Chapter 8 Cybercrime Cyberterrorism and Cyberwarfare Cybercrime Illegal
Chapter 8 Cybercrime, Cyberterrorism, and Cyberwarfare
Cybercrime Illegal or criminogenic activities performed in cyberspace
Common EC/EB crime targets/victims n n Identity theft – is your customer “real”? Credit card number theft – is your customer’s credit/debit account “real”? Computational embezzlement – fraudulent creation/manipulation of financial info regarding EC/EB transactions or accounts (biggest corporate problem) (Security) Vulnerability and exploit attacks (most pervasive problem). EC/EB system targeted attacks mostly “out of sight” so far Copyright © 2003, Addison-Wesley
Hacker/Cracker n n n Originally, an expert programmer Today, someone (Cracker) who breaks into computers Types of hackers n n n White-hat hackers Black-hat hackers (crackers, dark side hackers) Elite hackers n n Superior technical skills Very persistent Often publish their exploits Samurai – a hacker for hire Copyright © 2003, Addison-Wesley
Figure 8. 1 A list of postings on a hacker newsgroup. Source: alt. bio. hackers newsgroup Copyright © 2003, Addison-Wesley
Figure 8. 2 A typical posting. Source: alt. bio. hackers newsgroup Copyright © 2003, Addison-Wesley
Figure 8. 3 Hackers publish their exploits. Source: http: //packetstormsecurity. org/ Copyright © 2003, Addison-Wesley
Script-kiddies and Phreakers n Script-kiddie (packet monkeys, lamerz) n n n Phreaker n n Hacker in training Disdained by the elite hackers Person who cracks the telephone network Insider/outsider using “social engineering” n n n Trusted employee turned black-hat hacker Dumpster divers; help desk impersonators, etc. Potentially most dangerous Copyright © 2003, Addison-Wesley
Why Do Hackers Hack? n Government sponsored hacking n Cyberwarfare Cyberterrorism n Espionage n n n Industrial espionage White-hats n n Publicize vulnerabilities The challenge – hack mode n Black hats – misappropriate software and personal information Script kiddies – gain respect n Insiders – revenge n Copyright © 2003, Addison-Wesley
Password Theft n n Easiest way to gain access/control User carelessness n Poor passwords n n n Dumpster diving Observation, particularly for insiders n n n Easily guessed The sticky note on the monitor Human engineering, or social engineering Standard patterns (e. g. , Miami University) n Guess the password from the pattern Copyright © 2003, Addison-Wesley
Rules for Choosing Good Passwords n n n Easy to remember, difficult to guess Length – 6 to 9 characters Mix character types n n n Letters, digits, special characters Use an acronym Avoid dictionary words Different account different password Change passwords regularly Copyright © 2003, Addison-Wesley
Packet Sniffers n n Software wiretap Captures and analyzes packets Any node between target and Internet Broadcast risk n n n Ethernet and cable broadcast messages Set workstation to promiscuous mode Legitimate uses n n Detect intrusions Monitoring Copyright © 2003, Addison-Wesley
Potentially Destructive Software n Logic bomb (set up by insider) n n n Rabbit n n Potentially very destructive Time bomb – a variation Denial of service Trojan horse n Common source of backdoors Copyright © 2003, Addison-Wesley
Backdoor n Undocumented access point n n Testing and debugging tool Common in interactive computer games n n Cheats and Easter eggs Hackers use/publicize backdoors to gain access n n n Programmer fails to close a backdoor Trojan horse Inserted by hacker on initial access n Back Orifice – the Cult of the Dead Cow Copyright © 2003, Addison-Wesley
Viruses and Worms (most common) n Virus n n n Parasite Requires host program to replicate Virus hoaxes can be disruptive Virus patterns/generators exist; script kiddies use these (but most anti-virus software does not!) Worm n n n Virus-like Spreads without a host program Used to collect information n n Sysop – terminal status Hacker – user IDs and passwords Copyright © 2003, Addison-Wesley
Figure 8. 6 Structure of a typical virus. n n n Macro viruses (thanks to MS ) Polymorphic viruses E-mail attachments n n n Today, click attachment Tomorrow, may be eliminated! Cluster viruses n n Spawn mini-viruses Cyberterrorism threat n Payload can be n n n Trivial Logic bomb Time bomb Trojan horse Backdoor Sniffer Copyright © 2003, Addison-Wesley
Anti-Virus Software n Virus signature n n n Heuristics n n n Uniquely identifies a specific virus Update virus signatures frequently Monitor for virus-like activity Virus detection and removal to be pushed “upstream” in the IT supply chain infrastructure Recovery support Copyright © 2003, Addison-Wesley
Figure 8. 8 Security and virus protection in layers. n Defend in depth n n n What one layer misses, the next layer traps Firewalls (Chapter 9) Anti-virus software Copyright © 2003, Addison-Wesley Internet
System Vulnerabilities n Known security weak points n n n Default passwords – system initialization Port scanning Software bugs Logical inconsistencies between layers Published security alerts War dialer to find vulnerable computer Copyright © 2003, Addison-Wesley
Denial of Service Attacks (Do. S) n An act of vandalism or terrorism n n Objective n n A favorite of script kiddies Send target multiple packets in brief time Overwhelm target The ping o’ death Distributed denial of service attack n Multiple sources Copyright © 2003, Addison-Wesley
Figure 8. 9 A distributed denial of service attack. n n Cyber equivalent of throwing bricks Overwhelm target computer Standard Do. S is a favorite of script kiddies DDo. S more sophisticated Copyright © 2003, Addison-Wesley
Spoofing n n Act of faking key system parameters DNS spoofing n n n Alter DNS entry on a server Redirect packets IP spoofing n n Alter IP address Smurf attack Copyright © 2003, Addison-Wesley
Figure 8. 10 IP spoofing. n Preparation n Probe target (A) Launch Do. S attack on trusted server (B) Attack target (A) n n Fake message from B A acknowledges B n n B cannot respond Do. S attack Fake acknowledgement from B Access A via 1 -way communication path Copyright © 2003, Addison-Wesley
Cybercrime prevention n n Multi-layer security Security vs. privacy? Copyright © 2003, Addison-Wesley
- Slides: 24