Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.

Published byOctavia Cummings Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare."— Presentation transcript:

1 Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare

2 Cybercrime Illegal or criminogenic activities performed in cyberspace

3 Copyright © 2003, Addison-Wesley Common EC/EB crime targets/victims Identity theft – is your customer “real”? Credit card number theft – is your customer’s credit/debit account “real”? Computational embezzlement – fraudulent creation/manipulation of financial info regarding EC/EB transactions or accounts (biggest corporate problem) (Security) Vulnerability and exploit attacks (most pervasive problem). EC/EB system targeted attacks mostly “out of sight” so far

4 Copyright © 2003, Addison-Wesley Hacker/Cracker Originally, an expert programmer Today, someone (Cracker) who breaks into computers Types of hackers White-hat hackers Black-hat hackers (crackers, dark side hackers) Elite hackers Superior technical skills Very persistent Often publish their exploits Samurai – a hacker for hire

5 Copyright © 2003, Addison-Wesley Figure 8.1 A list of postings on a hacker newsgroup. Source: alt.bio.hackers newsgroup

6 Copyright © 2003, Addison-Wesley Figure 8.2 A typical posting. Source: alt.bio.hackers newsgroup

7 Copyright © 2003, Addison-Wesley Figure 8.3 Hackers publish their exploits. Source: http://packetstormsecurity.org/http://packetstormsecurity.org/

8 Copyright © 2003, Addison-Wesley Script-kiddies and Phreakers Script-kiddie (packet monkeys, lamerz) Hacker in training Disdained by the elite hackers Phreaker Person who cracks the telephone network Insider/outsider using “social engineering” Trusted employee turned black-hat hacker Dumpster divers; help desk impersonators, etc. Potentially most dangerous

9 Copyright © 2003, Addison-Wesley Why Do Hackers Hack? Government sponsored hacking Cyberwarfare Cyberterrorism Espionage Industrial espionage White-hats Publicize vulnerabilities The challenge – hack mode Black hats – misappropriate software and personal information Script kiddies – gain respect Insiders – revenge

10 Copyright © 2003, Addison-Wesley Password Theft Easiest way to gain access/control User carelessness Poor passwords Easily guessed Dumpster diving Observation, particularly for insiders The sticky note on the monitor Human engineering, or social engineering Standard patterns (e.g., Miami University) Guess the password from the pattern

11 Copyright © 2003, Addison-Wesley Rules for Choosing Good Passwords Easy to remember, difficult to guess Length – 6 to 9 characters Mix character types Letters, digits, special characters Use an acronym Avoid dictionary words Different account  different password Change passwords regularly

12 Copyright © 2003, Addison-Wesley Packet Sniffers Software wiretap Captures and analyzes packets Any node between target and Internet Broadcast risk Ethernet and cable broadcast messages Set workstation to promiscuous mode Legitimate uses Detect intrusions Monitoring

13 Copyright © 2003, Addison-Wesley Potentially Destructive Software Logic bomb (set up by insider) Potentially very destructive Time bomb – a variation Rabbit Denial of service Trojan horse Common source of backdoors

14 Copyright © 2003, Addison-Wesley Backdoor Undocumented access point Testing and debugging tool Common in interactive computer games Cheats and Easter eggs Hackers use/publicize backdoors to gain access Programmer fails to close a backdoor Trojan horse Inserted by hacker on initial access Back Orifice – the Cult of the Dead Cow

15 Copyright © 2003, Addison-Wesley Viruses and Worms (most common) Virus Parasite Requires host program to replicate Virus hoaxes can be disruptive Virus patterns/generators exist; script kiddies use these (but most anti-virus software does not!) Worm Virus-like Spreads without a host program Used to collect information Sysop – terminal status Hacker – user IDs and passwords

16 Copyright © 2003, Addison-Wesley Figure 8.6 Structure of a typical virus. Payload can be Trivial Logic bomb Time bomb Trojan horse Backdoor Sniffer Macro viruses (thanks to MS ) Polymorphic viruses E-mail attachments Today, click attachment Tomorrow, may be eliminated! Cluster viruses Spawn mini-viruses Cyberterrorism threat

17 Copyright © 2003, Addison-Wesley Anti-Virus Software Virus signature Uniquely identifies a specific virus Update virus signatures frequently Heuristics Monitor for virus-like activity Virus detection and removal to be pushed “upstream” in the IT supply chain infrastructure Recovery support

18 Copyright © 2003, Addison-Wesley Figure 8.8 Security and virus protection in layers. Defend in depth What one layer misses, the next layer traps Firewalls (Chapter 9) Anti-virus software Internet

19 Copyright © 2003, Addison-Wesley System Vulnerabilities Known security weak points Default passwords – system initialization Port scanning Software bugs Logical inconsistencies between layers Published security alerts War dialer to find vulnerable computer

20 Copyright © 2003, Addison-Wesley Denial of Service Attacks (DoS) An act of vandalism or terrorism A favorite of script kiddies Objective Send target multiple packets in brief time Overwhelm target The ping o’ death Distributed denial of service attack Multiple sources

21 Copyright © 2003, Addison-Wesley Figure 8.9 A distributed denial of service attack. Cyber equivalent of throwing bricks Overwhelm target computer Standard DoS is a favorite of script kiddies DDoS more sophisticated

22 Copyright © 2003, Addison-Wesley Spoofing Act of faking key system parameters DNS spoofing Alter DNS entry on a server Redirect packets IP spoofing Alter IP address Smurf attack

23 Copyright © 2003, Addison-Wesley Figure 8.10 IP spoofing. Preparation Probe target (A) Launch DoS attack on trusted server (B) Attack target (A) Fake message from B A acknowledges B B cannot respond DoS attack Fake acknowledgement from B Access A via 1-way communication path

24 Copyright © 2003, Addison-Wesley Cybercrime prevention Multi-layer security Security vs. privacy?

Download ppt "Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare."

Similar presentations

BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.

BA J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.

OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.

Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.
MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE Defamation on the Internet “Defamation”, Arts Law Centre [Online: Accessed 4th February 2004 URL:

MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE Defamation on the Internet “Defamation”, Arts Law Centre [Online: Accessed 4th February 2004 URL:
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Similar presentations

Ads by Google