Adam Capriola Risks of Computing 9/11/05 Many people don`t

advertisement
Adam Capriola
Risks of Computing
9/11/05
Many people don't recognize that along with ethics in the real world, we have
ethics in the cyber world. There are rules and laws on the Internet just like there are rules
and laws in the real world. When people are on the Internet, they feel like they are
anonymous, and they do whatever they feel like. For example, when elementary and
middle school students were polled, almost half of the students believed that hacking
wasn't a crime. People just don't believe that there are rigid rules that apply to using the
Internet. They don't think there are any consequences to their actions because no one
knows who they are, and also because if anyone were to find out who they were, there is
a great distance between where people live. They don't think they would be contacted or
found. This lack of understanding the laws regarding the use of the Internet leads to a
risk of computing for the unsuspecting everyday user of the information highway.
Attackers (or hackers) on your computer can claim to have the same Internet
protocol (IP) address as someone else. This is called IP spoofing. This would allow
them to make illegal actions under the identity of someone else. This would allow them
to do thing they shouldn't be doing and they would not be caught. Whoever the IP
address belongs to could be accused of doing things they didn't do. The hacker could
also take control of the user's console and that user would not know. This is called IP
session hijacking. The user would just be logged off their system and be allowed to log
back on, while in the meantime the hacker can go through their e-mail, run any programs,
and steal information among other things.
Computer users are also at risk to “unauthorized access” attacker. In these types
of attacks, the hacker will use some resources on your computer that they should not have
access to. One way the hacker does this is by executing commands illicitly. They could
read your files and send e-mail to people under your name, which they should not be able
to do. They could also do worse things, like changing your IP address and making your
computer shut down every time it is booted up.
Another type of unauthorized access attack is confidentiality breaches. Hackers
can steal your information and use it against you. For example, if you are in a business,
they could take some idea your company came up with, and sell it to one of your
competitors. They could also steal some of your personal information and release it to
the public. This could be very damaging to your reputation.
Adam Capriola
Risks of Computing
9/11/05
The last type of unauthorized access attack is destructive behavior. There are two
types of this attack. “Data diddling” is when a hacker messes with data in your saved
files. For example, they may change a few numbers around in your spreadsheet or
change the numbers in your account for auto-depositing your paychecks. This attack is
most likely not noticed right away, but when you do notice, the effects can be very
damaging. If the hacker changed some numbers on your spreadsheet, how do you know
which ones are right and which ones are wrong?
The other type of destructive behavior attack is data destruction. This is when the
attacker simply deletes your files. When this happens, it is very damaging, especially for
a business. There is no way to recover the files and they are left with nothing. There are
however ways to stay protected against hackers.
One thing a computer user can do is make make backups of your files. Simply
put your files onto a blank CD or a floppy disk so they are safe even if a hacker were to
tamper with or delete all your files. They may be able to attack your computer, but they
can't attack a CD, floppy disk, or any external memory device. This would keep your
files safe in the event of an attack, or even if you were to have a hardware failure.
You should also be sure not to leave your files in the open. Save them in a place
not so easily found by an attacker. This decreases the chance that a hacker will do
something malicious to your important files. If they cannot find your important data,
they cannot harm your important data. This is a simple thing that many computers do not
do.
It is also important to avoid using systems with single points of failure, meaning if
your computer has one flaw in its security, it is very vulnerable to attacks. Make sure
that your security system can't be broken through one component. If you give a hacker
an inch, they will take it a mile. A minor attack could escalate and become a disaster.
You should make sure you update your system patches. Old bugs in the system
can be exploited, and if you don't stay up to date with the current fixes, attackers will
exploit the old bugs. They cannot attack the fixes as easily. This is a very simple and
easy thing to help protect yourself, yet if you don't do this, it is a very simple and easy
way for the attacker to break into your system.
Firewalls are another thing that can protect you from hackers. Connecting to the
Adam Capriola
Risks of Computing
9/11/05
Internet provides two-way traffic, in and out of your computer. A firewall serves as a
barrier and limits the traffic in and out of your computer. It can prevent a hacker from
breaking into your system. Also, even if a hacker does break into your system, the
firewall can prevent them from sending files from your computer. A firewall is a very
important part to protecting your computer against attacks.
However, if you set your modem to answer incoming calls, an attacker can sneak
around your firewall. This gives them another entry point into your computer. You must
protect your modem, too. The terminal sever, which provides access to your network
must be logged and checked for suspicious activity. It's also important for you to have a
good password; it shouldn't be easily guessed. There are devices which create one time
six to eight digit passwords, so a hacker would never be able to guess the right password
because it's ever changing.
Routers now have built in encryption between specific routers. This keeps them
safe so an attacker could not break into your system. The information is encrypted so
they could not read it out get into your console. This provides a secure route between
computers.
Companies are also now using Virtual Private Networks. I uses the Internet to
connect two different offices to each other. The only problem with this is that everyone
on the network has access to everything, it isn't possible to provide specific information
to one computer on the network. Hackers cannot break into a Virtual Private Network
because the link is encrypted.
There are numerous risks to computing and it is very important to be prepared for
them. You have to watch out for hackers that can mimic your IP address, read your files,
tamper with your files, and even delete your files. These risks are real, but if you are
prepared you can safely utilize the Internet. Make sure you backup your files, keep your
system updated, and have a firewall among other things to keep your computer safe. If
you take all the necessary precautions, you will be at low risk to an attack, and you
should be able to fully enjoy the Internet without the fear attackers.
Bibliography:
http://www.cerias.purdue.edu/education/k12/cerias_resources/files/infosec_newsletters/07cyberethics.php
Adam Capriola
Risks of Computing
http://ethics.csc.ncsu.edu/
http://www.interhack.net/pubs/network-security/network-security.html
9/11/05
Download