21.10-чтение

> ==1.4 Computer Criminals== > ** жирным выделены слова с неправильным ударением ** > ** красные буквы - звук произнесён неправильно или отсутствует ** > ** подчёркивание - не справляетесь со скоростью: очень невнятное чтение или лишние паузы ** > > **Ярушин** > > In television and film westerns, __the bad guys always__ wore shabby cloth e s - лишний звук, looked mean and **sinister**, and lived in gangs somewhere out of town. By **contrast**, the sheriff __dressed well__, stood proud and tall, was kn ow n нечётко and respected by everyone in town, and struck f ea r in the h ear ts of most criminals. > To be sure, some computer criminals are mean and sinister types. But many more wear business suits, have university degrees, and __appear to be **pillars**__ нет слитности of their communities. Some are high school or university students. Other s are middle-aged business **executives**. Some are mentally deranged, **overtly** hostile, or extr eme ly committed to a cause, and they attack computers as a symbol. O ther s are ordinary people tempt ed by personal profit, revenge, challenge, adv a ncement, or job security. No single profile captures the characteristic s of a "typical" computer criminal, and many who fit the profile are not criminals at all.


 * Цыкарев**

> In television and film westerns, __the bad guys always wore__ shabby cloth e s - лишний звук, __looked mean and sinister__, and lived in gangs somewhere out of town. By contrast, the sheriff dressed well, stood pr ou d and tall, __was kn ow n and respected__ by everyone in town, and struck f ea r in the h ear ts of most criminals. > To be s u re, some **computer** criminals are mean and sinister types. But many more wear __business__- лишний звук s ui ts, have university degrees, and __appear to be pillars__ of their communities. __Some are high school or university students__. Other s are __middle-aged business **executives**__. __Some are mentally der a nged__, **overtly** hostile, or extr e me ly **committed** to a cause, and they attack **computers** as a symbol. Others are ordinary people tempted by personal profit, revenge, challenge, advancement, or job security. No single profile captures the characteristics of a "typical" computer criminal, and many who fit the profile are not criminals at all. > > **Болтунов** > > __Whatever their characteristics and motivations,__ computer criminals __have **access**__ to enorm ou s amounts of hardware, software, and data; they have the potential __to cripple much of effective business and government throughout the world__. In a sense, then, the purp o se of computer security is to prevent these criminals from doing damage. > __For the **purposes**__ of studying computer security, we say **computer crime** is any crime involving a computer or aided by the use of one. **Although** this definition is admittedly broad, it all o ws us to consider ways to protect ourselves, our businesses, and our comm uni ties __against those who use__ computers maliciously. > > **Абраров** > > The U.S. Federal Bureau __of Investigation__ r e gularly reports **unifo r m** crime statistics. The dat a __do not separate__ computer crime __from crime__ of o ther sort s. __Moreover__, many comp anie s do not report computer crime __at a ll__, perhaps because they fear **damage** to their rep u tation, __they are ashamed__ to have all ow ed their systems to be compromised, __or they have agreed not to prose cute __ if the criminal __will "go away__." These condi ti ons make __it difficult__ for u s to estimate the economic losses __we **suffer**__ __as a res u lt__ of computer crime; our dollar **estim a tes** are really only v ague suspicions. Still, the estimates, ranging from $300 million to $500 billion per year, tell us that it is important for us to pay attention to computer crime and to try to prevent it or at least to moderate its effects. > One approach to prevention or moderation is to understand who commits these crimes and why. Many studies have attempted to determine the characteristics of computer criminals. By studying those who have already used computers to commit crimes, we may be able in the future to spot likely criminals and prevent the crimes from occurring. In this section, we examine some of these characteristics. > > ===Amateurs=== > **Amateurs** have comm i tted most of the computer crimes reported to date. Most __embezzlers are not career__ criminals but r a ther are normal people who observe __a weakness in a__ security system that all o ws them to access __cash or o ther valuables__. __In the same sense__, most computer criminals are ordinary computer professionals __or users__ who, while __doing their jobs__, __discover they have access__ to something valuable. > __When no one objects__, the **amateur** may start __using the computer at work__ to write letters, maintain __soccer league team__ standings, or do acc o unting. This __apparently **innocen**t time-stealing__ __may expand until__ the **employ ee ** is **purs ui ng** __a business in acc o unting__, stock portfolio management, or desktop publishing on the side, using the employer's computing facilities. Alternatively, amateurs may become disgruntled over some negative work situation (such as a reprimand or denial of promotion) and vow to "get even" with management by wreaking havoc on a computing installation. > > ===Crackers or Malicious Hackers=== > > System **crackers**, often __ high school__ or university students, attempt to access computing fa c ilities for which they have not been auth ori zed. Cracking a computer's defenses i s seen as the u ltimate victimless crime. The __pe r ception is that nobody is hurt__ or e ven en danger ed by a little stolen **machine** time. Crackers enjoy the simple __challenge of trying__ to log in, __just to see whether it__ can be done. Most crackers __can do their harm__ without confronting anybody, not e ven makin g a sound. __In the absence of__ ex p li c it w ar nings not to trespass in a system, crackers infer that access is p er mitted. An underground network of hackers helps pass __along secrets of **success**__; as with a jigsaw puzzle, __a few i solated pieces__ joined together may produce a l ar ge effect. Others attack for curiosity, personal gain, or self-satisfaction. And still others enjoy causing chaos, loss, or harm. There is no common profile or motivation for these attackers. > > ===Career Criminals=== > > **Берёзкина** > > By contrast, the career computer criminal understands the targets of computer crime. __Criminals seldom change fields__ лишние паузы from arson, murder, or au to th e ft to computing; more often, criminals begin as computer professionals __who engage__ in computer crime, finding the prospects and payoff good. There is some evidence that o r ganized crime and international groups __are engaging__ in computer crime. Recently, __electronic sp i es__ and information brokers have begun to recognize that trading __in companies' or individuals' secrets__ can be lucrative. > __Recent **attacks**__ have shown that organized crime and professional criminals have discovered just how lucrative computer crime can be. Mike Danseglio, a security project manager with Microsoft, s ai d, "In 2006, the attackers want to pay the rent. They don't want to write a worm that destroys your hardware. They want to assimilate your computers and use them to make money" [NAR06a]. Mikko Hypponen, Chief Research Officer with the Finnish security company f-Secure, agrees that today's attacks often come from Russia, Asia, and Brazil and the motive is now profit, not fame [BRA06]. Ken Dunham, Director of the Rapid Response Team for Verisign says he is "convinced that groups of well-organized mobsters have taken control of a global billion-dollar crime network powered by skillful hackers" [NAR06b]. > Snow [SNO05] observes that a hacker wants a score, bragging rights. Organized crime wants a resource; they want to stay and extract profit from the system over time. These different objectives lead to different approaches: The hacker can use a quick-and-dirty attack, whereas the professional attacker wants a neat, robust, and undetected method. > As mentioned earlier, some companies are reticent to prosecute computer criminals. In fact, after having discovered a computer crime, the companies are often thankful if the criminal quietly resigns. In other cases, the company is (understandably) more concerned about protecting its assets and so it closes down an attacked system rather than gathering evidence that could lead to identification and conviction of the criminal. The criminal is then free to continue the same illegal pattern with another company. > > ===Terrorist**s**=== >
 * Computer** Criminals
 * Смирнов А.В.**
 * Нефёдов**

> __The link between com puter s__ and terrorism is quite evident. We see **terrorists**using computers in three ways: > __We cannot **accurately** measure__ the amount of computer-based terrorism because our definitions and **meas ure ment** tools __are rather__ weak. Still, __there is__ evidence that all three of these activities are increasing. (For another look at terrorists' use of computers, see Sidebar 1-6.)
 * //tar g ets of attack:// **denial**-of-service attacks and web site defacements are popular for any politi cal organization because they __attract attention to the cause__ and bring undesired negative attention __to the tar g et of the attack.__
 * //propaganda v eh icles:// web sites, web logs, and __e-mail lists__ are effective, fast, and inexpensive ways __to get a message__ to many people.
 * //__methods of attack__:// to l au nch **offens i ve** attacks __requires use of computers__.