Professional Documents
Culture Documents
5 Computer and Network Security
5 Computer and Network Security
5 Computer and Network Security
Professional
Practices
Computer and
Network Security
Specific threats
Hacking
Malware
Cyber crime and cyber attacks
Online voting
http://www.theguardian.com/commentisfree/2010/dec/10/modern-hackers-hacking
http://www.theguardian.com/commentisfree/2010/dec/10/modern-hackers-hacking
The hackings
Obtaining Login
Names and
Passwords:
Eavesdropping
Dumpster
diving
Social
engineering
Wide variety of
criminal
hacker-related
activities:
Transmitting code that
damages a computer
Accessing any Internetconnected computer
without authorization
Transmitting classified
government
information
Trafficking in computer
passwords
Computer fraud
Computer extortion
Sidejacking:
hijacking of an open
Web session by
capturing a users
cookie
Sidejacking possible
on unencrypted
wireless networks
because many sites
send cookies in
the clear
Internet security
community
complained about
sidejacking
vulnerability for
College of Information Technology,
years, butUNITEN
ecommerce sites
Malware
Worm:
Self-contained program
Spreads through a computer
network
Virus:
Exploits security holes in
Piece of self-replicating code
Morris worm (1988)
networked computers
embedded within another
Robert Tappan Morris, Jr.
program (host)
Graduate student at Cornell
Viruses associated with
Released worm onto Internet from MIT
program files
computer
Hard disks, floppy disks,
Effect of worm
CD-ROMS
Spread to significant numbers of Unix
Email attachments
computers
Infected computers kept crashing or
How viruses spread
became unresponsive
Diskettes or CDs
Took a day for fixes to be published
Email
Antivirus:
Impact on Morris
Files downloaded from
Suspended from Cornell
Allow computer
Internetusers to detect and destroy viruses
3 years probation + 400 hours
Must be kept up-to-date to be most effective
community service
Many people do not keep their antivirus software
$150,000 in legal fees and fines
packages up-to-date
Today, Robert Tappan Morris is an
American computer scientist and
Consumers need to beware of fake antivirus
entrepreneur!!!!
applications
College of Information Technology, UNITEN
Rootkit:
Trojan horse:
A set of programs that provides
Program with benign
privileged access to a computer
capability that masks
Activated every time computer is
a sinister purpose
booted
Backdoor Trojan:
Uses security privileges to mask
Trojan horse that
its presence Spyware:
gives attack access to
Program that communicates
Bot:
victims computer
over an Internet connection
A kind of backdoor Trojan that responds to
without users knowledge or
commands sent by a command-and-control
consent
program on another computer
Monitor Web surfing
First bots supported legitimate activities
Log keystrokes
Internet Relay Chat
Take snapshots of computer
Multiplayer Internet games
screen
Other bots support illegal activities
Send reports back to host
Distributing spam
computer
Collecting person information for ID
Adware:
theft
Type of spyware that displays
Denial-of-service attacks
pop-up advertisements related
Botnet: Collection of bot-infected
to users activity
computers controlled by the same
Backdoor
Trojans often
used to
College of Information
Technology,
UNITEN
command-and-control program
deliver spyware and adware
Bot herder: Someone who controls a botnet
Malware
Phishing:
Large-scale effort to gain sensitive information from gullible computer users
At least 67,000 phishing attacks globally in second half of 2010
New development: phishing attacks on Chinese e-commerce sites
Spear-phishing:
Variant of phishing in which email addresses chosen selectively to target particular
group of recipients
SQL Injections:
Method of attacking a database-driven Web application with improper security
Attack inserts (injects) SQL query into text string from client to application
Application returns sensitive information
enial-of-service attack:
entional action designed to prevent legitimate users from making use of a computer service
m of a DoS attack is not to steal information but to disrupt a servers ability to respond to its clients
stributed denial-of-service attack:
oS attack launched from many computers, such as a botnet
College of Information Technology, UNITEN
Cyber Crime
Criminal organizations making significant amounts of
money form malware
Jeanson James Ancheta
Pharmamaster
Albert Gonzalez
Avalanche Gang
Hackers have for some time utilized Botnets for various purposes, but Ancheta set himself above the crowd
by actively advertising his network of bots on Internet chat channels. A Web site Ancheta ran included a
ange of prices he charged people who wanted to rent out the machines, along with guidelines on how man
bots were required to bring down a particular type of Web site.
PharmaM
aster
Blue Security:
Part I
An Israeli company selling a spam
deterrence system
Blue Frog bot would automatically
Leonid Aleksandrovitch
respond to each spam message with an
Kuvayev aka Alex Rodrigez
Kuvayev is a Russian/American
opt-out message
(born
13the
May
1972) of
spammer[believed
to be
ringleader
Spammers started receiving hundreds
one of the world's biggest spam gangs.
of thousands of opt-out messages,
Anti-spam group Spamhaus.org currently
disrupting their operations
features Kuvayev as #2 on its Top 10
6 of 10 of worlds top spammers
worst spammers list. In 2005, the
agreed to stop sending spam to users
attorney general of Massachusetts
of Blue Frog
successfully sued Kuvayev for violations
of the CAN-SPAM Act - he and six
Part II
business partners were fined $37 million
PharmaMaster) started sending Blue
Frog users 10-20 times more spam
It was found that they were responsible
PharmaMaster then launched DDoS
for millions of unsolicited e-mails per day.
attacks on Blue Security and its
According to Spamhaus he could be the
business customers
"Pharmamaster" spammer who
Blue Security could not protect its
performed a denial-of-service attack
customers from DDoS attacks and
(DDoS) against the BlueSecurity
College
of Information
virus-laced
emails Technology, UNITEN
company. Kuvayev is also behind
Blue Security reluctantly terminated its
Ethical Evaluation
What do you say on the
morality of these
individuals actions?
Robert Tappan Morris, Jr.
Jeanson James Ancheta
Leonid Aleksandrovitch
Kuvayev
Kantian evaluation
Utilitarian evaluation
Benefits: ?
Harms: ?
Conclusion: ?
Cyber attacks
Politically motivated
Estonia (2007)
Georgia (2008)
Georgia (2009)
Cyberattacks on Estonia
A series of cyber attacks began on 27 April 2007 and swamped websites of Estonian
organizations, including Estonian parliament, banks, ministries, newspapers and
broadcasters following the Estonias disagreement with Russia about the relocation of
the Bronze Soldier of Tallinn (The Bronze Soldier of Tallinn is an elaborate Soviet-era
grave marker, as well as war graves in Tallinn).
Most of the attacks that had any influence on the general public were DDoS type
attacks ranging from single individuals using various methods like ping floods to
expensive rentals of botnets usually used for spam distribution. Spamming of bigger
news portals commentaries and defacements including that of the Estonian Reform
Party website also occurred.
Some observers reckoned that the onslaught on Estonia was of a sophistication not
seen before. The case is studied intensively by many countries and military planners as,
at the time it occurred, it may have been the second-largest instance of state-sponsored
cyberwarfare.
Ian Traynor,The Guardian 17 May 2007: Russia accused of unleashing cyberwar to disable Estonia
Lets ponder
Has the arrival of the internet done more harm
than good?