Chapter 5: Cyber Crimes and Hackers Guide to Computer Network Security.

Slides:

Advertisements

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

Advertisements

Introduction and Overview of Digital Crime and Digital Terrorism

Jacky Altal. T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO –

Cyber Law & Islamic Ethics CICT3523 COMPUTER CRIMES.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

Ethical and Social...J.M.Kizza 1 Module 9: Computer Crimes Introduction History of Computer Crimes Computer Systems Attacks Motives Costs and Social Consequences.

Computer Crimes Chapter 9. Definition  Illegal act that involves a computer system or computer-related system  Telephone, microwave, satellite telecommunications.

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

Computer Security and Penetration Testing

Computers in Society Week 8: Computer Security and Hacking.

Hands-On Ethical Hacking and Network Defense

1 Telstra in Confidence Managing Security for our Mobile Technology.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

Lecture 11 Reliability and Security in IT infrastructure.

Engineering Secure Software. Lottery Story A Threat We Can’t Ignore  Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.

CYBER CRIME AND SECURITY TRENDS

1J. M. Kizza - Ethical And Social Issues Module 13: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems Introduction Introduction.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Are you safe? Alyssa Caputo & Niki Labella Itech 1101 Dr. Nagel.

Computer Crime and CyberCrime Why we need Computer Forensics.

Cyber Crime & Security Raghunath M D BSNL Mobile Services,

1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

IDENTIFYING THREATS IN A GLOBAL MARKETPLACE Ira S. Somerson, BCFE, CPP Loss Management Consultants, Inc. Institute for Global Management Studies And Temple.

Chapter 3: Types of Cyber Attacks Expand the definition of cyberspace to include: – hardware like computers, printers, scanners, servers and communication.

Cyber crime & Security Prepared by : Rughani Zarana.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

BUSINESS B1 Information Security.

Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.

Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

International Cyber Warfare and Security Conference Cyber Defence Germany's Analysis of Global Threats 19th November 2013, Ankara.

Information Warfare Playgrounds to Battlegrounds.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Cyber Security Nevada Businesses Overview June, 2014.

Cyber Security Action against cyber crime. What is cyber security?  Cyber security standards are security standards which enable organizations to practice.

CJ416 Eric Salvador. Housekeeping Lets finish strong in Unit 9 discussions Alternative seminars Final submission of work – Tues. May 29 th at midnight.

Information Security What is Information Security?

Chapter 2: Anatomy of the Problem Recent terrorist attacks and the raise in cyber attacks have raised concern about the need to protect the nation’s cyber.

Unit 9.  Lets finish strong in Unit 9 discussions  Alternative seminars  Final submission of work – Tuesday, October 9 th at midnight.

Ali Alhamdan, PhD National Information Center Ministry of Interior

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cybercrime is nothing but where.

CYBER CRIME AND SECURITY If we can defeat them sitting at home……who needs to fight with tanks and guns!!!! Presented By Lipsita Behera. B.Sc IST, 3 rd.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.

Scott Charney Cybercrime and Risk Management PwC.

Information Warfare Playgrounds to Battlegrounds.

Computer Security By Duncan Hall.

CSCI-235 Micro-Computers in Science Privacy & Security.

Chapter 1 Ethical Hacking Overview. Hands-On Ethical Hacking and Network Defense2  Describe the role of an ethical hacker  Describe what you can do.

Presented by Presented by Daniel Lawrence Delgado CITCS BSIT 1-D.

Whats it all about?.  C omputer crime refers to any crime that involves a computer and a network. The computer may have been used in the commission of.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

Cyber crimes is the most popular news we come across daily In good olden days there were no development in the usage of computers as we have now As.

Cyber crime and security issues

NANDHA ENGINEERING COLLEGE ERODE-52. CYBER WAR-A NEW FACE OF TERRORISM Guided byGuided by E.Kanimozhi,M.EE.Kanimozhi,M.E AP/Dept of ITAP/Dept of IT PRESENTED.

Computer & Network Security

Add video notes to lecture

Chapter 11 crime and security in the networked economy

Chapter 13 Security and Ethical Challenges.

Securing the Threats of Tomorrow, Today.

Presentation transcript:

Chapter 5: Cyber Crimes and Hackers Guide to Computer Network Security

Kizza - Guide to Computer Network Security 2 Cyber Crimes and Hackers The greatest threats to the security, privacy, and reliability of computer networks and other related information systems in general are cyber crimes committed by cyber criminals but most importantly hackers. The rise of the hacker factor, the unprecedented and phenomenal growth of the Internet, the latest developments in globalization, hardware miniaturization, wireless and mobile technology, the mushrooming of connected computer networks, and society’s ever growing appetite for and dependency on computers, have all greatly increased the threats both the hacker and cybercrimes pose to the global communication and computer networks

Kizza - Guide to Computer Network Security 3 Industry and governments around the globe are responding to these threats through a variety of approaches and collaborations such as: Industry and governments around the globe are responding to these threats through a variety of approaches and collaborations such as: –Formation of organizations, such as the Information Sharing and Analysis Centers (ISACs). –Getting together of industry portals and ISPs on how to deal with distributed denial of service attacks including the establishment of Computer Emergency Response Teams (CERTs). –Increasing use of sophisticated tools and services by companies to deal with network vulnerabilities. Such tools include the formation of Private Sector Security Organizations (PSSOs) such as SecurityFocus, Bugtraq and the International Chamber of Commerce's CyberCrime Unit. –Setting up national strategies similar to the U.S. National Strategy to Secure Cyberspace,an umbrella initiative of all initiatives from various sectors of the national critical infrastructure grid and the Council of Europe Convention on Cybercrimes.

Kizza - Guide to Computer Network Security 4 The list of these crimes to include the following: –Unlawful access to information –Illegal interception of information –Unlawful use of telecommunication equipment. –Forgery with use of computer measures –Intrusions of the Public Switched and Packet Network –Network integrity violations –Privacy violations –Industrial espionage –Pirated computer software –Fraud using a computing system –Internet/ abuse –Using computers or computer technology to commit murder, terrorism, pornography, and hacking.

Kizza - Guide to Computer Network Security 5 Cyber crimes are executed in one of two ways: –penetration –denial of service

Kizza - Guide to Computer Network Security 6 Cyber Criminals Are ordinary users of cyberspace with a message. A number of studies have identified the following groups as the most likely sources of cyber crimes [19]: –Insiders: disgruntled insiders are a major source of computer crimes because they do not need a great deal of knowledge about the victim computer system. In many cases, such insiders use the system everyday. –Hackers: Hackers are actually computer enthusiasts who know a lot about computers and computer networks and use this knowledge with a criminal intent. Since the mid-1980s, computer network hacking has been on the rise mostly because of the widespread use of the Internet.

Kizza - Guide to Computer Network Security 7 –Criminal groups: A number of cyber crimes are carried out by criminal groups for different motives ranging from settling scores to pure thievery. –Disgruntled ex-employees: Many studies have shown that disgruntled ex-employees also pose a serious threat to organizations as sources of cyber crimes targeting their former employers for a number of employee employer issues that led to the separation. –Economic espionage spies: The growth of cyberspace and e-commerce and the forces of globalization have created a new source of crime syndicates, the organized economic spies that plough the Internet looking for company secrets. As the price tag for original research skyrockets, and competition in the market place becomes globe, companies around the global are ready to pay any amount for stolen commercial, marketing, and industrial secrets.

Kizza - Guide to Computer Network Security 8 Hackers Currently the word has two opposite meanings. –a computer enthusiast as an individual who enjoys exploring the details of computers and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary. –a malicious or inquisitive meddler who tries to discover information by poking around.

Kizza - Guide to Computer Network Security 9 History of Hacking The history of hacking has taken as many twists and turns as the word hacking itself has. One can say that the history of hacking actually began with the invention of the telephone in 1876 by Alexander Graham Bell. For it was this one invention that made internetworking possible and also made the first hacking act possible. There is agreement among computer historians that the term hack was born at MIT There is agreement among computer historians that the term hack was born at MIT Engressia, commonly known as “The Whistler” is the grand father of phone phreaking; born blind but with a high pitch which he used to his advantage. He used to whistle into the phones and could whistle perfectly any tone he wanted. He discovered phreaking while listening to the error messages caused by his calling of unconnected numbers and was usually disconnected.

Kizza - Guide to Computer Network Security 10 John Draper, a Vietnam veteran, commonly known as “Captain Crunch,” took this practical whistling joke further and discovered that using a free toy whistle from a cereal box to carefully blow into the receiver of a telephone, produces the precise tone of 2600 hertz needed to make free long distance phone calls With the starting of a limited national computer network by ARPANET, in the 1970s, a limited form of a system of break-in from outsiders started appearing. Through the 1970s, a number of developments gave impetus to the hacking movement.

Kizza - Guide to Computer Network Security 11 The debut of the personal computer (PC) in 1981 when IBM joined the PC wars, a new front in hacking was opened. The PCs brought the computing power to more people because they were cheap, easy to program, and somehow more portable On the back of the PC was the movie “WarGames” in The science fiction movie watched by millions glamorized and popularized hacking. The 1980s saw tremendous hacker activities with the formation of gang-like hacking groups.

Kizza - Guide to Computer Network Security 12 Types of Hackers There are several sub-sects of hackers based on hacking philosophies. The biggest sub-sects are: –Crackers - A cracker is one who breaks security on a system. Crackers are hardcore hackers characterized more as professional security breakers and thieves. –Hacktivists - Hacktivists are conscious hackers with a cause. They grew out of the old phreakers. –cyber terrorists - Based on motives, cyberterrorists can be divided into two categories: the terrorists information warfare planners.

Kizza - Guide to Computer Network Security 13 Hacker Motives Since the hacker world is closed to non hackers and no hacker likes to discuss one’s secrets with non members of the hacker community, it is extremely difficult to accurately list all the hacker motives. From studies of attacked systems and some writing from former hackers who are willing to speak out, we learn quite a lot about this rather secretive community. Their motives are many and varied including: –Hacker ethic –Vendetta and/or revenge –Jokes, Hoaxes, and Pranks –Terrorism –Political and Military Espionage –Hate –etc

Kizza - Guide to Computer Network Security 14 Dealing with the Rising Tide of Cyber Crimes Most system attacks take place before even experienced security experts have advance knowledge of them. Most of the security solutions are best practices as we have so far seen and we will continue to discuss them as either preventive or reactive. An effective plan must consist of three components: –prevention, –detection, –analysis and response.

Kizza - Guide to Computer Network Security 15 Prevention - is probably the best system security policy, but only if we know what to prevent the systems from. Among those possible approaches are the following: –A security policy –Risk management –Perimeter security –Encryption –Legislation –Self-regulation –Mass education

Kizza - Guide to Computer Network Security 16 Detection - In case prevention fails the next best strategy should be early detection. Detecting cyber crimes before they occur constitutes a 24-hour monitoring system to alert security personnel whenever something unusual (something with a non-normal pattern, different from the usual pattern of traffic in and around the system) occurs. Recovery - Whether or not prevention or detection solutions were deployed on the system, if a security incident has occurred on a system, a recovery plan, as spelled out in the security plan, must be followed.