Chapter 5: Cyber Crimes and Hackers Guide to Computer Network Security Cyber Crimes and Hackers The greatest threats to the security, privacy, and reliability of computer networks and other related information systems in general are cyber crimes committed by cyber criminals but most importantly hackers. The rise of the hacker factor, the unprecedented and phenomenal growth of the Internet, the latest developments in globalization, hardware miniaturization, wireless and mobile technology, the mushrooming of connected computer networks, and society’s ever growing appetite for and dependency on computers, have all greatly increased the threats both the hacker and cybercrimes pose to the global communication and computer networks Kizza - Guide to Computer Network Security 2 Industry and governments around the globe are responding to these threats through a variety of approaches and collaborations such as: – Formation of organizations, such as the Information Sharing and Analysis Centers (ISACs). – Getting together of industry portals and ISPs on how to deal with distributed denial of service attacks including the establishment of Computer Emergency Response Teams (CERTs). – Increasing use of sophisticated tools and services by companies to deal with network vulnerabilities. Such tools include the formation of Private Sector Security Organizations (PSSOs) such as SecurityFocus, Bugtraq and the International Chamber of Commerce's CyberCrime Unit. – Setting up national strategies similar to the U.S. National Strategy to Secure Cyberspace,an umbrella initiative of all initiatives from various sectors of the national critical infrastructure grid and the Council of Europe Convention on Cybercrimes. Kizza - Guide to Computer Network Security 3 The list of these crimes to include the following: – Unlawful access to information – Illegal interception of information – Unlawful use of telecommunication equipment. – Forgery with use of computer measures – Intrusions of the Public Switched and Packet Network – Network integrity violations – Privacy violations – Industrial espionage – Pirated computer software – Fraud using a computing system – Internet/email abuse – Using computers or computer technology to commit murder, terrorism, pornography, and hacking. Kizza - Guide to Computer Network Security 4 Cyber crimes are executed in one of two ways: – penetration – denial of service Kizza - Guide to Computer Network Security 5 Cyber Criminals Are ordinary users of cyberspace with a message. A number of studies have identified the following groups as the most likely sources of cyber crimes [19]: – – Insiders: disgruntled insiders are a major source of computer crimes because they do not need a great deal of knowledge about the victim computer system. In many cases, such insiders use the system everyday. Hackers: Hackers are actually computer enthusiasts who know a lot about computers and computer networks and use this knowledge with a criminal intent. Since the mid-1980s, computer network hacking has been on the rise mostly because of the widespread use of the Internet. Kizza - Guide to Computer Network Security 6 – Criminal groups: A number of cyber crimes are carried out by criminal groups for different motives ranging from settling scores to pure thievery. – Disgruntled ex-employees: Many studies have shown that disgruntled ex-employees also pose a serious threat to organizations as sources of cyber crimes targeting their former employers for a number of employee employer issues that led to the separation. – Economic espionage spies: The growth of cyberspace and e-commerce and the forces of globalization have created a new source of crime syndicates, the organized economic spies that plough the Internet looking for company secrets. As the price tag for original research skyrockets, and competition in the market place becomes globe, companies around the global are ready to pay any amount for stolen commercial, marketing, and industrial secrets. Kizza - Guide to Computer Network Security 7 Hackers Currently the word has two opposite meanings. – a computer enthusiast as an individual who enjoys exploring the details of computers and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary. – a malicious or inquisitive meddler who tries to discover information by poking around. Kizza - Guide to Computer Network Security 8 History of Hacking The history of hacking has taken as many twists and turns as the word hacking itself has. One can say that the history of hacking actually began with the invention of the telephone in 1876 by Alexander Graham Bell. For it was this one invention that made internetworking possible and also made the first hacking act possible. There is agreement among computer historians that the term hack was born at MIT Engressia, commonly known as “The Whistler” is the grand father of phone phreaking; born blind but with a high pitch which he used to his advantage. He used to whistle into the phones and could whistle perfectly any tone he wanted. He discovered phreaking while listening to the error messages caused by his calling of unconnected numbers and was usually disconnected. Kizza - Guide to Computer Network Security 9 John Draper, a Vietnam veteran, commonly known as “Captain Crunch,” took this practical whistling joke further and discovered that using a free toy whistle from a cereal box to carefully blow into the receiver of a telephone, produces the precise tone of 2600 hertz needed to make free long distance phone calls With the starting of a limited national computer network by ARPANET, in the 1970s, a limited form of a system of break-in from outsiders started appearing. Through the 1970s, a number of developments gave impetus to the hacking movement. Kizza - Guide to Computer Network Security 10 The debut of the personal computer (PC) in 1981 when IBM joined the PC wars, a new front in hacking was opened. The PCs brought the computing power to more people because they were cheap, easy to program, and somehow more portable On the back of the PC was the movie “WarGames” in 1983. The science fiction movie watched by millions glamorized and popularized hacking. The 1980s saw tremendous hacker activities with the formation of gang-like hacking groups. Kizza - Guide to Computer Network Security 11 Types of Hackers There are several sub-sects of hackers based on hacking philosophies. The biggest sub-sects are: – Crackers - A cracker is one who breaks security on a system. Crackers are hardcore hackers characterized more as professional security breakers and thieves. – Hacktivists - Hacktivists are conscious hackers with a cause. They grew out of the old phreakers. – cyber terrorists - Based on motives, cyberterrorists can be divided into two categories: the terrorists information warfare planners. Kizza - Guide to Computer Network Security 12 Hacker Motives Since the hacker world is closed to non hackers and no hacker likes to discuss one’s secrets with non members of the hacker community, it is extremely difficult to accurately list all the hacker motives. From studies of attacked systems and some writing from former hackers who are willing to speak out, we learn quite a lot about this rather secretive community. Their motives are many and varied including: – Hacker ethic – Vendetta and/or revenge – Jokes, Hoaxes, and Pranks – Terrorism – Political and Military Espionage – Hate – etc Kizza - Guide to Computer Network Security 13 Dealing with the Rising Tide of Cyber Crimes Most system attacks take place before even experienced security experts have advance knowledge of them. Most of the security solutions are best practices as we have so far seen and we will continue to discuss them as either preventive or reactive. An effective plan must consist of three components: – prevention, – detection, – analysis and response. Kizza - Guide to Computer Network Security 14 Prevention - is probably the best system security policy, but only if we know what to prevent the systems from. Among those possible approaches are the following: – A security policy – Risk management – Perimeter security – Encryption – Legislation – Self-regulation – Mass education Kizza - Guide to Computer Network Security 15 Detection - In case prevention fails the next best strategy should be early detection. Detecting cyber crimes before they occur constitutes a 24-hour monitoring system to alert security personnel whenever something unusual (something with a non-normal pattern, different from the usual pattern of traffic in and around the system) occurs. Recovery - Whether or not prevention or detection solutions were deployed on the system, if a security incident has occurred on a system, a recovery plan, as spelled out in the security plan, must be followed. Kizza - Guide to Computer Network Security 16