Chapter 5
This presentation is the property of its rightful owner.
Sponsored Links
1 / 18

Chapter 5 PowerPoint PPT Presentation


  • 87 Views
  • Uploaded on
  • Presentation posted in: General

Chapter 5. Crime. Hacking – some definitions. Hacker Trophy hacking Phone phreaking Cracker White-hat hackers & black-hat hackers Script kiddies Sniffers Social engineering. Hacking Cases. 1970s – John Draper (“Captain Crunch”)

Download Presentation

Chapter 5

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Chapter 5

Chapter 5

Crime


Hacking some definitions

Hacking – some definitions

  • Hacker

  • Trophy hacking

  • Phone phreaking

  • Cracker

  • White-hat hackers & black-hat hackers

  • Script kiddies

  • Sniffers

  • Social engineering


Hacking cases

Hacking Cases

  • 1970s – John Draper (“Captain Crunch”)

  • Kevin Mitnick http://www.readwriteweb.com/archives/is_atts_denial_of_service_to_hacker_justifi.php

  • April 27, 1987 – “Captain Midnight”

    • Good Evening HBO from Captain Midnight. $12.95 a month? No way!(Show-time/Movie Channel, Beware!)

  • Late 1980s – “Fry Guy”

  • Russian man & Citicorp

  • 1991 – “Michelangelo” virus

    • Viruses, time bombs, logic bombs

  • Gambling web site

  • Air traffic controllers in England

  • 1999 – “Melissa” virus

  • 2000 – The “Love Bug” or “ILOVEYOU” virus


Whose laws rule the web

Whose Laws Rule the Web?

  • ILOVEYOU virus infected millions of computers worldwide, destroying files, collecting passwords, and shutting down computer systems at major corporations and government agencies

    • this was the one written by a student from the Phillippines – charges were dropped because they had no laws against releasing a virus at the time … what should happen to him if he were to travel to the U.S., Canada, France, Germany, or any other country where the virus did damage?

  • Other cases in the book… pages 293-294


Hacking cases1

Hacking Cases

  • 2000 – Mafiaboy

    • Denial of service attack (DoS); distributed denial of service attack (DDoS); Trojan Horses

    • 10.10.08 PCWorld article: http://www.pcworld.com/businesscenter/article/152176/mafiaboy_grows_up_a_hacker_seeks_redemption.html

  • 2001 – Hacktivism

  • 2001 – “Code Red” worm

    • worm

  • 2003 – “Sapphire” worm or “Slammer”

  • 2003 – “Blaster” worm

  • 2004 – “Sasser” worm

  • 2001 – “Choke” & “Hello” worms

  • 2008 – Sarah Palin’s email hacked http://news.yahoo.com/s/ap/20081008/ap_on_el_pr/palin_hacked

  • 2009 – credit cards breached http://www.bankrate.com/blogs/credit-cards/3-charged-for-card-breach.aspx


Firewalls

Firewalls

  • Windows Firewall – Start, Control Panel, Security

  • MacOS – System Preferences, Personal Security

  • 3rd Party Firewalls

    • Zone Alarm (free version – http://www.zonelabs.com)

    • PC Magazine page with more info: http://www.pcmag.com/category2/0,2806,4722,00.asp

    • Top 5: http://www.all-internet-security.com/top_10_firewall_software.html


First amendment

First Amendment

  • Software is a form of speech.

  • The First Amendment does not protect some kinds of speech, such as inciting a riot.

  • Should virus software on the Web be protected under the First Amendment or should it be considered in the same class as that of inciting a riot?


Virus code online

Virus Code Online

The families of two hospital patients that died as the result of a virus in a hospital computer are suing each of the people listed below and urging the government to bring criminal charges for negligence against each of them:

  • A student in a course on computer security at a small college who posted a copy of the virus program on the class Web site, with a discussion of how it works.

  • The student who activated the virus and released it onto the Internet.

  • The president of the college.

  • The president of the college’s ISP.

  • The director of the hospital whose computer system the virus infected, causing the patient medical records to be unavailable for a full day, resulting in the deaths of the two patients.


Identity theft

Identity Theft

  • Stolen credit/debit card numbers to purchase things with or to sell

  • SSN numbers used to open new accounts

  • Take out loans in someone else’s name

  • Raid the victim’s bank account

  • Pass bad checks


Methods of identity theft

Methods of Identity Theft

  • Phishing http://www.sonicwall.com/phishing/

  • Vishing

  • Pharming

  • Whaling

  • Resumes online

  • SSNs

  • Dumpster diving

  • Mailbox theft

  • Pretexting

  • Shoulder surfing


Methods of identity theft1

Methods of Identity Theft

  • Social networking sites

  • Filesharing and peer-to-peer software

  • Bogus job offers

  • Fake sweepstakes or lotteries

  • Hacking

  • Lost or stolen property

  • Workers in your home

  • Changing your address

  • Copying information from a transaction

  • Credit reports

  • RFID readers


How the victim is affected

How the Victim is Affected

  • May result in monetary losses

  • Anguish, disruption of his or her life

  • Legal fees

  • Loss of a good credit rating

  • Be prevented from borrowing money or cashing checks

  • Lose a job

  • Unable to rent an apartment

  • Sued by creditors to whom the criminal owes money

  • And… the authorities are slow to act on your behalf


How to protect yourself

How To Protect Yourself

  • Don’t carry checkbook, SSN card, or all your credit cards with you all the time

  • Keep your SSN private

  • Shred your credit card offers, etc.

  • Use updated anti-spyware/anti-theft software on your computer

  • Never give out personal info over the phone

  • Monitor your credit reports

  • Be careful of using your credit cards in restaurants


If you think you ve been a victim of identity theft

If You Think You’ve Been a Victim of Identity Theft:

  • Police report

  • Fraud alert

  • Credit freeze


What are your rights

What Are Your Rights?

  • Truth in Lending – Federal law passed in 1968 that protects consumers in credit transactions by requiring clear disclosure of key terms of the lending agreement and all costs

  • Fair Credit Reporting Act – originally passed in 1970; enforced by the FTC - regulates the collection, dissemination, and use of consumer information.

  • Fair Credit Billing Act – an amendment to the Truth In Lending Act, passed in 1986, to protect consumers from unfair billing practices and to provide a mechanism for dealing with billing errors; applies to “open end” credit accounts, such as credit cards and other revolving charge accounts. Examples of errors and other info: http://www.ftc.gov/bcp/edu/pubs/consumer/credit/cre16.shtm


The credit card act of 2009

The Credit Card Act of 2009

  • The latest update of the Truth In Lending Act to protect consumers from abusive tactics used by credit card companies:

    • 45 day advance notice of change in rates or late fees

    • No more retroactive interest rate hikes

    • No more raising interest rates based on other, unrelated cards or utility bills

    • Payment due dates must be at least 21 days after mailing of bill

    • Extra payment above minimum due must be applied to higher rate balances

    • Must “opt-in” to over-the-limit fees; plus other fee restrictions

    • Must disclose to consumers how long it will take to pay off; also payments for paying off within 12, 24, or 36 months

    • Restricts card issuance to students

    • Gift card protections


Establishing good credit

Establishing Good Credit

  • College students are (used to be) targets

  • Checking account

  • Department store cards

  • Prepaid cards

  • Co-signer on applications

  • http://www.annualcreditreport.com

  • http://www.myfico.com


Crime fighting vs privacy civil liberties

Crime Fighting vs Privacy & Civil Liberties

  • 4th Amendment requires that search warrants be specific about what is to be searched or seized

  • … so what happens when authorities are searching a computer for one thing and finds other illegal activities, or illegal activities by other people who use that same computer?

    • http://www.post-gazette.com/pg/07016/754173-28.stm

    • http://www.law.com/jsp/article.jsp?id=1202433381364

  • … or when a computer technician is servicing someone’s computer and finds what he believes is illegal material on the person’s computer – see if you can find out whatever happened in the Washington State vs Westbrook case, where this happened and the technician reported it to authorities

    • http://w2.eff.org/Privacy/westbrook_brief_final.pdf


  • Login