Question: Title: Computer and Internet Crime

Business managers, IT professional, and IT users face a number of ethical decisions regarding IT security, such as determining which information systems and data most need protection, how much effort and money to spend implementing safeguards against computer crime, whether to pursue prosecution of computer criminals at all costs or maintain a low profile to avoid negative publicity, what actions to take if their firm produces defective software that allows hackers to attack customers' data and computers, what tactics management should ask employees to take in gathering competitive intelligence, and what should be done if recommended computer security safeguards make life more difficult for customers and employees, resulting in lost sales and increased costs.

Perpetrators include hackers who want to test the limits of a system, crackers who want to cause system problems, insiders who are seeking financial gain or revenge, industrial spies trying to gain a competitive advantage, cybercriminals looking for financial gain, and cyberterrorists seeking to cause destruction to bring attention to their cause. Each type perpetrator has access to varying resources and is willing to accept different levels of risk to accomplish the objective. Knowing the profile of each set of likely attackers is the first step toward establishing effective countermeasures.

A strong security program begins with an assessment of threats to the organization's computers and network. This assessment identifies actions that must be taken to address the most serious vulnerabilities. Educating users to the risks involved and the actions they must take to prevent a security incident is a key part of any successful security program.

The IT group must lead the effort to implement security policies and procedures, along with hardware and software tools, to help prevent security breaches. No security system is perfect, so systems and procedures must also be monitored to evaluate their effectiveness.

If an intrusion occurs, there must be a clear response plan that addresses notification, protection of evidence and security logs, containment, eradication, and follow-up. Knowledge gained from a security incident should be used to prevent or lessen the negative effects of a future incident.

The increasing complexity of the computing environment, higher user expectations, expanding and changing systems, and increased reliance on software with known vulnerabilities led to a 65-fold increase in the number of reported IT security incidents from 1997 to 2003.

Would you say that cyberterrorism is a serious threat? Why or why not?