A salami attack is one in which the attacker commits

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: relatively comfortable and at ease. If exhibits are going to be shown to the suspect, they should be shown one at a time, and otherwise kept in a folder. It is not necessary to read a person their rights before questioning unless law enforcement officers do the interrogation. ch10.indd 902 12/4/2009 11:39:13 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 Chapter 10: Legal, Regulations, Compliance, and Investigations 903 What the interrogators do not want to happen during an interrogation is to be deceived by the suspect, to relinquish important information pertaining to the investigation, or to have the suspect flee before a trial date is set. A Few Different Attack Types Several categories of computer crimes can be committed and different methods exist to commit those crimes. The following sections go over some of the types of computer fraud and abuses. Salami I will take a little bit of your salami, and another little bit of your salami, and a bit more of your salami, and no one will ever notice. A salami attack is one in which the attacker commits several small crimes with the hope that the overall larger crime will go unnoticed. Salami attacks usually take place in the accounting departments of companies, and the most common example of a salami attack involves subtracting a small amount of funds from many accounts with the hope that such an insignificant amount would be overlooked. For example, a bank employee may alter a banking software program to subtract 5 cents from each of the bank’s customers’ accounts once a month and move this amount to the employee’s bank account. If this happened to all of the bank’s 50,000 customer accounts, the intruder could make up to $30,000 a year. Data Diddling Can I just diddle the data a little? Response: Nope, it’s illegal. Data diddling refers to the alteration of existing data. Many times, this modification happens before the data is entered into an application or as soon as it completes processin...
View Full Document

This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.

Ask a homework question - tutors are online