Chapter 5

advertisement
Chapter 5: Cyber Crimes and
Hackers
Guide to Computer Network Security
Cyber Crimes and Hackers
The greatest threats to the security, privacy, and
reliability of computer networks and other related
information systems in general are cyber crimes
committed by cyber criminals but most
importantly hackers.
The rise of the hacker factor, the unprecedented
and phenomenal growth of the Internet, the
latest developments in globalization, hardware
miniaturization, wireless and mobile technology,
the mushrooming of connected computer
networks, and society’s ever growing appetite
for and dependency on computers, have all
greatly increased the threats both the hacker and
cybercrimes pose to the global communication
and computer networks
Kizza - Guide to Computer Network
Security
2
Industry and governments around the globe are
responding to these threats through a variety of
approaches and collaborations such as:
– Formation of organizations, such as the Information
Sharing and Analysis Centers (ISACs).
– Getting together of industry portals and ISPs on how to
deal with distributed denial of service attacks including
the establishment of Computer Emergency Response
Teams (CERTs).
– Increasing use of sophisticated tools and services by
companies to deal with network vulnerabilities. Such
tools include the formation of Private Sector Security
Organizations (PSSOs) such as SecurityFocus, Bugtraq
and the International Chamber of Commerce's
CyberCrime Unit.
– Setting up national strategies similar to the U.S.
National Strategy to Secure Cyberspace,an umbrella
initiative of all initiatives from various sectors of the
national critical infrastructure grid and the Council of
Europe Convention on Cybercrimes.
Kizza - Guide to Computer Network
Security
3
The list of these crimes to include the following:
– Unlawful access to information
– Illegal interception of information
– Unlawful use of telecommunication equipment.
– Forgery with use of computer measures
– Intrusions of the Public Switched and Packet Network
– Network integrity violations
– Privacy violations
– Industrial espionage
– Pirated computer software
– Fraud using a computing system
– Internet/email abuse
– Using computers or computer technology to commit
murder, terrorism, pornography, and hacking.
Kizza - Guide to Computer Network
Security
4
Cyber crimes are executed in one of
two ways:
– penetration
– denial of service
Kizza - Guide to Computer Network
Security
5
Cyber Criminals
Are ordinary users of cyberspace with a
message. A number of studies have
identified the following groups as the
most likely sources of cyber crimes [19]:
–
–
Insiders: disgruntled insiders are a major
source of computer crimes because they do
not need a great deal of knowledge about
the victim computer system. In many cases,
such insiders use the system everyday.
Hackers: Hackers are actually computer
enthusiasts who know a lot about computers
and computer networks and use this
knowledge with a criminal intent. Since the
mid-1980s, computer network hacking has
been on the rise mostly because of the
widespread use of the Internet.
Kizza - Guide to Computer Network
Security
6
– Criminal groups: A number of cyber crimes are carried
out by criminal groups for different motives ranging
from settling scores to pure thievery.
– Disgruntled ex-employees: Many studies have shown
that disgruntled ex-employees also pose a serious threat
to organizations as sources of cyber crimes targeting
their former employers for a number of employee
employer issues that led to the separation.
– Economic espionage spies: The growth of cyberspace
and e-commerce and the forces of globalization have
created a new source of crime syndicates, the organized
economic spies that plough the Internet looking for
company secrets. As the price tag for original research
skyrockets, and competition in the market place
becomes globe, companies around the global are ready
to pay any amount for stolen commercial, marketing,
and industrial secrets.
Kizza - Guide to Computer Network
Security
7
Hackers
Currently the word has two opposite
meanings.
– a computer enthusiast as an individual
who enjoys exploring the details of
computers and how to stretch their
capabilities, as opposed to most users
who prefer to learn only the minimum
necessary.
– a malicious or inquisitive meddler who
tries to discover information by poking
around.
Kizza - Guide to Computer Network
Security
8
History of Hacking
The history of hacking has taken as many twists and turns
as the word hacking itself has. One can say that the history
of hacking actually began with the invention of the
telephone in 1876 by Alexander Graham Bell. For it was this
one invention that made internetworking possible and also
made the first hacking act possible.
There is agreement among computer historians that the
term hack was born at MIT
Engressia, commonly known as “The Whistler” is the grand
father of phone phreaking; born blind but with a high
pitch which he used to his advantage. He used to whistle
into the phones and could whistle perfectly any tone he
wanted. He discovered phreaking while listening to the
error messages caused by his calling of unconnected
numbers and was usually disconnected.
Kizza - Guide to Computer Network
Security
9
John Draper, a Vietnam veteran, commonly known as
“Captain Crunch,” took this practical whistling joke further
and discovered that using a free toy whistle from a cereal
box to carefully blow into the receiver of a telephone,
produces the precise tone of 2600 hertz needed to make
free long distance phone calls
With the starting of a limited national computer network by
ARPANET, in the 1970s, a limited form of a system of
break-in from outsiders started appearing. Through the
1970s, a number of developments gave impetus to the
hacking movement.
Kizza - Guide to Computer Network
Security
10
The debut of the personal computer (PC) in 1981
when IBM joined the PC wars, a new front in
hacking was opened.
The PCs brought the computing power to more
people because they were cheap, easy to
program, and somehow more portable
On the back of the PC was the movie
“WarGames” in 1983. The science fiction movie
watched by millions glamorized and popularized
hacking. The 1980s saw tremendous hacker
activities with the formation of gang-like hacking
groups.
Kizza - Guide to Computer Network
Security
11
Types of Hackers
There are several sub-sects of hackers based on hacking
philosophies. The biggest sub-sects are:
– Crackers - A cracker is one who breaks security on a
system. Crackers are hardcore hackers characterized
more as professional security breakers and thieves.
– Hacktivists - Hacktivists are conscious hackers with a
cause. They grew out of the old phreakers.
– cyber terrorists - Based on motives, cyberterrorists can
be divided into two categories:
the terrorists
information warfare planners.
Kizza - Guide to Computer Network
Security
12
Hacker Motives
Since the hacker world is closed to non hackers and no
hacker likes to discuss one’s secrets with non members of
the hacker community, it is extremely difficult to accurately
list all the hacker motives. From studies of attacked
systems and some writing from former hackers who are
willing to speak out, we learn quite a lot about this rather
secretive community.
Their motives are many and varied including:
– Hacker ethic
– Vendetta and/or revenge
– Jokes, Hoaxes, and Pranks
– Terrorism
– Political and Military Espionage
– Hate
– etc
Kizza - Guide to Computer Network
Security
13
Dealing with the Rising Tide of
Cyber Crimes
Most system attacks take place before even experienced
security experts have advance knowledge of them.
Most of the security solutions are best practices as we have
so far seen and we will continue to discuss them as either
preventive or reactive.
An effective plan must consist of three components:
– prevention,
– detection,
– analysis and response.
Kizza - Guide to Computer Network
Security
14
Prevention - is probably the best system security policy,
but only if we know what to prevent the systems from.
Among those possible approaches are the following:
– A security policy
– Risk management
– Perimeter security
– Encryption
– Legislation
– Self-regulation
– Mass education
Kizza - Guide to Computer Network
Security
15
Detection - In case prevention fails the next best strategy
should be early detection. Detecting cyber crimes before
they occur constitutes a 24-hour monitoring system to alert
security personnel whenever something unusual
(something with a non-normal pattern, different from the
usual pattern of traffic in and around the system) occurs.
Recovery - Whether or not prevention or detection solutions
were deployed on the system, if a security incident has
occurred on a system, a recovery plan, as spelled out in the
security plan, must be followed.
Kizza - Guide to Computer Network
Security
16
Download