Chapter 5
1 / 18

Chapter 5 - PowerPoint PPT Presentation

  • Uploaded on

Chapter 5. Crime. Hacking – some definitions. Hacker Trophy hacking Phone phreaking Cracker White-hat hackers & black-hat hackers Script kiddies Sniffers Social engineering. Hacking Cases. 1970s – John Draper (“Captain Crunch”)

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' Chapter 5' - hestia

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Chapter 5

Chapter 5


Hacking some definitions
Hacking – some definitions

  • Hacker

  • Trophy hacking

  • Phone phreaking

  • Cracker

  • White-hat hackers & black-hat hackers

  • Script kiddies

  • Sniffers

  • Social engineering

Hacking cases
Hacking Cases

  • 1970s – John Draper (“Captain Crunch”)

  • Kevin Mitnick

  • April 27, 1987 – “Captain Midnight”

    • Good Evening HBO from Captain Midnight. $12.95 a month? No way!(Show-time/Movie Channel, Beware!)

  • Late 1980s – “Fry Guy”

  • Russian man & Citicorp

  • 1991 – “Michelangelo” virus

    • Viruses, time bombs, logic bombs

  • Gambling web site

  • Air traffic controllers in England

  • 1999 – “Melissa” virus

  • 2000 – The “Love Bug” or “ILOVEYOU” virus

Whose laws rule the web
Whose Laws Rule the Web?

  • ILOVEYOU virus infected millions of computers worldwide, destroying files, collecting passwords, and shutting down computer systems at major corporations and government agencies

    • this was the one written by a student from the Phillippines – charges were dropped because they had no laws against releasing a virus at the time … what should happen to him if he were to travel to the U.S., Canada, France, Germany, or any other country where the virus did damage?

  • Other cases in the book… pages 293-294

Hacking cases1
Hacking Cases

  • 2000 – Mafiaboy

    • Denial of service attack (DoS); distributed denial of service attack (DDoS); Trojan Horses

    • 10.10.08 PCWorld article:

  • 2001 – Hacktivism

  • 2001 – “Code Red” worm

    • worm

  • 2003 – “Sapphire” worm or “Slammer”

  • 2003 – “Blaster” worm

  • 2004 – “Sasser” worm

  • 2001 – “Choke” & “Hello” worms

  • 2008 – Sarah Palin’s email hacked

  • 2009 – credit cards breached


  • Windows Firewall – Start, Control Panel, Security

  • MacOS – System Preferences, Personal Security

  • 3rd Party Firewalls

    • Zone Alarm (free version –

    • PC Magazine page with more info:,2806,4722,00.asp

    • Top 5:

First amendment
First Amendment

  • Software is a form of speech.

  • The First Amendment does not protect some kinds of speech, such as inciting a riot.

  • Should virus software on the Web be protected under the First Amendment or should it be considered in the same class as that of inciting a riot?

Virus code online
Virus Code Online

The families of two hospital patients that died as the result of a virus in a hospital computer are suing each of the people listed below and urging the government to bring criminal charges for negligence against each of them:

  • A student in a course on computer security at a small college who posted a copy of the virus program on the class Web site, with a discussion of how it works.

  • The student who activated the virus and released it onto the Internet.

  • The president of the college.

  • The president of the college’s ISP.

  • The director of the hospital whose computer system the virus infected, causing the patient medical records to be unavailable for a full day, resulting in the deaths of the two patients.

Identity theft
Identity Theft

  • Stolen credit/debit card numbers to purchase things with or to sell

  • SSN numbers used to open new accounts

  • Take out loans in someone else’s name

  • Raid the victim’s bank account

  • Pass bad checks

Methods of identity theft
Methods of Identity Theft

  • Phishing

  • Vishing

  • Pharming

  • Whaling

  • Resumes online

  • SSNs

  • Dumpster diving

  • Mailbox theft

  • Pretexting

  • Shoulder surfing

Methods of identity theft1
Methods of Identity Theft

  • Social networking sites

  • Filesharing and peer-to-peer software

  • Bogus job offers

  • Fake sweepstakes or lotteries

  • Hacking

  • Lost or stolen property

  • Workers in your home

  • Changing your address

  • Copying information from a transaction

  • Credit reports

  • RFID readers

How the victim is affected
How the Victim is Affected

  • May result in monetary losses

  • Anguish, disruption of his or her life

  • Legal fees

  • Loss of a good credit rating

  • Be prevented from borrowing money or cashing checks

  • Lose a job

  • Unable to rent an apartment

  • Sued by creditors to whom the criminal owes money

  • And… the authorities are slow to act on your behalf

How to protect yourself
How To Protect Yourself

  • Don’t carry checkbook, SSN card, or all your credit cards with you all the time

  • Keep your SSN private

  • Shred your credit card offers, etc.

  • Use updated anti-spyware/anti-theft software on your computer

  • Never give out personal info over the phone

  • Monitor your credit reports

  • Be careful of using your credit cards in restaurants

If you think you ve been a victim of identity theft
If You Think You’ve Been a Victim of Identity Theft:

  • Police report

  • Fraud alert

  • Credit freeze

What are your rights
What Are Your Rights?

  • Truth in Lending – Federal law passed in 1968 that protects consumers in credit transactions by requiring clear disclosure of key terms of the lending agreement and all costs

  • Fair Credit Reporting Act – originally passed in 1970; enforced by the FTC - regulates the collection, dissemination, and use of consumer information.

  • Fair Credit Billing Act – an amendment to the Truth In Lending Act, passed in 1986, to protect consumers from unfair billing practices and to provide a mechanism for dealing with billing errors; applies to “open end” credit accounts, such as credit cards and other revolving charge accounts. Examples of errors and other info:

The credit card act of 2009
The Credit Card Act of 2009

  • The latest update of the Truth In Lending Act to protect consumers from abusive tactics used by credit card companies:

    • 45 day advance notice of change in rates or late fees

    • No more retroactive interest rate hikes

    • No more raising interest rates based on other, unrelated cards or utility bills

    • Payment due dates must be at least 21 days after mailing of bill

    • Extra payment above minimum due must be applied to higher rate balances

    • Must “opt-in” to over-the-limit fees; plus other fee restrictions

    • Must disclose to consumers how long it will take to pay off; also payments for paying off within 12, 24, or 36 months

    • Restricts card issuance to students

    • Gift card protections

Establishing good credit
Establishing Good Credit

  • College students are (used to be) targets

  • Checking account

  • Department store cards

  • Prepaid cards

  • Co-signer on applications



Crime fighting vs privacy civil liberties
Crime Fighting vs Privacy & Civil Liberties

  • 4th Amendment requires that search warrants be specific about what is to be searched or seized

  • … so what happens when authorities are searching a computer for one thing and finds other illegal activities, or illegal activities by other people who use that same computer?



  • … or when a computer technician is servicing someone’s computer and finds what he believes is illegal material on the person’s computer – see if you can find out whatever happened in the Washington State vs Westbrook case, where this happened and the technician reported it to authorities