AN INVESTIGATION INTO THE USE AND USEFULNESS OF SECURITY SO TWARE IN DETECTING COMPUTER ABUSE

Computer security remains an important issue in the management of organizational information systems. Losses resulting from computer abuse and errors are substantial, and IS managers continue to cite security and control as a key management issue. With continued expansion of clistributed data processing and storage, the need to both prevent and detect violations also increases. This latter aspect, detection of computer abuse incidents, is the focus of this study. This empirical study examines the prevalence and sophistication of security software system installations across the United States. Using a victimization survey of 528 randomly-selected DPMA members, the study examines discovered incidents of computer abuse in organizations and attempts to identify relationships between comprehensive (i.e., sophisticated) security software and successful discovery of abuse. More comprehensive security software was found to be associated with greater ability to identify perpetrators of abuse and to discover more serious computer abuse incidents. Larger organizations used both a greater number and more sophisticated security software systems than smaller organizations. Wholesale/retail trade organizations used less comprehensive software than average, while manufacturing organizations and public utilities used more comprehensive software. Surprisingly, no relationships were found between the maturity of an organization\u27s security function and the number and/or sophistication of security software systems utilized

Data Scraping as a Cause of Action: Limiting Use of the CFAA and Trespass in Online Copying Cases

In recent years, online platforms have used claims such as the Computer Fraud and Abuse Act (“CFAA”) and trespass to curb data scraping, or copying of web content accomplished using robots or web crawlers. However, as the term “data scraping” implies, the content typically copied is data or information that is not protected by intellectual property law, and the means by which the copying occurs is not considered to be hacking. Trespass and the CFAA are both concerned with authorization, but in data scraping cases, these torts are used in such a way that implies that real property norms exist on the Internet, a misleading and harmful analogy. To correct this imbalance, the CFAA must be interpreted in its native context, that of computers, computer networks, and the Internet, and given contextual meaning. Alternatively, the CFAA should be amended. Because data scraping is fundamentally copying, copyright offers the correct means for litigating data scraping cases. This Note additionally offers proposals for creating enforceable terms of service online and for strengthening copyright to make it applicable to user-based online platforms

Information Systems and Its’ Abuse by Employees of Nigeria Bank

Information and Communication Technology (ICT) plays a vital role in every sector of life. Studies have shown that ICT usage in many sectors has been solely abused. This study investigates the abuse of information system in Nigerian Banks. Employees’ perception of abuse of information systems was sought using copies of a structured questionnaire. Findings show that unauthorized access of information or programs via a computer had the highest pick as abuse of information system, followed by unauthorized copying or altering of data or programs, then theft of telecommunications or computer equipment, and so on. In conclusion, it was observed that Unethical practices through the abuse of information system result in lesser productivity, decimation of corporate assets, non-compliance with privacy regulations, legal liabilities, network bandwidth and resources exposure. Thus, deploying comprehensive preventive procedures can help organisations guard against abuse of its information systems. Keywords: Abuse, Information systems, Nigerian banks and Ethics

Study protocol: a randomized controlled trial of a computer-based depression and substance abuse intervention for people attending residential substance abuse treatment

Background: A large proportion of people attending residential alcohol and other substance abuse treatment have a co-occurring mental illness. Empirical evidence suggests that it is important to treat both the substance abuse problem and co-occurring mental illness concurrently and in an integrated fashion. However, the majority of residential alcohol and other substance abuse services do not address mental illness in a systematic way. It is likely that computer delivered interventions could improve the ability of substance abuse services to address co-occurring mental illness. This protocol describes a study in which we will assess the effectiveness of adding a computer delivered depression and substance abuse intervention for people who are attending residential alcohol and other substance abuse treatment. Methods/Design. Participants will be recruited from residential rehabilitation programs operated by the Australian Salvation Army. All participants who satisfy the diagnostic criteria for an alcohol or other substance dependence disorder will be asked to participate in the study. After completion of a baseline assessment, participants will be randomly assigned to either a computer delivered substance abuse and depression intervention (treatment condition) or to a computer-delivered typing tutorial (active control condition). All participants will continue to complete The Salvation Army residential program, a predominantly 12-step based treatment facility. Randomisation will be stratified by gender (Male, Female), length of time the participant has been in the program at the commencement of the study (4 weeks or less, 4 weeks or more), and use of anti-depressant medication (currently prescribed medication, not prescribed medication). Participants in both conditions will complete computer sessions twice per week, over a five-week period. Research staff blind to treatment allocation will complete the assessments at baseline, and then 3, 6, 9, and 12 months post intervention. Participants will also complete weekly self-report measures during the treatment period. Discussion. This study will provide comprehensive data on the effect of introducing a computer delivered, cognitive behavioral therapy based co-morbidity treatment program within a residential substance abuse setting. If shown to be effective, this intervention can be disseminated within other residential substance abuse programs. Trial registration. Australia and New Zealand Clinical Trials Register (ANZCTR): ACTRN12611000618954

Italian translation and cross cultural comparison with the Childhood Attachment and Relational Trauma Screen (CARTS)

Background: The Childhood Attachment and Relational Trauma Screen (CARTS) is a computer-administered survey designed to assess retrospectively the socio-ecological context in which instances of child abuse may have occurred. To date, studies supporting the validity of the CARTS have only been undertaken in English-speaking North American populations. Validation projects in other countries and cross-cultural comparisons are therefore warranted. Objective: Develop and preliminarily evaluate the psychometric properties of an Italian version of the CARTS on college students and compare such observations to data acquired from Canadian students. Method: Seventy-nine undergraduate students from the University of Padua (Italy) completed an Italian translation of the CARTS as well as measures of childhood experiences, mental health and attachment, responses to which were compared to those obtained in 288 Canadian students who completed the CARTS in English. Results: Internal consistency and convergent validity with the Childhood Trauma Questionnaire and Parental Bonding Instrument were found to be acceptable for the Italian translation. Within the Italian sample, correlation analyses suggested that CARTS Mother ratings referring to attachment and abuse were associated with romantic attachment, whereas CARTS Father ratings were significantly correlated to PTSD symptoms and other symptoms of psychopathology-distress. Significant differences between Italian and Canadian students across the relationship types for the CARTS abuse and attachment scales were found, indicating that Italian students rated their mothers and fathers as simultaneously less abusive, but also less as a source of secure attachment. Conclusions: The results of this preliminary study seem to suggest convergent validity of the Italian CARTS and the association between childhood attachment-related experiences and romantic attachment. Cultural variations were identified between Canadian and Italian students in both attachment and abuse scales. Future studies to investigate cross-cultural variations in the relational context of childhood abuse and in order to boost Italian CARTS psychometric features are warranted

Using the Computer Fraud and Abuse Act to Secure Public Data Exclusivity

In August, 2015, hackers exposed approximately 33 million user records associated with the extra-marital affair website Ashley Madison. The hackers made this data available to the public through torrents and other file sharing protocols. This data became instantly irresistible to the media and suspicious spouses everywhere. However, is accessing the user records illegal under the Computer Fraud and Abuse Act? While many legal scholars agree that accessing or publishing this data is not likely a violation of the Computer Fraud and Abuse Act, the United States Attorney’s office does not necessarily see it that way. “Once you download or distribute hacked information without specific permission or a fair use license, you\u27ve exposed yourself to potential criminal liability under the Computer Fraud and Abuse Act,” says a representative of the Chicago U.S. Attorney’s office. “An individual who retweets or forwards a link to a website containing hacked information could potentially be viewed as an accessory to the hack after the fact.” A “hack after the fact” not only leads to criminal penalties but a civil cause of action under the Act, which is quickly becoming a leading statute in U.S. cybersecurity law. This Article describes problems inherent in the Act when compared with modern web-based applications and how savvy civil litigators are “hacking” the Computer Fraud and Abuse Act for their own purposes, namely as a para-copyright tool. This “hack” is accomplished by exposing two vulnerabilities: (1) the literal application of the term “access controls” encompassing token controls; and (2) the mere facial review of loss declarations. For example, by taking advantage of these two vulnerabilities, attorneys for Craigslist were able to secure exclusivity to the publicly-available advertisements on its website. This Article’s solution to the vulnerabilities is to build in reference to data security standards and define the type of data protectable under the Act, specifically private and confidential data

Using the Computer Fraud and Abuse Act to Secure Public Data Exclusivity

In August, 2015, hackers exposed approximately 33 million user records associated with the extra-marital affair website Ashley Madison. The hackers made this data available to the public through torrents and other file sharing protocols. This data became instantly irresistible to the media and suspicious spouses everywhere. However, is accessing the user records illegal under the Computer Fraud and Abuse Act? While many legal scholars agree that accessing or publishing this data is not likely a violation of the Computer Fraud and Abuse Act, the United States Attorney’s office does not necessarily see it that way. “Once you download or distribute hacked information without specific permission or a fair use license, you\u27ve exposed yourself to potential criminal liability under the Computer Fraud and Abuse Act,” says a representative of the Chicago U.S. Attorney’s office. “An individual who retweets or forwards a link to a website containing hacked information could potentially be viewed as an accessory to the hack after the fact.” A “hack after the fact” not only leads to criminal penalties but a civil cause of action under the Act, which is quickly becoming a leading statute in U.S. cybersecurity law. This Article describes problems inherent in the Act when compared with modern web-based applications and how savvy civil litigators are “hacking” the Computer Fraud and Abuse Act for their own purposes, namely as a para-copyright tool. This “hack” is accomplished by exposing two vulnerabilities: (1) the literal application of the term “access controls” encompassing token controls; and (2) the mere facial review of loss declarations. For example, by taking advantage of these two vulnerabilities, attorneys for Craigslist were able to secure exclusivity to the publicly-available advertisements on its website. This Article’s solution to the vulnerabilities is to build in reference to data security standards and define the type of data protectable under the Act, specifically private and confidential data

Between Me and The Computer: Increased Detection of Intimate Partner Violence Using a Computer Questionnaire

Study objective: The emergency department is a problem-focused environment in which routine screening for intimate partner violence (IPV) is difficult. We hypothesized that screening for IPV during computer-based health-risk assessment would be acceptable to patients and improve detection. Methods: We performed a descriptive study of IPV data collected during a controlled trial of computer-based health promotion in an urban hospital ED. Patients received computer-generated health advice, and physicians received patient risk summaries. Outcomes were patient disclosure and physician documentation of IPV and associated risks. Results: Two hundred forty-eight patients (69% female, 90% black, mean age 39 years) participated in a clinical trial of computer-based health promotion in the ED. Of 170 women, 53 (33%) disclosed emotional abuse, and 25 (15%) disclosed physical abuse. Of 78 men, 22 (29%) disclosed emotional abuse, and 5 (6%) disclosed physical abuse. Patients were also willing to self-report a history or concern of hurting someone close to them. This was true for 21 (14%) women and 15 (22%) men. Controlling for demographic factors, disclosures of victimization and perpetration were associated with multiple psychosocial risks. Computer screening resulted in chart documentation in 19 of 83 potential cases of IPV compared with 1 case documented in the group that received usual care. Conclusion: Providing an opportunity for patients to confidentially self-disclose IPV has the potential to supplement current screening efforts and to allow providers to focus on assessment, counseling, and referral for those at risk. However, further measures will be needed to ensure that information gathered through computer screening is adequately addressed during the acute care or follow-up visit

An Empirical Investigation of Antecedents of Internet Abuse in the Workplace

engage in Internet abuse, and whether any of 15 antecedents predict the amount of that abuse. Data were collected from 571 Usenet users in an on-line survey. Aggregating the time for each of the eleven listed methods of Internet abuse revealed a total of 5.8 hours per week, on average. Most of the antecedents in two of the three Theory of Planned Behavior (TPB) categories (Attitudes and Subjective Norms), were significant, and none of the antecedents in the third TPB category (Perceived Behavioral Control) showed significance. addiction, self-justification, job satisfaction, peer culture, and supervisor culture were significant predictors of Internet abuse. Exploratory demographic factors computer experience, gender, and firm revenue also showed predictive power

Intimate partner violence among African American and African Caribbean women: prevalence, risk factors, and the influence of cultural attitudes.

BackgroundWomen of African descent are disproportionately affected by intimate partner abuse; yet, limited data exist on whether the prevalence varies for women of African descent in the United States and those in the US territories.ObjectiveIn this multisite study, we estimated lifetime and 2-year prevalence of physical, sexual, and psychological intimate partner abuse (IPA) among 1,545 women of African descent in the United States and US Virgin Islands (USVI). We also examined how cultural tolerance of physical and/or sexual intimate partner violence (IPV) influences abuse.DesignBetween 2009 and 2011, we recruited African American and African Caribbean women aged 18-55 from health clinics in Baltimore, MD, and St. Thomas and St. Croix, USVI, into a comparative case-control study. Screened and enrolled women completed an audio computer-assisted self-interview. Screening-based prevalence of IPA and IPV were stratified by study site and associations between tolerance of IPV and abuse experiences were examined by multivariate logistic regression analysis.ResultsMost of the 1,545 screened women were young, of low-income, and in a current intimate relationship. Lifetime prevalence of IPA was 45% in St. Thomas, 38% in St. Croix, and 37% in Baltimore. Lifetime prevalence of IPV was 38% in St. Thomas, 28% in St. Croix, and 30% in Baltimore. Past 2-year prevalence of IPV was 32% in St. Thomas, 22% in St. Croix, and 26% in Baltimore. Risk and protective factors for IPV varied by site. Community and personal acceptance of IPV were independently associated with lifetime IPA in Baltimore and St. Thomas.ConclusionsVariance across sites for risk and protective factors emphasizes cultural considerations in sub-populations of women of African descent when addressing IPA and IPV in given settings. Individual-based interventions should be coupled with community/societal interventions to shape attitudes about use of violence in relationships and to promote healthy relationships