Escolar Documentos
Profissional Documentos
Cultura Documentos
sebab terjadinya cyber fraud tersebut. Kemudian tentukan tipe cyber crime apa
yang terjadi dan bagaimanakah sebaiknya tindakan keamanan yang dapat
dilakukan untuk mencegah kejadian tersebut terulangi. Jawaban akan
didiskusikan di dalam kelas. Dilarang mendiskusikan jawaban sebelum dibahas di
dalam kelas.
Hacker Puts Hospital Records and Patients at Risk. Jesse William McGraw
worked as a night security guard at Northern Central Medical Plaza in Dallas
where he essentially had free run of the building.
While working, McGraw gained physical access to more than 10 of the hospital's
computers, including those located in a nurses' station and controlling the
heating, ventilation and air conditioning (HVAC) systems. He enabled the
computers to be accessed remotely and removed certain security features (for
example, by uninstalling anti-virus programs), which made the entire network
more vulnerable to attack. McGraw also installed malicious codes, or "bots," on
several computers.
But McGraw wasn't merely content to perform these criminal activities. Using the
online nickname "GhostExodus," he posted pictures on the Internet of the
compromised HVAC system and videos on YouTube. With the theme song from
"Mission Impossible" playing in the background, McGraw described his hacking
efforts step-by-step and showed how he inserted the CD that enabled him to
bypass security protection. Subsequently, the FBI found the CD in McGraw's
home and located the source code for the bot on his laptop.
The objective: At trial, McGraw admitted that he intended to use the bots and the
compromised computer system to launch attacks on Web sites of rival hacker
groups.
By hacking into the HVAC computer, McGraw knew that the building's
temperature could be moderated, which might have an adverse effect on the
medical conditions of some patients as well as temperature-sensitive drugs and
supplies. Furthermore, opening up the nurses' station computer to remote access
could expose patient records. Although McGraw claims that he did not touch
patient records -- and the government has no proof to the contrary -- gaining
administrator access to the computers could have enabled him to review or
modify records.
In March 2011, he was sentenced to nine years in prison for installing malware
on the facilities' computers. He was also ordered to pay over $31,000 in
restitution and will have to serve three years of supervised release following his
prison term. (U.S. v. McGraw, U.S. District Court
Northern District of Texas)
Go to facebook and twitter, read the term and condition and privacy policy.
Please let us know of what their privacy, security and ethics policy.
What are the implications for users?
How do you feel of using facebook and twitter now?