Kenneth C. Laudon,Jane P. Laudon Management Information System 12th Edition pdf

occurs when an individual or computer program fraudu-

lently clicks on an online ad without any intention of learning more about the

advertiser or making a purchase. Click fraud has become a serious problem at

Google and other Web sites that feature pay-per-click online advertising.

Some companies hire third parties (typically from low-wage countries) to

fraudulently click on a competitor’s ads to weaken them by driving up their

marketing costs. Click fraud can also be perpetrated with software programs

doing the clicking, and botnets are often used for this purpose. Search engines

such as Google attempt to monitor click fraud but have been reluctant to

publicize their efforts to deal with the problem.

G l o b a l   T h r e a t s :   C y b e r t e r r o r i s m   a n d   C y b e r w a r f a r e

The cybercriminal activities we have described—launching malware, denial-of-

service attacks, and phishing probes—are borderless. Computer security firm

Sophos reported that 42 percent of the malware it identified in early 2010

originated in the United States, while 11 percent came from China, and 6 per-

cent from Russia (Sophos, 2010). The global nature of the Internet makes it pos-

sible for cybercriminals to operate—and to do harm—anywhere in the world. 

Concern is mounting that the vulnerabilities of the Internet or other

networks make digital networks easy targets for digital attacks by terrorists,

foreign intelligence services, or other groups seeking to create widespread

disruption and harm. Such cyberattacks might target the software that runs

electrical power grids, air traffic control systems, or networks of major banks

and financial institutions. At least 20 countries, including China, are believed to

be developing offensive and defensive cyberwarfare capabilities. The chapter-

ending case study discusses this problem in greater detail.

INTERNAL THREATS: EMPLOYEES

We tend to think the security threats to a business originate outside the organi-

zation. In fact, company insiders pose serious security problems. Employees

have access to privileged information, and in the presence of sloppy internal

security procedures, they are often able to roam throughout an organization’s

systems without leaving a trace. 

Studies have found that user lack of knowledge is the single greatest cause of

network security breaches. Many employees forget their passwords to access

computer systems or allow co-workers to use them, which compromises the

system. Malicious intruders seeking system access sometimes trick employees

into revealing their passwords by pretending to be legitimate members of the

company in need of information. This practice is called