Brandon Gandy / Rayvincent Laoang / Juan Mejia

Noe Aguero / Benjamin Valdez

MIS 304Professor F. FangSpring 2010Cal State University San Marcos

Hacking, A History Lesson 1970’s

Phreaking – Hacking into a telephone network.○ Pioneered by John Draper and his

toy whistle○ Whistle simulated the tone to

make free calls from local payphones

○ By covering one hole, it made a frequency of 2600Hz

○ Draper became infamously called ‘Captain Crunch’

○ Invented Blue Box

Hacking, A History Lesson Cont. 1980’s

Birth of the InternetBirth of the Computer HackerRonald Austin of the 414 Gang

○ Got access into the Sloan-Kettering Cancer Hospital in NY

○ Files were altered and erased Hackers began using Apple II’s and

C64’sHacking became a household name in

1983 when New York Times did an interview w/ Austin

Hacking, A History Lesson Cont. 1990’s – Present

Cracking – Defeating the security measures of a network or particular computer system to gain unauthorized access.

Cyberpunk – A person who uses a computer with an anarchist social view.

2000 – ILOVEYOU Computer Virus sent as an email attachment from the Philippines

2010 - Operation Aurora was an attack on Google’s accounts by China

Cyber Crime Statistics

Complaint Type Percentage of Reported Total Loss

2008

Of those who reported a loss the Average (median) $ Loss per Complaint

Check Fraud 7.8% $3,000.00 Confidence Fraud 14.4% $2,000.00 Nigerian Letter Fraud 5.2% $1,650.00 Computer Fraud 3.8% $1,000.00 Non-delivery (merchandise) 28.6% $800.00 Auction Fraud 16.3% $610.00 Credit/Debit Card Fraud 4.7% $223.00

Top 10 Countries by Complaints

How Big of a Problem are Cyber Crimes in the United States? Lloyds of London is one of the world’s

largest insurance firms Is now providing insurance against

business losses due to mischief by hackers

Cyber Crime innovation has outpaced many signature detection technologies

90 percent of all internet security complaints come from the United States of America

Cyber Crime Complaints2009 2009

Key Terms

E-mail Bomb E-mail Threat Spam Online Scams Online Shopping Online Banking Online Auction Fraud

Key Terms Cont.

Phishing Scammers Carders Web Wreckers Cyberstalkers

What is a Hacker?

A hacker can be any type of computer expert that has the knowledge to break into an information system.

Every hacker has his own values, beliefs, and is motivated by different factors.

Seven Steps of Hacking Reconnaissance - To gather information of the target

system or network. Probe - To detect the weaknesses of the target

system in order to deploy the hacking tools. Toehold - To exploit security weaknesses and gain

entry into the system. Advancement - To advance from an unprivileged

account to a privileged one. Stealth - To hide the penetration tracks Listening Post - To install backdoors to establish a

listening post. Takeover - To expand control (or infection) from a

single host to other hosts of the network.

5 Categories of Hackers

White-Hat Gray-Hat Black-Hat Script-Kiddie Hacktivist

Toolkits and Techniques

Denial Of Service Tools Scanners Password Crackers Packet Sniffer Snooper Root-kit Security Exploit 

Toolkits and Techniques Cont. Stealth and Back Door Tools Key Loggers Social Engineering Malicious Applets and Scripts Logic Bombs Buffer Overflow Trojan Horse Viruses and Worms

Passwords• Passwords are used to protect

various accounts.• Users should select a “Strong

Password.”• Tips For a Strong Password:

– Is at least eight characters long– Does not contain your user name,

real name, or company name– Is significantly different from

previous passwords– Should have: one uppercase and

one lower case letter, one number, and at least one symbol (!, @, #,*)

• Good password: “UTube1zF*n2W@tch”

Firewalls A firewall is a system or group

of systems that enforces an access control policy between two networks.

A firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic.

Firewalls Cont. What Can Firewalls

Protect Against?

What Can’t They Protect Against?

Anti-Virus Software Antivirus software is

used to prevent, detect, and remove computer viruses, worms, and trojan horses.

Antivirus programs can also prevent and remove adware, spyware, and other forms of malware.

Anti-Virus Software Signature-Based

Detection

Heuristic-Based Detection

File Emulation

VPNs (Virtual Private Network)

References Hagelin, R. (2010). Shutting out cyberstalkers. The Washington Times , pg. B.5. Hitchcock, J. (2006). Net Crimes & Misdemeanors: Outmaneuvering Web Spammers, Stalkers, and Con-Artists, Second

Edition. Medford: Information Today, Inc. Krebs, B. (2000). FTC Seeks To Stem Online Auction Fraud. LexisNexis Academic . Marshall, P. (2010). Are U.S. military and civilian computer systems safe? CQ Researcher . Robert, V. (Dec 2009). Phishers Dangle Some Brand-New Bait. Academic Search Premier , 37-38. http://techie-buzz.com/tech-news/google-hack-attack-operation-aurora.html http://www.francesfarmersrevenge.com/stuff/misc/hack/index.htm Chirillo, J. (2001). Hack Attacks Encyclopedia. ( Carol. A. Long, Ed.). New York, New York: John Wiley & Sons. Curtin, C. Martin “Firewalls FAQ” http://www.faqs.org/faqs/firewalls-faq/ Microsoft Windows – “Tips for Creating a Strong Password” http://windows.microsoft.com/en-us/windows-vista/Tips-for-

creating-a-strong-password Kroenke, David M. – “Using MIS” Pearson Education, Inc. 2009. ZSecurity- Internet Security Simplified http://www.zsecurity.com/articles-antivirus.php January 25, 2010 4:49 PM PST  Report: Companies unprepared for cybercrime by Elinor Mills http://news.cnet.com/8301-

27080_3-10440901-245.html Lori Enos E-Commerce Times, Cyber Crime: A Clear and Present Danger Center for Security & Privacy Solutions, July 10,

2000. http://www.deloitte.com/view/en_US/us/Insights/centers/Center-Security-and-Privacy-Solutions/article/bcdc005f1e056210VgnVCM100000ba42f00aRCRD.htm

Cyber crime: a clear and present danger combating the fastest growing cyber security threat Copyright © 2010 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu http://www.deloitte.com/assets/Dcom-UnitedStates/Local%20Assets/Documents/AERS/us_aers_Deloitte%20Cyber%20Crime%20POV%20Jan252010.pdf

The Internet Security Guidebook from planning to development. Juanita Ellis/ Timothy Speed (academic press,2001) Consumer Fraud Reporting Crime Statistics. Copyright CFR 2005, 2006, 2007, 2008, 2009 Kemnitzer, Barron & Krieg, LLP

http://www.consumerfraudreporting.org/internet_scam_statistics.htm http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/ch-risk.html http://www.hackingalert.com/hacking-articles/free-hacking-tools.php Blomquist, Brian (May 29, 1999). "FBI's Web Site Socked as Hackers Target Feds". New York Post. Retrieved on October

21, 2008.

Conclusion/Q & A