Ian Carnaghan

Pfleeger (2005) reminds us that modern cyber-criminals can often be individuals that are difficult to detect.  They “wear business suits, have university degrees, and appear to be pillars of their communities.”  In addition to this, because of the wide spread accessibility to the internet and communications, it makes it easier for these criminals to operate in groups spread across the …

“Eighteen people were charged in what may be one of the nation’s largest credit card fraud rings, a sprawling international scam that duped credit-rating agencies and used thousands of fake identities to steal at least $200 million, federal authorities said Tuesday.”

According to SANS (2009) attacks against websites and web applications constitute more than 60% of total attacks observed on the internet.  The risk of attack is generally based on the probability that a threat of some kind will exploit a vulnerability or weakness in a system or network.  In recent years risks have been taken more seriously with many businesses …

Bosworth et al (2009) stress the importance of formality that should be adopted when creating an ethics policy.  They emphasize that clear documentation, clear motivation, clear sanctions, and clear management support at every level, including the top, are all important pieces of an effective policy. 

There is no doubt that E-Government provides conveniences today that many take for granted, however there is an underlying cost for these services.  First of all, government sites are attractive targets for malicious activities, whether or not this involves deliberate disruption of service, or the stealing of sensitive information for profit. 

In a paper that discussed various cyber-crimes throughout the years carried out by juveniles, Radnofsky (2006) points us to the seriousness of these types of threats.  The paper discusses the importance of changing cyber-culture through education and points to education through safety, security and ethics. 

Computer applications are constantly evolving; while web based systems continue to grow in complexity.  It is essential that these systems are properly secured both at the server level as well as at the code or application level, therefore Information Systems audit standards, more specifically focused on application and development measures provide some of the most useful valuable information at an …

Underlying vulnerabilities in mobile device software has also opened up the door to potential security breaches.  In an article describing mobile application security flaws, (Westervelt, 2010) wrote that it was discovered that many mobile application security vulnerabilities were similar to those found in early web applications.

The Mandiant report: APT1: Exposing One of China’s Cyber Espionage Units, has stirred up a lot of media attention over the past few weeks.  The report was originally released to show evidence that a specific Chinese military unit has been behind many major Advanced Persistent Threats (APTs) within the United States. 

In their paper on understanding risks associated with hackers/crackers, (Smith, & Rupp 2002) discuss the various types of classification hackers have been placed into by different authors over the years.