Presentation is loading. Please wait.

Presentation is loading. Please wait.

BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare.

Published byChristian Hale Modified over 10 years ago

Similar presentations

Presentation on theme: "BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare."— Presentation transcript:

1 BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare

2 BA 572 - J. Galván2 Cybercrime Illegal or criminogenic activities performed in cyberspace

3 BA 572 - J. Galván3 Common EC/EB crime targets/victims Identity theft – is your customer real? Credit card number theft – is your customers credit/debit account real? Computational embezzlement – fraudulent creation/manipulation of financial info regarding EC/EB transactions or accounts (biggest corporate problem) (Security) Vulnerability and exploit attacks (most pervasive problem). EC/EB system targeted attacks mostly out of sight so far

4 BA 572 - J. Galván4 Hacker/Cracker Originally, an expert programmer Today, someone (Cracker) who breaks into computers Types of hackers White-hat hackers Black-hat hackers (crackers, dark side hackers) Elite hackers Superior technical skills Very persistent Often publish their exploits Samurai – a hacker for hire

5 BA 572 - J. Galván5 A list of postings on a hacker newsgroup. Source: alt.bio.hackers newsgroup

6 BA 572 - J. Galván6 A typical posting. Source: alt.bio.hackers newsgroup

7 BA 572 - J. Galván7 Hackers publish their exploits. Source: http://packetstormsecurity.org/http://packetstormsecurity.org/

8 BA 572 - J. Galván8 Script-kiddies and Phreakers Script-kiddie (packet monkeys, lamerz) Hacker in training Disdained by the elite hackers Phreaker Person who cracks the telephone network Insider/outsider using social engineering Trusted employee turned black-hat hacker Dumpster divers; help desk impersonators, etc. Potentially most dangerous

9 BA 572 - J. Galván9 Why Do Hackers Hack? Government sponsored hacking Cyberwarfare Cyberterrorism Espionage Industrial espionage White-hats Publicize vulnerabilities The challenge – hack mode Black hats – misappropriate software and personal information Script kiddies – gain respect Insiders – revenge

10 BA 572 - J. Galván10 Password Theft Easiest way to gain access/control User carelessness Poor passwords Easily guessed Dumpster diving Observation, particularly for insiders The sticky note on the monitor Human engineering, or social engineering Standard patterns Guess the password from the pattern

11 BA 572 - J. Galván11 Rules for Choosing Good Passwords Easy to remember, difficult to guess Length – 6 to 9 characters Mix character types Letters, digits, special characters Use an acronym Avoid dictionary words Different account different password Change passwords regularly

12 BA 572 - J. Galván12 Packet Sniffers Software wiretap Captures and analyzes packets Any node between target and Internet Broadcast risk Ethernet and cable broadcast messages Set workstation to promiscuous mode Legitimate uses Detect intrusions Monitoring

13 BA 572 - J. Galván13 Potentially Destructive Software Logic bomb (set up by insider) Potentially very destructive Time bomb – a variation Rabbit Denial of service Trojan horse Common source of backdoors

14 BA 572 - J. Galván14 Backdoor Undocumented access point Testing and debugging tool Common in interactive computer games Cheats and Easter eggs Hackers use/publicize backdoors to gain access Programmer fails to close a backdoor Trojan horse Inserted by hacker on initial access Back Orifice – the Cult of the Dead Cow

15 BA 572 - J. Galván15 Viruses and Worms (most common) Virus Parasite Requires host program to replicate Virus hoaxes can be disruptive Virus patterns/generators exist; script kiddies use these (but most anti-virus software does not!) Worm Virus-like Spreads without a host program Used to collect information Sysop – terminal status Hacker – user IDs and passwords

16 BA 572 - J. Galván16 Structure of a typical virus. Payload can be Trivial Logic bomb Time bomb Trojan horse Backdoor Sniffer Macro viruses Polymorphic viruses E-mail attachments Today, click attachment Tomorrow, may be eliminated! Cluster viruses Spawn mini-viruses Cyberterrorism threat

17 BA 572 - J. Galván17 Anti-Virus Software Virus signature Uniquely identifies a specific virus Update virus signatures frequently Heuristics Monitor for virus-like activity Virus detection and removal to be pushed upstream in the IT supply chain infrastructure Recovery support

18 BA 572 - J. Galván18 Security and virus protection in layers. Defend in depth What one layer misses, the next layer traps Firewalls Anti-virus software Internet

19 BA 572 - J. Galván19 System Vulnerabilities Known security weak points Default passwords – system initialization Port scanning Software bugs Logical inconsistencies between layers Published security alerts War dialer to find vulnerable computer

20 BA 572 - J. Galván20 Denial of Service Attacks (DoS) An act of vandalism or terrorism A favorite of script kiddies Objective Send target multiple packets in brief time Overwhelm target The ping o death Distributed denial of service attack Multiple sources

21 BA 572 - J. Galván21 A distributed denial of service attack. Cyber equivalent of throwing bricks Overwhelm target computer Standard DoS is a favorite of script kiddies DDoS more sophisticated

22 BA 572 - J. Galván22 Spoofing Act of faking key system parameters DNS spoofing Alter DNS entry on a server Redirect packets IP spoofing Alter IP address Smurf attack

23 BA 572 - J. Galván23 IP spoofing. Preparation Probe target (A) Launch DoS attack on trusted server (B) Attack target (A) Fake message from B A acknowledges B B cannot respond DoS attack Fake acknowledgement from B Access A via 1-way communication path

24 BA 572 - J. Galván24 Cybercrime prevention Multi-layer security Security vs. privacy?

25 BA 572 - J. Galván25 The service worker

Download ppt "BA 572 - J. Galván1 COMPUTER CRIME Cybercrime, Cyberterrorism, and Cyberwarfare."

Similar presentations

BA 572 - J. Galván1 SECURITY Needs of security for e-commerce.

BA J. Galván1 SECURITY Needs of security for e-commerce.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
4 Information Security.

4 Information Security.
Lesson 3-Hacker Techniques

Lesson 3-Hacker Techniques
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.

Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.
Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.

Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Similar presentations

Ads by Google