Orensic accounting Class Forum Discussion Board
Hello, I need two responses to my class memberas weekly discussion forum for my Forensic Accounting and Fraud Examination class. Thank you!
What methods do Hackers use to invade computer systems?
Hackers mostly use a?roguea? computer software applications to penetrate computer systems. Some of the methods that hackers use include trojan horse viruses, data leakage, and logic bombs. A trojan horse virus replaces instructions in a program which causes that program to perform unauthorized functions. Data leakage is the removing of information by smuggling it out of an organization as part of a printed document, disguising, or hiding the information and removing it from the facility. Logic bombs are computer programs that can be executed when specific time or event occurs. For example, In February 2000, Tony Xiaotong, indicted before a grand jury, was accused of planting a logic bomb during his employment as a programmer and securities trader at Deutsche Morgan Grenfell. The bomb, planted in 1996, had a trigger date of July 20, 2000, but was discovered by other programmers in the company. It was supposed to have the company lose millions of dollars. Removing and cleaning up after the bomb allegedly took several months.
What is the difference between computer fraud and computer crime?
There is a difference between computer fraud and computer crime. These terms are often used interchangeably with little distinction made between them although substantial differences between them exist.
A general definition of computer fraud is:
Any defalcation, fraud, financial crime or embezzlement accomplished by tampering with computer programs, data files, operations, equipment, or media, and resulting in losses sustained by the organization whose computer system was manipulated. Basically, computer fraud is the use of computer systems to perpetrate a fraud.
The distinguishing characteristic of computer fraud is that access occurs with the intent to defraud.
In many cases, the computer has replaced manual records, and the fraudulent input document has been substituted by manipulating data held in a computer system. This manipulation does not need to be sophisticated. The erosion of clearly segregated duties in different locations to people in the same office with different user ID and passwords on the same PC means that a forged payment instruction may be approved simply by logging on to a computer with a stolen supervisors logon.
At the other extreme, the use of the Internet and e-mail with Snifferprograms to capture users passwords and credit card details can only exist because of the global explosion in the use of networked computers.
About half of reported frauds are committed by insiders who have authorized access to the computer system. When investigating cases of potential computer fraud, it is vital to establish the system of the organizations authorization procedures.
Computer crime is defined as an act where the computer hardware, software, or data is altered, destroyed, manipulated, or compromised due to acts that are not intended.
Computer crime differs from computer fraud in several ways. Employees who as a part of their normal duties have access to the computers are deemed to have authorized access and thus do not come under the law against access. Manipulation (alteration) or destruction of data (including computer software) is independent of fraudulent or other schemes. Such action does not fit into the normal vandalism crimes because the data is intangible.