Page 1365 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1365
Major Categories of Computer Crime
There are many ways to attack a computer system and many
motivations to do so. Information system security practitioners
generally put crimes against or involving computers into different
categories. Simply put, a computer crime is a crime (or violation of a
law or regulation) that involves a computer. The crime could be
against the computer, or the computer could have been used in the
actual commission of the crime. Each of the categories of computer
crimes represents the purpose of an attack and its intended result.
Any individual who violates one or more of your security policies is
considered to be an attacker. An attacker uses different techniques to
achieve a specific goal. Understanding the goals helps to clarify the
different types of attacks. Remember that crime is crime, and the
motivations behind computer crime are no different from the
motivations behind any other type of crime. The only real difference
may be in the methods the attacker uses to strike.
Computer crimes are generally classified as one of the following types:
Military and intelligence attacks
Business attacks
Financial attacks
Terrorist attacks
Grudge attacks
Thrill attacks
It is important to understand the differences among the categories of
computer crime to best understand how to protect a system and react
when an attack occurs. The type and amount of evidence left by an
attacker is often dependent on their expertise. In the following
sections, we’ll discuss the different categories of computer crimes and
the types of evidence you might find after an attack. This evidence can
help you determine the attacker’s actions and intended target. You
may find that your system was only a link in the chain of network hops
