This preview shows page 1. Sign up to view the full content.
Unformatted text preview: g that must be protected. All
these complexities aid the bad guys, but what if we throw in the complexity of attacks
taking place between different countries? Do You Trust Your Neighbor?
Because an attacker must have access to the systems that hold the wanted resources, it is usually easier for insiders than outsiders to access resources that companies fight to protect. In this sense, employees present a greater potential for computer crimes than outsiders trying to get in. Many statistics and security professionals have indeed indicated that employees cause more security breaches and
computer fraud than outside attackers, but the media usually only touts stories
about external hackers and crackers. Therefore, fighting off that group of people
receives more attention and effort than fighting the threat of employees taking
advantage of their position and access. ch10.indd 853 12/4/2009 11:39:06 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 CISSP All-in-One Exam Guide 854
If a hacker in Ukraine attacked a bank in France, whose legal jurisdiction is that? How
do these countries work together to identify the criminal and carry out justice? Which
country is required to track down the criminal? And which country should take this
person to court? Well, we don’t really know. We are still working this stuff out.
When computer crime crosses international boundaries, the complexity of such issues shoots up exponentially, and the chances of the criminal being brought to any
court decreases. This is because different countries have different legal systems, some
countries have no laws pertaining to computer crime, jurisdiction disputes may erupt,
and some governments may not want to play nice with each other. For example, if
someone in Iran attacked a system in Israel, do you think the Iranian government would
help Israel track down the attacker? What if someone in North Korea attacked a military
system in the U.S.? Do you think these two countries would work together to find the
hacker? Maybe or maybe not—or perhaps the attack was carried out by their specific
View Full Document
This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.
- Fall '12