chapter 5: cyber crimes and hackers computer network security

Chapter 5: Cyber Crimes and Chapter 5: Cyber Crimes and HackersHackers

Computer Network SecurityComputer Network Security

Kizza - Computer Network SecurityKizza - Computer Network Security 22

Cyber Crimes and Hackers

The greatest threats to the security, privacy, and The greatest threats to the security, privacy, and reliability of computer networks and other related reliability of computer networks and other related information systems in general are cyber crimes information systems in general are cyber crimes committed by cyber criminals but most committed by cyber criminals but most importantly hackers. importantly hackers. The rise of the hacker factor, the unprecedented The rise of the hacker factor, the unprecedented and phenomenal growth of the Internet, the and phenomenal growth of the Internet, the latest developments in globalization, hardware latest developments in globalization, hardware miniaturization, wireless and mobile technology, miniaturization, wireless and mobile technology, the mushrooming of connected computer the mushrooming of connected computer networks, and society’s ever growing appetite networks, and society’s ever growing appetite for and dependency on computers, have all for and dependency on computers, have all greatly increased the threats both the hacker and greatly increased the threats both the hacker and cybercrimes pose to the global communication cybercrimes pose to the global communication and computer networks and computer networks


Industry and governments around the globe are Industry and governments around the globe are responding to these threats through a variety of responding to these threats through a variety of approaches and collaborations such as:approaches and collaborations such as:– Formation of organizations, such as the Formation of organizations, such as the Information Information

Sharing and Analysis CentersSharing and Analysis Centers (ISACs). (ISACs). – Getting together of industry portals and ISPs on how to Getting together of industry portals and ISPs on how to

deal with distributed denial of service attacks including deal with distributed denial of service attacks including the establishment of the establishment of Computer Emergency Response Computer Emergency Response Teams Teams (CERTs). (CERTs).

– Increasing use of sophisticated tools and services by Increasing use of sophisticated tools and services by companies to deal with network vulnerabilities. Such companies to deal with network vulnerabilities. Such tools include the formation of Private Sector Security tools include the formation of Private Sector Security Organizations (PSSOs) such as SecurityFocus, Bugtraq Organizations (PSSOs) such as SecurityFocus, Bugtraq and the International Chamber of Commerce's and the International Chamber of Commerce's CyberCrime Unit. CyberCrime Unit.

– Setting up national strategies similar to the Setting up national strategies similar to the U.S. National U.S. National Strategy to Secure Cyberspace,Strategy to Secure Cyberspace,an umbrella initiative of an umbrella initiative of all initiatives from various sectors of the national critical all initiatives from various sectors of the national critical infrastructure grid and the Council of Europe Convention infrastructure grid and the Council of Europe Convention on Cybercrimes. on Cybercrimes.


The list of these crimes to include the following: The list of these crimes to include the following: – Unlawful access to information Unlawful access to information – Illegal interception of informationIllegal interception of information– Unlawful use of telecommunication equipment.Unlawful use of telecommunication equipment.– Forgery with use of computer measuresForgery with use of computer measures– Intrusions of the Public Switched and Packet NetworkIntrusions of the Public Switched and Packet Network– Network integrity violations Network integrity violations – Privacy violations Privacy violations – Industrial espionage Industrial espionage – Pirated computer software Pirated computer software – Fraud using a computing system Fraud using a computing system – Internet/email abuseInternet/email abuse– Using computers or computer technology to commit Using computers or computer technology to commit

murder, terrorism, pornography, and hacking.murder, terrorism, pornography, and hacking.


Cyber crimes are executed in one of Cyber crimes are executed in one of two ways: two ways: – penetration penetration – denial of servicedenial of service


Cyber CriminalsCyber CriminalsAre ordinary users of cyberspace with a Are ordinary users of cyberspace with a message. A number of studies have message. A number of studies have identified the following groups as the identified the following groups as the most likely sources of cyber crimes [19]:most likely sources of cyber crimes [19]:

– Insiders:Insiders: disgruntled insiders are a major disgruntled insiders are a major source of computer crimes because they do source of computer crimes because they do not need a great deal of knowledge about not need a great deal of knowledge about the victim computer system. In many cases, the victim computer system. In many cases, such insiders use the system everyday. such insiders use the system everyday.

– Hackers:Hackers: Hackers are actually computer Hackers are actually computer enthusiasts who know a lot about computers enthusiasts who know a lot about computers and computer networks and use this and computer networks and use this knowledge with a criminal intent. Since the knowledge with a criminal intent. Since the mid-1980s, computer network hacking has mid-1980s, computer network hacking has been on the rise mostly because of the been on the rise mostly because of the widespread use of the Internet. widespread use of the Internet.


– Criminal groups:Criminal groups: A number of cyber crimes are carried A number of cyber crimes are carried out by criminal groups for different motives ranging from out by criminal groups for different motives ranging from settling scores to pure thievery. settling scores to pure thievery.

– Disgruntled ex-employees:Disgruntled ex-employees: Many studies have shown Many studies have shown that disgruntled ex-employees also pose a serious threat that disgruntled ex-employees also pose a serious threat to organizations as sources of cyber crimes targeting to organizations as sources of cyber crimes targeting their former employers for a number of employee their former employers for a number of employee employer issues that led to the separation. employer issues that led to the separation.

– Economic espionage spies:Economic espionage spies: The growth of cyberspace The growth of cyberspace and e-commerce and the forces of globalization have and e-commerce and the forces of globalization have created a new source of crime syndicates, the organized created a new source of crime syndicates, the organized economic spies that plough the Internet looking for economic spies that plough the Internet looking for company secrets. As the price tag for original research company secrets. As the price tag for original research skyrockets, and competition in the market place skyrockets, and competition in the market place becomes globe, companies around the global are ready becomes globe, companies around the global are ready to pay any amount for stolen commercial, marketing, to pay any amount for stolen commercial, marketing, and industrial secrets. and industrial secrets.


HackersHackers

Currently the word has two opposite Currently the word has two opposite meanings. meanings. – a computer enthusiast as an individual who a computer enthusiast as an individual who

enjoys exploring the details of computers enjoys exploring the details of computers and how to stretch their capabilities, as and how to stretch their capabilities, as opposed to most users who prefer to learn opposed to most users who prefer to learn only the minimum necessary. only the minimum necessary.

– a malicious or inquisitive meddler who a malicious or inquisitive meddler who tries to discover information by poking tries to discover information by poking around. around.


History of HackingHistory of HackingThe history of hacking has taken as many twists and turns The history of hacking has taken as many twists and turns as the word hacking itself has. One can say that the history as the word hacking itself has. One can say that the history of hacking actually began with the invention of the of hacking actually began with the invention of the telephone in 1876 by Alexander Graham Bell. For it was this telephone in 1876 by Alexander Graham Bell. For it was this one invention that made internetworking possible and also one invention that made internetworking possible and also made the first hacking act possible. made the first hacking act possible. There is agreement among computer historians that the There is agreement among computer historians that the term term hackhack was born at MIT was born at MIT Engressia, commonly known as “The Whistler” is the grand Engressia, commonly known as “The Whistler” is the grand father of phone father of phone phreaking;phreaking; born blind but with a high pitch born blind but with a high pitch which he used to his advantage. He used to whistle into the which he used to his advantage. He used to whistle into the phones and could whistle perfectly any tone he wanted. He phones and could whistle perfectly any tone he wanted. He discovered phreaking while listening to the error messages discovered phreaking while listening to the error messages caused by his calling of unconnected numbers and was caused by his calling of unconnected numbers and was usually disconnected. usually disconnected.


John Draper, a Vietnam veteran, commonly known as John Draper, a Vietnam veteran, commonly known as “Captain Crunch,” took this practical whistling joke further “Captain Crunch,” took this practical whistling joke further and discovered that using a free toy whistle from a cereal and discovered that using a free toy whistle from a cereal box to carefully blow into the receiver of a telephone, box to carefully blow into the receiver of a telephone, produces the precise tone of 2600 hertz needed to make produces the precise tone of 2600 hertz needed to make free long distance phone calls free long distance phone calls

With the starting of a limited national computer network by With the starting of a limited national computer network by ARPANET, in the 1970s, a limited form of a system of ARPANET, in the 1970s, a limited form of a system of break-in from outsiders started appearing. Through the break-in from outsiders started appearing. Through the 1970s, a number of developments gave impetus to the 1970s, a number of developments gave impetus to the hacking movement. hacking movement.


The debut of the personal computer (PC) in 1981 The debut of the personal computer (PC) in 1981 when IBM joined the PC wars, a new front in when IBM joined the PC wars, a new front in hacking was opened. hacking was opened. The PCs brought the computing power to more The PCs brought the computing power to more people because they were cheap, easy to people because they were cheap, easy to program, and somehow more portable program, and somehow more portable On the back of the PC was the movie On the back of the PC was the movie “WarGames” in 1983. The science fiction movie “WarGames” in 1983. The science fiction movie watched by millions glamorized and popularized watched by millions glamorized and popularized hacking. The 1980s saw tremendous hacker hacking. The 1980s saw tremendous hacker activities with the formation of activities with the formation of gang-likegang-like hacking hacking groups. groups.


Types of HackersTypes of HackersThere are several sub-sects of hackers based on hacking There are several sub-sects of hackers based on hacking philosophies. The biggest sub-sects are:philosophies. The biggest sub-sects are:– Crackers - A cracker is one who breaks security on a Crackers - A cracker is one who breaks security on a

system. Crackers are hardcore hackers characterized system. Crackers are hardcore hackers characterized more as professional security breakers and thieves. more as professional security breakers and thieves.

– Hacktivists - Hacktivists are conscious hackers with a Hacktivists - Hacktivists are conscious hackers with a cause. They grew out of the old phreakers. cause. They grew out of the old phreakers.

– cyber terrorists - Based on motives, cyberterrorists can cyber terrorists - Based on motives, cyberterrorists can be divided into two categories: be divided into two categories:

the terrorists the terrorists

information warfare planners. information warfare planners.


Hacker Motives Hacker Motives Since the hacker world is closed to non hackers and no Since the hacker world is closed to non hackers and no hacker likes to discuss one’s secrets with non members of hacker likes to discuss one’s secrets with non members of the hacker community, it is extremely difficult to accurately the hacker community, it is extremely difficult to accurately list all the hacker motives. From studies of attacked list all the hacker motives. From studies of attacked systems and some writing from former hackers who are systems and some writing from former hackers who are willing to speak out, we learn quite a lot about this rather willing to speak out, we learn quite a lot about this rather secretive community. secretive community. Their motives are many and varied including:Their motives are many and varied including:– Hacker ethicHacker ethic– Vendetta and/or revengeVendetta and/or revenge – Jokes, Hoaxes, and PranksJokes, Hoaxes, and Pranks – TerrorismTerrorism – Political and Military EspionagePolitical and Military Espionage – HateHate – etcetc


Dealing with the Rising Tide of Dealing with the Rising Tide of Cyber Crimes Cyber Crimes

Most system attacks take place before even experienced Most system attacks take place before even experienced security experts have advance knowledge of them. security experts have advance knowledge of them.

Most of the security solutions are best practices as we have Most of the security solutions are best practices as we have so far seen and we will continue to discuss them as either so far seen and we will continue to discuss them as either preventive or reactive. preventive or reactive.

An effective plan must consist of three components: An effective plan must consist of three components: – prevention, prevention, – detection, detection, – analysis and response. analysis and response.


Prevention - is probably the best system security policy, Prevention - is probably the best system security policy, but only if we know what to prevent the systems from. but only if we know what to prevent the systems from. Among those possible approaches are the following:Among those possible approaches are the following:– A security policyA security policy– Risk managementRisk management– Perimeter securityPerimeter security– EncryptionEncryption– Legislation Legislation – Self-regulation Self-regulation – Mass educationMass education


Detection - In case prevention fails the next best strategy Detection - In case prevention fails the next best strategy should be early detection. Detecting cyber crimes before should be early detection. Detecting cyber crimes before they occur constitutes a 24-hour monitoring system to alert they occur constitutes a 24-hour monitoring system to alert security personnel whenever something unusual security personnel whenever something unusual (something with a non-normal pattern, different from the (something with a non-normal pattern, different from the usual pattern of traffic in and around the system) occurs. usual pattern of traffic in and around the system) occurs. Recovery - Whether or not prevention or detection solutions Recovery - Whether or not prevention or detection solutions were deployed on the system, if a security incident has were deployed on the system, if a security incident has occurred on a system, a recovery plan, as spelled out in the occurred on a system, a recovery plan, as spelled out in the security plan, must be followed. security plan, must be followed.

chapter 5: cyber crimes and hackers computer network security

Documents