Computer and Network Security
Total Page:16
File Type:pdf, Size:1020Kb
CISB412 Ethics & IT Professional Practices Computer and Network Security College of Information Technology, UNITEN ….getting more and more important… • Computers getting faster and less expensive • Utility of networked computers increasing • Shopping and banking • Social Media • Booking and reservations (flight, movies, …) • Managing personal information • Controlling industrial processes • Increasing use of computers growing importance of computer security College of Information Technology, UNITEN Specific threats • Hacking • Malware • Cyber crime and cyber attacks • Online voting College of Information Technology, UNITEN The original hackers (the good • guys)MIT’sOriginal Tech meaning Model of hacker: Railroad explorer, Club risk in taker, system 1950sinnovator • The history of model railroading parallels that of MIT, although the first student group, the Tech Model Railroad Club (TMRC), was not established until 1946. TMRC moved into the famous old Radiation Lab structure, Building 20, a year later and began constructing its first layout. Realism mattered and club members became fanatical in the design, fabrication, and operation of their quarter-scale world. Electrical Engineering Professor Carlton Tucker was the faculty advisor who helped supply the club with sophisticated electronics. During peak membership years in the 1950s and 1960s, many TMRC members became interested in computers. Thanks to Tucker and Digital Equipment Corporation (DEC), club members began experimenting with such pioneering computers as the TX-0, PDP-1, and PDP-11. The group members became legends and were featured in Steven Levy’s paean, Hackers—Heroes of the ComputerSource: Revolution http:// . Today, the TMRC is considered by somemuseum.mit.edu/150/63 to beCollege the of Information Technology, UNITEN birthplace of hacker culture. The trains can still be seen at TMRC’s spring and fall Open House events. Evolution of the hackers (good turned political) • Hacking has a long (starting with TRMC) and variably honored history • One of the key elements of these hackers' work, was that the computers and software they hacked was open for modification, improvement and extension. • When you bought your computer it came with the source code to any programs bundled with it, in the full expectation that the owner would want to take it apart. • By 1980, the trend started to change. • and manufacturers began restricting copying, redistribution and modification of the software they provided. • "hacking" developed its political edge. • The discovery in 1980 that the licensing restrictions attached to the latest version of a printer at MIT's artificial intelligence lab launched Richard Stallman's lifetime career of writing and campaigning for free – as in free speech – software • In 1981, the Hamburg chaos computer club was founded; it rapidly became known for both exposing security flaws and for advocating freedom of information.Wendy M. Grossman, Modern 'hackers' are not worthy of the name, http://www.theguardian.com/commentisfree/2010/dec/10/modern-hackers-hacking-tradition College of Information Technology, UNITEN The modern hackers (..and they became evil) • By the early 1990s, "hacker" had come to mean what it still means to many people: a very clever, computer- obsessed, (usually) young, (usually) male with maybe a shaky grasp on the ethics. The equivalent of joyriders, because of their abilities to operate weird, new technology and penetrate what should have been locked rooms, but largely motivated by bragging rights and the satisfaction of solving difficult puzzles. • the first version of the Computer Misuse Act was passed in 1990 inWendy the M. USA. Grossman, Modern 'hackers' are not worthy of the name, http://www.theguardian.com/commentisfree/2010/dec/10/modern-hackers-hacking-tradition College of Information Technology, UNITEN The hackers today • A hacker is someone who seeks and exploits weaknesses in a computer system or computer network. • Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge or enjoyment. • There are hackers who are politically-edged: • Wikileakers (freedom-of-information activist. They like to think of themselves as journalist) • Hacktivist (they claim that they are protesting actions they believe to be unfair, even morally bankrupt in a way that attracts public notice) College of Information Technology, UNITEN The hackings Wide variety of Sidejacking: Obtaining Login criminal • hijacking of an open Names and hacker-related Web session by Passwords: activities: capturing a user’s • Eavesdropping • Transmitting code that cookie • Dumpster damages a computer • Sidejacking possible diving • Accessing any Internet- on unencrypted • Social connected computer wireless networks engineering without authorization because many sites • Transmitting classified send cookies “in government the clear” information • Internet security • Trafficking in computer community passwords complained about • Computer fraud sidejacking • Computer extortion vulnerability for College of Information Technology,years, but UNITEN ecommerce sites did not change practices Worm: Malware • Self-contained program • Spreads through a computer Virus: network • Piece of self-replicating code • Exploits security holes in embedded within another networked computersMorris worm (1988) program (host) Robert Tappan Morris, Jr. • Graduate student at Cornell Viruses associated with Released worm onto Internet from MIT program files computer • Hard disks, floppy disks, • Effect of worm CD-ROMS Spread to significant numbers of Unix • Email attachments computers • How viruses spread Infected computers kept crashing or • Diskettes or CDs became unresponsive • Email Took a day for fixes to be published Antivirus: • • Files downloaded from Impact on Morris • Suspended from Cornell Allow computerInternet users to detect and destroy viruses • Must be kept up-to-date to be most effective 3 years’ probation + 400 hours community service • Many people do not keep their antivirus software $150,000 in legal fees and fines packages up-to-date • Today, Robert Tappan Morris is an • Consumers need to beware of fake antivirus American computer scientist and applications entrepreneur!!!! College of Information Technology, UNITEN Rootkit: Trojan horse: A set of programs that provides MalwareProgram with benign privileged access to a computer capability that masks Activated every time computer is a sinister purpose booted Backdoor Trojan: Uses security privileges to mask Trojan horse that its presence Spyware: gives attack access to Program that communicates Bot: victim’s computer over an Internet connection A kind of backdoor Trojan that responds to without user’s knowledge or commands sent by a command-and-control consent program on another computer Monitor Web surfing • First bots supported legitimate activities Log keystrokes Internet Relay Chat Take snapshots of computer Multiplayer Internet games screen • Other bots support illegal activities Send reports back to host Distributing spam computer Collecting person information for ID Adware: theft Type of spyware that displays Denial-of-service attacks pop-up advertisements related Botnet: Collection of bot-infected to user’s activity computers controlled by the same Backdoor Trojans often used to command-and-control program College of Information Technology, UNITEN deliver spyware and adware Bot herder: Someone who controls a botnet Cyber Crime and Cyber Attacks Phishing: Large-scale effort to gain sensitive information from gullible computer users At least 67,000 phishing attacks globally in second half of 2010 New development: phishing attacks on Chinese e-commerce sites Spear-phishing: Variant of phishing in which email addresses chosen selectively to target particular SQL Injections:group of recipients Method of attacking a database-driven Web application with improper security Attack inserts (injects) SQL query into text string from client to application Application returns sensitive information Denial-of-service attack: Intentional action designed to prevent legitimate users from making use of a computer service Aim of a DoS attack is not to steal information but to disrupt a server’s ability to respond to its clients Distributed denial-of-service attack: DoS attack launched from many computers, such as a botnet College of Information Technology, UNITEN Cyber Crime Criminal organizations making significant amounts of money form malware • Jeanson James Ancheta • Pharmamaster • Albert Gonzalez • Avalanche Gang College of Information Technology, UNITEN Jeanson James Ancheta Ancheta was going to Downey High School in California until 2001 when he dropped out of school. He later entered an alternative program for students with academic or behavioral problems. He worked at an Internet cafe and according to his family wanted to join the military reserves. Around June 2004 he started to work with botnets after discovering rxbot, a common computer worm that could spread his net of infected computers. Hackers have for some time utilized Botnets for various purposes, but Ancheta set himself above the crowd by actively advertising his network of bots on Internet chat channels. A Web site Ancheta ran included a range of prices he charged people who wanted to rent out the machines, along with guidelines on how many bots were required to bring down a particular type of Web site. College of Information Technology, UNITEN Blue Security: PharmaM Part I • An Israeli company selling a spam aster deterrence system Leonid