains information about different known viruses.
• It runs in the background all the time and alerts the computer user when
any virus is detected.
• Some examples are McAfee, AVG, Kaspersky and NOD32.
 ANTIVIRUS: MCAFEE

• McAfee is an American organization that has developed an antivirus

program called McAfee VirusScan.
• McAfee
• Automatically detects and removes viruses
• Block adware before it installs on computer
• Remove existing adware
• Protects computer from hackers
• Can also check emails for viruses.
 ANTIVIRUS: AVG

• AVG stands for Antivirus Guard and is an antivirus program developed

by AVG Technologies.
• It protects computer from latest viruses, worms and other threats.
• The AVG Free Edition is also available that can be downloaded,
however it does not provide full protection.
 ANTIVIRUS

• The antivirus software should be managed properly to detect and

remove viruses, worms and adware from the computer system.
• Many new viruses are created and spread continuously.
• The antivirus software must be updated regularly in order to protect the
computer properly.
 DATA PROTECTION
LEGISLATION
• The data protection legislation defines the laws that ensure data
protection.
• Many countries have defined data protection legislation which is based
on same basic principles
• The purpose of keeping personal data must be clearly defined by that
organization that obtains the data.
• The individual about whom data is collected must be informed about the
identity of the organization or individual that collects data.
 DATA PROTECTION
LEGISLATION
• Some important privacy acts are
• 1980 Privacy Act prohibits agents of federal government from making
unannounced searches of press office.
• 1984 Cable Communication Policy Act restricts cable companies in
the collection and sharing of information about their customers. It was
the first legislation to regulate the use of information processed on
computer.
 DATA PROTECTION
LEGISLATION
• Data Protection Act 1984 protects an individual from unauthorized
use and disclosure of personal information stored on computer.
• It consists of following eight principles
• The data should be processed fairly and lawfully and may not be processed
unless the data controller can satisfy one of the conditions for processing
set out in the Act.
• Data should be obtained only for specified and lawful purposes.
• Data should be adequate, relevant and not excessive.
 DATA PROTECTION
LEGISLATION
• Data should be accurate and, where necessary, kept up to date.
• Data should not be kept longer than is necessary for the purposes for which it is
processed.
• Data should be processed in accordance with the rights of the data subject under the
Act.
• Appropriate technical and organisational measures should be taken against
unauthorised or unlawful processing of personal data and against accidental loss or
destruction of, or damage to, personal data.
• Data should not be transferred to a country or territory outside the European Economic
Area unless that country or territory ensures an adequate level of protection for the
rights and freedoms of data subjects in relation to the processing of personal data.
DATA PROTECTION IN PAKISTAN

“PERSONAL DATA PROTECTION

BILL
2018”
PERSONAL DATA PROTECTION
BILL 2018
• A new Personal Data Protection Bill 2018 Draft (the “Bill”) has been
proposed by the Ministry of Information Technology and
Telecommunication (“MOITT”) of Pakistan.
• With this Bill, Pakistan will the wave of new data protection laws that
have been drafted or passed since Europe’s General Data Protection
Regulation (GDPR).
PERSONAL DATA PROTECTION
BILL 2018
• A new enforcement body, the National Commission for Personal Data
Protection (NCPDP), will be established under the Bill.
• NCPDP will receive and decide complaints from individuals, as well as
engage, support, guide, facilitate, train and persuade data controllers,
data processors to ensure protection of personal data.
• The current draft of the Bill has 25 pages with requirements and
individual rights similar to the GDPR.
 INTELLECTUAL PROPERTY

• Intellectual property is the unique and original works such as ideas,

inventions, writings and logos etc.
• Intellectual property rights are such rights which are given to persons
who are the authors or creators of the new and original literary and
artistic works such as books, articles , other writings ,paintings ,
musical compositions, sculpture , films and computer programs by
application of their creativity process and intellect.
 INTELLECTUAL PROPERTY

• Intellectual property rights are given to such individuals to compensate

for their efforts during such creative process and their investments.
• These rights are given for a certain period of time and after which
general public have the right to freely benefit from them in their benefit
and use.
 INTELLECTUAL PROPERTY
• The term intellectual property, covers the following
aspects in the relevant categories namely:
• Copyright: literary, artistic and scientific works covering books, journals,
magazines, written articles etc. 
• Trademarks: trademarks, merchandise marks, service marks, commercial
names and designations like logos.
 INTELLECTUAL PROPERTY

• Patents: inventions like a new form of airplane engine, a floor cleaner, etc.
• Designs: it includes the shape of a bottle, machine, model of luxury car or
any other product, etc.