Hackers

1. Introduction
The incredibly fast development of the Internet has brought many benefits both to
consumers and businesses.
However, it has also provided criminals or misguided individuals with great opportunities
for crime or 'mischief'.
The Internet is not only used by innocent members of the public, but also by fraudulent
traders, software pirates, hackers and con-artists, to name but a few.
You have probably heard of "hackers" who nearly started World War III (or was that the
film WarGames?) or others who gave themselves massive pay rises. Or how about the
'Love Bug' virus that crippled many multinational companies' e-mail systems? These are
just some of the problems that networked computers can bring!
This mini website concentrates on hacking. To find out more, use the links on the left to
navigate through the pages.

2. What is a hacker?
A hacker is a person who breaks codes and passwords to gain unauthorised entry to
computer systems. More>
Hackers can do an enormous amount of damage if they break into a computer system.
For some people, the challenge of breaking the codes is irresistible and so precautions
have to be taken.
Stand-alone computers are usually safe as there is no connection for the hackers to break
into. Computers which form part of networks or those with external links, such as attached
modems, are in danger from hackers.
Many hackers often don't intend to cause damage or steal data, they just enjoy the
challenge of breaking into a system. However, in some instances the hacker's purpose
could be to commit fraud, to steal valuable data or to damage or delete the data in order to
harm the company.
It might be hard to believe, but most hacking is carried out by employees with a grudge or
those who want to 'make a quick buck'. They have insider knowledge of passwords and
User IDs which makes it easy for them.
Note on the word "hacker":
For at least 20 years this description has been criticised by the 'true' hacker, who feels
they should be known as a 'cracker'

3. Data Theft
Data is often the most valuable resource any business has. The cost of creating data
again from scratch can far outweigh the cost of any hardware or programs lost.

Loss of data from hacking can have various consequences.

It can affect a business

It can affect personal data
It may compromise data privacy

4. Physically protecting systems

Businesses can use a range of physical methods to protect their systems and data.
Some of these include:
- Keeping important computers such as servers or mainframes in locked rooms
- Posting security guards
- Security locks, smart cards
- Keeping sensitive data on stand-alone machines instead of networks
- Using alarm systems and video cameras

5. Using software to protect systems

A business can also use software to help protect their systems.
Some of these methods include:
- Data encryption - data is 'scrambled' before being transmitted through a network. Only
the authorised recipient has the 'key'.
- Firewalls - software to block access from outside (and to prevent data being sent out in
some cases)
- Activity or Audit logs - to track who has been doing what on the system
- User IDs and Passwords
- Access rights

6. Legislation
Hacking, computer fraud and computer viruses are all relatively new crimes that
established English laws were not designed to deal with. For example, under existing laws
a hacker could only be prosecuted for the theft of electricity.
To deal with these new crimes, a law was introduced in 1990 called 'The Computer
Misuse Act'
Under this law, the following offences could be dealt with:
1. Hacking - unauthorised access to any program or data held in a computer. Penalty is a
maximum fine of 2000 and a six month prison sentence.
2. Computer fraud and blackmail. Penalty is an unlimited fine and a maximum five year
prison sentence.
3. Viruses - unauthorised modification of the contents of a computer, impairing the
operation of any program or reliability of data. Penalty is an unlimited fine and a maximum
five year prison sentence.

MALICIOUS SOFTWARE
1. Introduction
Computer Virus - this is a phrase coined from biology to describe a piece of software that
behaves very much like a real virus (only it spreads from computer to computer rather than
people!).
The following pages will introduce you to what a computer virus is and what can be done
to deal with them.
Use the menu on the left-hand side to navigate through the pages.

2. What is a virus?
A Computer Virus is a software program that is designed to copy itself over and over again
and to attach itself to other programs.
In the early days of personal computing (1980's) some of the people who created viruses
had a certain misplaced sense of humour. For example, there was a virus that caused all
the characters on screen to drop into a heap at the bottom of the display. Very annoying,
but relatively harmless.
However, quite soon some really nasty versions came out that were deliberately designed
to corrupt and delete your files as well as trying to copy itself everywhere.
Viruses can cause an immense amount of time wasting and financial loss for people and
businesses. For example, the "Melissa" virus was so effective in spreading itself that many
huge corporations had to shut down their email systems until the virus could be contained.
It is important to understand that viruses do NOT damage the hardware. They affect the
data and programs stored on your computer.

3. How do they spread?

The most common way of getting computer viruses these days are:

email attachments
infected web pages
downloading a file from a web page
Another way is to load an infected file into your computer from some kind of storage
device:

memory stick
CD/DVD
Note: The CD and DVD products from reputable companies are extremely unlikely to
contain a virus. It is the personal 'burned' ones that are a potential problem.
It is also possible to pick up a computer virus through what is known as 'peer to peer' file
sharing networks. These are internet networks that are used by people to share files

amongst each other.

There is often no immediate evidence that your computer has been infected with a virus
and you might be unaware of it for a while until it causes something to go wrong.
Basically a virus is spread by allowing it to run (technical term: "execute") on your
computer, so any executable file or computer program can contain a virus.

4. How can they be removed?

As computer viruses became more of a menace, companies began to develop software to
detect and remove them. These were named 'anti-virus software'.
There are a number of anti-virus programs available for wiping out viruses for example
Norton, McAfee and Sophos.
When the anti-virus software recognises a virus pattern, it will alert the user, and ask them
whether they want to remove the virus and clean the system, or whether they simply want
to 'quarantine' the virus.
New and more damaging viruses are being written all the time and so to keep up with
these new threats, the anti-virus companies provide constant updates to their software.
Normally, you log on to the internet and the software will update itself either automatically
or after a certain period set by you.
There is usually a small annual fee involved for this service, but it is a small price to pay for
peace of mind.
The screen below is a typical anti-virus management screen, it shows the date of the last
update, whether you want it to update itself automatically and it also shows when you last
carried out a full virus scan.
However, there is a small disadvantage to using anti-virus software. Installing new
software can become very awkward as the anti-virus software 'thinks' that there is a virus
at large as the new software installs itself into various directories and system areas. This
is why installation routines often advise that anti-virus software be switched off during
installation.

5. Preventing infection
Viruses can be prevented by taking sensible precautions including:
- Using anti-virus software to scan your system daily or weekly
- Scanning all incoming e-mails
- Not opening attachments from people that you don't know (or attachments which look
suspicious)
- Unless you are using a reputable site, not clicking on web site offers which look too good
to be true, for example 'download this amazing game for free'
- Use special filtering software to prevent automatic downloads of computer programs
- Not allowing people to load applications or use floppy disks/memory sticks on your

system
- Not using software that has been copied
- Backing up your system regularly so you can recover your data with clean copies

6. Trojans
As the internet has grown and millions of people are online, so has the development of
other types of software pests such as 'Trojan software'
A Trojan is an application that appears to do something useful such as a computer game
(which is why you loaded it on to your computer in the first place) but quietly, behind the
scenes it is doing something with ill-intent.
A trojan may:-

Log all your keystrokes and then send the details to a remote
computer / server. Used to capture your passwords
Allow someone else to take control of your computer whilst you are
online.
Capture screen shots and send them to a remote computer, once
again with the intent of obtaining confidential information such as
financial screen shots.

7. Other pests
Worms

These are a bit like a computer virus but they spread on their own through computer
networks. Their biggest problem is the sheer amount of computer time and bandwidth they
soak up, so making the network slow to a crawl.

Adware / Spyware

These are programs designed to keep track of which adverts you click on and then they
send specific adverts to your browser. Fairly harmless but annoying and hard to get rid of.

8. Legislation
It is against the law to distribute a virus to others.
The law which covers this area is called The Computer Misuse Act (1990). It also covers
various computer crimes such as Hacking, computer fraud as well as the deliberate spread
of viruses.
This law specifies a virus as: 'unauthorised modification of the contents of a computer,
impairing the operation of any program or reliability of data'.
Anyone caught distributing viruses knowingly faces an unlimited fine and up to a five year
prison sentence.

Online crime
1. Introduction
Where there are ways to make money, there will be criminals just waiting to take
advantage.
The growth of the Internet has provided criminals with a whole host of different methods to
try to relieve you of your hard earned cash.
Computer crime is defined as 'criminal activity directly related to the use of computers'. It
could be done in order to:

steal money
steal data or information
steal someone's identity
damage or disrupt someone's system for revenge
cause general havoc for fun
copy software / films / music to avoid paying for it.
Use the menu on the left to work your way through the pages and find out a little bit more
about computer crime.

2. Theft of money
Commerce on the Internet is mainly paid for through the use of credit cards, either
personal or corporate credit cards.
Therefore thieves have been very active in obtaining stolen credit card details to purchase
goods and services over the Internet. This type of crime runs to millions of pounds per
year.
Until recently credit card numbers were printed on supermarket receipts etc, but you may
have noticed that many businesses only print part of the number now. This has been done
to make it harder to steal vital details.
On-line companies can now also check that the address for delivery is the same as the
true credit card owner, making it harder for the thief to use the stolen card.

3. Theft of data
Data / Information is often the most valuable commodity any business has. The cost of
creating data again from scratch can far outweigh the cost of any hardware or programs
lost. Loss of data can have various consequences, some of which can be seen below.
Data can be stolen either by physical theft of hardware, or through unauthorised access to
the system e.g. hacking.

4. Fraud
Fraud means trying to trick someone in order to gain an advantage.
For your GCSE course, we are mainly concerned with fraud which takes place using ICT.
There are a number of other cases where computer fraud can be committed in order to
make some kind of financial gain. Some of the most common forms of computer fraud
include:

Posing as someone from an official organisation such as a bank or

electricity company in order to get you to hand over your account
details.
Creating 'spoof' websites that look like the real thing. For example,
making a website that looks exactly like your bank's, then getting you to
enter your user name and password so that they can be recorded by
the fraudster.
Promising a 'get rich quick' scheme if you pay for a pack, which will
supposedly contain all of the details that you need.
Phishing - sending e-mails to get you to give over your personal or
account details or getting you to download a data keylogger
Stealing your identity in order to pose as you to steal your money or
some other criminal activity.

5. Piracy
Copying software, music or film DVDs is called 'software piracy'.
I bet most of us have copied a game to give to a mate or have heard a cool track and
downloaded it from the Internet for free.
Although you don't think you are causing anyone any harm, in fact you are!
Every piece of software, music CD or film DVD that you copy, or get a copy of, means that
the developers are losing the profit from that item.
'Who cares, they are rich enough' I hear you say.
Well, once you have finished that computer game and you want another one to play, you
will expect it to be there for you to buy or get a copy again from your mate.
By not paying for the item in the first place, the company will have less profit to reinvest in
making the next one that you will want to get your hands on.
Not only does piracy mean that the companies have less profit, it also means that there
are fewer jobs as they try to keep their costs down.
It has been estimated that if piracy could be cut by just 10%, then an extra 40,000 jobs
could be created in the IT industry.

6. Viruses
We hear so much about computer viruses, but what are they really?
A computer virus is a software program that can make copies of itself, that can cause mild

or serious damage to data or programs stored on your computer.

Some viruses can be very harmful and automatically send copies of themselves to every
person in your e-mail address book, without your knowledge.
You can get a virus by running an infected file on your computer. The virus will then copy
and attach itself to hundreds of files you always have on your computer. These include
your data files and the essential system files. This makes it very difficult to remove
Viruses can be sent to you via e-mail attachments. They can be hidden in spreadsheet or
word documents. They can also be unwittingly downloaded from Internet sites that carry
pirated music and movie files.
Viruses can be prevented by taking sensible precautions, including:

Using a commercial anti-virus software to scan your system daily

Update the scanning software regularly
Not allowing people to load unknown files on to your system
Not opening suspicious emails or attachments from strangers.
Avoiding software from unreliable sources

7. Hackers
A hacker is a person who breaks codes and passwords to gain unauthorised entry to
computer systems. (Some would say that this refers to a 'cracker')
Hackers / Crackers can do an enormous amount of damage if they break into a computer
system.
For some people, the challenge of breaking the codes is irresistible and so precautions
have to be taken.
Stand-alone computers are usually safe as there is no connection for the hackers to break
into. Computers which form part of networks or those with external links, such as attached
modems, are in danger from hackers.
Many hackers often have no specific fraudulent intent, but just enjoy the challenge of
breaking into a system. However, in some instances the hacker's purpose could be to
commit fraud, to steal commercially valuable data or to damage or delete the data in order
to harm the company. It is often carried out by corrupt employees or employees with a
grudge. They may have insider knowledge of passwords and User IDs which makes it
easy for them.
The extent of hacking is difficult to assess, much of it is only discovered by accident.

8. Protecting yourself
Businesses can use a range of physical methods to protect their systems and data. Some
of these include:

Keeping important computers such as servers or mainframes in locked

rooms
Posting security guards
Security locks, smart cards
Keeping sensitive data on stand-alone machines instead of networks
Using alarm systems and video cameras
Education of users
not to tell anyone else their user names and passwords
to choose sensible passwords
to change passwords regularly
The business can also use software to help protect their systems. Some of these methods
include:
Data encryption - data is 'scrambled' before being transmitted through a network. Only the
authorised recipient has the 'key'.
Firewalls - software to block access from outside (and to prevent data being sent out in
some cases)
Activity logs, passwords and levels of security.

9. Legislation
To deal with crimes such as hacking, computer fraud and viruses, legislation was passed
1990 called 'The Computer Misuse Act'.
Under this law, the following offences could be dealt with:
1. Hacking - unauthorised access to any program or data held in a computer. Penalty is a
maximum fine of 2000 and a six month prison sentence.
2. Computer fraud and blackmail. Penalty is an unlimited fine and a maximum five year
prison sentence.
3. Viruses - unauthorised modification of the contents of a computer, impairing the
operation of any program or reliability of data. Penalty is an unlimited fine and a maximum
five year prison sentence.

Computer Misuse Act

You need to be familiar with the following ideas about data and computer misuse: that data
stored electronically is easier to misuse; that softwareshould not be copied without permission;
the consequences of softwarepiracy; that hacking can lead to corruption of data, either
accidentally or on purpose.
Types of computer misuse
Misuse of computers and communications systems comes in several forms:

Hacking
Hacking is where an unauthorised person uses a network, Internet
or modemconnection to gain access past security passwords or other security
to see data stored on another computer. Hackers sometimes use software
hacking tools and often target, for example, particular sites on the Internet.
Data misuse and unauthorised transfer or copying
Copying and illegal transfer of data is very quick and easy using online
computers and large storage devices such as hard disks, memory
sticks and DVDs. Personal data, company research and written work, such as
novels and textbooks, cannot be copied without the copyright holder's
permission.
Copying and distributing copyrighted software, music and film
This includes copying music and movies with computer equipment and
distributing it on the Internet without the copyright holder's permission. This is
a widespread misuse of both computers and the Internet that breaks copyright
regulations.
Email and chat room abuses
Internet services such as chat rooms and email have been the subject of many
well-publicised cases of impersonation and deception where people who are
online pretend to have a different identity. Chat rooms have been used to
spread rumours about well known personalities. A growing area of abuse of the
Internet is email spam, where millions of emails are sent to advertise both
legal and illegal products and services.
Pornography
A lot of indecent material and pornography is available through the Internet
and can be stored in electronic form. There have been several cases of
material, which is classified as illegal, or which shows illegal acts, being found
stored on computers followed by prosecutions for possession of the material.
Identity and financial abuses
This topic includes misuse of stolen or fictional credit card numbers to obtain
goods or services on the Internet, and use of computers in financial frauds.
These can range from complex well thought out deceptions to simple uses such
as printing counterfeit money with colour printers.
Viruses
Viruses are relatively simple programs written by people and designed to cause
nuisance or damage to computers or their files.
How to prevent computer misuse
The Computer Misuse Act (1990)
This was passed by Parliament and made three new offences:
1.Accessing computer material without permission, eg looking at someone
else's files.
2.Accessing computer material without permission with intent to commit

further criminal offences, eg hacking into the bank's computer and wanting
to increase the amount in your account.
3.Altering computer data without permission, eg writing a virus to destroy
someone else's data, or actually changing the money in an account.
The Data Protection Act
This was introduced to regulate personal data. This helps to provide protection
against the abuse of personal information. Find out more about the Data
Protection Act.
Copyright law
This provides protection to the owners of the copyright and covers the copying
of written, musical, or film works using computers. FAST is the industry body
which is against software theft. You can find out more about it in
the Copyright section.
There have been cases where laws such as Copyright have been used to crack
down on file sharing websites or individuals who store and illegally distribute
copyrighted material, eg music. There is a massive problem with many people
around the world obtaining copyrighted material illegally.
Close down chat rooms
Some chat rooms have been closed down due to abuses, especially where
children are vulnerable. Some have moderators who help to prevent abuses.
Advice about sensible use is important; especially to never give personal
contact details or arrange meetings without extreme caution.
Reduce email spamming
This may be reduced by:
never replying to anonymous emails
setting filters on email accounts
reporting spammers to ISPs, who are beginning to get together to blacklist
email abusers
governments passing laws to punish persistent spammers with heavy fines
Regular backups and security
Just making something illegal or setting up regulations does not stop it
happening. Responsible computer users need to take reasonable steps to keep
their data safe. This includes regular backups and sufficient security with
passwords.
Viruses
Viruses are written by malicious programmers who wish to cause problems for
other computer users.
The primary source of infection these days are emailattachmentsfollowed
by illegal software and infected files from the internet. If you have up to
date anti-virus software installed this will immediately warn you of any

infection. If not, there is usually no

evidence of the virus and the user is not
usually aware of it until something goes
wrong.

How can you reduce the risk of getting a

virus?
Viruses can be prevented by taking
sensible precautions, including:
keeping your operating system up to date
using up to date anti-virus software
not opening an email attachment unless
you are expecting it and know the source
(many email servers scan emails with anti-virus software on the user's behalf)

not allowing other users to use their ownmemory stick on your system
only downloading files from reputable web sites
avoiding software from unreliable sources

Anti-virus software can inspect computer files and email attachments for
viruses and remove or quarantine any which are found.
It is good practice to backup your data regularly. If a virus does damage your
data, you can restorethe damaged files from backup.

Moral and social issues related to ICT

Some effects of the development of information technology have given people cause for
concern. There are arguments for and against control over the information available.
The internet and freedom of speech
The internet is a vast source of information but it can also be used to peddle

pornography, con people out of money, invade peoples privacy with unwanted
advertising, and make it easier for criminals to organise their activities.
However, it is not the case that anyone can post anything over the internet. For
example:
the Chinese government heavily censors its citizens' use of the internet
libel (written defamation of someone's character) laws apply equally well to the
internet

copyright law is being actively used to suppress websites, for example, many file
sharingwebsites have been shut down over the years.

Arguments for control

To prevent illegal material being readily available.
To prevent young children accessing unsuitable material.
To ensure copyright laws are maintained.

Arguments against control

Unsuitable material is easily available in other ways.
Control would cost money and users would have to pay.
Control would be very difficult to enforce.

Confidential data
Many people are concerned about organisations storing personal, confidential
details on computer. A student may want to know:
What information the school stores about them?
Who has access to this information, eg which members of staff?

 Whether the information is available to other schools or organisations?

What security measures are in place to prevent unauthorised access to the
information?
Could the information stored be used against them in any way?

The section on the Data Protection Act gives more information on this topic.

The internet and crime

New technology brings with it new crimes and as a result some governments
are setting up special units to deal with internet crime.
A major concern is internet fraud. For example, phishing scams,identity
theft and denial of service attacks are common techniques used by criminals
today.
Other concerns surround:
the interception of credit card details and transactions online

hacking into personal, private files with criminal intent

fraudulent websites taking credit card details from customers
the spreading of viruses via the internet

Internet security
There are a number of ways the public are made to feel safer when using the
internet:
encryption of sensitive data, making it unreadable until it reaches its destination
and is decrypted
passwords and access level restrictions
firewalls (protection from hackers)

anti-virus software
tough penalties for offenders under the Computer Misuse Act

Computerisation of retail

Computerisation is changing the way we shop in a number of ways:

Computerised stock control means shops can accurately predict demand. Ordering of
stock is automatic.
IT supports the growth of big stores but every business has access to the same
technology, and so they all have the same opportunity to grow.

Loyalty cards offer regular customers discounts and this puts smaller shops under
threat.

These cards enable the stores to build huge databases of customer preferences.
Their personal details can be used in direct mail-shots for marketing goods.

Internet and digital TV shopping means we can shop without leaving home.
The growth of large stores and internet shopping has inevitably affected small
shops:
more small shops may go out of business
local town centres are threatened by the closure of small shops

Other concerns

IT skills considered a must-have

IT skills are now seen as vital in the employment market. Those with such skills
can advance in their careers while those without might struggle to get a job.
This is creating a divided society - those with IT skills and those without. Read
the Changing work patterns study guide for more information on this topic.

Increased dependency on IT
What happens if a computer breaks down? We are now so dependent on IT for
our lifestyles that we cannot survive without them. Businesses stand to lose a
lot of money if their IT systems fail. To avoid this they may have to have one or
even two backup computer systems.

Viruses
Computer systems can break down when viruses corrupt data. Read
the Viruses study guide for more information on this topic.

Health and safety issues

Computers can be bad for our eyes, our backs, our wrists and our fingers. Read
the Health and safety study guide for more information about this topic.

How ICT has led to changing lifestyles

Many aspects of our lives are affected by information technology - home life, leisure,
shopping, banking and work.
Home and leisure
A large proportion of the machines we take for granted at home are controlled
by microprocessors, including:
microwave ovens
washing machines
dishwashers
central heating boilers

Entertainment
Activities we do in our leisure time are increasingly dependent on information
technology, such as:
watching digital or satellite TV
watching DVDs, Blu-ray and online videos
playing computer games

listening to music on CD and MP3 players and online

browsing the internet

Online booking
Online bookings are growing as fast as online shopping. Theatre, cinemas,
concerts, air tickets, train tickets, hotels and package holidays are all available
on the web, often at cheaper prices than buying them from high street shops.
Bookings can be made across the world by internet connection.

Advantages
Instantly find out availability.
Book out of office hours.

Pay and receive confirmation (via email) immediately.

Lower prices - access to a greater number of retailers increases competition and
prices fall.

Disadvantages
Risk buying from a website setup to scam money out of customers, ie the tickets
never come.
Even when buying from genuine websites, the tickets may not arrive in the post in
time (where confirmation email cannot be used).
Websites may not be able to cope with high demand (making them inaccessible).

Loyalty cards

The larger stores offer customers loyalty cards. When the customer shops at
the store they're awarded a set number of points depending on how much they
spend. The loyalty card stores their points. One point is commonly worth 1p
with a point awarded for each pound spent.
Points can be converted into vouchers that provide discounts on products or
services.
Each customers' loyalty card has a unique card number linked to
adatabase which stores information about them (provided by the customer
when they signed up) and their purchases.

How do they work?

Swiping a loyalty card is an example of data capture. Every time the customer

visits the shop the card is swiped, reading the unique number. This identifies
the customer whose points total, stored in the database, is then updated. The
tills use barcodes to identify each item bought.

Targeting customers
When a customer signs up they provide basic details such as their name and
address.
Loyalty cards provide companies with information about customer spending
habits. This information can be used to target customers generally or
specifically.

Product placement
If customers frequently buy bread and milk together, these items may be put
near each other for customer convenience or farther apart, forcing the
customer to walk through the entire store (in the hope they buy additional
items along their way).

Vouchers
If a customer frequently buys beans, vouchers offering money off beans will be
sent to them (further increasing their loyalty), rather than for products they
rarely buy.

Mailing lists
Can be used to send out tailored advertisements. For example, someone who
regularly buys garden magazines might be sent special offers on garden
products.

New stores
When customers sign-up they provide their address. This information can be

used to see where the customers come from and identify opportunities for new
stores.

The Data Protection Act

The Data Protection Act applies to the personal data gathered by the
schemes. The mailing lists which supermarkets gather fromloyalty cards can
also be sold to other advertisers as long as Data Protection law is followed.
Find out more about the Data Protection Act in the legal framework section.

Electronic money and electronic commerce

Most companies pay their employees via bank transfer, from the companies
account to the employees'. It's now rare to be paid in cash.
Goods and services are usually paid for with electronic methods of payment,
for example:
direct debit
standing order
debit cards (Switch/Delta)
smart cards
online bank transfers

Electronic Commerce
Electronic Commerce or e-commerce is the selling and buying of goods or
services over the internet.
E-commerce has both advantages and disadvantages for businesses and
customers.

Advantages for businesses

Increased customer base with a website, a local store can have an international
customer base.

Cost effective save on staffing a physical shop (or shops) and the associated costs,
eg rent, electricity, gas, water etc.

Services - for example, accountancy, lend themselves to being advertised online.

Specifics on what's offered can be listed on the website, decreasing the need for real
world consultation.

Disadvantages for businesses

Increased competition - competition once limited to other local shops is now on an
international scale.

Newcomers - consumers may be reluctant to buy from a company they haven't

heard of.

Slow adoption - companies whose competitors already have an online presence may
find it hard to gain market share.

Advantages for customers

Increased convenience - customers can find what they're looking for without
leaving their home.

Greater choice - customers are no longer limited to shops nearby and can even buy
from abroad.

Cost effective - competition on an often international scale means prices are

cheaper/more competitive.

Product details - greater wealth of information available online than what a member
of staff is able to provide in-store.

Customer reviews - many sites allow customers to review products or services

theyve purchased, increasing buyer confidence.

Disadvantages for customers

No human interaction - some people prefer to buy their goods or services in person.
Returning goods - can be inconvenient (arranging postage) and expensive (if it is a
large/heavy item).

Fraud - a website may take your money, but have no intention of delivering the
goods.

Stock issues - the product may be out of stock, or if ordered and later found to be
out of stock, a substitute product may be sent instead.

Online banking
All high street banks offer online banking and some banks are exclusively
online with no high street branches.

Services

A customer with access to online banking can:

check their bank balance
view/print current and previous bank statements
pay bills online, ie setup direct debits and standing orders

 setup new, separate accounts for specific purposes, eg savings

transfer money between their accounts and to other people's

Customer benefits
Convenience - banking when it suits them, 24 hours a day, 365 days a year from any
computer with an internet connection.

Higher interest rates - savings banks make through reduced staffing, fewer
premises and increased automation mean they can offer higher interest rates.

Increased market awareness - visit all the banks and find out what interest rates
they offer online.

Customer concerns
The closure of small, local branches or reductions in opening hours.

The security of online banking, specifically hacking and credit card fraud.
Staffing reductions.

As banking becomes increasingly reliant on technology these concerns are set

to increase.
Shopping online
Nearly everything available on the high street or in shopping centres can also
be found online. For example, supermarkets offer home delivery of goods
ordered through their website.
Digitaldownloads are now common too. Items previously sold on physical
media (CDs, DVDs, books) can instead be downloaded directly to a customer's
computer or handheld device.

Buying goods online

The process for buying goods online commonly involves:
1. browsing through the online catalogue
2. adding items to the virtual basket
3. visiting a virtual checkout
4. choosing payment and delivery method
5. order confirmation

6. shipping confirmation (via email or SMS)

Advantages
Convenience - shop from any computer with an internet connection any time
while avoiding the need to travel, pay for parking, queue in-store etc.

Greater variety - more shops online than any high street or shopping centre.
Cheaper goods - increased competition between retailers (for some on a global
scale) brings down prices.

Accessibility - those with a disability that limits their mobility can choose to have
goods delivered.

Comparability - using the internet it's easy to research products or services very
thoroughly, comparing prices and product details in order to get the best deal.

Disadvantages
Security concerns surrounding payment by credit card over the internet.
Not being able to physically inspect the goods before purchase.
Goods getting damaged during transport.
Goods not arriving in time or at all.
Concerns over what information retailers are storing about customers, eg buying
habits.

Online accounts
Jump media player
Media player help
Out of media player. Press enter to return or tab to continue.
How IT helps Manchester City Football Club with their ticketing and safety
systems
The first time a customer buys goods from a retailer online they are asked to
create an account. The sign-up process typically asks for:
email address
password
telephone number
delivery address
billing address
payment details

The details stored in the account are protected by the customer's email
address (which acts as their username) and password. Storing this information
means returning customers do not need to re-enter it.

Security
Goods are typically paid for using a credit or debit card. During the payment
process communication between the retailers website and the bank takes
place over Secure Sockets Layer (SSL), a technology that encrypts
(scrambles) data.

PROTECTING DATA
1. Introduction
You might think that the most valuable item a company owns is its computers. Although

they are expensive machines, you would be wrong.

The thing that is worth the most to any company is their data.
Surprising eh? Not when you think about it. If a machine breaks down or even gets stolen,
a company can go out and buy a new one to replace it. Yes, it costs them a fair whack, but
they can probably find the money from somewhere.
Whereas, if they lose their data, this is very hard to replace. For example they could lose
their customer list, lose their sales records, lose their accounts, lose all the information
about their product and the list goes on and on.
Data is invaluable to a company and if it were to be lost, the company would probably be
crippled in the short term, and go out of business pretty soon afterwards.
It is not just businesses who would suffer from a loss of their data, it could be you.
You have just finished your three pieces of coursework, that took you months to complete.
Thank goodness you are going to hand them in tomorrow and get them out of the way.
BUT..... you try to switch on your machine, only to see those awful words 'hard disk failure'.
It's all gone.
All of your work was saved on that machine. How much would you pay to get the
coursework back so you don't miss your deadline?
Find out more about protecting data from loss or damage by using the links in the menu on
the left-hand side.

2. Employees
If you were asked to take a guess on the most likely cause of data loss, you would
probably say, 'hacking' or 'theft of equipment'. You would be wrong. The single biggest
cause of loss or damage to data is from employees or data users such as yourself.
Carelessness

A vast amount of valuable data is lost due to sheer carelessness.

- not saving work as it is being created and then the software crashes or the machine
shuts down. Hands up - how many of you are guilty of this?
- saving over a file by accident. Another daft thing of which we are all guilty of.
- Deleting a file by accident - woops!
- not saving files with sensible file names, and no matter how hard you try, you can't find
them again when you need them.
Data theft

Occasionally an employee might be tempted to steal company data. They may have been
offered money by another company to get hold of the data - this is called 'industrial
espionage'
The employee might want to steal data because they are planning to set up their own rival
business shortly.
Data Damage

An employee might hold a grudge against their employee, maybe they don't like their boss
or maybe they have heard they are about to lose their job.
It has been known for people in this situation to damage or destroy files to 'get their own

back'.
3. Other people
Although employees are the most likely to be the ones who cause damage or loss to data,
a business has to be mindful about the risks from other people outside the business.
Hackers

A hacker is a person who breaks codes and passwords to gain unauthorised entry to
computer systems.
Many hackers often don't intend to cause damage to data, but just enjoy the challenge of
breaking into a system.
However, in some instances the hacker's purpose could be to commit fraud, to steal
commercially valuable data and sell it to another company or to damage or delete the data
in order to harm the company.
Viruses

A Computer Virus is a computer program that is designed to copy itself repeatedly and
attach itself to other computer programs.
In the early days of personal computing (1980's) some of the people who created them did
it as a 'joke'. For example, there was a virus that caused all the characters on screen to
drop into a heap at the bottom of the display. Very annoying, but relatively harmless.
However, quite soon some really nasty versions came out that were deliberately designed
to corrupt and delete your files as well as trying to copy itself everywhere.
Viruses can cause an immense amount of time wasting and financial loss for people and
businesses.
4. Physical risks
Besides people, there are plenty of other ways that data can be lost or damaged. Here are
a few more to think about.
Fire, floods and lightning damage

Although thankfully a rare occurrence, fires and floods do happen. They can cause
immense damage and even total destruction of the computer equipment.
If you have been daft enough not to make a back up and store it somewhere other than
the office, then it is pretty likely that all of your data is sitting on the now damaged machine
and cannot be retrieved.
Theft of equipment

Computers are expensive, attractive items and can be a prime target for thieves.
If your computer is stolen and you haven't made a back up of your data then all of your
hard work will end up walking out of the door with the thief.
Scratches on the hard disk

The platters inside a hard disk spin very quickly whilst a 'head' hovers less than a hair's
width above them, reading the data.

If you don't shut your machine down properly this head crashes onto the spinning platter
causing scratches.
If a scratch occurs just at the point your data is stored, it can be damaged and you might
not be able to access it.

5. Back-ups
It's common sense to make copies of your work, but you would be amazed at how few
don't do this.
Whilst you are working, you should remember to save your work every 5 minutes or so. It
doesn't take a moment to press the 'save' button.
If you are sensible, you should also save your work as different versions, just in case your
work becomes corrupted or you delete something by accident. You can then go back to an
earlier version. O.K. you might have lost some work, but you won't have lost it all.
Besides backing up on the system you are using, you should also make a regular back up
onto another piece of hardware, preferably something that is removable e.g. removable
hard disk, magnetic tape, DVD-RW. This removable back up should be stored off site, so
that if there were a fire, flood or theft, you would still be able to get hold of a copy of your
data and reinstall it.
Backing up should use the 'grandfather, father, son' method. The daily or 'Son' backups
are rotated on a daily basis with one graduating to Father status each week. The weekly or
Father backups are rotated on a weekly basis with one graduating to Grandfather status
each month.

6. Physical protection
As you have seen, there are many different ways that you or a business can lose valuable
data. With a little bit of planning and thought however, the risks can be reduced or even
eliminated.
There are many things you can do to make your equipment more secure:
- Lock the room when not in use
- Use swipe cards or keypads to activate locks
- Bolt computers to the desk
- Use special pens to mark your postcode onto the computer case
- Keep windows shut - especially if on the ground floor. Use bars.
- CCTV video cameras
- In large firms, security guards
Note: in an exam, you would generally only give one example from the list above and then
go on to discuss the other methods below.
Unless specifically asked to discuss physical security, don't just list the points from this
section.

7. Software protection
Firewall

A firewall is a program or hardware device that filters the information coming through the
Internet connection into your personal computer or into a company's network.
It is set up to allow mainly one way access, i.e. you can go out onto the Internet and
access pages, but it checks everything coming back against a set of rules. If the data
coming back is from an unauthorised source, then it is blocked.
You may have heard people saying, 'I can't get on that site at school because it's been
blocked'; that is the firewall in action.

8. Software protection
Anti-virus software

This is special software which is used to detect viruses and to limit their damage by
removing them.
The software tries to detect viruses before they can get access to your computer. If a virus
is detected trying to get through the firewall, the software will give an alert and ask how
you want to respond.
It is important that anti-virus software is updated regularly by going to the manufacturers
site. Although the software was up-to-date when you bought it, within a few weeks, new
viruses will have been released which your software won't know how to detect.
The manufacturers provide downloads to make sure that your software can identify all of
the latest threats.
It is also important to run an 'anti-virus' scan regularly, just to make sure that there aren't
any viruses lying dormant on your system.
9. Software protection
User IDs and Passwords

When you log onto your network at school, you have to type in your User ID and
Password. This identifies you to the network as an authorised user.
Any sensible company will ensure that staff need a User ID and Password to gain access
to the system. This should reduce the risk of outsiders being able to get onto the system
and damage data.
People should follow rules when choosing their password:
- passwords should be kept secret at all times
- passwords should not be something that is easy to guess such as pet's name or favourite
football team.
- passwords should include text and numbers or symbols
- passwords should be a reasonable length e.g. over 6 characters
- passwords should be changed regularly

10. Software protection

Encryption

This is a method of scrambling data in such a way that only the people who have the
'secret key' to unlock the message can read it.
This is an example of ordinary text:
Humpty Dumpty sat on a wall.
Humpty Dumpty had a big fall.
This is what an encrypted code for the text would look like:
lj86ik,lj)ay%9w2+m?lsild171724
jkd2f*hkdfh7$171kjfh7d1h4d
You obviously have to keep the "secret keys" safe from prying eyes.
11. Software protection
Audit Log

A very good way of tracing back a problem is for the system to keep an audit log.
This means the computer will record every important event in an 'audit file. It records who
saved what and when. Who deleted records or changed them. For example an audit
record may look like this:User: bigears233
File: TheMostImportantFile.doc
Changed: 3rd January 10:15am
(or Deleted, or Saved).