DOCSLIB.ORG

Introduction to Computer Crime

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Introduction to Computer Crime Introduction to Computer Crime M. E. Kabay, PhD, CISSP-ISSMP Program Director, MSIA School of Graduate Studies Norwich University Northfield, VT Copyright © 1996, 2006 M. E. Kabay. All rights reserved. Introduction to Computer Crime by M. E. Kabay, PhD, CISSP-ISSMP Program Director, MSIA School of Graduate Studies Norwich University, Northfield VT Much of the following material was originally published in the 1996 textbook, NCSA Guide to Enterprise Security (McGraw Hill) and was most recently updated with newer references for use in Norwich University programs in July 2006. Introduction to Computer Crime..................................................................................................... 1 1 Sabotage: Albert the Saboteur ................................................................................................ 3 2 Piggybacking........................................................................................................................... 4 3 Impersonation ......................................................................................................................... 7 4 Equity Funding Fraud ............................................................................................................. 8 4.1 What happened................................................................................................................ 8 4.2 Lessons............................................................................................................................ 8 5 Superzapping......................................................................................................................... 10 6 Scavenging: Garbage Out, Data In ....................................................................................... 12 6.1 Legal status of garbage ................................................................................................. 12 6.2 RAM and Virtual Memory............................................................................................ 13 6.3 Magnetic Spoor............................................................................................................. 13 6.4 Bye-Bye, Data............................................................................................................... 14 7 Trojan horses......................................................................................................................... 16 7.1 Case studies................................................................................................................... 16 7.2 1993-1994: Internet monitoring attacks........................................................................ 17 7.3 Cases from the INFOSEC Year in Review Database ................................................... 18 7.4 Hardware Trojans..........................................................................................................23 7.5 Diagnosis and prevention.............................................................................................. 24 8 Back Doors: Secret Access .................................................................................................. 25 8.1 Origins........................................................................................................................... 25 8.2 Examples of Back Doors .............................................................................................. 25 8.3 Easter Eggs and the Trusted Computing Base.............................................................. 26 8.4 Back Doors: RATs....................................................................................................... 28 8.5 Back Doors: Testing Source Code............................................................................... 29 8.6 Additional resources..................................................................................................... 30 8.7 Additional reports......................................................................................................... 30 _____________________________________________________________________________________________ Copyright © 1996, 2006 M. E. Kabay. All rights reserved. Page 1 of 64 Introduction to Computer Crime _____________________________________________________________________________________________ 9 Voice Mail Security.............................................................................................................. 36 10 Salami Fraud..................................................................................................................... 38 11 Logic bombs...................................................................................................................... 40 11.1 Time bombs.................................................................................................................. 40 11.2 Renewable software licenses ........................................................................................ 40 11.3 Circumventing logic bombs.......................................................................................... 42 12 Data leakage...................................................................................................................... 43 12.1 Some cases of data leakage:.......................................................................................... 44 12.2 USB Flash Drives ......................................................................................................... 50 12.3 Surveillance................................................................................................................... 52 12.4 Steganography............................................................................................................... 53 12.5 Inference ....................................................................................................................... 53 12.6 Plugging covert channels .............................................................................................. 53 13 Extortion ........................................................................................................................... 55 13.1 More recent cases:......................................................................................................... 55 13.2 Defenses........................................................................................................................ 58 14 Forgery.............................................................................................................................. 59 14.1 Desktop forgery............................................................................................................ 59 14.2 Fake credit cards........................................................................................................... 60 15 Simulation......................................................................................................................... 62 16 References......................................................................................................................... 63 _____________________________________________________________________________________________ Copyright © 1996, 2006 M. E. Kabay. All rights reserved. Page 2 of 64 Introduction to Computer Crime _____________________________________________________________________________________________ 1 Sabotage: Albert the Saboteur One of the most interesting cases of computer sabotage occurred at the National Farmers Union Service Corporation of Denver, where a Burroughs B3500 computer suffered 56 disk head crashes in the 2 years from 1970 to 1972. Down time averaged eight hours per incident. Burroughs experts concluded that the crashes must be due to power fluctuations. Total expenses for extensive rewiring and testing exceeded $2M (in today’s currency) but the crashes continued despite the improvements. Further analysis showed that all the crashes had occurred at night when old Albert the night-shift operator had been on duty. Despite Albert’s outstanding helpfulness and friendliness, management installed a closed-circuit TV (CCTV) camera in the computer room – without informing Albert. After yet another crash occurred, the CCTV tape showed Albert opening up a disk cabinet and poking his car key into the read/write solenoid, shorting it out and causing the 57th head crash. The next morning, management confronted Albert with the film of his actions and asked for an explanation. Albert broke down in mingled shame and relief. He confessed to an overpowering urge to shut the computer down. Psychological investigation determined that Albert, who had been allowed to work night shifts for years without a change, had simply become lonely. He arrived just as everyone else was leaving; he left as everyone else was arriving. Hours and days would go by without the slightest human interaction. He never took courses, never participated in committees, never felt involved with others in his company. When the first head crashes occurred– spontaneously – he had been surprised and excited by the arrival of the repair crew. He had felt useful, bustling about, telling them what had happened. When the crashes had become less frequent, he had involuntarily, and almost unconsciously, re-created the friendly atmosphere of a crisis team. He had destroyed disk drives because he needed company. In this case, I blame not Albert but the managers who relegated an employee to a dead-end job and failed to think about his career and
Load more

Recommended publications
  • MICROSOFT CORPORATION, a Washington Corporation
    IN THE IOWA DISTRICT COURT FOR POLK COUNTY : JOE COMES, RILEY PAINT, INC., an : No. CL82311 Iowa corporation, SKEFFINGTON’S : FORMAL WEAR OF IOWA, INC., an : Iowa corporation, and PATRICIA ANNE : LARSEN, : Plaintiffs, vs. MICROSOFT CORPORATION, a Washington Corporation, Defendant. SUPPLEMENTAL EXPERT REPORT OF ANDREW SCHULMAN December 19, 2006 Schulman – Supplemental Report 2 Andrew Schulman – Supplemental Report 1. The source code for Windows XP and Microsoft Office provide additional bases for opinion #21 in my June 2, 2006 technical expert report (“Microsoft Office uses (and copies) undocumented DirectUI APIs”). a. That DirectUI is a Windows API is shown by the presence of formal internal documentation in the form of web pages, marked “Internal Only”, written by Jeff Stall in March 2000, and describing the APIs for DirectUser Gadgets in the \windows\advcore tree of the XP source code. See e.g.: MSM_IA_298 windows\advcore\duser\docs\api\creategadget.htm MSM_IA_298 windows\advcore\duser\docs\api\core.htm MSM_IA_298 windows\advcore\duser\docs\api\addgadgetmessagehandler.htm b. That Microsoft regards DirectUI as part of Windows, rather than as functionality entirely within Office, is shown by the presence of the DirectUI HTML documentation in the \windows\advcore tree of the XP source code, noted above. c. That Microsoft regards DirectUI as part of Windows is also shown by the presence of DirectUI source code in the \windows\advcore tree of the XP source code. See e.g.: MSM_IA_298 windows\advcore\duser\engine\services\resourcemanager.cpp MSM_IA_298 windows\advcore\duser\engine\services\resourcemanager.h MSM_IA_298 windows\advcore\duser\engine\services\context.h MSM_IA_298 windows\advcore\duser\directui\engine\util\published.h MSM_IA_298 windows\advcore\duser\directui\test\app\logonui\priv.h MSM_IA_298 windows\advcore\duser\engine\objectapi\objectapi.h MSM_IA_298 windows\advcore\duser\engine\services\public.h MSM_IA_298 windows\advcore\duser\engine\services\services.h MSM_IA_298 windows\advcore\duser\engine\winapi\winapi.h d.
    [Show full text]
  • Jargon File, Version 4.0.0, 24 Jul 1996
    JARGON FILE, VERSION 4.0.0, 24 JUL 1996 This is the Jargon File, a comprehensive compendium of hacker slang illuminating many aspects of hackish tradition, folklore, and humor. This document (the Jargon File) is in the public domain, to be freely used, shared, and modified. There are (by intention) no legal restraints on what you can do with it, but there are traditions about its proper use to which many hackers are quite strongly attached. Please extend the courtesy of proper citation when you quote the File, ideally with a version number, as it will change and grow over time. (Examples of appropriate citation form: "Jargon File 4.0.0" or "The on-line hacker Jargon File, version 4.0.0, 24 JUL 1996".) The Jargon File is a common heritage of the hacker culture. Over the years a number of individuals have volunteered considerable time to maintaining the File and been recognized by the net at large as editors of it. Editorial responsibilities include: to collate contributions and suggestions from others; to seek out corroborating information; to cross-reference related entries; to keep the file in a consistent format; and to announce and distribute updated versions periodically. Current volunteer editors include: Eric Raymond [email protected] Although there is no requirement that you do so, it is considered good form to check with an editor before quoting the File in a published work or commercial product. We may have additional information that would be helpful to you and can assist you in framing your quote to reflect not only the letter of the File but its spirit as well.
    [Show full text]
  • Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Washington University St. Louis: Open Scholarship Washington University Law Review Volume 78 Issue 1 January 2000 Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution April Mara Major Federal Trade Commission Follow this and additional works at: https://openscholarship.wustl.edu/law_lawreview Part of the Internet Law Commons Recommended Citation April Mara Major, Norm Origin and Development in Cyberspace: Models of Cybernorm Evolution, 78 WASH. U. L. Q. 59 (2000). Available at: https://openscholarship.wustl.edu/law_lawreview/vol78/iss1/2 This Article is brought to you for free and open access by the Law School at Washington University Open Scholarship. It has been accepted for inclusion in Washington University Law Review by an authorized administrator of Washington University Open Scholarship. For more information, please contact [email protected]. NORM ORIGIN AND DEVELOPMENT IN CYBERSPACE: MODELS OF CYBERNORM EVOLUTION APRIL MARA MAJOR* I. INTRODUCTION In the absence of legal rules or physical force, what causes someone to behave in a manner contrary to one’s private desires? Why, for instance, does one tip a bellhop for carrying luggage to a hotel room? Legal rules do not mandate the tipping of bellhops, and bellhops typically do not threaten physical force. So why does one feel obligated to tip the bellhop and embarrassed when one does not? Tipping the bellhop is a social norm. Social norm theory seeks to explain such informal constraints on human behavior. While numerous areas of academia employ social norm theory, scholars have yet to apply it directly to the study of the Internet.1 This Article traces norm origin and development in cyberspace and presents a * Attorney, Federal Trade Commission, Bureau of Consumer Protection, Division of Marketing Practices.
    [Show full text]
  • Hacking for Dummies‰ 4TH EDITION
    www.it-ebooks.info www.it-ebooks.info Hacking FOR DUMmIES‰ 4TH EDITION by Kevin Beaver, CISSP www.it-ebooks.info Hacking For Dummies®, 4th Edition Published by John Wiley & Sons, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2013 by John Wiley & Sons, Inc., Hoboken, New Jersey Published by John Wiley & Sons, Inc., Hoboken, New Jersey Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http:// www.wiley.com/go/permissions. Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its af!li- ates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners.
    [Show full text]
  • Virus Bulletin, March 1997
    ISSN 0956-9979 MARCH 1997 THE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Ian Whalley CONTENTS Assistant Editor: Megan Skinner EDITORIAL Technical Editor: Jakub Kaminski Blissful Ignorance… 2 Consulting Editors: VIRUS PREVALENCE TABLE 3 Richard Ford, Command Software, USA Edward Wilding, Network Security, UK NEWS 1. VB’97: Be Sure to Wear Some Flowers in your Hair 3 2. Cry ‘Wolf’! 3 IN THIS ISSUE: IBM PC VIRUSES (UPDATE) 4 • In a Word… What is the likelihood of WordBasic macro FEATURE viruses propagating successfully under Word 97? VB The Word of the Day 6 discusses the issue. Turn to p.6 for the story. VIRUS ANALYSIS • Down a new path. TPVO reflects a new development in On the Road to Mega-partism 8 virus creation: not just bi-, but tri-partite, this virus can infect boot sectors as well as DOS and Windows COMPARATIVE REVIEW executables. Analysis on p.8. Serving the World 10 • NetWare once more. It’s that time of year again, when PRODUCT REVIEWS one’s thoughts turn to reviewing NetWare anti-virus prod- 1. For your D-FENCE? 18 ucts. Turn to page 10 to find out what happened. 2. LANDesk Virus Protect for Windows NT 21 END NOTES & NEWS 24 VIRUS BULLETIN ©1997 Virus Bulletin Ltd, The Pentagon, Abingdon, Oxfordshire, OX14 3YP, England. Tel +44 1235 555139. /97/$0.00+2.50 No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form without the prior written permission of the publishers. 2 • VIRUS BULLETIN MARCH 1997 EDITORIAL Blissful Ignorance… It has been an interesting month for someone with similar professional interests as my own – finally, after such a long time (in computing terms at least), viruses meet Linux in the real world! For those readers looking blankly at the page wondering what on earth I mean, Linux is the pinnacle of the freeware ethic – a complete, and completely free, UNIX clone.
    [Show full text]
  • BCS Glossary of Computing And
    BCS-glossay:Layout 1 5/9/08 17:15 Page 1 12th Edition BCS Glossary of Computing and ICT 12th Edition Rapid advances in technology mean developments at the Praise for previous editions: cutting edge of IT are changing computers and generating new terminology and jargon. Keeping up with new technologies ‘Should be available and their impact on computing is vital if you want to gain the knowledge needed in this fast-moving world. in all schools and tertiary institutions Leading experts from the British Computer Society have teaching courses in compiled this 12th edition of the most authoritative and current guide to ICT and computing terms available. Divided into computing or IT.’ and ICT Computing of Glossary BCS themed sections, it builds your understanding of computing Physics Education in 4 key areas – what computer systems are made of, how they are developed, how they work, and how they are used. ‘A thoroughly Contains over 3,400 terms and definitions useful publication.’ Fully indexed and cross-referenced Schools Science Review Supports the National Curriculum and National Qualifications Framework Ideal for GCSE, A-level, ECDL, 14-19 Diplomas ‘Very highly and other courses recommended to all whose activities bring About the authors them anywhere within The authors are members of the BCS Education and Training Expert Panel, many of whom are teachers. In compiling this spitting distance glossary, they have drawn upon their experience in the of computers.’ education sector and their detailed knowledge of computing, producing the most up-to-date glossary of its kind. Physics Bulletin COMPUTING & IT This book is brought to you by the ISBN 978-1-906124-00-7 British Computer Society – the leading professional and learned society in the field of computers and information systems.
    [Show full text]
  • Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E
    Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E. Fu B.S. Computer Science and Engineering MIT, 1998 Submitted to the Department of Electrical Engineering and Computer Science in Partial Fulfillment of the Requirements for the Degree of Master of Engineering in Electrical Engineering and Computer Science at the MASSACHUSETTS INSTITUTE OF TECHNOLOGY CHUSEU9ISTITUTE OF TECHNdLOGY June 1999 © 1999 Kevin E. Fu. All rights reserved. The author hereby grants to MIT permission to reproduce and distribute publicly paper and electronic copies of this thesis docn CHUSETS INSTITUTE in whole or in part. A uthor .................. I Department of Electrical Engineering and Computer Science ,, May 18, 1999 C ertified by .............................. Ronald L. Rivest E. S. Webster Professor of Electrical Engineering and Computer Science Thestiq Sypervisor Accepted by.......... 7... Arthur C. Smith Chairman, Department Committee on Graduate Students 2 Group Sharing and Random Access in Cryptographic Storage File Systems by Kevin E. Fu Submitted to the Department of Electrical Engineering and Computer Science on May 18, 1999 in Partial Fulfillment of the Requirements for the Degree of Master of Engineering in Electrical Engineering and Computer Science Abstract Traditional cryptographic storage uses encryption to ensure confidentiality of file data. However, encryption can prevent efficient random access to file data. Moreover, no cryptographic storage file system allows file sharing with similar semantics to UNIX group sharing. The Cryptographic Storage File System (Cepheus) provides confiden- tiality and integrity of data while enabling efficient random access and file sharing using mechanisms similar to UNIX groups. Cepheus uses a delayed-write-encryption policy for caching, delayed re-encryption for distributed re-encryption, and a hash tree structure beneath the inode for integrity.
    [Show full text]
  • The Art of Intrusion : the Real Stories Behind the Exploits of Hackers, Intruders, and Deceivers / Kevin D
    01_569597 ffirs.qxd 1/11/05 9:22 PM Page iii T H E A R T O F INTRUSION The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers Kevin D. Mitnick William L. Simon 01_569597 ffirs.qxd 1/11/05 9:22 PM Page ii 01_569597 ffirs.qxd 1/11/05 9:22 PM Page i T H E A R T O F INTRUSION The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers 01_569597 ffirs.qxd 1/11/05 9:22 PM Page ii 01_569597 ffirs.qxd 1/11/05 9:22 PM Page iii T H E A R T O F INTRUSION The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers Kevin D. Mitnick William L. Simon 01_569597 ffirs.qxd 1/11/05 9:22 PM Page iv Vice President & Executive Group Publisher: Richard Swadley Vice President and Executive Publisher: Bob Ipsen Vice President and Publisher: Joseph B. Wikert Executive Acquisitions Editor: Carol Long Development Editors: Emilie Herman, Kevin Shafer Editorial Manager: Kathryn Malm Bourgoine Senior Production Editor: Angela Smith Project Coordinator: April Farling Copy Editor: Joanne Slike Interior Design: Kathie S. Rickard Text Design & Composition: Wiley Composition Services Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2005 by Kevin D. Mitnick and William L. Simon Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600.
    [Show full text]