Scribd Logo
Upload

Welcome to Scribd!

  • Cybercrime

    Uploaded by

    adeeb
    148 views24 pages
    Chapter 8 cybercrime, cyberterrorism, and Cyberwarfare. Common EC / EB crime targets / victims Identity theft, credit card number theft. Most pervasive problem is Vulnerability and exploit attacks.

    Original Description:

    Original Title

    cybercrime

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Chapter 8 cybercrime, cyberterrorism, and Cyberwarfare. Common EC / EB crime targets / victims Identity theft, credit card number theft. Most pervasive problem is Vulnerability and exploit attacks.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    148 views24 pages

    Cybercrime

    Uploaded by

    adeeb
    Chapter 8 cybercrime, cyberterrorism, and Cyberwarfare. Common EC / EB crime targets / victims Identity theft, credit card number theft. Most pervasive problem is Vulnerability and exploit attacks.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    Chapter 8

    Cybercrime,
    Cyberterrorism, and
    Cyberwarfare
    Cybercrime

    Illegal or criminogenic
    activities performed in
    cyberspace
    Common EC/EB crime
    targets/victims
     Identity theft – is your customer “real”?
     Credit card number theft – is your
    customer’s credit/debit account “real”?
     Computational embezzlement –
    fraudulent creation/manipulation of
    financial info regarding EC/EB
    transactions or accounts (biggest
    corporate problem)
     (Security) Vulnerability and exploit
    attacks (most pervasive problem).
    EC/EB system targeted attacks mostly
    Copyright © 2003, Addison-Wesley
    Hacker/Cracker
     Originally, an expert programmer
     Today, someone (Cracker) who breaks
    into computers
     Types of hackers
     White-hat hackers
     Black-hat hackers (crackers, dark side
    hackers)
     Elite hackers
     Superior technical skills

    Very persistent

    Often publish their exploits
     Samurai – a hacker for hire
    Copyright © 2003, Addison-Wesley
    Figure 8.1 A list of postings on a
    hacker newsgroup.

    Source: alt.bio.hackers newsgroup


    Copyright © 2003, Addison-Wesley
    Figure 8.2 A typical posting.

    Source: alt.bio.hackers newsgroup


    Copyright © 2003, Addison-Wesley
    Figure 8.3 Hackers publish their
    exploits.

    Source: http://packetstormsecurity.org/
    Copyright © 2003, Addison-Wesley
    Script-kiddies and Phreakers
     Script-kiddie (packet monkeys, lamerz)
     Hacker in training
     Disdained by the elite hackers
     Phreaker
     Person who cracks the telephone network
     Insider/outsider using “social
    engineering”
     Trusted employee turned black-hat hacker
     Dumpster divers; help desk impersonators,
    etc.
     Potentially most dangerous
    Copyright © 2003, Addison-Wesley
    Why Do Hackers Hack?
     Government sponsored hacking
     Cyberwarfare
     Cyberterrorism

    Espionage
     Industrial espionage
     White-hats
     Publicize vulnerabilities
     The challenge – hack mode
     Black hats – misappropriate software and
    personal information
     Script kiddies – gain respect
     Insiders – revenge
    Copyright © 2003, Addison-Wesley
    Password Theft
     Easiest way to gain access/control
     User carelessness
     Poor passwords

    Easily guessed
     Dumpster diving
     Observation, particularly for insiders

    The sticky note on the monitor
     Human engineering, or social engineering
     Standard patterns (e.g., Miami University)
     Guess the password from the pattern

    Copyright © 2003, Addison-Wesley


    Rules for Choosing Good Passwords
     Easy to remember, difficult to guess
     Length – 6 to 9 characters
     Mix character types
     Letters, digits, special characters
     Use an acronym
     Avoid dictionary words
     Different account  different password
     Change passwords regularly

    Copyright © 2003, Addison-Wesley


    Packet Sniffers
     Software wiretap
     Captures and analyzes packets
     Any node between target and Internet
     Broadcast risk
     Ethernet and cable broadcast messages
     Set workstation to promiscuous mode
     Legitimate uses
     Detect intrusions
     Monitoring

    Copyright © 2003, Addison-Wesley


    Potentially Destructive Software
     Logic bomb (set up by insider)
     Potentially very destructive
     Time bomb – a variation
     Rabbit
     Denial of service
     Trojan horse
     Common source of backdoors

    Copyright © 2003, Addison-Wesley


    Backdoor
     Undocumented access point
     Testing and debugging tool
     Common in interactive computer games

    Cheats and Easter eggs
     Hackers use/publicize backdoors to gain
    access
     Programmer fails to close a backdoor
     Trojan horse
     Inserted by hacker on initial access

    Back Orifice – the Cult of the Dead Cow

    Copyright © 2003, Addison-Wesley


    Viruses and Worms (most common)
     Virus
     Parasite
     Requires host program to replicate
     Virus hoaxes can be disruptive
     Virus patterns/generators exist; script
    kiddies use these (but most anti-virus
    software does not!)
     Worm
     Virus-like
     Spreads without a host program
     Used to collect information
     Sysop – terminal status
     Hacker – user IDs and passwords
    Copyright © 2003, Addison-Wesley
    Figure 8.6 Structure of a typical
    virus.

    Reproduction Concealment
    Payload
    logic logic

     Macro viruses (thanks  Payload can


    to MS )
     Polymorphic viruses
    be
     Trivial
     E-mail attachments
     Today, click attachment
     Logic bomb
     Tomorrow, may be  Time bomb
    eliminated!  Trojan horse
     Cluster viruses  Backdoor
     Spawn mini-viruses  Sniffer
     Cyberterrorism threat

    Copyright © 2003, Addison-Wesley


    Anti-Virus Software
     Virus signature
     Uniquely identifies a specific virus
     Update virus signatures frequently
     Heuristics
     Monitor for virus-like activity
     Virus detection and removal to be
    pushed “upstream” in the IT supply
    chain infrastructure
     Recovery support

    Copyright © 2003, Addison-Wesley


    Figure 8.8 Security
    and virus protection in Internet
    I n t e r n e t

    layers.
    Router

     Defend in depth
    Firewall
     What one layer
    misses, the next Host server

    layer traps Virus protection

    Firewall
     Firewalls (Chapter 9)
     Anti-virus Workstation

    software
    Personal virus
    protection
    Firewall

    Copyright © 2003, Addison-Wesley


    System Vulnerabilities
     Known security weak points
     Default passwords – system
    initialization
     Port scanning
     Software bugs
     Logical inconsistencies between
    layers
     Published security alerts
     War dialer to find vulnerable
    Copyright © 2003, Addison-Wesley
    Denial of Service Attacks (DoS)
     An act of vandalism or terrorism
     A favorite of script kiddies
     Objective
     Send target multiple packets in brief
    time
     Overwhelm target
     The ping o’ death
     Distributed denial of service attack
     Multiple sources
    Copyright © 2003, Addison-Wesley
    Figure 8.9 A distributed denial of
    service attack.

     Cyber
    equivalent of
    throwing
    bricks
     Overwhelm Target system

    target
    computer
     Standard DoS
    is a favorite of
    script kiddies
     DDoS more
    Copyright © 2003, Addison-Wesley
    Spoofing
     Act of faking key system
    parameters
     DNS spoofing
     Alter DNS entry on a server
     Redirect packets
     IP spoofing
     Alter IP address
     Smurf attack
    Copyright © 2003, Addison-Wesley
    Figure 8.10 IP spoofing.
    1 False message claiming to come from Beta  Preparation
     Probe target (A)
    Counterfeit
    3
    acknowledgement
    Alpha server
    (the target)
    Hacker's
    computer
     Launch DoS attack on
    trusted server (B)
    4 One-way connection

     Attack target (A)


    Acknowledgement to Beta
    2
    No response possible
     Fake message from B
     A acknowledges B
     B cannot respond

    DoS attack
    Beta server  Fake acknowledgement
    (trusted source)
    from B
     Access A via 1-way
    communication path
    Under DoS attack

    Copyright © 2003, Addison-Wesley


    Cybercrime prevention
     Multi-layer security
     Security vs. privacy?

    Copyright © 2003, Addison-Wesley

    You might also like