BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.
-
Upload
christian-hale -
Category
Documents
-
view
220 -
download
0
Transcript of BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.
![Page 1: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/1.jpg)
BA 572 - J. Galván 1
COMPUTER CRIME
Cybercrime, Cyberterrorism, and Cyberwarfare
![Page 2: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/2.jpg)
BA 572 - J. Galván 2
Cybercrime
Illegal or criminogenic activities performed in cyberspace
![Page 3: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/3.jpg)
BA 572 - J. Galván 3
Common EC/EB crime targets/victims
Identity theft – is your customer “real”? Credit card number theft – is your customer’s
credit/debit account “real”? Computational embezzlement – fraudulent
creation/manipulation of financial info regarding EC/EB transactions or accounts (biggest corporate problem)
(Security) Vulnerability and exploit attacks (most pervasive problem). EC/EB system targeted attacks mostly “out of sight” so far
![Page 4: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/4.jpg)
BA 572 - J. Galván 4
Hacker/Cracker
Originally, an expert programmer Today, someone (Cracker) who breaks into
computers Types of hackers
White-hat hackers Black-hat hackers (crackers, dark side hackers) Elite hackers
Superior technical skills Very persistent Often publish their exploits
Samurai – a hacker for hire
![Page 5: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/5.jpg)
BA 572 - J. Galván 5
A list of postings on a hacker newsgroup.
Source: alt.bio.hackers newsgroup
![Page 6: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/6.jpg)
BA 572 - J. Galván 6
A typical posting.
Source: alt.bio.hackers newsgroup
![Page 7: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/7.jpg)
BA 572 - J. Galván 7
Hackers publish their exploits.
Source: http://packetstormsecurity.org/
![Page 8: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/8.jpg)
BA 572 - J. Galván 8
Script-kiddies and Phreakers
Script-kiddie (packet monkeys, lamerz) Hacker in training Disdained by the elite hackers
Phreaker Person who cracks the telephone network
Insider/outsider using “social engineering” Trusted employee turned black-hat hacker Dumpster divers; help desk impersonators, etc. Potentially most dangerous
![Page 9: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/9.jpg)
BA 572 - J. Galván 9
Why Do Hackers Hack? Government sponsored hacking
Cyberwarfare Cyberterrorism Espionage
Industrial espionage White-hats
Publicize vulnerabilities The challenge – hack mode
Black hats – misappropriate software and personal information
Script kiddies – gain respect Insiders – revenge
![Page 10: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/10.jpg)
BA 572 - J. Galván 10
Password Theft
Easiest way to gain access/control User carelessness
Poor passwords Easily guessed
Dumpster diving Observation, particularly for insiders
The sticky note on the monitor Human engineering, or social engineering Standard patterns
Guess the password from the pattern
![Page 11: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/11.jpg)
BA 572 - J. Galván 11
Rules for Choosing Good Passwords
Easy to remember, difficult to guess Length – 6 to 9 characters Mix character types
Letters, digits, special characters Use an acronym Avoid dictionary words Different account different password Change passwords regularly
![Page 12: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/12.jpg)
BA 572 - J. Galván 12
Packet Sniffers
Software wiretap Captures and analyzes packets Any node between target and Internet Broadcast risk
Ethernet and cable broadcast messages Set workstation to promiscuous mode
Legitimate uses Detect intrusions Monitoring
![Page 13: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/13.jpg)
BA 572 - J. Galván 13
Potentially Destructive Software
Logic bomb (set up by insider) Potentially very destructive Time bomb – a variation
Rabbit Denial of service
Trojan horse Common source of backdoors
![Page 14: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/14.jpg)
BA 572 - J. Galván 14
Backdoor
Undocumented access point Testing and debugging tool Common in interactive computer games
Cheats and Easter eggs
Hackers use/publicize backdoors to gain access Programmer fails to close a backdoor Trojan horse Inserted by hacker on initial access
Back Orifice – the Cult of the Dead Cow
![Page 15: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/15.jpg)
BA 572 - J. Galván 15
Viruses and Worms (most common)
Virus Parasite Requires host program to replicate Virus hoaxes can be disruptive Virus patterns/generators exist; script kiddies use
these (but most anti-virus software does not!) Worm
Virus-like Spreads without a host program Used to collect information
Sysop – terminal status Hacker – user IDs and passwords
![Page 16: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/16.jpg)
BA 572 - J. Galván 16
Structure of a typical virus.
Payload can be Trivial Logic bomb Time bomb Trojan horse Backdoor Sniffer
Macro viruses Polymorphic viruses E-mail attachments
Today, click attachment Tomorrow, may be eliminated!
Cluster viruses Spawn mini-viruses Cyberterrorism threat
Reproductionlogic
Concealmentlogic
Payload
![Page 17: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/17.jpg)
BA 572 - J. Galván 17
Anti-Virus Software
Virus signature Uniquely identifies a specific virus Update virus signatures frequently
Heuristics Monitor for virus-like activity
Virus detection and removal to be pushed “upstream” in the IT supply chain infrastructure
Recovery support
![Page 18: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/18.jpg)
BA 572 - J. Galván 18
Security and virus protection in layers.
Defend in depth What one layer
misses, the next layer traps
Firewalls Anti-virus software
Virus protection
Personal virusprotection
Workstation
Host server
Router
Firewall
Internet
Firewall
Firewall
Internet
![Page 19: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/19.jpg)
BA 572 - J. Galván 19
System Vulnerabilities
Known security weak points Default passwords – system initialization Port scanning Software bugs Logical inconsistencies between layers Published security alerts
War dialer to find vulnerable computer
![Page 20: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/20.jpg)
BA 572 - J. Galván 20
Denial of Service Attacks (DoS)
An act of vandalism or terrorism A favorite of script kiddies
Objective Send target multiple packets in brief time Overwhelm target
The ping o’ death Distributed denial of service attack
Multiple sources
![Page 21: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/21.jpg)
BA 572 - J. Galván 21
A distributed denial of service attack.
Cyber equivalent of throwing bricks
Overwhelm target computer
Standard DoS is a favorite of script kiddies
DDoS more sophisticated
Target system
![Page 22: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/22.jpg)
BA 572 - J. Galván 22
Spoofing
Act of faking key system parameters DNS spoofing
Alter DNS entry on a server Redirect packets
IP spoofing Alter IP address Smurf attack
![Page 23: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/23.jpg)
BA 572 - J. Galván 23
IP spoofing.
Preparation Probe target (A)
Launch DoS attack on trusted server (B)
Attack target (A) Fake message from B A acknowledges B
B cannot respond DoS attack
Fake acknowledgement from B
Access A via 1-way communication path
Alpha server(the target)
Beta server(trusted source)
Hacker'scomputer
2
Under DoS attack
1
3
4 One-way connection
False message claiming to come from Beta
Counterfeitacknowledgement
Acknowledgement to BetaNo response possible
![Page 24: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/24.jpg)
BA 572 - J. Galván 24
Cybercrime prevention
Multi-layer security Security vs. privacy?
![Page 25: BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.](https://reader033.fdocuments.in/reader033/viewer/2022061305/5514380a550346d8488b62f0/html5/thumbnails/25.jpg)
BA 572 - J. Galván 25
The service worker