A Research on Computer Abuse Phenomena in Public Work Places

EXCLUSIVE SUMMARY

Despite Government efforts (investment, policy and awareness) to address the computer abuse
phenomena in public work places, the abuse incidents are still increasing on the high. A case
study was undertaken to explore the factors leading to this phenomena. Five public organizations
were chosen as the case subjects. It was found that users are the main contributor to the problem
of ICT abuses. ICT security technology and ICT security policy are just tools to assist the
organization in addressing computer abuse issue. From these interviews a basic general model for
computer abuse could be drawn consisting of ICT security system as well as ICT security policy
which act as a moderator that strengthen or weaken the relationship between user social factors
and computer abuse.

INTRODUCTION

In order to understand the phenomena of computer abuse in the public sector a case study was
undertaken by interviewing from 5 public organizations that include two federal statutory bodies,
one state statutory body and two local governments. Details of the outcome from these interviews
are given next. From these interviews an initial model for computer abuse is drawn, which forms
the basic computer abuse model for this research. Preston (1991), stressed that the way MIS
define “problem” is actually not true of what is actually happening out there in the real world.
This is because MIS has imported from a number of disciplines including OR, Science,
Mathematics, Statistics, Cybernetics and Engineering bringing along the imported ontological,
epistemological and behavioral assumptions into its theoretical framework without careful
reflection upon its historical emergence of these assumptions or without careful reflection upon
the organizational context. Therefore this study attempted to avoid our take for granted of
addressing the computer abuse phenomena with respect to technology alone, but it needs to
understand the phenomena in the real world, as such interviews were held with the 5 public
organizations. This study adopted the ethnographic studies so as to provide a platform upon
which to challenge the theoretical claims imported into and elaborated on in MIS. They provide a
critical tension which reveals inadequacies both in theories and resulting information
technologies, and the organizational context within which IS operates is to be critically examined.

CASE I : A FEDERAL STATUTORY BODY

This is a large public organization involved in tertiary education. This organization has an official
Chief Information Officer (CIO) and an Information and Communication Technology Security
Officer (ICTSO). Presently, the current strength of Management Information System (MIS) staff
are 1 CIO, 1 ICTSO who is also the Director of Computer Center, 6 Heads of System Analyst,
30 System Analysts, 5 Senior Programmers, 20 Programmers and 10 Computer Technicians.

On 4th November, 2003 an interview was held with the ICTSO who is also the Director
of the Computer Center, asking about his opinion on the current situation of computer abuse in
this organization. According to him this organization has more than 3,000 units of PCs connected
to the network which are registered with the Computer Center but there are a lot more of PCs
which are bought directly by the schools under project fund, and some which are brought along
by the students, staff and faculty members including wireless notebooks could also be connected
by them to the network at each schools. Thus one of the main contributing factors to computer
abuse comes from users which is difficult to control. The Computer Center is proposing to the
Vice Chancellor (VC) that all PCs must be registered (by their MAC address attached to each PC
network card & each user will be given a user id) before they are allowed to use the network.
Only registered PCs authenticated by their MAC address & user id will be allowed to use the
network and the Internet. MAC address represents Media Access Control address, a hardware
address that uniquely identifies each node of a network. Much of computer abuse incidences are
due to users (the big mass) rather than MIS Specialist. MIS Specialist has carried on their duty &
responsibility to install the best and the latest available technology in the market both hardware &
software to dealt with computer abuse that is to say technology per se is static. But technology
alone (through MIS Specialist) could do nothing to stop computer abuse, it is the people (users)
irresponsible behavior which is the main cause to computer abuse. In addition, organization need
special people, or a group of people or committee to take care of ICT security and to create
security awareness to user so as to be more responsible, towards protecting the organizations ICT
assets against abuse. By looking at how much expenditure the organization has spent on security
measures, the existence of committee on ICT security, with the right formal policies & guidelines
and choosing the right, full time & independent ICTSO, one can tell how serious is the
organization in dealing with computer abuses.

Next interviews were also conducted on the 13th October, 2003 and the 4th November,
2003 respectively with the head of system analysts with regard to his opinion on the current status
of computer abuse in the organization. According to him, computer abuse is mainly due to user
misbehavior and technology and security policy are just tools to facilitate the control on computer
abuse. Some users abuse the system by taking advantage of the loop holes that exist in the
current system. For example, when Microsoft Windows 2000 initially installed with patch 2, later
when patches 4 and 5 came out, MIS specialist need to upgrade their OS with these patches,
otherwise hackers could use this weakness to enter into the system. Hackers find that it a
challenge to penetrate popular operating systems and software. Ninety percent (90%) of the
organization’s internet bandwidth are consumed by users (insiders) who abuse the organization
computers in non-work related activities such as hacking (intrusion), Internet chatting, non work-
related Internet surfing including pornographic web sites and poison letter (surat layang). Very
soon, ICTSO will form a ICT Security Committee to manage all ICT security issue. This
committee will monitor the progress/report on security issue. Currently the institution has IT
Council to monitor all ICT projects, below this main committee it has many sub-committees to
monitor individual projects closely. So far warning letters has been issued to those committing
the security breaches.

According to him, Internet chatting (originate from insiders) if not controlled could
cause a slowdown in the network traffic and internet access speed because it consume too much
overhead in terms of bandwidth. The organization is able to control chatting utility through
certain ports at firewalls and now, chatting has been stopped altogether unless there is a special
request made to Computer Center to allow them chatting for academic/research purposes.
Firewall technology through its ports are able to block chatting activity successfully. Internet
browsing (originate from insiders) on non work related surfing which includes pornographic,
entertainment, gambling, political, violent and racism web sites by users is another form of
computer abuse common in this organization and it is unethical. MIS specialist employs the
Websense Enterprise Employee Internet Management System to provide an effective Internet
filtering service. Through the usage of Websense, network administrators are able to monitor and
control network traffic to Internet sites and to minimize employee downtime due to Internet
surfing that is not work-related and also to control the misuse of network resources. MIS
Specialist blocks all known pornographic addresses using the technology. Websense technology
is able to minimize unhealthy browsing but it cannot stop the activity altogether because some
newly emerging phonographic websites are not known to MIS specialist. MIS Specialist need to
update and add new websites addresses to the Websense chatting blocking URL addresses
database. This abuse is due to user irresponsible behaviour and lack of awareness not to browse
such shameful websites.

There are instances whereby unauthorized internal user uses other user’s user-id and
password to send poison letter to top management without disclosing their true identities. This
problem is very difficult to overcome. There is a need for user awareness on the importance of
managing their password & user id and not to leave their PC running when they are not present.
Downloading of non-work related Internet Software like movies, real player, etc is another
computer abuse to the organization because if too many users do this, it could jam the network
bandwidth. Computer Center could limit the time allowed for user downloading software from
Internet by controlling at the firewall level but academician complain that such downloading is
important for their academic and research work. Now, the network is open for every user to
download any software from the Internet and users can download anything from the Internet.
User need to be aware that such act is irresponsible as this could narrow down the network
bandwidth unless it is for research and academic purposes only.

Illegal installation of non-license software (originate from insiders) is another major

issue to the organization because of the legal implication on non-license software usage. MIS
specialist could install technology like the TIVOLLI or IBM Director to detect the software and
files exist on users PCS but academicians are against this because they do not want to expose
their work related files of their research work to others. Thus now, MIS specialist has not adopted
any technology to stop illegal installation of non-license software at user desktop. Thus illegal
installation of non-license software still occurs and is difficult to control.

Computer virus (originate from external) is one of the major security issue in the
organization. The latest attack is the Mblast and Welchar worms. The impact or damage done by
the worms is that it attacks the router and jams the entire network. Reason is due to lack of user
discipline for example user should not open e-mail from unfamiliar sender as this will trigger the
virus/worms. What user should do is that they should delete the e-mail. An example of an
incident that demonstrate user ignorance is recently, users received e-mail stating that it is a
security patch from Microsoft and users were instructed by the e-mail to execute the fail and
users perform that and eventually the virus is activated and jeopardizes the network. Microsoft
never sends patches directly to users, thus the e-mail is from hackers with bad intention. And
technical people should not take things for granted and need to upgrade latest OS patches. Virus
is also a form of hacking. It attacks through loop holes existing on the current OS. Worms move
into the system through incoming e-mails. If user opens infected emails, the worms will be
written on their PC’s hard disk, it will read the user’s address book and start sending the infected
mail to all the addresses and causing their hard disk to be infected and this goes on and on to
cause bottleneck to the network router and gateway. The difference between virus and worms is
that a program that could be harmful like it could wipe off your harddisk or it could be harmless
but it prompts you irritating messages. Worm is a subset of virus. Recently, users whose PCs
were infected with worms like Msblast and Welchar, did not realize that their PCs are sick
because they can perform their work with their PCs as usual. These infected PCs actually have
caused the network to be jammed by continually sending packets to the network.

To overcome the problem of virus and worm attack, MIS specialist employs antivirus
tools like gateway antivirus (for example : Trend Micro Interscan Messaging for the SMTP
Gateway), ScanMail for Mailing Server to stop the spread of viruses through the mailing server,
and by having Symantec System Center to perform routine maintenance with the Norton
Antivirus Corporate Edition to download latest virus pattern from Norton System Center
(internet) and to perform predetermined scheduled virus scanning to all clients-servers in the
network.

Despite the technology employed by the specialist, virus and worm attacks still occur.
MIS specialist need to update OS with current patches (on-going process) to prevent viruses
attacked through loopholes existed at the current OS and users need to scan their floppy disks or
notebook before used on the network. One of the main contributing factor to this problem is that
presently, upgrade at clients level must be done by users themselves. The main server is updated
with the latest patches and when users PCs are linked to the main server, the system will prompt a
message asking whether user agrees to update and need to reboot the PC, but instead some users
continue using PC and not upgrading the patch and those PCs get infected. Thus there is lack in
user awareness and discipline like user does not scan diskettes before use in the network.

Another form of security breach common to the organization is attack by hackers

(originate from external). The reasons is due to the fact that web pages are not centrally managed
or maintained by Computer Centre but rather each school manages their own web pages. Thus,
each school will have to update the latest patches of OS (Windows & Linux) on their own.
Intruders both from internal and external are able to hack into the system due to the existence of
loop holes in the current OS. Initially, the organization has one line through a gateway controlled
by Computer Center. But as the number of users accessing this line gets bigger, the traffic gets
congested and accessing the Internet is really slow. Thus schools sought out the problem by
having their own lines like streamyx to access the Internet. These lines are not managed by the
Computer Center and lack control against viruses and intrusions and indirectly exposes the entire
organization network to vulnerabilities. Presently, what the organization need is a security policy
in order to enforce tighter security controls on the extra lines installed by schools. Now, ICTSO is
drafting the security policy to be endorsed by the VC. The organization has been hit with
spamming (denial of service) (originate from external) many times. Spamming can cause the
network traffic to be jammed. To overcome this problem, MIS specialist has implemented anti-
spamming filter at DNS server (firewalls), SMTP server (Gateway) & Mailing Server (Domino
Server). Despite the adopted technology, spamming incidents still occur because technology
could only minimize the spamming. But much of occurrences are due to user lack of awareness
and responsibility not to open or subscribe e-mail from unfamiliar sources.

CASE II : A LOCAL GOVERNMENT

This is one of the largest local government in the country. This organization has not officially
appoint a CIO and an ICTSO. Presently, the current strength of MIS staff are 1 MIS Manager, 2
System Analysts, 1 Senior Programmers, 4 Programmers and 1 Computer Technicians.

Interviews were also been conducted on 14th October, 2003 and 3rd November, 2003
respectively with the MIS Manager with regard to her opinion on the current status of computer
abuses and misuses in this institution. According to her, there are about 400 clients PC connected
to the network and hve accessed to the Internet.

During the recent council meeting, the network was infected with a Welchia.worm due
to the wireless notebooks that each council member brought to the meeting. They never scan the
notebooks before connecting their notebooks to the networks through wireless connection. The
worm attacked 200 PCs on Windows 2000 and as a result it jammed the entire network. The
whole network was down until MIS Specialist update the OS patches and also update the virus
pattern to those PCs left out.

Common computer abuses which originate from external are virus and worms attacked,
and denial of service attacks. Reasons for the cause of these two abuses are lack of users
responsibility in updating their PCs OS with latest patches and also lack of user awareness the
importance of scanning their floppy disks and notebooks that were used outside before
connecting their notebooks to the organization’s network. Spamming (originate from external),
virus attack and denial of service as serious to the organization and hacking (originate from
external), intrusion (originate from external), chatting (originate from insiders) and Internet
surfing (originate from insiders) that is not work-related also occur in the organization. Most of
the computer abuse incidents occur in the organization are due to user misbehavior as MIS
specialist has taken the necessary action to install appropriate security system in the organization.
But the security technology are not totally proven to prevent computer abuse as long as there are
users are motivated enough to abuse the system. Presently the organization has no ICT Security
Committee to manage all ICT security issue. Currently the organization has IT Council to
monitor all ICT projects. So far the Director of Human Resources has issued a memo to all staff
through their respective head of departments that to remind them that IT resources is to be used
for official matters only and action will be taken against those who abuses or misuse the facility.
Till now, no incidences of disciplinary actions was taken against those committing computer
abuse.

Uncontrollable chatting activity (originate from insiders) could cause a slowdown in

the network traffic and internet access speed because it consume too much overhead in terms of
bandwidth. According to her, chatting activity do occur on the network but MIS specialist has not
put a control on it. Chatting is due to lack of user responsibility and awareness not to chat on the
network. Internet browsing on non work related surfing (originate from insiders) which include
pornographic, entertainment, gambling, political, violent and racism web sites by users is another
form computer abuse in the organization and it is unethical. Thus, MIS specialist apply content
filter through Trend Micro at Gateway SMTP only. This is not a totally effective method of
controlling the issue because many forbidden web sites uses terms not reflecting the actual
content of the web sites and thus users could by passed the block. Thus there is a need for user
awareness and this is an ethical issue.

There are few incidences of unauthorized user using other users user id and password
to send e-mail to management without disclosing their true identity. This problem is very difficult
to overcome. There is a lack on user responsibility and awareness and they need to manage their
password and desktop properly. Downloading of non-work related Internet software activity
(originate from insiders) occur in the organization, but MIS specialist has not imposed any
control on it yet. This too reflects lack of user responsibility and awareness not to download
software from the Internet. Illegal installation of non-license software activity is considered as a
big issue, but MIS specialist has not adopted any technology to address the matter. Again, this
reflects lack of user responsibility and awareness on the legal implication from using pirated
copies of the software.

Computer virus attack is the most common abuses originate from external. Reason is
due to lack of user responsibility and awareness to scan their floppy disk and notebook before
connecting to the network and user did not upgrade latest OS patches on their PC (clients)
through the icon provided by the EDP Specialist through Automatic Patches Update For
Windows 2000 & XP (My Computer  Properties  Automatic Update Schedule ). For servers
running under Windows 2000 & XP, patches update was done manually, whereas for PCs it was
done automatically, but user must click the update patches icon and then reboot the PCs so as to
allow the patches update to take effect. Users must also see the date for the latest update for virus
pattern on their PCs. MIS specialist has adopted Trend Micro Interscan Messaging for the SMTP
Gateway, ScanMail for Mailing Server to stops the spread of viruses through the mailing server
and Symantec System Center to perform routine maintenance with the Norton Antivirus
Corporate Edition (a real time protection) to download latest virus pattern from Norton System
Center (internet) and to perform predetermine scheduled virus scanning to all clients-servers in
the network.

But this technology adopted just able to minimize the abuses. Hackers are faster in
producing new virus pattern than the product patch update produce by antivirus vendors.
Presently, there is no full time MIS Specialist to dealt with security issue. Security issues are
addresses by the present staff on the basis call for need. Need a full time ICTSO personnel to
specialize security duty. The main contributory factor to virus and worm attacks are due to a lack
of user responsibility, awareness and discipline to scan their floppy disks or notebook before used
on the network. User must update OS patches first and ensure that their desktop has been updated
with latest virus pattern before start to use their PCs.

Spamming (Denial of Service) (originate from external) is another common computer

abuses to the organization. MIS specialist has adopted spam filter through Trend Micro Interscan
Messaging Security Suite for SMTP Gateway to overcome this problem. But again, the
technology is able to minimize the abuse but not full proof, spamming still occurs. The main
contributory factor to spamming is lack of user responsibility and awareness of the consequences
of their actions. User must not open unfamiliar source e-mail (never clicked on the unsubscribe)
as it could activate spamming. According to her, the organization was never been hit by intruders
before and thus this issue is not considered as a big problem. Presently, MIS specialist control
intrusion through the firewalls. This is not a very effective way of dealing with hackers, but
should the need arise MIS Specialist might sought to Intruder Detection System (IDS) or even to
the extent seek 3rd party survelliance on the network like security services provider e-Cop.net
Surveillance Sdn Bhd. There is a need for user be responsible and be aware to upgrade patches at
their desktop so as to minimize the vulnerabilities due to intrusion.

CASE III : A LOCAL GOVERNMENT

This is another local government which has not officially appointed a CIO and an ICTSO.
Presently, the current strength of MIS staff are 2 System Analysts and 2 Programmers.

Interviews were also been conducted on 15th October, 2003 and 5th November, 2003
respectively with the most senior System Analyst with regard to his opinion on the current status
of computer abuses and misuses in this organization. According to him, there are about 200
clients PC connected to the network and only 21 of those PCs belonging to the President,
Secretary, Head of Departments, Head of Divisions and certain officers are given the right to
access the Internet. Presently, Production Server is using Sun Solaris, whereas the other servers
like Web Server and Proxy Server, and desktops are using Microsoft operating system. There is
no official appointment for the Chief Information Officer (CIO) and Information &
Communication Technology Security Officer (ICTSO) positions. In fact he is acting as CIO
unofficially, felt that putting the responsibility of CIO & ICTSO to present staff is not effective as
present staff could not cope with extra responsibility. Thus one could not carry the responsibility
of CIO or ICTSO and specialization & focus is impossible. Presently, there is no security
committee to address security issues in the organization, but the organization has IT Council to
monitor computer projects. So far, no action was taken against staff committing computer abuse.

According to him, most of the computer abuse incident are caused by irresponsible
users despite effort made by MIS specialist to install security system. Uncontrollable chatting
activity could cause a slowdown in the network traffic and internet access speed because it
consume too much overhead in terms of bandwidth. Chatting (originate from insiders) is not
controlled but just need user responsibility and awareness not to chat on the Internet using the
organization network. Internet browsing on non work related surfing (originate from insiders)
which include pornographic, entertainment, gambling, political, violent and racism web sites by
users is another form computer abuses and it is unethical. This non work related Internet
browsing through the organization network do occur. This activity is not controlled but just need
user awareness and responsibility not to surf on non work related web sites on the Internet using
the organization network.

There are no incidences of poison letter through the e-mail so far. But need user
awareness on proper management of their user id and password and not to leave their PCs
unattended. Downloading of non-work related Internet software activity (originate from insiders)
occur in the organization and he considered this as a big issue. But MIS specialist has not yet
imposed any control on it. There is a need for user awareness and responsibility not to download
software from the Internet. Illegal installation of non-license software activity (originate from
insiders) is considered as a big issue, but MIS specialist has not adopted any technology to
address the matter. According to him, there is a lack of user awareness and responsibility on the
legal implication from using pirated copies of the software.

Computer virus is the most common abuse originated from external perpetrator and
these viruses infected the organization network due to lack of user awareness and responsibility
to scan their floppy disk and notebook before connecting to the network and user did not upgrade
latest OS patches on their PC (clients) via a OS browser. The way MIS specialist address this
issue is on the basis of if organization is hit with security problem, then only the MIS Specialist
will get the software update patches. This is because MIS unit is facing with under staff to
perform ICTSO functions totally on a full time basis.

MIS specialist has employed antivirus tools Trend Micro Interscan Messaging for the
SMTP Gateway, ScanMail for Mailing Domino Server to stops the spread of viruses through the
mailing server, and client version of Trend Micro on the desktop in addition to the Trend Micro
installed in the server. PCs when linked to the server will be updated with latest virus pattern.
Despite all the technological effort made by MIS specialist to solve the problem, virus and worm
attack still occur. This is due to user mobile notebooks which users failed to scan first before
using them on the network. In addition, MIS Specialist adopt dynamic IP address, therefore it is
difficult to trace the source PCs after security incidence occur. MIS Specialist rely heavily on
tools to address security issue. One of the main reasons for this virus and worms attack is due to
lack of user awareness and responsibility. User should scan their PC and floppy disk in the
morning before they start work and also scan before they go back home in the evening.

Spamming (Denial of Service) is another common computer abuse (originate from

external) and he considered this as a big issue to the organization. MIS Specialist adopted Trend
Micro Interscan Messaging Security Suite for SMTP Gateway to filter spamming. Other than
that, MIS Specialist implement Internet Security System (ISS) which contain agents that scan the
network to detect any suspicious traffic and if there is it will cut-off the attempt of hackers from
the outside. Intruders could hack into the system due to the existence of loop holes in the current
OS and according to him, in the past are incidences in the past that hackers tries to scan the ports
of the firewalls. MIS specialist adopted the Intruder Detection System (IDS) to combat this issue.
The technology could the IP address of the source. But again, MIS unit need somebody to do the
job of ICTSO on a full time basis where specialization is possible to handle effective security
measures.

CASE IV: A STATE STATUTORY BODY

This is a state statutory body which presently has an officially appointed a CIO and an ICTSO.
Presently, the current strength of MIS staff are 1 MIS Manager, 3 System Analysts, 3
Programmers and 1 Computer Technician.
An Interview was conducted on 6th November, 2003 with the MIS Manager with regard
to his opinion on the current status of computer abuse in this organization. According to him,
there are about 150 clients PC connected to the network and has accessed on the Internet.
Presently, Risk Server is running on IBM AIX operating system and the rest of servers include
DMS server, EDMS server and Exchage Complain Management System server and clients PCs
are running on Windows OS. He added that most of the computer abuse in the organization are
due to users misbehavior and are not due to lack of security system implemented. Security
technology is just tool to assist the management to control the abuse but as long as there are users
who for some reasons keep on abusing the system, no tools could stop this phenomena all
together. Presently, there is no security committee to address security issues in the organization,
but the organization has IT Steering Committee to monitor computer projects. So far, no action
was taken against staff for security breaches and abuses. The ICTSO monitor the usage of
network and escalate the report to him.

According to him, uncontrollable chatting activity (originate from insiders) could cause
a slowdown in the network traffic and internet access speed because it consume too much
overhead in terms of bandwidth. MIS specialist has not put a control on this issue. However, he
stressed that there is a need for user awareness and responsibility not to chat on the Internet on
corporate network. Internet browsing on non work related surfing (originate from insiders) which
include pornographic, entertainment, gambling, political, violent and racism web sites by users is
another form computer abuses and it is unethical. This non work related Internet browsing
through the organization network doos occur and is considered by him as a big problem. Thus,
this activity is not controlled by technology but need user awareness and responsibility not to surf
on non work related web sites on the Internet using the organization network.

There are several incidences of poison letter from internal unauthorized staff through
the e-mail sent to management and the interviewee considered this as a big issue. It is very
difficult to control this on the part of MIS specialist but need user awareness and responsibility on
proper management of their user id and password and not to leave their PCs unattended.
Downloading of non-work related Internet Software activity (originate from insiders) occur in the
organization and he considered this as a big issue. MIS specialist has adopted the Microsoft
Exchange which perform inventory check up on all clients PC. Illegal installation of non-license
software activity is considered as a big issue and MIS specialist has not adopted the Microsoft
Exchange which perform inventory check up on all clients PC.

According to him, the most common computer abuses which originate from external
are virus and worms and spam attacked. He considered virus and worm attacked as a major
problem to the organization. Recently, the corporate network was under the attack of Melissa
virus which affects the network speed. MIS specialist employ antivirus tools Trend Micro
Interscan Messaging for the SMTP Gateway), Microsoft Exchange for Mailing Server, and AVG
(presently, it is a free software) installed at both servers and clients which update the virus
pattern on the clients when there is a link. But again all these technology employed are not a 100
% full proof system and virus and worm attacks do occur again. The reason for this problem
mainly due to the lack of user awareness and responsibility when dealing with unknown or
unfamiliar source e-mail, they are not supposed to communicate/downloading with unsolicited
sites.

Another common computer abuse in the organization which comes from outside is
spamming. MIS specialist has adopted Microsoft Exchange Anti-Spamming to minimize the
attack. There is a lack of user awareness and responsibility not to open unfamiliar source e-mail.
There is no incidences of intrusion on corporate network in the past. But MIS specialist put a
control on intrusion at the firewalls. But as for the organization Web Site is hosted in 3 rd party
server which handles security issues for the organization.

CASE V: A BRANCH OF A FEDERAL STATUTORY BODY

This is a branch of a large federal statutory body whose overall staff population is more than
8,000 people in Malaysia involving in revenue collection for the Federal Government. On 11 th
November, 2003 an interview was held with the Head of the Investigation Unit who is also one of
the branch network users, asking what is his opinion in perspective of non technical person on the
current situation of computer abuse in this organization. This branch has more than 300 units of
PCs connected to the network which are connected to the corporate intranet but only 6 units of
those PCs belonging to the Head of Sections are given the right to access to the Internet. Thus,
chatting and sending of e-mail for 294 users are confined to the Intranet only. According to him,
most of the computer abuse incidents are due to irresponsible users who misuses the
organization’s computer facility for personal purposes. Presently, the branch has 2 servers and
300 desktop operating on Microsoft OS. There are no MIS specialist at the branch level and all
technical help including overcoming the branch security issues came from the organization head
office in Kuala Lumpur.

Only the 6 users can chat through the Internet but the rest can still chat and send e-mail
within the Intranet. According to him, uncontrollable chatting activity (originate from insiders)
could cause a slowdown in the network traffic and internet access speed because it consume too
much overhead in terms of bandwidth. This, he considered as a big issue to the branch and he felt
that there is lacking in user awareness and responsibility not to chat using the organization
network. Only the 6 users can surf and download non-work related software from the Internet but
it is not controlled. There are no instances of poison letter at the branch. Probably need user
awareness of proper id and password management and not to leave their PCs on unattended.
Illegal installation of non-license software activity (originate from insiders) is considered as a big
issue, but is not controlled. According to him, there is a lack of user awareness and responsibility
on the legal implication from using pirated copies of the software.

The common computer abuses which originate from external at this branch is virus and
worm attack. So far, there is no incidence of hacking and spamming on the branch network. He
considered virus and worm attacked as a major problem to the organization. Recently, the branch
network was under the attack of Nimda virus which affects the network speed. MIS specialist
from the head office came down to the branch to update the OS patches. Their latest visit to the
branch office was in October, 2003. At 12.00 noon on every Friday, this branch will switch ‘on’
all PCs, so as to download the latest virus definition from the server at head office. According to
the interviewee, the reason for virus and worm attacked is mainly due to the lack of user
awareness and discipline example not to open strange e-mail and not to communicate/
downloading with unsolicited sites. User also lack of awareness and training to scan their floppy
disk and portable notebooks before accessing the network. There is no incidences of spam and
hackers attack on the branch network so far.

Your Task:

Base on the cases above; make a discussion and a report using

techniques you’ve learnt to draw a conclusion.