Presentation is loading. Please wait.

Presentation is loading. Please wait.

Compsci 82, Fall 2011 11.1 Cybercrime, Cyberwar, Cyberterrorism l In nuclear deterrence, both the Americans and the Soviets knew it was all or nothing:

Published byAnthony Maxwell Modified over 9 years ago

Similar presentations

Presentation on theme: "Compsci 82, Fall 2011 11.1 Cybercrime, Cyberwar, Cyberterrorism l In nuclear deterrence, both the Americans and the Soviets knew it was all or nothing:"— Presentation transcript:

1 Compsci 82, Fall 2011 11.1 Cybercrime, Cyberwar, Cyberterrorism l In nuclear deterrence, both the Americans and the Soviets knew it was all or nothing: the Cuban missile crisis was resolved out of fear of catastrophic escalation. But in cyberattacks, the damage can range from the minor to the catastrophic, from slowing computer searches to bringing down a country’s cellphone networks, neutralizing its spy satellites, or crashing its electrical grid or its air traffic control systems. http://nyti.ms/9k1w2ihttp://nyti.ms/9k1w2i JOHN MARKOFF, DAVID E. SANGER and THOM SHANKER

2 Compsci 82, Fall 2011 11.2 Cyber [War|Crime|Terrorism] l bit.ly/tvg9yJ bit.ly/tvg9yJ  Bully? Fighter? …? l nyti.ms/uTO2rk nyti.ms/uTO2rk  Iran, Siemens, … l bit.ly/sbGWGD bit.ly/sbGWGD  Anoymous? Attack? l http://bit.ly/usX98J http://bit.ly/usX98J  No cyberwar exists l 1.usa.gov/sTDNw2 1.usa.gov/sTDNw2  Yes we can! l zd.net/tm40Ce zd.net/tm40Ce  WOW from China?

3 Compsci 82, Fall 2011 11.3 Crime and Cybercrime l An act committed or omitted in violation of a law forbidding or commanding it and for which punishment is imposed upon conviction http://www.thefreedictionary.com/crime l Deviant behavior that violates prevailing norms --- cultural standards prescribing how humans ought to behave normally. http://en.wikipedia.org/wiki/Crime

4 Compsci 82, Fall 2011 11.4 Cybercrime l What is cyber-crime? Cyber-terrorism?  Hackers, Crackers, Warez, Malware, cyber- bullying, Blackhats, Whitehats, DDOS l Cyberespionage, Cyber-sleuthing, Cyberwar  Imagined, real, over- or under-hyped? l Hacktivism  Electronic civil disobedience? l Criminal? Ethical? Enjoyable?  Why is the FBI involved in cybercrime?

5 Compsci 82, Fall 2011 11.5 Examples of Cybercrime l Social engineering/hacking: Kevin Mitnick  Markoff, Shimomura, solitary confinement l SPAM and Pornography  Are these crimes? Do they affect the Internet? Do they infect the Internet? l Fake FDIC Phishing Scam Fake FDIC Phishing Scam l Botnets, cyberwar, cyberespionage?  Is this really happening? Haxis of Evil?

6 Compsci 82, Fall 2011 11.6 Illegal, immoral, unethical l Is pornography against the law? Is it a crime? What about posting a syllabus from a course, e.g., coursehero and other sites?  Other kinds of cyber activity/crime?  http://www.cybercrime.gov/ http://www.cybercrime.gov/  DOJ Kids and Internet Ethics DOJ Kids and Internet Ethics l Is sending SPAM against the law?  ftc CAN-SPAM ftc CAN-SPAM

7 Compsci 82, Fall 2011 11.7 SPAM, Botnets, Making Money l Orignal SPAM skit Orignal SPAM skit l Ordering toast instead of SPAM Ordering toast instead of SPAM

8 Compsci 82, Fall 2011 11.8 From worms to virii to botnets l How do computers get “infected”?  Is the terminology warranted?  Trojan horse, attachment, host  Virus travels without human intervention l When did this start? Personalities? Deeds?  Is there punishment? Too much/little?

9 Compsci 82, Fall 2011 11.9 Robert Tappan Morris l First Internet Worm  Worm v Virus? l Valedictorian  Delbarton, 1983 l Computer Fraud/Abuse  1990, probation+$10K l Sold Viaweb to Yahoo for $48M in 1998 l Professor at MIT l Father was Chief Scientist at NSA

10 Compsci 82, Fall 2011 11.10 DDOS: what and how l Distributed Denial Of Service  Terms? Mechanism l Misuse/abuse IP  SYN, Ping, Smurf l Why do botnets help in this regard? l IP addresses spoofed in SYN/Ping, why? l Defensive measures against DDOS?

11 Compsci 82, Fall 2011 11.11 Reporting on Botnets l BBC buys a botnet! l Aside from the legality of the scheme, the exercise raises troubling ethical questions. Security firms are almost unanimous in saying the behaviour of infected machines could have been illustrated without hacking into the machines of innocent victims

12 Compsci 82, Fall 2011 11.12 Srizbi stopped! We have observed that when a bot is unable to contact its hard coded control server, it will try to resolve the IP address of up to four domains. In our lab we have seen that a bot will then contact the server with this IP address and request a new template. Once a template is received it will begin spamming again: gyprtwqy.com, faruoeqa.com, dqdpdrqq.com, syudwtqy.com http://www.marshal.com/trace/traceitem.asp?article=816 l Why did this go on for so long?

13 Compsci 82, Fall 2011 11.13 Crime or FUD? l “If it has compromised your machine once, it will do it again. We've seen evidence" of this, says Roel Schouwenberg, senior virus researcher for Kaspersky Lab, (discovered this new wave of Web attacks late last week.) l SQL injection attacks, which appear to originate from China, appear to have peaked yesterday, according to Kaspersky. Among the infected sites found by Kaspersky were Travelocity.com, countyofventura.org, and missouri.edu. http://ba.darkreading.com/security/attacks/showArticle.jhtml?articleID=212001872

14 Compsci 82, Fall 2011 11.14 Dark Reading continued l Dan Hubbard, CTO at Websense, says the payloads vary, but many attacks appear designed to grab World of Warcraft credentials. "They do appear to have other capabilities, however, that allow them to update, disable AV, and...install more generic password stealers that could be used for a plethora of things.” l Is stealing a WoW password like hacking your Wachovia account?

15 Compsci 82, Fall 2011 11.15 Cybercrime or Cybersomethingelse? l YouTube Mitnick YouTube Mitnick  Kevin Mitnick on 60 minutes l YouTube on Cybercrime toolkit YouTube on Cybercrime toolkit  What’s right/wrong with this CBC video? l YouTube, new face of cybercrime? YouTube, new face of cybercrime?  The new “face” of cybercrime l Hackers trailer Hackers trailer l See links at class links to cybercrimeclass links to cybercrime

16 Compsci 82, Fall 2011 11.16 Spamalytics: Stefan Savage et al l …the only obvious way to extract this data is to build an e-commerce site, market it via spam, and then record the number of sales. Moreover, to capture the spammer’s experience with full fidelity such a study must also mimic their use of illicit botnets for distributing e-mail and proxying user responses.

17 Compsci 82, Fall 2011 11.17 Spamalytics: Stefan Savage et al l In effect, the best way to measure spam is to be a spammer. In this paper, we have effectively conducted this study, though sidestepping the obvious legal and ethical problems associated with sending spam. Critically, our study makes use of an existing spamming botnet. l National security threats by Internet Criminals

18 Compsci 82, Fall 2011 11.18 Phishing l What is phishing, how does it work, origins  Email and Web phishing attacks  Certificate Authorities: site really is!  User-interface and Human Factors issues  Tips on avoid being hooked l There is a banking and financial crisis  Why is this a boon to phishing expeditions? l Is this good advice? http://bit.ly/cUUCEQhttp://bit.ly/cUUCEQ

19 Compsci 82, Fall 2011 11.19 From Phishing to Whaling l http://www.nytimes.com/2008/04/16/technology/16whale.html?fta=y http://www.nytimes.com/2008/04/16/technology/16whale.html?fta=y l http://www.antiphishing.org/reports/APWG_CrimewareReport.pdf http://www.antiphishing.org/reports/APWG_CrimewareReport.pdf

20 Compsci 82, Fall 2011 11.20 Stuxnet l http://bit.ly/rEshqF http://bit.ly/rEshqF  What was special about this worm, why a worm?  Origin? Destination?  Can we believe Wikipedia on this? l How does attack unfold without Internet?  What is vector for spreading "disease"?  How does this work in practice?  Other issues?

Download ppt "Compsci 82, Fall 2011 11.1 Cybercrime, Cyberwar, Cyberterrorism l In nuclear deterrence, both the Americans and the Soviets knew it was all or nothing:"

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk email o Over 70% of email traffic  Bugs ---

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Breaking Trust On The Internet

Breaking Trust On The Internet
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices and New Threats.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Threats To A Computer Network

Threats To A Computer Network
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Trust, Safety, & Reliability Part 2 MALICE. Malware Malware: short for “malicious software” Hackers: people who write and deploy malware Worm: program.

Trust, Safety, & Reliability Part 2 MALICE. Malware Malware: short for “malicious software” Hackers: people who write and deploy malware Worm: program.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Security (Computer crime and dangers associated with computer use). Legislation (Data Protection, Computer Misuse and Copyright Acts). 4 th module

Security (Computer crime and dangers associated with computer use). Legislation (Data Protection, Computer Misuse and Copyright Acts). 4 th module

Similar presentations

Ads by Google