cybercrime and computer hacking
TRANSCRIPT
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 1/35
Cyber Crime and Computer Hacking
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 2/35
Presentation Over:
What is Cyber Crime??? Cyber Criminals
Reasons for Cyber Crime and Classification
Types of Cyber Crime
Hacking, History, Techniques, Types, Needs ofHacker, Successful Hackers
Industry Response
Protect Computers Intrusion Detection
Practical Steps for Prevention of Cyber Crime
Conclusion
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 3/35
The Invisible Criminals AreDangerous Than The Visible One…
What is
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 4/35
What is Cyber Crime?
“He Uses Technology As His Weapon” It Is A Criminal Activity Committed On The Internet .
A Generalized Definition Of Cyber Crime May Be “Unlawful ActsWherein The Computer Is Either A Tool Or Target Or Both” .
Cyber crime offenses against the information technologyinfrastructure.
Such conducts includes:
• Illegal access
• Illegal interception
• System interference
• Data interference
• Misuse of devices
• Fraud
• Forgery
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 5/35
Children and adolescents between the agegroup of 6 – 18 years
Organised hackers
Professional hackers / crackers Discontented employees
Cyber Criminals
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 6/35
Reasons for Cyber Crime
Capacity to store data in small spaceEasy to access
Complex
Negligence
Loss of evidence
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 7/35
Against Individuals Against Individual Property
Against Organization
Against Society at large
Classification
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 8/35
HackingEmail bombingData diddlingSalami attacksDenial of Service attack Virus / worm attacksLogic bombs
Web jacking
Types of Cyber Crime
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 9/35
Hacking
Unauthorized use of computer and network resources.
“Hacker” originally meant a very gifted programmer.
Hacking is a felony in the US and most other countries. When it is done by request and under a contract
between an ethical hacker and an organization, it is OK!
The difference is that the ethical hacker has
authorization to probe the target.
“The number of really gifted hackers in the world is verysmall, but there are lots of wannabes…”(-Dr. Charles C.Palmer, IBM)
What is Hacking?
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 10/35
Who are Hackers?
A school definition for the term hacker. Is someone whonever goes to class, who in fact sleeps all day, and whospends the night pursuing recreational activities ratherthan studying.
There are at least two common interpretations:
Someone who bypasses the system’s access controls bytaking advantage of security weaknesses left in the
system by developersSomeone who is both knowledgeable and skilled atcomputer programming, and who is a member of thehacker subculture, one with it’s own philosophy and code
of ethics
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 11/35
History of Hackers
In December of 1947, the transistor was invented. Captain Crunch
Steve Jobs
Kevin Mitnick AT&T
The Worm- Robert Tappan Morris
Kevin Poulsen (a.k.a. Dark Dante)
Tsumomu Shimomura David Smith
Jon Johansen (a.k.a. DVD Jon)
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 12/35
What Do Hackers Do?
System Access confidential information
Threaten someone from YOUR computer
Broadcast your confidential letters or materials Store illegal or espionage material
Network
Eavesdrop and replay Imposer: server / client
Modify data / stream
Denial-of-Service
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 13/35
Hacker’s Techniques
System hacking
Network hacking
Software hacking
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 14/35
Professional hackers Black Hats – the Bad Guys
White Hats – Professional Security Experts
Underemployed Adult Hackers
Former Script Kiddies
Can’t get employment in the field Want recognition in hacker community
Ideological Hackers
hack as a mechanism to promote some political or ideological purpose
Usually coincide with political events
Criminal Hackers
Real criminals, are in it for whatever they can get no matter who it hurts
Disgruntled Employees
Most dangerous to an enterprise as they are “insiders”
Since many companies subcontract their network services a disgruntledvendor could be very dangerous to the host enterprise
Types of Hackers
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 15/35
Spam
Downloads
Pop-ups
Active X
Top Tools Hackers Use
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 16/35
Successful Hackers
Eric McCarty hacks into USC database Australian hacker attacks sewage control
computers
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 17/35
Most Likely to be Hacked
Small businesses with 10 or feweremployees.
Most vulnerable
Less resources Ignore or unaware of risks
Large businesses with 100 or more
employees Higher profile
Larger network
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 18/35
Computer hacking is broadly defined as any action thatresults in unauthorized interference with a computer, computersystem or network. Computer hacking includes breaking into acomputer with the intent to steal, damage, modify or monitor dataor settings within the system.Significance
Computer hacking is considered a crime in all countries; it isalso a crime under federal and international law. Because acomputer may be accessed from anywhere, a person may becharged with computer hacking on the state, federal andinternational level.Types
Hacking often involves more than just unauthorized accessto a computer. Computer hackers may access a computer in orderto: steal financial information such as credit card access numbers;steal personal information (identity theft); harass (swatting);vandalize; gain access to other computers; launch computer
attacks; or place malicious software (malware).
Is Computer Hacking a Crime???
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 19/35
Refers to sending a large number of emails to the victim resulting in the victim's
Email account (in case of an individual)
or
Mail servers (in case of a company or anemail service provider) crashing.
Email Bombing
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 20/35
Altering raw data just before it isprocessed by a computer and thenchanging it back after the processing
is completed.
Electricity Boards in India have been
victims to data diddling programs insertedwhen private parties were computerizingtheir systems.
Data Diddling
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 21/35
Used for the commission of financialcrimes.
Key here is to make the alteration so insignificant that in a single case itwould go completely unnoticed.
E.g. a bank employee inserts a program, intothe bank's servers, that deducts a small amount of
money (say Rs. 5 a month) from the account ofevery customer. No account holder will probablynotice this unauthorized debit, but the bankemployee will make a sizable amount of moneyevery month.
Salami Attacks
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 22/35
Involves flooding a computer resource with more requests than it can handle.
Causes the resource (e.g. a web server) tocrash thereby denying authorized users the service offered by the resource.
Denial of Service Attack
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 23/35
Programs that attachthemselves to a computer or afile
Circulate themselves to otherfiles and to other computers ona network
Affect the data on a computer,either by altering or deleting it
Virus Attacks
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 24/35
Do not need the host to attachthemselves to.
Make functional copies ofthemselves and do thisrepeatedly till they eat up all the
available space on a computer'smemory.
Worm Attacks
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 25/35
Event dependent programs. Programs are created to do something only
when a certain event (known as a triggerevent) occurs.
E.g. even some viruses may be termed logicbombs because they lie dormant all through theyear and become active only on a particular date (like the Chernobyl virus).
Logic Bombs
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 26/35
Occurs when someoneforcefully takes control ofa website (by cracking the
password and laterchanging it).
Web Jacking
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 27/35
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 28/35
Financial fraud 11% Sabotage of data/networks 17%
Theft of proprietary information 20%
System penetration from the outside 25% Denial of service 27%
Unauthorized access by insiders 71%
Employee abuse of internet privileges 79%
Viruses 85%
Types of Cyber attacks by %(Source- FBI)
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 29/35
Industry Response
Software analyst meet todiscuss the latesttechnology
Demand for security
professionals Many companies have
spent money on securityand repairs
Microsoft estimated fivebillion dollars in 2010
www.Getsafeonline.com
http://www.homeoffice.gov.uk/
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 30/35
Use anti-virus software and firewalls - keep them up to date Keep your operating system up to date with critical security
updates and patches Don't open emails or attachments from unknown sources Use hard-to-guess passwords. Don’t use words found in a
dictionary. Remember that password cracking tools exist Don't share access to your computers with strangers Back-up your computer data on disks or CDs often If you have a Wi-Fi network, password protect it Disconnect from the Internet when not in use Reevaluate your security on a regular basis Make sure your employees and family members know this
info too!
Protect your Computers
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 31/35
Intrusion Detection
Intrusion detection systems are the nextgeneration of security beyond firewall protection
Host Based IDS: For servers that contain sensitive
information.
Network Based IDS: Monitors certain networksegments.
Gives administrators a more proactive approach tostopping a potential threat.
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 32/35
Introduction to Detection
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 33/35
HOW TO DEALWITH THIS PROBLEM
International Agreements and Cooperation –Essential due to the Worldwide Nature of theInternet
Software and Hardware defenses
(e.g., antispam, antivirus software, firewalls)
Other practical steps….
Practical Steps for prevention of
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 34/35
Avoid disclosing any information pertaining tooneself.
Avoid sending any photograph online particularlyto strangers.
Use latest and up date anti virus software.
Keep back up volumes.
Never send your credit card number to any site
that is not secured.
Use of firewalls may be beneficial.
Practical Steps for prevention ofCyber Crime
8/13/2019 Cybercrime and Computer Hacking
http://slidepdf.com/reader/full/cybercrime-and-computer-hacking 35/35
Conclusion
User awareness is key to a secure computer/network Do not open suspicious files/emails
Verify ActiveX/Java prompts
Avoid using P2P programs
Avoid downloading freeware
If attacked, disconnect the network. Do not turn off the computer
Without Careful Attention To These Issues, TheUncontrolled Interconnection Of Existing Systems, On
Which People And Organizations Are Critically Dependent,Will Continue To Create Huge, Ill-defined And DefenselessSuper - Systems.
So We Must Pay Attention To All Those Issues And ProtectThe World From Cyber Crime.