(1) Bacalah tiga kasus berikut ini, gunakan fraud triangle untuk menentukan

sebab terjadinya cyber fraud tersebut. Kemudian tentukan tipe cyber crime apa
yang terjadi dan bagaimanakah sebaiknya tindakan keamanan yang dapat
dilakukan untuk mencegah kejadian tersebut terulangi. Jawaban akan
didiskusikan di dalam kelas. Dilarang mendiskusikan jawaban sebelum dibahas di
dalam kelas.
Hacker Puts Hospital Records and Patients at Risk. Jesse William McGraw
worked as a night security guard at Northern Central Medical Plaza in Dallas
where he essentially had free run of the building.
While working, McGraw gained physical access to more than 10 of the hospital's
computers, including those located in a nurses' station and controlling the
heating, ventilation and air conditioning (HVAC) systems. He enabled the
computers to be accessed remotely and removed certain security features (for
example, by uninstalling anti-virus programs), which made the entire network
more vulnerable to attack. McGraw also installed malicious codes, or "bots," on
several computers.
But McGraw wasn't merely content to perform these criminal activities. Using the
online nickname "GhostExodus," he posted pictures on the Internet of the
compromised HVAC system and videos on YouTube. With the theme song from
"Mission Impossible" playing in the background, McGraw described his hacking
efforts step-by-step and showed how he inserted the CD that enabled him to
bypass security protection. Subsequently, the FBI found the CD in McGraw's
home and located the source code for the bot on his laptop.
The objective: At trial, McGraw admitted that he intended to use the bots and the
compromised computer system to launch attacks on Web sites of rival hacker
groups.
By hacking into the HVAC computer, McGraw knew that the building's
temperature could be moderated, which might have an adverse effect on the
medical conditions of some patients as well as temperature-sensitive drugs and
supplies. Furthermore, opening up the nurses' station computer to remote access
could expose patient records. Although McGraw claims that he did not touch
patient records -- and the government has no proof to the contrary -- gaining
administrator access to the computers could have enabled him to review or
modify records.
In March 2011, he was sentenced to nine years in prison for installing malware
on the facilities' computers. He was also ordered to pay over $31,000 in
restitution and will have to serve three years of supervised release following his
prison term. (U.S. v. McGraw, U.S. District Court
Northern District of Texas)

Computer Programmer Steals Valuable, Proprietary Code. A former

computer programmer at Goldman Sachs & Co. was sentenced in March 2011 to
97 months in prison for theft of trade secrets and interstate transportation of
stolen property.
For just over two years, Sergey Aleynikov was employed at Goldman Sachs as a
computer programmer responsible for developing computer programs supporting
the firm's high-frequency trading on various commodities and equities markets.
Since acquiring the system in 1999 for approximately $500 million, Goldman
Sachs modified and maintained it and took significant measures to protect the
confidentiality of its computer programs. The company's trading system
generated millions of dollars per year in profits and the firm took several
measures to protect the system's source code, including requiring all Goldman
employees to agree to a confidentiality agreement.
Aleynikov resigned from Goldman Sachs and accepted a job at Teza Technologies,
a newly-formed company in Chicago, Ill. He was hired to develop Teza's version
of a computer platform that would allow the company to engage in highfrequency trading.
Shortly after 5 p.m. on his last day of employment, Aleynikov transferred
substantial portions of the Goldman Sachs' proprietary computer code for its
trading platform to an outside computer server in Germany. He encrypted the
files and transferred them over the Internet without informing Goldman Sachs.
After transferring the files, he deleted the program he used to encrypt them and
deleted his computer's "bash history," which records the most recent commands
executed on his computer.
In addition, throughout his employment at Goldman Sachs, Aleynikov transferred
thousands of computer code files related to the firm's proprietary trading
program from the firm's computers to his home computers, without the
knowledge or authorization of his employer.
On July 2, 2009, Aleynikov flew to Chicago to attend meetings at Teza's offices,
bringing with him his laptop computer and another storage device, each of which
contained Goldman Sachs' proprietary source code. He was arrested the next
day.
During the sentencing proceeding, U.S. District Court Judge Denise L. Cote said
Aleynikov's conduct deserved "a significant sentence because the scope of his
theft was audacious -- motivated solely by greed, and it was characterized by
supreme disloyalty to his employer." (U.S. v. Aleynikov, U.S. District Court,
Southern District of New York)

Research Scientist Sells Trade Secrets to Chinese Companies. A federal

jury convicted a former Dow Chemical Company employee of stealing trade
secrets and selling them to companies in China, as well as committing perjury.
According to the evidence presented in court in early 2011, Wen Chyu Liu (also
known as David Liou) came to the United States from China for graduate work.
He began working for Dow in 1965 and retired in 1992. Dow is a leading producer
of the elastomeric polymer, chlorinated polyethylene (CPE). Dow's Tyrin CPE is
used in a number of applications worldwide, such as automotive and industrial
hoses, electrical cable jackets and vinyl siding.
While employed at Dow, Liu worked on various aspects of the development and
manufacture of Dow elastomers. He had access to trade secrets and confidential
and proprietary information pertaining to Dow's Tyrin CPE process and product
technology. The evidence at trial established that Liu conspired with at least four
current and former employees at Dow's facilities to misappropriate trade secrets
in an effort to develop and market CPE process design packages to various
Chinese companies.
Liu traveled throughout China to market the stolen information, and court
evidence showed that he paid current and former Dow employees for material
and information. In one instance, Liu bribed a then-employee with $50,000 in
cash to provide Dow's process manual and other CPE-related information.
"American industries thrive on innovation and they invest substantial resources
in developing new products and technology," said Assistant Attorney General
Lanny A. Breuer. "We will not allow individuals to steal the technology and
products that U.S. companies have invested years of time and considerable
money to create." (U.S. v. Liu, U.S. District Court, Middle District of Louisiana)
(2) Pelajari pertanyaan-pertanyaan berikut ini dan berikan opini masing-masing
untuk didiskusikan di dalam kelas.
What types of ATM Fraud that have happened in Indonesia?
Explain each in details.
Which do you think is responsible for each fraud? Human or Systems?
What solutions can you think to prevent this from happening?

In 2009, Permata Bank became a victim of cyber crime.

Explain in details of what happened.
What type of cyber crime was it?
Which do you think is responsible for what happened, Human or System?

What solutions can you think to prevent this from happening?

Go to facebook and twitter, read the term and condition and privacy policy.
Please let us know of what their privacy, security and ethics policy.
What are the implications for users?
How do you feel of using facebook and twitter now?