This preview shows page 1. Sign up to view the full content.
Unformatted text preview: twenty-first century.
Many companies are doing business across state lines and in different countries. This
brings even more challenges when it comes to who has to follow what laws. Different
states can interpret the same law differently or they have their own set of laws. One
country may not consider a particular action against the law at all, whereas another
country may determine that the same action demands five years in prison. One of the
complexities in these issues is jurisdiction. If a hacker from another country steals a
bunch of credit card numbers from a U.S. financial institution and he is caught, a U.S.
court would want to prosecute him. His homeland may not see this issue as illegal at all
or have laws restricting such activities. Although the attackers are not restricted or hampered by country borders, the laws are restricted to borders in many cases.
Despite all of this confusion, companies do have some clear-cut responsibilities
pertaining to computer security issues and specifics on how companies are expected to
prevent, detect, and report crimes. ch10.indd 846 12/4/2009 11:39:05 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 Chapter 10: Legal, Regulations, Compliance, and Investigations 847 The Crux of Computer Crime Laws
Computer crime laws (sometimes referred to as cyberlaw) around the world deal with
some of the core issues: unauthorized modification or destruction, discloser of sensitive information, unauthorized access, and the use of malware (malicious software).
Although we usually only think of the victims and their systems that were attacked
during a crime, laws have been created to combat three categories of crimes. A computerassisted crime is where a computer was used as a tool to help carry out a crime. A computer-targeted crime concerns incidents where a computer was the victim of an attack
crafted to harm it (and its owners) specifically. The last type of crime is where a computer is not necessarily the attacker or the attackee, but just happened to be involved
when a crime w...
View Full Document
This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.
- Fall '12