copyright © 2015 pearson education, inc. computer fraud and abuse techniques chapter 6 6-1
TRANSCRIPT
Copyright © 2015 Pearson Education, Inc.
Computer Fraud and Abuse Techniques
Chapter 6
6-1
Copyright © 2015 Pearson Education, Inc.
Types of Attacks•Hacking
▫Unauthorized access, modification, or use of an electronic device or some element of a computer system
•Social Engineering▫Techniques or tricks on people to gain
physical or logical access to confidential information
•Malware▫Software used to do harm
6-2
Copyright © 2015 Pearson Education, Inc.
Hacking▫Hijacking
Gaining control of a computer to carry out illicit activities
▫Botnet (robot network) Zombies Bot herders Denial of Service (DoS) Attack Spamming Spoofing
Makes the communication look as if someone else sent it so as to gain confidential information. 6-3
Copyright © 2015 Pearson Education, Inc.
Forms of Spoofing
• E-mail▫ E-mail sender appears as if it
comes from a different source• Caller-ID
▫ Incorrect number is displayed• IP address
▫ Forged IP address to conceal identity of sender of data over the Internet or to impersonate another computer system
• Address Resolution Protocol (ARP)▫ Allows a computer on a LAN
to intercept traffic meant for any other computer on the LAN
• SMS▫ Incorrect number or
name appears, similar to caller-ID but for text messaging
• Web page▫ Phishing
• DNS▫ Intercepting a request
for a Web service and sending the request to a false service
6-4
Copyright © 2015 Pearson Education, Inc.
Hacking with Computer Code•Cross-site scripting (XSS)
▫Uses vulnerability of Web application that allows the Web site to get injected with malicious code. When a user visits the Web site, that malicious code is able to collect data from the user.
•Buffer overflow attack▫Large amount of data sent to overflow the input
memory (buffer) of a program causing it to crash and replaced with attacker’s program instructions.
•SQL injection (insertion) attack▫Malicious code inserted in place of a query to
get to the database information 6-5
Copyright © 2015 Pearson Education, Inc.
Other Types of Hacking•Man in the
middle (MITM)▫Hacker is
placed in between a client (user) and a host (server) to read, modify, or steal data.
6-6
Copyright © 2015 Pearson Education, Inc.
Other Types of Hacking• Password Cracking
▫Penetrating system security to steal passwords• War Dialing/War Driving
▫Computer automatically dials phone numbers looking for modems/ or look for wireless network.
• Phreaking▫Attacks on phone systems to obtain free phone
service.• Data Diddling
▫Making changes to data before, during, or after it is entered into a system.
• Data Leakage▫Unauthorized copying of company data.
6-7
Copyright © 2015 Pearson Education, Inc.
Hacking Used for Embezzlement•Salami technique:
▫Taking small amounts at a time Round-down fraud
•Economic espionage▫Theft of information, intellectual
property and trade secrets•Cyber-extortion
▫Threats to a person or business online through e-mail or text messages unless money is paid
6-8
Copyright © 2015 Pearson Education, Inc.
Hacking Used for Fraud•Internet misinformation
▫Using the Internet to spread false or misleading information
•E-mail threats•Internet auction
▫Using an Internet auction site to defraud another person Unfairly drive up bidding Seller delivers inferior merchandise or fails to
deliver at all Buyer fails to make payment
•Internet pump and dump▫Using the Internet to pump up the price of a stock
and then selling it 6-9
Copyright © 2015 Pearson Education, Inc.
Hacking Used for Fraud
•Click fraud▫Inflate advertising bills
•Web cramming▫Offer free web for month, billing even if
people do to want to continue•Software piracy
6-10
Copyright © 2015 Pearson Education, Inc.
Social Engineering
•Social Engineering(tricking someone)▫Techniques or psychological tricks used
to gain access to sensitive data or information
▫Used to gain access to secure systems or locations
6-11
Copyright © 2015 Pearson Education, Inc.
Social Engineering Techniques• Identity theft
▫ Assuming someone else’s identity
• Pretexting▫ Using a scenario to trick
victims to divulge information or to gain access
• Posing▫ Creating a fake business to
get sensitive information• Phishing
▫ Sending an e-mail asking the victim to respond to a link that appears legitimate that requests sensitive data
• Pharming▫ Redirects Web site to a
spoofed Web site
• URL hijacking▫ Takes advantage of
typographical errors entered in for Web sites and user gets invalid or wrong Web site
• Scavenging▫ Searching trash for
confidential information• Shoulder surfing
▫ Snooping (either close behind the person) or using technology to snoop and get confidential information
• Skimming Double swiping credit card
• Eeavesdropping
6-12
Copyright © 2015 Pearson Education, Inc.
Minimize the Threat of Social Engineering
•Never let people follow you into restricted areas
•Never log in for someone else on a computer
•Never give sensitive information over the phone or through e-mail
•Never share passwords or user IDs•Be cautious of someone you don’t know who is trying to gain access through you
6-13
Copyright © 2015 Pearson Education, Inc.
Type of Malware(software used to do harm)•Spyware
▫Secretly monitors and collects personal information about users and sends it to someone else
▫Typical sources Downloads such as games, wallpapers,
screensavers, music, videos Web sites that secretly download spyware(drive-by-
downloading) Malware masquerading as anti-spyware security
software Worm or virus Public networks
6-14
Copyright © 2015 Pearson Education, Inc.
Type of Malware(software used to do harm)
•Adware▫Pops banner ads on a monitor, collects information
about the user’s Web-surfing, and spending habits, and forward it to the adware creator
•Key logging▫Records computer activity, such as a user’s keystrokes,
e-mails sent and received, Web sites visited, and chat session participation
•Trojan Horse▫Malicious computer instructions in an authorized and
otherwise properly functioning program
6-15
Copyright © 2015 Pearson Education, Inc.
Type of Malware(software used to do harm)
•Time bombs/logic bombs▫ Idle until triggered by a specified date or time, by a
change in the system, by a message sent to the system, or by an event that does not occur
▫Typically destroys programs and/or data
•Trap Door/Back Door▫A way into a system that bypasses normal authorization
and authentication controls▫Often used during systems development and removed
before system put into operation
6-16
Copyright © 2015 Pearson Education, Inc.
More Malware•Packet Sniffers
▫Capture data from information packets as they travel over networks
▫Rootkit Used to hide the presence of trap doors, sniffers, and
key loggers; conceal software that originates a denial-of-service or an e-mail spam attack; and access user names and log-in information
•Superzapping▫Unauthorized use of special system programs to
bypass regular system controls and perform illegal acts, all without leaving an audit trail
6-17
Copyright © 2015 Pearson Education, Inc.
More Malware
•computer virus ▫self-replicating, executable code that
attaches itself to software▫two phases.
In the first phase, the virus replicates itself and spreads to other systems or files when some predefined event occurs.
attack phase, also triggered by some predefined event, the virus carries out its mission
5-18
Copyright © 2015 Pearson Education, Inc.
More Malware• computer worm is a self-replicating computer
program similar to a virus except for the following three differences▫ A virus is a segment of code hidden in or attached to a
host program or executable file, whereas a worm is a stand-alone program.
▫ A virus requires a human to do something (run a program, open a file, etc.) to replicate itself, whereas a worm does not and actively seeks to send copies of itself to other devices on a network.
▫ Worms harm networks (if only by consuming bandwidth), whereas viruses infect or corrupt files or data on a targeted computer.
5-19
Copyright © 2015 Pearson Education, Inc.
Reducing Malware Threats
•Comprehensive security suites▫Norton, F-secure, McAffee, etc
•Specialized anti malware software▫Example: Malwarebytes Anti-Malware
•Use two user accounts, one with admin privileges and general user account for day to day computing▫General user account may help to
reduce chance of drive-by-downloading
Copyright © 2015 Pearson Education, Inc.
Cellphone Bluetooth Vulnerabilities
•Bluesnarfing▫Stealing contact lists, data, pictures on
bluetooth compatible smartphones•Bluebugging
▫Taking control of a phone to make or listen to calls, send or read text messages
6-21
Copyright © 2015 Pearson Education, Inc.
Key Terms – Table 6-1• Hacking• Hijacking• Botnet• Zombie• Bot herder• Denial-of-service (DoS)
attack• Spamming• Dictionary attack• Splog• Spoofing• E-mail spoofing• Caller ID spoofing• IP address spoofing• MAC address
• Address Resolution Protocol (ARP) spoofing
• SMS spoofing• Web-page spoofing• DNS spoofing• Zero day attack• Patch• Cross-site scripting (XSS)• Buffer overflow attack• SQL injection (insertion)
attack• Man-in-the-middle (MITM)
attack• Masquerading/
impersonation• Piggybacking 6-22
Copyright © 2015 Pearson Education, Inc.
Key Terms (continued)• Password cracking• War dialing• War driving• War rocketing• Phreaking• Data diddling• Data leakage• Podslurping• Salami technique• Round-down fraud• Economic espionage• Cyber-extortion• Cyber-bullying• Sexting
• Internet terrorism• Internet misinformation• E-mail threats• Internet auction fraud• Internet pump-and-dump
fraud• Click fraud• Web cramming• Software piracy• Social engineering• Identity theft• Pretexting• Posing• Phishing• vishing 6-23
Copyright © 2015 Pearson Education, Inc.
Key Terms (continued)• Carding• Pharming• Evil twin• Typosquatting/URL
hijacking• QR barcode replacements• Tabnapping• Scavenging/dumpster
diving• Shoulder surfing• Lebanese looping• Skimming• Chipping• Eavesdropping• Malware• Spyware
• Adware• Torpedo software• Scareware• Ransomware• Keylogger• Trojan horse• Time bomb/logic bomb• Trap door/back door• Packet sniffers• Steganography program• Rootkit• Superzapping• Virus• Worm• Bluesnarfing• Bluebugging
6-24