Computer Crime and Security Essay Example | Topics and Well Written Essays - 1500 words

Computer Crime and Security - Essay ExampleLater investigations revealed that it was an insider incident, involved the theft of subsequent selling of patients credit measure numbers, and that the activities emanates from the Call Centre. Having provided you with a general overview of the stead, I pass on now explain its potential and actual consequences, summarize the results of the post-mortem and clarify both lessons learnt and future action.In ordinance conduct related to the use of estimators, the United States government currently defines a computer as an electronic, optical, electrochemical, or other high-speed data processing braid performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such a device (United States Computer Fraud and Abuse Act (e)(l), 1984, cited in Kipper, 2007, p. 194). This definition accounts for the way in which IT has fused data stor age, deliberation and telecommunications technologies and in so doing, touches upon the potential of both the computing and telecommunications technologies to violate the integrity and confidentiality of the stored data. The United States Department Of Commerce (2000) highlighted this threat in its report on the proliferation of computer use and internet access, not just in the United States but, across the world. As the greater majority of corporations, both in the United States and worldwide, are relying on IT for data storage and processing, increased popular access to IT renders corporate systems vulnerable to unauthorized penetration and the associate accessing of private and confidential data (U.S. Department of Commerce, 2000). while it is the responsibility of corporate entities to ensure the securitization of their networks, absolute inviolability is practically impossible to achieve. It is, thus, that recent years have witnessed the ever-increasing adoption of computers in the commission of crimes of fraud and theft (Power, 2000). Our caller has recently fallen victim to one such incident.3Incident OverviewOn January 16th, 2008, a periodic review of our IT activities logs evidenced a string of bizarre activities. Almost 10,000 patient files had been accessed and the data they contained had been transferred to an external medium, possibly an external hard drive. The IT department had no record of authorizing any individual this level of access and, indeed, at that place was no legitimate justification for the access of 10,000 patient files. The incident was terribly worrisome as these files contain sensitive data such as patients kindly security, insurance and credit card numbers, not to mention home and place of employment addresses and contact information. The IT department immediately contacted the Legal Department and appraised its Director of the situation who, in turn, contacted law enforcement and did the same. 4Post MortemAfter reporting the incident to the Legal Department and law enforcement officials, the IT department launched an intensive post mortem investigation. The investigation, which followed standard procedures which will be described shortly, had several objectives. These were the identification of the source, as in whether it was an insider or outsider incident