Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS101 Introduction to Computing Lecture 37 Cyber Crime.

Published byDiane Eaton Modified over 8 years ago

Similar presentations

Presentation on theme: "CS101 Introduction to Computing Lecture 37 Cyber Crime."— Presentation transcript:

1 CS101 Introduction to Computing Lecture 37 Cyber Crime

2 Today’s Lecture: Cyber Crime To find out about several types of crimes that occur over cyber space (i.e. the Internet) To familiarize ourselves with with several methods that can be used to minimize the ill effects of those crimes

3 07 February 2000 Users trying to get on to the Web sites of Yahoo, couldn’t! Reason: Their servers were extremely busy! They were experiencing a huge number of hits The hit-rate was superior to the case when a grave incident (e.g. 9/11) occurs, and people are trying to get info about what has happened The only problem was that nothing of note had taken place!

4 What was going on? A coordinated, distributed DoS (Denial of Service) attack was taking place Traffic reached 1 GB/s; many times of normal! In the weeks leading to the attack, there was a noticeable rise in the number of scans that Internet servers were receiving Many of these scans appeared to originate from IP addresses that traced back to Korea, Indonesia, Taiwan, Australia

5 Three Phases of the DoS 1.Search 2.Arm 3.Attack

6 1. Search for Drones The attackers set about acquiring the control over the computers to be used in the attack … by scanning – using, e.g. Sscan SW – a large numbers of computers attached to the Internet Once a computer with a weak security scheme is identified, the attackers try a break-in Once conquered, that computer – called a drone – will be used to scan others

7 2. Arming the Drones After several drones have been conquered, the DoS SW is loaded on to them Examples: Tribal Flood Network, Trinoo, TFN2K Like a time-bomb, that SW can be set to bring itself into action at a specified time Alternatively, it can wait for a commencement command from the attacker

8 3. The Actual Attack At the pre-specified time or on command, the SW implanted on all of the drones wakes-up and starts sending a huge number of messages to the targeted servers Responding to those messages overburdens the targeted servers and they become unable to perform their normal functions

9 Neutralizing the Attack The engineers responsible for monitoring the traffic on the Yahoo Web sites quickly identified the key characteristics of the packets originating from those drones Then they setup filters that blocked all those packets It took them around 3 hours to identify and block most of the hostile packets BTW, the sender’s IP address can be spoofed, making it impossible to block the attack just by blocking the IP addresses

10 The Aftermath None of the Yahoo computers got broken- into; The attackers never intended to do that None of the user data (email, credit card numbers, etc.) was compromised Ill-effects: –Yahoo lost a few million’s worth of business –Millions of her customers got annoyed as they could not access their email and other info from the Yahoo Web sites

11 Who Done It? The DoS SW is not custom SW, and can be downloaded from the Internet. Therefore, it is difficult to track the person who launched the attack by analyzing that SW After installing the DoS SW on the drones, setting the target computer and time, the attackers carefully wipe away any info on the drone that can be used to track them down End result: Almost impossible to track and punish clever attackers

12 How to stop DoS attacks from taking place? Design SW that monitors incoming packets, and on noticing a sudden increase in the number of similar packets, blocks them Convince system administrators all over the world to secure their servers in such a way that they cannot be used as drones BTW, the same type of attack brought down the CNN, Buy, eBay, Amazon Web sites the very next day of the Yahoo attack

13 DoS Attack: A Cyber Crime DoS is a crime, but of a new type - made possible by the existence of the Internet A new type of policing and legal system is required to tackle such crimes and their perpetrators Internet does not know any geographical boundaries, therefore jurisdiction is a key issue when prosecuting the cyber-criminal

14 Cyber crime can be used to … Damage a home computer Bring down a business Weaken the telecom, financial, or even defense-related systems of a whole country

15 Cyberwar! (1) In 1997, blackouts hit New York City, Los Angeles The 911 (emergency help) service of Chicago was shut down A US Navy warship came under the control of a group of hackers What was happening? A cyber attack!

16 Cyberwar! (2) All of the above did not happen in reality, but in a realistic simulation The US National Security Agency hired 35 hackers to attack the DoD’s 40,000 computer networks By the end of the exercise, the hackers had gained root-level (the highest-level!) access to at least 3 dozen among those networks

17 Cyberwarfare: Cyberwarfare: A clear and present threat as well as opportunity for all of the world’s armed force!

18 ? Cyberwarfare Cybercrime

19 More cybercrimes …

20 Mail Bombing Similar in some ways to a DoS attack A stream of large-sized emails are sent to an address, overloading the destination account This can potentially shut-down a poorly-designed email system or tie up the telecom channel for long periods Defense: email filtering

21 Break-Ins Hackers are always trying to break-in into Internet-connected computers to steal info or plant malicious programs Defense: Intrusion detectors

22 Credit Card Fraud (1) A thief somehow breaks into an ecommerce server and gets hold of credit numbers and related info The thief then uses that info to order stuff on the Internet

23 Credit Card Fraud (2) Alternatively, the thief may auction the credit card info on certain Web sites setup just for that purpose Defense: Use single-use credit card numbers for your Internet transactions

24 Software Piracy (1) Using a piece of SW without the author’s permission or employing it for uses not allowed by the author is SW piracy For whatever reason, many computer users do not consider it to be a serious crime, but it is!

25 Software Piracy (2) Only the large rings of illegal SW distributors are ever caught and brought to justice Defense: Various authentication schemes. They, however, are seldom used as they generally annoy the genuine users

26 Industrial Espionage Spies of one business monitoring the network traffic of their competitors They are generally looking for info on future products, marketing strategies, and even financial info Defense: Private networks, encryption, network sniffers

27 Web Store Spoofing A fake Web store (e.g. an online bookstore) is built Customers somehow find that Web site and place their orders, giving away their credit card info in the process The collected credit card info is either auctioned on the Web or used to buy goods and services on the Web

28 Viruses (1) Self-replicating SW that eludes detection and is designed to attach itself to other files Infect files on computers through: –Floppy disks, CD-ROMs, or other storage media –The Internet or other networks

29 Viruses (2) Viruses cause tens of billions of dollars of damage each year One such incident in 2001 – the LoveBug virus – had an estimated cleanup/lost productivity cost of US$8.75 billion The first virus that spread world-wide was the Brain virus, and was allegedly designed by someone in Lahore

30 One Way of Classifying Viruses Malicious –The type that grabs most headlines –May destroy or broadcast private data –May clog-up the communication channels –May tie-up the uP to stop it from doing useful work Neutral –May display an annoying, but harmless message Helpful –May hop from one computer to another while searching for and destroying malicious viruses

31 Anatomy of a Virus A virus consists of 2 parts: Transmission mechanism Payload

32 Transmission Mechanism Viruses attach themselves to other computer programs or data files (termed as hosts) They move from one computer to another with the hosts and spring into action when the host is executed or opened

33 Payload The part of the virus that generally consists of malicious computer instructions The part generally has two further components: –Infection propagation component: This component transfers the virus to other files residing on the computer –Actual destructive component: This component destroys data or performs or other harmful operations

34 Common Sense Guidelines (1) Download SW from trusted sites only Do not open attachments of unsolicited emails Use floppy disks and CD-ROMs that have been used in trusted computers only When transferring files from your computer to another, use the write-protection notches

35 Common Sense Guidelines (2) Stay away from pirated SW Regularly back your data up Install Antivirus SW; keep it and its virus definitions updated

36 Antivirus SW Designed for detecting viruses & inoculating Continuously monitors a computer for known viruses and for other tell-tale signs like: –Most – but, unfortunately not all – viruses increase the size of the file they infect –Hard disk reformatting commands –Rewriting of the boot sector of a hard disk The moment it detects an infected file, it can automatically inoculate it, or failing that, erase it

37 Other Virus-Like Programs There are other computer programs that are similar to viruses in some ways but different in some others Three types: –Trojan horses –Logic- or time-bombs –Worms

38 Trojan Horses Unlike viruses, they are stand-alone programs They look like what they are not They appear to be something interesting and harmless (e.g. a game) but when they are executed, destruction results

39 Logic- or Time-Bombs It executes its payload when a predetermined event occurs Example events: –A particular word or phrase is typed –A particular date or time is reached

40 Worms Harmless in the sense that they only make copies of themselves on the infected computer Harmful in the sense that they can use up available computer resources (i.e. memory, storage, processing), making it slow or even completely useless

41 Designing, writing, or propagating malicious code or participating in any of the fore- mentioned activities can result in criminal prosecution, which in turn, may lead to jail terms and fines!

42 In Today’s Lecture … We found out about several types of computer crimes that occur over cyber space We familiarized ourselves with with several methods that can be used to minimize the ill effects of these crimes

Download ppt "CS101 Introduction to Computing Lecture 37 Cyber Crime."

Similar presentations

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.

Privacy & Other Issues. Acceptable Use Policies When you sign up for an account at school or from an Internet Service Provider, you agree to their rules.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
1 CS101 Introduction to Computing Lecture 39 Cyber Crime.

1 CS101 Introduction to Computing Lecture 39 Cyber Crime.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Breaking Trust On The Internet

Breaking Trust On The Internet
Lecturer: Fadwa Tlaelan

Lecturer: Fadwa Tlaelan
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Unit 18 Data Security 1.

Unit 18 Data Security 1.
Computer Viruses.

Computer Viruses.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Threats To A Computer Network

Threats To A Computer Network
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.

Hacking, Viruses and the Copyright Law. Learning Objectives  Describe what Hacking is and what Viruses are.  List what viruses can do and describe how.
Computer Viruses. Where the name came from This is a phrase coined from biology to describe a piece of software that behaves very much like a real virus.

Computer Viruses. Where the name came from This is a phrase coined from biology to describe a piece of software that behaves very much like a real virus.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.

Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.

Similar presentations

Ads by Google