CAPE INFORMATION TECHNOLOGY Unit 2

Module 3: Social, Organizational and Personal Issues

1. Describe ways in which Information Technology impact on society

Telecommuting
Telecommuting means working from home via telecommunication and internet
connectivity.
Advantages
1. Professional mothers can balance a family and work.
2. A telecommuter travels to work by telecommunications rather than by car
or bus, resulting in the saving of time and the reduction of pollution and
traffic congestion.
3. People can be hired regardless of their location or physical state eg.
Physical disability
4. Work can be done at any time anywhere.
Disadvantages
1. Managers may not know whether employees are working if they cannot
see them.
2. Telecommuters may be over looked for promotions or impromptu
meetings because they are not physically present at the office.
3. It is not suitable for all types of employees.
Online Shopping
This is a form of electronic commerce whereby consumers directly buy goods or
services from a seller over the internet without an intermediary service.
Online gaming
This is a game played over some form of computer network. This almost always
means the internet or equivalent technology.
Gender and Diversity
Information technology has facilitated gender diversity in several ways. Gender
diversity refers to the proportion of males to females in the workplace. The
advent of information technology has even distribution the employee pool of
males or females in same work areas. This has an effect on how people interact
and behave with one another in the workplace. It has changed the culture and
social environment of work areas.
Impact of automation on existing processes
Automation has made it possible to carry out processes in different ways that are
cost effective and efficient. Automation has resulted in process innovation.
Knowledge Management
This refers to how knowledge is managed within an organization in order to
enable the members of the organization to deal with situations in an informed
manner and to effectively envision and create solutions for the future.
Without on-demand access to managed knowledge, every situation is addressed
based on what the individual or group brings to the situation with them. With on-
demand access to managed knowledge, every situation is addressed with sum
total of everything anyone in the organization has ever learned about a situation
of a similar nature.

Info. Tech. impact on job skills

Computers are used in almost all areas of work and have changed the working
environment. Technology has created new jobs and has changed how work is
carried out. It has caused several jobs to disappear and leave several persons
unemployed. With the introduction of new technology, new jobs have been
constantly created in almost all areas of business and new skills set are required.
Info. Tech. impact on job opportunities/training
The advent of information technology has resulted in an increase in employment
and hence leads to better standard of living. For example, many new jobs have
been created in the area of computer programming and analysis, manufacturing
etc. however, the introduction of information technology in organizations have
resulted in workers being displaced and sometimes losing their jobs. For example,
many factory jobs have disappeared because of the computerized of certain
processes within factories. People sometimes need training in the use of new
technology, as there might be new ways of carrying out business processes.
There could be resistance to change by employee and change of management
due to the use of technology. People might resist changes, as there might be new
ways of carrying out business processes, which uproot old methods of performing
tasks. Some workers may be frustrated doing technical work, as it is boring and
repetitious.

The impact of IT on privacy

Technology has made it possible to easily breach a person’s privacy and personal
information. Persons have hacked other person’s information and have used it
unlawfully. Technology has also made it difficult to protect privacy.
People have certain inalienable rights such as the right to privacy. When personal
data about persons are stored on any device or network such as the internet,
every effort has to be made to protect them as a person could be harmed by the
existence of data which is inaccurate or misleading and which could be
transferred to another person without the knowledge or permission of the owner.
Any information kept about an individual should be relevant and appropriate.
Technology has made it possible to steal people’s identity and obtain personal
information without the owner’s knowledge.
There are several laws in place to protect people from the misuse of data that is
held about them on computer systems and networks such as the internet.
There are also laws that protected computers and its data from illegal acts such as
hacking. Laws are in place to prevent unauthorized access to computer or data;
unauthorized access with a criminal intent; and unauthorized modification of
computer programs and data. If a person breaches any of these laws, he/she may
be penalized or imprisoned.
The impact of IT on surveillance
Surveillance is the monitoring/observing of a person(s), behavior, or activities. I.T
has made the surveillance of people and their activities and just about anything
easier. It has helped improve security. However, it has made unauthorized
surveillance possible.
Impact of I.T on security
Security is the degree of protection against danger, damage, loss, and crime. I.T
has improved security. However, it has created numerous security problems such
as viruses, identity theft and so on.
Impact of I.T on commercial transactions
Commercial transaction involves the exchange of good, services or anything of
value between two or more person for something of value. I.T has facilitated
commercial transaction. It has changed the way people do business. It has also
given rise to new laws to govern transactions via the internet.
Impact of I.T on entertainment
Entertainment is an action, event or activity that aims to entertain, amuse and
interest the public. I.T has changed how persons entertained each other and has
made entertainment accessible.
The impact of I.T on culture
Culture is the act of developing the intellectual and moral faculties especially
through education. I.T has changed cultures and has created numerous cultures
especially through social networks.
Impact of I.T on economy
I.T has created numerous opportunities/wealth for individuals and countries.
Impact of I.T on politics
Political parties have embraced I.T and have used it to their advantage in various
forms such as advertisement over the internet, electronic voting, electronic
governance and so.
Impact of I.T on business
E-commerce encompasses those businesses offering products or services to either
consumers or other businesses over the internet E-Business on the other hand,
are those businesses that run the traditional way but also cater to the needs of
online requests. An e-business status is received when the business handles any
activity online.

Impact of I.T on governance

E-Governance is the use of technologies to improve governance, encourage
citizen participation in the decision-making process and make government more
accountable, transparent and effective.
Impact of I.T on learning
E-learning comprises all forms of electronically supported learning and teaching.
Technology has made learning and teaching more accessible to all.
Impact of I.T on surgery
E-surgery refers to a surgical operation or procedure, especially one involving the
removal or replacement of a diseased organ or tissue which is aided by the use of
technology.

2. Discuss various Computer Crimes

Identity theft is the stealing of someone’s identity in that someone pretends to
be someone else by assuming another person’s identity, typically in order to
access resources or obtain credit and other benefits in that person’s name.
Spoofing attack is a situation in which one person or program successfully
masquerades as another by falsifying data and thereby gaining an illegitimate
advantage.
Hardware theft is the act of stealing hardware equipment.
Hardware vandalism is an act of defacing or destroying hardware equipment.
Piracy is the unauthorized reproductions or use of a copyrighted material, book,
recording, computer program, movie, patented invention, trademarked product,
etc.
Electronic eavesdropping is the act of electronically intercepting conversations
without the knowledge or consent of at least one of the participants. The most
common form of electronic eavesdropping is wiretapping, which monitors
telephonic and telegraphic communication.
Cyber terrorism is any “premeditated, politically motivated attack against
information, computer systems, computer programs, and data which results in
violence against non-combatant targets by sub-national groups or clandestine
agents.” A cyber terrorist attack is designed to cause physical violence or extreme
financial harm.
Hacking involves the unauthorized access to software, hardware device or
networks with the intent to cause damage or exploit for financial gains. Hackers
may be motivated by a multitude of reasons, such as profit, protest, or challenge.
Propaganda is a form of communication that is aimed at influencing the attitude
of a person toward some cause or position. Propaganda can be libelous and can
get a person in trouble with the law. Technology has made it easier to spread
libelous propaganda.
Computer fraud is the use of information technology to commit fraud. The
internet has made it quite easy for people to commit fraud or to misrepresent
something or a person as being true when in fact it is a fake or a false person who
stole someone’s identity.
Industrial sabotage involves the conscious action or inaction directed towards the
mutilation or destruction of a work environment.
Information theft is the crime of obtaining the personal or financial information of
another person for the sole purpose of assuming that person’s name or identity in
order to make transactions/purchases or to benefit financial.
Spam is electronic junk mail (unsolicited e-mail) or junk newsgroup postings.
3. Explain how information Technology System components can be threats,
vulnerabilities, countermeasures, attacks and compromises to
organizations.
1.Implemetation Costs-Every business must consider startup costs when
implementing any type of information technology system. In addition to the
cost of hardware and software, some technology vendors require businesses
to purchase user licenses for each employee that will be operating the system.
Businesses must examine the cost of training employees in unfamiliar
technology. Although basic information technology systems may be user
friendly, advanced programs still require formal instruction by an expert
consultant. In addition to the startup expenses, information technology
systems are expensive to maintain. Systems malfunction, and when they do,
businesses must engage skilled technicians to troubleshoot and make the
necessary repairs. These expenses present a major disadvantage of
information technology in business, particularly to businesses that are entering
the technology era for the first time.
2. Security Breeches- The ability to store information in an electronic database
facilitates quicker, more efficient communication. In the past, an individual
would sift through stacks of paper records to retrieve data. With properly
implemented technology, information can be recovered at the touch of a
button. Although information technology systems allow business to be
conducted at a faster pace, they are not without their flaws. Information
technology systems are vulnerable to security breaches, particularly when they
are accessible via the Internet. If appropriate measures are not in place,
unauthorized individuals may access confidential data. Information may be
altered, permanently destroyed or used for unsavory purposes.
3. Distractions- The ability to store information in an electronic database
facilitates quicker, more efficient communication. In the past, an individual
would sift through stacks of paper records to retrieve data. With properly
implemented technology, information can be recovered at the touch of a
button. Although information technology systems allow business to be
conducted at a faster pace, they are not without their flaws. Information
technology systems are vulnerable to security breaches, particularly when they
are accessible via the Internet. If appropriate measures are not in place,
unauthorized individuals may access confidential data. Information may be
altered, permanently destroyed or used for unsavory purposes.
4. Industrial Sabotage- Sabotage or the threat of sabotage is a central
determinant of the balance of power in contemporary organizations.
Throughout the history of industry and commerce, it has been used as a
weapon by those with less formal power and has been practised and refined as
 an art of resistance. It has been discussed widely, but has been the subject of
only a few comprehensive and sustained studies. Loose definitions of the
concept predominate. It is defined here as deliberate action or inaction that is
intended to damage, destroy or disrupt some aspect of the workplace
environment, including the property, product, processes or reputation of the
organization.
In contrast to the image of the 'mad saboteur', careful review of existing
research leads to the conclusion that most acts of sabotage are highly
symbolic, are restrained and selective, are the product of collective or even
conspiratorial efforts, and are performed with technical sophistication. They
tend to be deliberate and calculated rather than impulsive and careless.
Some level of workplace sabotage corresponds to the class-based organization
of society and its associated distribution of advantages and disadvantages. This
is compounded in effect due to issues of gender, race and ethnicity and other
social barriers that exist. However, these macro conditions for sabotage do not
fully explain its occurrence. It is also necessary to consider micro factors that
manifest themselves in organizational and occupational settings, such as lack
of control and exposure to systematic injustices. Simple desires for fun are
sometimes considered as motives for destructive behaviour but such acts are
not properly defined as sabotage.
The contemporary and future importance of sabotage are hard to deny. It is
therefore time for theorists of organizational behaviour and management to
make a sustained effort to understand it.
4. Describe legal and ethical considerations related to the handling and
management of enterprise information assets.

 Computer Crime Law – US

Communications Assistance for Law Enforcement Act (CALEA)

In response to concerns that emerging technologies such as digital and wireless
communications were making it increasingly difficult for law enforcement
agencies to execute authorized surveillance, Congress enacted CALEA on October
25, 1994. CALEA was intended to preserve the ability of law enforcement agencies
to conduct electronic surveillance by requiring that telecommunications carriers
and manufacturers of telecommunications equipment modify and design their
equipment, facilities, and services to ensure that they have the necessary
surveillance capabilities.
See link below,
https://www.hg.org/computer-crime.html

 Federal Identity Theft laws

Legislative efforts to create federal identity theft laws must balance the
competing needs of victims, government agencies, and businesses, yet stay
flexible enough to anticipate future identity crime issues.

Prior to 1998, crimes that would now be considered identity theft were charged
under "false personation" statutes, which go back to the late 19th century. False
personation can be defined as "the crime of falsely assuming the identity of
another to gain a benefit or avoid an expense."

It wasn’t until Congress passed the Identity Theft and Assumption Deterrence
Act of 1998 that identity theft was officially listed as a federal crime. The act
strengthened the criminal laws governing identity theft. Specifically, it amended
18 U.S.C. § 1028 ("Fraud and related activity in connection with identification
documents") to make it a federal crime to—

knowingly transfer or use, without lawful authority, a means of identification of

another person with the intent to commit, or to aid or abet, any unlawful activity
that constitutes a violation of Federal law, or that constitutes a felony under any
applicable State or local law. (See http://www.ftc.gov/node/119459.)
See link below
https://ojp.gov/ovc/pubs/ID_theft/idtheftlaws.html
 Phishing-Penalties
The penalty for a phishing crime depends greatly on the nature of the
circumstances surrounding the case. State laws differ significantly, and while most
laws that specifically target phishing categorize the crime as a felony, some of
these crimes might be punished as a misdemeanor or felony in other states.
Misdemeanors are considered a less serious crimes than felonies, though a
conviction for either brings the possibility of significant criminal penalties.
Jail or prison. A phishing conviction can easily result in a year or more in prison if
you're convicted of a felony. Laws differ widely, but penalties of up to five years in
prison are possible with felony convictions. Misdemeanor convictions can result in
up to a year in jail.
Fines. Being convicted of a phishing crime can also lead to a significant fine.
Misdemeanor fines typically do not exceed a couple of thousand dollars, while
felony fines can be as much as $10,000 or more per offense.
Restitution. If the phishing activity resulted in a victim losing money the court will
impose a restitution order. This order requires you to pay the victim to
compensate for the loss. The amount of restitution will differ from case to case,
but they are always made in addition to any fines imposed.
Probation. A phishing conviction can also result in a probation sentence,
especially where a person has not been convicted of crimes before. Probation
typically lasts from 1 to 3 years, though in some cases it might last longer. When
you are on probation you have to comply with specific probation terms. These
terms can often differ, but usually include such requirements as regularly
reporting to probation officer, maintaining employment, paying all required fines
and restitution, and not committing any more crimes while you are on probation.
 Pharming- Penalties
As with many other types of white collar crimes, pharming can lead to
misdemeanor or felony charges. The defendant may face federal and state
criminal charges which can lead to a sentence in jail along with criminal fines.
Also, hacking into a government website or tampering with government pages
can often lead to federal felony charges, which are punished very severely. The
defendant may also face civil charges from a person who has experienced losses
from the pharming scam.

11. Distinguish among the different types of Malware

Malware (malicious software) is harmful software designed to cause damage or
disruption to a device’s operation, gather sensitive information, or gain
unauthorized access to a device.
Types of malwares
 Viruses
 Trojan horse
 Worms
Viruses
A virus is a destructive program that inserts itself into a device via a host, and
causes failure to otherwise normal software program and device. The virus may
either cause destruction to a particular device, or designate it as the host system
to replicate the virus and move copies of it to other computer systems or devices.
Device viruses can be passed from one device to another via thumb drive, over
networks and over remoter modem connections.
A virus may spread to a networked workstation as executable files are launched
from the server. An infection can also occur whenever a thumb drive or storage
device is loaded into a computer and a file is executed, eventually spreading the
virus from that computer throughout the network.
Trojan horse
This is software that disguises itself as a useful software but will actually do
damage once installed or run on a device. Trojans can create a backdoor on a
device that gives malicious users access to a device, possibly allowing confidential
or personal information to be compromised. Unlike viruses and worms, Trojans
do not reproduce by infecting other files nor do they self-replicate. They are
computer programs that replicate functional copies of themselves (usually to
other computer systems via network connections) and often, but not always,
contain some functionality that will interfere with the normal use of a device or a
program.
Worms
Worms spread from device to device, but unlike a virus, it has the capability to
travel without any human action. A worm is capable of replicating itself on a
device. Therefore, instead of a device sending out a single worm, it could send out
hundreds or thousands of copies of itself, creating a huge devastating effect.
Pharming is a scamming practice in which malicious code is installed on a personal
computer or server, misdirecting users to fraudulent web sites without their
knowledge or consent. Pharming has been called “phishing without a lure.”
Pharming attacks redirect a person on the internet to a hacker’s site even when a
person types the address of a real website into the browser.
Phishing is an online fraud technique used by criminals to lure a person into
disclosing personal information. Phishing occurs where the perpetrator sends out
legitimate-looking e-mails, appearing to come from some of the web’s most
popular sites, in an effort to obtain personal and financial information from
individual recipients. Phishing uses fraudulent e-mail messages to lure a person
from a legitimate to a fake website and try to get the person to supply personal
information such as account password and so on.
There are many different tactics used to lure a person, including e-mail and
websites that mimic well-known, trusted brands. A common phishing practice
uses spoofed messages that are disguised to look like they are from a well-known
company’s website, such as a bank, credit card company, charity, or e-commerce
online shopping site. The purpose of these spoofed messages is to trick a person
into providing personally identifiable information (PII), such as the following:
 Address and telephone number
 Name and user name
 Password or PIN
 Bank account number
 ATM/debit or credit card number
 Credit card validation code (CVC) or card verification value (CVV)
 Social Security Number (SSN)
This information is used in many ways for financial gain. For example, a common
practice is identity theft, whereby the thief steals personal information, takes on a
person’s identity, and can then do the following:
 Apply for and get credit in a person’s name.
  Empty a person’s bank account and charge expenses to the limit of a
person’s credit cards.
 Transfer money from a person’s investment or credit line accounts into a
checking account, and then use a copy of a debit card to withdraw cash
from a person cheque account at automated teller machines (ATMs)
around the world.
Some examples of phishing schemes include:
 Fake e-mail messages – The message appears to be from a company that a
person does business with, warning a person that they need to verify
person’s account information, and if the company does not don’t get the
information, your account will be suspended.
A combination of auction fraud and phony escrow sites. This occurs when
items are put up for sale at a legitimate online auction to lure a person into
making payments to a fake escrow site.
 Fake online sales transactions- A criminal offers to buy something from a
person and requests that he/she pay a person an amount well over the
price of the item the criminal is buying. In return, the criminal asks a person
to send him/her a cheque for the difference. The payment to person is not
sent, but the person’s cheque is cashed, and the thief keeps the difference.
Additionally, the cheque that person send has a person’s bank account
number, bank routing code, address, and phone number, which the
criminal can continue to use and get a person’s money.
 Fake charities- This type of phishing scheme poses as a charity and asks for
direct monetary donations. Unfortunately, many people want to take
advantage of person’s generous nature.
 Fake websites – The websites can be made to look similar to legitimate
sites. When a person inadvertently visits them, the sites can automatically
download malicious software, such as a virus or spyware. The spyware can
then record the keystrokes that a person uses to log into personal online
accounts. That information is sent back to the phisher.