ComputerCrime - 52:36“ 106 W l9 Safe Surfin‘.

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 2
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 4
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 6
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 8
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 10
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 12
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 52:36“ 106 W l9 Safe Surfin‘. http://www.safesurfin.com/drive_cdlhtm. Accessed: Oct. 25. 2000. 20 Reuters (l999) Web pioneer recommends license to drive online. CNET News.com. Nov. 29. http://news.cnet.com/news/0-1005—200-l473029.html‘?tag=stlnc.1002.thed.1005-2. Accessed: Oct. 2‘). 2000 21 lbid. 22 University of Michigan (1997) Responsible Use of Technology Resources The Proper Use of Information Resources. Information Technology. and Networks at the University of Michigan (Standard Practice Guide 601.7) 23 lbid. 24 [bid 25 Kerber. R. (I997) Kids Say the Damcdest Things: Student Websites present schools with difficult free-speech issues. Wall Street Journal. Nov. l7.pl Rl2. 26 Policies. Student Code of Conduct. University of Pittsburgh. http://wwwltechnologypitt.edu/policies/conduct.html, Accessed: May l2. 2000. 27 lbid. Chapter 5 Computer Crime and lnfowar Code fragment from the Melissa Virus If UngaDasOutlook = "Outlook" Then DasMapiName.Logon "profile", "password." For y = 1 To DasMapiName.AddressLists.Count Set AddyBook = DasMapiName.AddressLists (y) x = 1 Set BreakUmOffASlice = UngaDasOutlook.CreateItem (0) For 00 = 1 To AddyBook.AddressEntries.Count Peep = AddyBook.AddressEntries (x) BreakUmOffASlice.Recipients.Add Peep x=x+1 If x > 50 Then 00 = AddyBook.AddressEntries.Count Next 00 BreakUmOffASliceSubject = "Important Message From " _ & Application.UserName BreakUmOffASlice.Body = "Here is that document you asked for " . "don't show anyone else ;-)" BreakUmOffASlice.Attachments.Add ActiveDocument.FullName BreakUmOffASliceSend = "I? Next y 107 108 Computer Crime and lnfowar Chapter 5 covers the old and new crimes that come with the proliferation of computers. At colleges and high schools, pranks that people once called "hacks" in the physical world have moved to the dominion of bits and bytes. We enter new territory, searching for useful analogies to help us understand the innovative ways people use computers to protest, trespass, imitate, and harass. In business, embezzlement, corporate spying, and industrial sabotage appear in insidioils newforms. Computerfraud is on the rise. The military is dealing with "lnfowar. " Each of these topics has an ethical dimension that we should be aware of and be competent to deal with. In the first Harry Potter book, Harry received an invisibility cloak for Christmas. He ruminated about the message on the card, Use it well. Suddenly, Harry felt wide-awake. The whole of Hogwarts was open to him in this cloak. Excitement flooded through him as he stood there in the dark and silence. He could go anywhere in this, anywhere, and Fitch would never know Harry Potter and the Sorcerer’s Stone.’ Harry Potter in his invisible shield is like a "cybernaut" traveling over the networks, unseen, entering and leaving without anyone noticing. While less sophisticated cybercriminals may leave electronic "footprints," more experienced criminals know how to conceal their tracks in cyberspace. 5. Computer crime What a lot of people don 't really recognize is that the information in our networks has value. A reporter once asked Willy 'The Actor’ Sutton: 'Willy, why do you rob banks?’ And he said, ’Because that's where the money is.’ 3 Mike McConnell, Director, NSA Computer crime is any illegal act that involves a computer system, whether the computer is the object of the crime, the instrument used to commit the crime, or the container holding valuable criminal data that later will be used in court. In the latter instance, evidence found in a computer has helped prosecute murderers, catch stock market manipulators, and follow the shipments and money laundering of drug dealers. Because computers are part of modern telecommunications and information systems, computer crime also includes fraudulent uses of telephone, microwave, and satellite systems. Criminals use computers to alter and degrade information, and to sabotage information infrastructures. Old-fashioned physical crimes, such as equipment theft, are also a growing problem. 109 What other kinds of crime and warfare are associated with computers? Here are a few: Fraud Cyberstalking Identity theft Espionage Unauthorized entry Infowar Theft Software piracy Child sexual abuse Manslaughter Most experts agree that the vast majority of computer crimes remain . undetected, not just unpunished.3 Computer crime is abetted by complications in making and enforcing laws. First, the Internet and other computer'systerri's do not recognize state or international boundaries. An individual who is armed .Wlth nothing more than a computer connected to the Internet can Victimize indiv1duals and businesses a continent away without ever stepping foot outside of his home. That poses the question, where does the crime take place? . With the widespread deployment of anonymous software, tracmg ' "cybercriminals" is difficult, if not impossible. Anonymity poses challenges in a number of areas, particularly in software piracy. Today, a single email message or phone call may be routed through a US. cable company or ISP, across the Atlantic via satellite, and across Europe Via a ‘ wireless phone network. A trace of such a communication requires the cooperation of numerous US. and foreign telecommunication companies and law enforcement agencies. . . Differing legal standards complicate the issue. In some countries, for example, laws require ISPs and other telecommunications companies to destroy transactional data — data that might lead to the identification and location of a . . 4 cybercriminal. 5.1 Viruses on attack Apparently, our house isn ’t insured for viruses. "Fires and mudslides, yes, says the claims adjuster. "Viruses, no. ” I Michael Schrage On a Friday morning in March 1999, a university accountant opened her email and saw a message from an old friend. The subject line announced: "Important Message From Mary Smith." The accountant opened the message and read this line: Here is the document that you asked for. Don't show anyone else ;—) The accountant did not open the attachment because her friend, Mary Smith, never uses smiley faces in email —— the note just did not fit the sender.‘ Other workers were not so fortunate. The Melissa virus executed as programmed. The code disabled virus software, then went through the first fifty addresses in an address book. Anyone could do what the programmer did by studying a Visual Basic for beginner's book, or easier still, through copying an existing virus program (they are available on the Internet), altering it slightly, and then releasing it. Business offices all over the world coped as well as they could with the Melissa virus. This small, simple program spread faster than any previous virus. By the following Monday, Melissa had reached more than 100,000 computers. Some sites had to take their mail systems off—line. One site reported receiving 32,000 copies of mail messages containing Melissa on their systems within 45 minutes.5 The virus caused an estimated $80 million in damages.6 The Melissa virus did not intentionally destroy data on infected computers. Nonetheless, it spread into one-fifth of the largest businesses in the U.S., and to the electronic mail systems of the Marine Corps and NATO in Brussels. David Smith, the New Jersey computer programmer who created and spread Melissa, said he was "profoundly remorseful," and that his goal had simply been to circulate a harmless, humorous message.7 Smith is currently serving his prison sentence. Soon after this attack, an email message from the Philippines bearing the title "I LOVE YOU" appeared on computers in Asia. It spread fast. When opened, it destroyed graphics and other files. Within days, the leader of Britain's House of Commons told the members: "I have to tell you that, sadly, this affectionate greeting contains a virus which has immobilized the House's internal communication system. This means that no member can receive e-mails from outside, nor indeed can we communicate with each other by e-mail."8 Although the lLOVEYOU virus proved to be even more devastating than Melissa, causing billions of dollars in loss, international authorities had trouble prosecuting the perpetrator, because the Philippines had no legislation defining a computer information offenses. The "I—Worm.Timofonica" virus worked the same way as lLOVEYOU and Melissa, but with a new twist. For each one of the email messages, it generated a random cell phone number from a block of numbers used by the Spanish telecom carrier Telefonica. The virus then sent a short message to mobile phones, castigating Telefonica. The virus also attempted to delete all files on the victim's hard drive and perform several other operations that made recovery difficult. "Two or three viruses down the road we might see these things taking out phones,” said one Security specialist." "Smart phones" with web access and email are simply miniature computers connected to the Internet, and if a hacker writes code that takes control “H ‘ Real name changed. of a phone the phone can call toll numbers, forward email, copy passwords, or e. u s u . mor So far, the universal damage from Viruses is Just a warning. Far more sophisticated rogue program damage is possible. What would happen if a Virus mailed a copy of the user's login script (most contain passwords) to an anonymous email box before self-erasing? What if a worm automatically encrypts outgomg ' ' ' ' ' ' ' 'tal signature?'° ' of itself? What if it Signed itself With a digi . coples Because a person can hurt the whole Internet community, destroy stored files, threaten the telecommunications system,.and more, we need to learn everything we can about hackers and their activ1ties and motivations. 5.2 Rogue programs ‘ Politically correct virus : Never calls itself a ’virus', but instead refers to itself as an ’electromc microorganism. Anonymous Some hackers get a thrill from creating rogue programs. In fact, “griffin read about their programs in headlines or email alerts. A softwlarte pggtgto do and a similar to a recipe, a set of instructions to the computer that te i vyvhile it is, rogue program is a malicious recipe that adds arsenic to the StEVttl. H n the are possible to write programs of this type for useful purposes, mosb 0 le _C bcymbs destructive. Rogue programs include viruses, worms, time born 521.051“) anOthér slaves, and Trojan horses. Years ago they spread slowly from one 1: felectridtgl but in the age of the Internet, they proliferate and spread at the spee o . A virus is a program that must "infect" or attach itself to another probgram to reproduce itself -— it depends on having a "host." A "macro Virus wort s yte infecting macros, which are small programs attached to documents to au oma tasks or add functionality. A worm is "self-replicating," meaning that it makes copies of itsilf,Th first propagating until it takes over the resources of the computer or n:twotr {flat ('3' A major worm attack in 1988 crippled thousands of computers on t e hn e m; In graduate student at Cornell University, Robert Morris Jr., released Ctl e 3110 . fact, he became one of the first people evezr conVicted and Jailed e: the U 5 Computer Fraud and Abuse Act of 1986. In response to this incli en , tetrhe. . government sponsored CERT (Computer Emergency Response eam).a tion that Coordination Center at Carnegie Mellon UniverSity. CERT is an organizaEve Ste 5 deals with computer security events involving Internet hosts, takes (pran 1 ts p to raise the community's awareness of computer security issues, an con uc . . . 1. research to improve the security of existing systems. Time bombs are rogue programs that are triggered to activate on a certain day or at a certain time. The Michelangelo virus, programmed to go off on 112 Michelangelo's birthda ' ’ U y, is one example. We should b ' ' bombs on such dates as January 1, April FOOl'S Day, affdesfllailbavlllzevrlary Of “me Logic bombs are similar . , except that the ' ' ' of O I y are tri ered b wrop:raaltc1)ons.b One expert in computer crime cites an efagmple O¥§f1c::lt'lall1 sequence company fizips-that vxoulld only operate if he were dismissed In faftotliieee Who im, an w en a com uter d l ' ' , d t ' I . p e eted his name f a abase, that !action triggered the logic bomb that dest d ' mm the company personnel file. A "logic bomb" can target designat d f‘rloye hls company's entire C be . e ies, and in dy rterrorism, do great damage, such as cleaning out bank the event‘Of own utilities, and so on. accounts, Shumng Slaves are programs hidden on computers and use ' . d in ' ' 2:211:32. (affix); eiirtltachk relies on embedding software, slaves, offhloiilsghfiiblfce respond to instrucfigo osts) during the incubation period. These slave programs under the comm] of :1: sent in encrypted form from a master program directl of sen/ice attaCkS allo riminal hacker. The slaves serve as amplifiers for the dim l parallel-process“; Wing criminal hackers to put together an unauthorized a "reload" com g system to abuse their victims. Such a program osts th mand to a targeted website thousands of times a mingle '5 e A Tr ‘ " domg someflojign Zora L: a program that does something useful, while secretl gives an outSidegr a se. n example might be a program that looks like a game, b t mi ht b . I ccess to our files and directories. In addition the T ' I u g esrrlifalmious code concealed in another program I relan horse e —propagating Trojan horses and c . user t c worms do not re uire a ‘ Java Joappse: attagtllment, or even to read email. Even webiages rwlijtrhsflflxtlzlg , rip , an ostScri t ‘ c I C we I maChinew p activated, can leave rogue programs on a user's D J 'I ~ , ‘ ~ . , taking OV;;1:£:30{:( rvice or rfnail bombing each describe a single user or process sources 0 a system to th Manual! a e extent that others cannot et server gg’ers dpcfvis:nActan launch so much email or so many requests thft tl'IISCtSS-et automaticau be ba more sophisticated level, on command, the slave softwg Because the équisltlss ombprding target websites with requests until they crasflre trace. JavaSCript and JC:§;:pr01mt 5((3 marily Computers, they are hard to block atnd. p e s sma . also be used to blockaccessv programs executed from Web pages) can A dataeservice attack i ' . , nvolves convmci Informatio . I ' ng a computer network ' form of cor: “3:11 an intruder 5 computer. If the network is not protectleodsll;are Its net k f p er security, there is no way to prevent a machin ' y some wor rorn requesting and receiving data 8 oumlde the 5.2.1 Sniffers The Perils of the Interne Name 0 tand Practical Solutions A packet sniffer is a program that ca as they travel over the network. A sniffer can problems, as wel passwords. In a norma ethernet in clear text. It is not miscuous" mode, where it in on the network. e cybercafes, wh "pro compromise all the machines In Europe, people often us type in a login an from putting a sni 5. 3 Hackers and crackers f the 2nd Annual Hackers, Cracker l as to extract sensitive information suc l networking environment, account i hard for an intruder to put a machine into a tercepts all passing packets, and, by sniffing, to d password. What prevents the own ffer on the line and capturing their u '1‘) s 8:; Sniffers Symposium ptures data from information packets be used to troubleshoot network h as user names and nformation passes along ere they sit at a terminal and er of the café or a patron ser information? ch, HACK! Those who can, do. Those who cannot, teach. Those who cannot tea Anonymous The term hacker at first described a compu could make a computer work when others sat baffled. ed the limits of systems, ck together. Without th d free software so widely available, that did not run properly, test computer apart and putting it ba not have the open source code an we have improvements to security. However, some talented hac trespassing into files, computers, and entire netw hacker" today refers both to the enthusiast an circumvents Computer security, into a computer system and steals data, than browse through files. At the Massachusetts Institu longstanding tradition, sabotage releases rogue progr as described on their website. ter enthusiast, someone who Hackers fixed programs and spent hours taking a ese enthusiasts, we would nor would kers turned their computer skills to orks. Thus, the term "computer d also to an individual who ams on networks, or breaks 5 information, or does nothing te of Technology, hacks and hackers are a ‘8 This "hacking ethic" is udent community of fun and reflective of the MIT culture that spawned it, a st ranks online, the hacker ethic pranks. However, on contains elements tha trespass and invading other people's privacy were doing just that. Thus, we see an example 0 one not embraced by the wider population. ce the students move their p t run counter to society's ethica are not ethical, yet many hackers 1 code. For example, illegal f a their local community ethic —- 5.3.1 Threatening the cornmunity There is no good and evil, there is only power, and those too weak to seek it. Quirrel, in Harry Potter and The Sorcerer’s Stone Some early computer hackers were more lawless and less inclined to bring a smile to the face than the carefree, spirited MIT student was. The arrival of the Internet opened new turf to the pranksters. On the Internet, when a person became a hacker, he joined an elite group of insiders. These hackers could break into systems or create programs that left footprints (a message to the system administrators letting them know their system had been violated). Then they would brag to each other. Hackers, while anti—authoritarian, had no particular political agenda — theirs was a world of ego gratification. One hacker recalled his ethic in the 1980's: "Rules did not matter —~ results mattered. Rules, in the form of computer security or locks on doors, were held in total, absolute disrespect. We would be proud of how quickly we would sweep away whatever little piece of bureaucracy was getting in the way.” People began using the term "cracker" to describe someone who tries to defeat computer security by breaking encryption, guessing or stealing passwords, circumventing firewalls, or by exploiting weaknesses in networks and operating systems. The word "cracker" did not stick. Commonly, the word "hacker" covers these people as well as tinkerers although one distinction is clear — the cracker can better predict the amount of damage he or she does. When a hacker releases a virus or worm, foretelling the consequences is as difficult as predicting whether or not a tornado will touch the ground. Hacking is often a social activity, because hackers communicate with each other via the Internet, and they may even operate in Internet "cybergangs" or "cybercults." Some hackers have developed a community of anarchy, rejecting authoritarian government and accepting only their own "institutions" with the aim of the maximum amount of freedom.20 The idea of a larger social system of diverse people trying to live in harmony does not apply to this group. These hackers are like gang members, loyal to their own kind and less mindful of the larger community. Take this example: A 16—year—old hacker, one of a group calling itself Global Hell, infiltrated Pacific Bell's Internet service. The teenager lifted codes to the accounts of 200,000 subscribers. When police detectives checked the computer in his bedroom, they found that he had decrypted 63,000 of those accounts, causing PacBell to make those subscribers to change their passwords. Authorities found the boy after he bragged about his exploits in a chat room. The teenager had hacked into 26 other sites, including a master computing system at Harvard, before he was arrested. Authorities charged him with unlawful computer access and grand theft.21 Belonging to a group appears to matter. In the Columbine High School tragedy in the spring of 1999, the two boys who went on a shooting rampage previously associated with a cybergang called the "Trench Coat Mafia." Such organizations offer their members a sense of identity and often make extreme demands on members in exchange for their participation. These groups present a serious danger to Internet security because their coordinated attacks can be difficult to thwart and investigate. Like a mountaineer leaving a flag at the top of a peak, the hackers need to leave proof of their break—in, sometimes disfiguring. a web page, sometimes leaving a note for the system administrator. At the University of IllinOis, students and even employees have placed sniffers on a line to capture logins and passwords just for fun. They brag that they know their friends passwords, and they really do. I ' _ Hackers cracked the DVD encryption that prevented movre piracy, and they posted the code on numerous hacker websites, but their motivation was not theft. The encryption prevented people from using the DVDs on different platforms, and blocked any Fair Use. However, publicizmg the code allowed less skilled people to join in defeating the security and steal. With improved ' compression and increased broadband, downloading movies is much ea51er, and thus the DVD hacking paved the way for massive duplication. 5.3.2 Why do they break laws? In the 19605 and before, many a budding engineer got their start by taking apart their toys th. rked and to 'make im rovements.’ . to see how ey wo p David Miller and Cathryne Stein Before we begin discussing motives and personality types, it ought to be clear that with modern laws and case precedents, there is little debate over whether computer hacking —— the kind that breaks laws —— is legal ormoral. A “rilell reasoned paper freely available from the Internet Will explain all the issues muc fford's aper more thoroughly than we have space for here. Dr. Gene Spa ‘ 2 summarizes the arguments: Are Computer Hacker Break-ins Ethical ? He concludes that computer hacks can be justified only in extreme medical emergencies. . Hacking has parallels to other global ethical clashes we encounter. As mentioned earlier, different countries and communities develop their own ethical norms. Only over time and through experience do those norms change. Across the world right now is a sub—community of people who operate outside universal human ethical principles, and their behavior could undermine the Internet, our shared resource. . 1 Why do it? Some hackers seem to feel that they are beyond normal ethica standards. As soon as a computer is involved, these few people seem more willing to commit acts of trespass, fraud, theft, and espionage than they would in the ' absence of a computer.23 In fact, the young men and women can be seen as laying all moral questions aside while totally immersed in the thrill of domg something slightly larcenous. Hackers often defend their activities with rationalizations ifhey are simply trying to learn. ey are exposing securit weaknesses th t ghey do it for the Chauengye a need to be addressed. oftware companies/ music com ' ‘ I panies/ mov1e makers des because they charge too much for their software/ recordingesrllfeiltrhsbe haCked PWNH The answers: 1. I y ' y ' . . I e , an g C 101' 3. Can we find a less destructive challenge for them? 4. In a capitalists m - YSte , we combat high prices with c ' ‘ ' . om ~ stealing or helpmg others to steal. Petition, not With Wh. . . to one there11:2S rsntglili :irirtplzifmlber :omen in the field of computer science about three haCkers.“ roa er gender gap between male and female that the Engxample, anAustralian researcher surveyed 164 hackers and found indicated tI’laairtsureanged in de from 11 to 46 years and only 5% were female Most y engage in iacking for the challe . A ' nge, to learn, and for kicks.15 mental Shirfriotrlgdthe eixplanations for computer criminals is an inability to make a Often cam“); eve op a real-world analogy for their actions. In other words the they come. perceive the unethical nature of breaking into a computer because y we as immoral only human inter ' ' ' th ' I actions in real life —- such cl' ' leggiég: thehwmdow to enter a busmess office. The criminals do not maklzlalrrhge t l dootrs inrrtihi; 32:31:21? ipvolving tangible objects to circumventing closed n a r . we can u d ' ' better understand the haCker. n erstand this discrepancy, perhaps we can In ' ‘ dependent of their technical competence, computer criminals can remain completely undetected and leave n ' I o perceptible effects of th ' ' computers they break into are so distant and ephemeral e” acnons. The “we a gem 5.3.2 Gray hat morality They think of themselves as the Robin Hoods of cyberspace. After 12 years in the gray are , Keller became a white hat. But not all grays turn white. . .Can a white hat hacker be any good if he's never dabbled in the black?” Jen Farley Before they became a security business, a group called LOpht was a hacker group with its own ethic. They specialized in uncovering security flaws and sending out advisories about system weaknesses to anyone who wanted to read the notice. LOpht advisories harmed corporations and governments for years, yet LOpht claimed that their activities improved computer security overall.27 At one point, LOpht advisories demonstrated how to decrypt passwords on computers that ran Microsoft's NT operating system. Such activity may help malicious hackers even more than a business or the government, and it opens the door for neophyte hackers to do much harm. LOpht used three adjectives for hackers. White—hats (referring to the old Western movies where the "good guys" wore white hats) seek out security weaknesses in order to alert the government and businesses of dangers. They also do malicious acts with malicious intent, or they are hout a great deal of experience or knowledge. Of th information to do harm, such as when Facilitating malicious hacking, help catch criminals. Black-hats "script kiddies," youngsters wit course, LOpht provides these people wi script kiddies broke into 100 Cold Fusion systems. then denying responsibility is questionable at best. Gray-hats, such as LOpht members, have their own standards of ethics and morals. These self—styled Robin Hoods search out weaknesses and post them on their own website.28 Security companies send out alerts to companies daily, but part of their motivation could be to increase their own business. One official said that businesses are too lazy or greedy to secure their own web sites, and they do not deserve much protection by governments. He suggested that firms put more money and personnel into their own security.” However, with alerts coming in from the security sector, gray—hat ha and from organizations like CERT, system administrators are stretched thin. The sheer volume of the warnings that companies receive slows down their response time. On the other hand, the Internet community is unsympathetic to businesses that do not spend enough time and money on security. CERT gives companies just 45 days to fix security vulnerabilities before revealing a problem openly.30 That policy reflects a movement within the computer security industry towards more publicity. This early disclosure of weakness to the vultures circling overhead, the Black Hats, makes the faulty companies respond more quickly or pay with bad publicity and hacker attacks. An informative piece by Marcus Ranum summarizes ckers, - 1 the issues. ‘ IIO A "gray—hat" wa of ' ' . thinkin co - Microsoft . y. . g “Gems sendm Out Viru common kits/31:33,. Security warnings on the Internetgre-enforccflfilsiethalt atrtjaCk scattershm w'th ge that the Microsoft Windows operating enviro a rea Y managed a 11. security holes, at the level of the operating 5 stemnmgrlt is have won iippllgaCZZESmAlthough it is widely used, Microsoftysoftwaarr; mire t e most 0 ular ' no bl . P P Operatin s stem G;:::;€:r111:etofaghglresswe and unethical marketirgigyas shdllvfilriglhpetrjfgrmance’ n v . ' ~ ’ e . . -— their "viruseS " lcrosofl lawsmt' To some haCkersr then, it is ethicall ' ‘ ' s are exposmg weaknesses by exploiting them y Jusnflable 5.3.3 Precautions for the individual A stitch in time saves nine. Anonymous We . compumr 3:32:35?th ourselves by installing anti-viral software on eve software allows thenuoadlngdamli-vuuS definitions every week (some sec‘gllty ser 0 o t is automatic ll ' - - u to dat ' ' . a Yl~ A Virus definit' ‘ - Viliuses ae Virus Signatures and other information. Timeliness is clrc'lr'1 file contains WW . ppear at a rate of about three per day. We can che k 1 ma I as new W-Ciexorg for reliable security bulletins C WWW'Cert'Org and e also should beware of t ' I ‘ ox1c email attach messa es, and . . ments. Delete a ' ' the megssage aggfiiioflzke certaprlij to inspect the "Deleted" email foldzryasrlildldsolls move1. onoto 89 Even chat r0 - pen any '9er 'Vbsl 0r 0th ‘ integrity cheSITfSOSaer; Siend Trolan horses‘ Other Precautions Indus: igfdosed me r y warning of hard disk failur d - g an regularly. e' an Changing Our passwords We can r - network, limiting ifs/(:1: eivaesglropplgg by encoding all messages sent over orize ersons u ‘ . systems and perhaps usi . . P Sing passwords dnl-b k ' ng biometrics In b ‘ ' ‘ ac secure from ~ - L1Slnesses, the machi recovery plagniirilgiorizedentry or theft, and the company shoulrdehanf:d be it remotely. TC‘) reméggfl ImPQFlant of all, we must routinely copy data: dsaSter files h .. er baCkmg UP data, we can ima ine l '- ‘ n “We gone t e next time they want them g low M Wm feel to find 5.3.4 Network security Remember this equation: (security + privacy) — action = liability David Winder The sen . . but the volume Zil:tst::::sa‘ifehragcffig {Blight have been apparent briefly after 9/11 usual." Should people wh . 1n icates that we are back to "hacp , ._ 0 Put an insecure ma ' .mg as later is used to mount an attack, be liable for dacrlllqlne 0:1 the net, a machine that What can we do? ages' implement appropriate securit should only be attached to the Inter security of systems should ensure that security flaws h do analysis of system sec we can obtain assistance from CERT, or other such organizations defenses and repel attacks.32 5.3.5 Voice mail (vmail) hacking misuse, survey, only about one-third of voi messages. They harass voice m and damage customer and To deter automated attacks, system owners and administrators should y measures, such as firewalls. The corporate system net through a properly configured firewall. Automated tools to detect attacks should be installed and functional. The be regularly tested, using automated attacking tools, to ave not crept in during normal system administration. Id alert us when attacks are detected. We should and audit trails of all payments. Also, Automated alarms shou to help bolster urity audit trails, As the use of voice—processing systems and services has increased, abuse, and fraud of those systems has increased. Unfortunately, according to a ce—processing systems managers have taken r systems. adequate measures to secure thei change mailbox passwords, and leave abusive Hackers erase messages, cause data loss, ail system users and administrators, supplier relationships. hacking their way into mail systems and using voice Criminals are also ring services to market stolen credit cards, drugs, and mailboxes as personal answe prostitution services. These shady entrepreneurs have also discovered Automated Attendant systems that unwittingly allow access to toll services. This access gives them free calling privileges at the expense of unsuspecting companies.33 Clearly, a single individual can cause tens of millions of dollars of damage ers. How much damage can a political activist, through unethical use of comput terrorist, or soldier inflict upon a target system? Let us look. 5.3.6 After 9/11, laws change ar too many politicians and pundits will press for I expect that in the next few months, f who do so will be, whether draconian "anti-terrorist” laws and regulations. Those erating with the terrorists in their attempt to destroy our way of intentionally or not, coop “fly.” Eric Raymond The Cyber Security Enhancement Act (CSEA) of 2002, if passed, will bility to do Internet or telephone eavesdropping without Under the law, malicious computer hackers whose acts put peoples' lives at risk could face life imprisonment. The Act permits limited t order during an ongoing Internet attack or if there is wiretapping without a cour an immediate threat to national security. The surveillance would, theoretically, URLs or email header, and collect only a suspect's telephone number, IP address, not the content of an email message or a phone convers expand government's a obtaining a court order. ation. 5.3-7 . . . . . . . Political actrvrsm, cuvrl disobedience, and hacktivism I believe in civil di ’ sobedzence. I believe th t must be “bl. ' ~ . “a to break the cycle 0 via a ' ' does" It Sign] 1;!!th diret ted to the consczence of a society. But {iihathtmdg and revenge, l't ave a consczence? Is it ethical to fight evil with evil (hr? {in ihe sandy . , s 1 [us practical? I John M. Dwyer We re the middle children of history. No purpose . or U ) Great Depresszon. Our Great War is a spiritual Fla“. WL have no Great war. N0 war... our Great Depression is our lives. Tyler Durden, in Fight Club t y act of civil disobedience, then the ac ' face the conse ce 8 C n p r es e pro es e S quen s of th a tio 35 l h t y ' O . . n most cases, Olice a and ifheyt spend“ tlmfe in ’all. We are seeing a hybrid form of cirviltdt'sobedlentcer I tmanl es ed on ne, or it lacks the last qualification a ' '1 I W. , p ying the price for breaking the protester is willing to 5.3.8 Hacktivism If you have 10 people at a protest, they don ’t do much line, they could cripple a networkflo ofmwthmg' [fl/0” haw 10 pwph’ 0” Oxblood Ruffian As mentioned before, releasin foundation. The Melissa virus and its g rogue programs has no Bond Ethical clones could not have wreaked so much 5 did. The rationalizations .. . . to Scrutin d hacktiv " p Y I an man hacker gm, Sfothey can at least present a ratiorilale f :have moved towards acktiVISm lnclu . or t eir actions. P388, reworking the link the site down. The apparent inc pposmg Sites, or Shumng rease in hacktivism may be due in part to the growing importance of the Internet as a means of communication. As more people go online, websites such as the FBI, CIA, and other government, military, and business sites become high—profile targets}7 In a quasi~utilitarian hack, an environmentalist used a virus to show people how much paper they consumed when they print out documents. Her virus was a memory—resonant program that watched the printer queue, counting the number of pages that people printed. When the user consumed a tree's worth of pulp, the printer printed an image of tree rings, so the user knew how much consuming was taking place.38 I-Ier justification is, no doubt, that the ends justified the means, but it was an unauthorized use of the business computing system. A hacktivist who is acting in civil disobedience would have to be politically or ethically motivated. The five rules that define civil disobedience are: 1. There is no intentional damage to persons or property. 2. The action is non-violent. 3. The action is not for personal profit. 4. There is an ethical motivation. 5. The people are willing to accept personal responsibility for their actions. With terrorism, on the other hand, the act is violent against property or unarmed people, and the perpetrator often dies in the process or runs and hides afterwards. A few years ago, on October 12, Columbus Day in the US, hacktivists attacked the website of the Mexican president. The cyberactivists wanted to demonstrate resistance to "centuries of colonization, genocide and racism in the western hemisphere and throughout the world?” Another method of protest is the virtual sit-in, a more genteel way to refer to the denial of service attack.” Protesters block a government or corporate website, preventing legitimate use. In most instances, email messages are posted on the Internet advising people to send email to a server, or visit the hacktivist website and "commence flooding!" by clicking on an icon that launches a denial of service software program.“ Alternatively, real or faked demand will create a bottleneck as thousands of people try to log into a site at the same time, overloading it. A computer hacker, allegedly associated with the White Supremacist movement in the U.S., temporarily disabled a Massachusetts ISP (Internet Service Provider). The hacker damaged part of the ISP's record keeping system. The [SP had previously attempted to stop the hacker from sending out racist messages. The hacker signed off with the threat: "You have yet to see true electronic terrorism. This is a promise.”12 What is unclear in many attacks on websites is any ethical motivation. Typically, a person performing civil disobedience leaves a clear message. As one person said, "It seems a lot of talent is wasted on either frivolous or dangerous . “WM.” ,. , v 122 action. It's sort of like hi . . ghbrow vandalism. lt' ' ' that one [is domg this for hacktivism reasons become quxte com/enlth to say s Dorothy Denning reported, these hacktivists view their operations as a ' ' cts of cml disobed‘ . . ience, an igggtprotislts and phy51cal Sit-ins, not as acts of violeefigfgus to rism. is is an important dist' ' r _ . . ’ I . inction. Mo ’ ' iagcipating in the Million Mom's March or a I/i/zbtlsitl—sitrf, Whemer rists. My personal View is that the threat of cyberterfcfrli: mm m has been mainl ' y theoretical, but it is ' reasonable precautions against.44 somethmg to watCh and take Cyberterrorism is th ' . e combination of t ' conglsts of errorism and c ' the informaiitpéivztful :tacks or threats of attack against compiiliilsspnfie’ and 1t its p80 1e t f ore inthem. The goal is to intimidate or coe I works, and PT (aurther political or social objectives 45 me a government or ra it' ' ' . eXhausted all lieogi‘iflelillly;npt:iople do not use c1v11 disobedience until the hav e 165, such as appealing to the school administration 0 r legal authorities and ' I . . . 3 gomg throu h the inCidents c1v11 disobedience, or areg they sirglESrrncdficnre the fouowmg Scenario I In the closing hours of the 2000 ‘ the Sit ' I election cam ai , ‘ messagé): :::tl:1:pu§llCatl National Committee. At thl: lagslt1 EarsthznclialeEd committee deniegieit y‘isciltors to vote for Core. The Democratic Nafiondl e t intmders h df a any connection to the act of vandalism d ' a orced the shutdown their own external email sysfear: “said Scenario II In 1999 someone ' . I posted a notice th t h - . Was Check - a t 6 National 59 ATP 9053553513; key Words. The keywords included thillglévfiigency (NSA) HANDGUN MILGOV Y RIDGE OKC OKLAHOMA CITY MILITIA Grflghled flags; PROMIS MOSSAD NAASSAULT RIFLE TERRORISM BOMB DRUG KOR REVOLUTION CHEROSQEIESIEIM CID AK47 M16 C4 MALCOLM x ESH AR WACKENI—IUT TERRORIST Y BILL CLINTON CORE GEORGE BUSH In response protester d ' h . I . .s ec1ded to put thes k - - Suitirmgps and in their email in order to jam the SSX£¥3355 :2 theirmessages to , g vernments may have constructed a massive global systeciiffdmg to or monitorin all ' ‘ ' s t g electronic communications — the m ster' ys em known as Echelon.47 y mus, undocumenmd [‘0 Scenario Ill Hackers raided the Tass Agency website in protest over Chechen raids. They called themselves 'princes of darkness' and 'angels of freedom' and demanded that Russia stop the war in Chechnya. An email also protested the "murder of peaceful Chechensf“ 5.4 Crime and law enforcement s in law enforcement who say the this holds true for CEO. ’5, cutives who are running billio the weasel ’s tail here. only crooks that get caught are the it's bad news for the economy. I have n-dollar companies are I have some friend stupid ones. Assuming to think that at least a few of the exe smart, so we might be seeing the tip of Scott Adams New technologies are often converted to unforeseen criminal uses. After horseless carriages appeared, bank robbers quickly began using motorcars for quick getaways from crime scenes. Likewise, after the telephone became part of our lives, stalkers began using them to contact their targets. The Internet's original function was to allow scientists to share information, thus every effort went into making communication possible across all kinds of systems. Unfortunately, some programmers soon realized they could arrange for computers to divert funds from one bank account to another, and hackers could break into databases and alter information. Over the ensuing decades, computer crime has been increasing in scope and in complexity.49 Computer crime could stifle the expansion of electronic commerce and, potentially, pose a serious threat to public health and safety, particularly when we look at th bility of critical infrastructures, such as e vulnera the air traffic control system, power grid, and national defense systems — all of which are totally dependent on computer networks.50 Computer criminals copy databases, intercept transmissions, and erase or alter data. Credit histories, bank balances, PINS (personal identification numbers), and credit card numbers are sold to the highest bidder. Many computer crimes are old genres taking on new life such as fraud, embezzlement, extortion, stalking, libel, theft of information and of intellectual property and services, child pornography, sabotage, espionage, and illegal gambling. In some crimes, computers are to abet the criminal offense, such as when drug traffickers store information on computers or where the evidence of health care fraud or other white—collar crimes is stored on computer netw0rks. A few computer—related crimes are new, including rogue programs, trafficking in passwords, and denial of service attacks. Not all computer crimes are committed by using bits and bytes. Traditional forms of criminal activity —— such as cargo theft —— are a major problem for the computer industry. Highly organized and targeted, cargo theft involves stealing from freight carriers. In Silicon Valley and other computer areas, such 5.4.1 White collar crime J J J f (I) Llllllt “’1 “IL r ~ -. ' ' . Jim—employee public company. 53 P Odmt containing purlomod code into a thriving Peter Burro What makes the [A vant!] case WS uni 1 " that wasfmmded and built on a it 15 that you have I I. stolen property.” u l ' ' us Finkelstein, Santa Clara County Deputy District Atto rney Gerry Hsu as CEO of . , Ava t' up to a public company with 1,500f1 a large, publicly traded company d Hsu and his partners, st to charges that they ncovered stolen code at and i 2 ' n 001, Hsu and five p managers pleaded no conte cons ired O pf ‘ to steal Cadence software‘s5 Two 01' ' ne 0 ficer 5 home and in Avant" p Ice ralds u million, an insignificant sum co other top Avant! as h’5 legal expenses . Jall' The Ava”! board aid Hs ' ' Chief strategistsé , and he remalned as the chairman of ADV u 5 fm are not easily accom 1‘ . - . P lShed. Had it no ded1cated district attorney, the Avant, t be?“ for an We - I) j e (HIV! [8] l” 5.4.2 Insider crime I ’m sure you've all heard the old wives’ tale that no hypnotized subject may be forced to do that which is repellent to his moral nature, whatever that may be. Nonsense of course. Dr. Yen L0, in The Manchurian Candidate In order to keep government, military, and business computers free from unwanted intrusion, system managers must contend with more than the malevolent hacker. One of their greatest threats is the inSider, the person who has legitimate access to machines within the organization, and then uses that access to do intentional or unintentional harm. If trust is not strong, and loyalty and ethics are eroded, then the only deterrent could be law enforcement.57 Many forms of high—tech crime are committed by current or former employees. Rigorous personnel security practices, including background checks, can reduce vulnerability in high—risk companies. An insider is more dangerous than an outsider because of the knowledge of the internal environment, the speed of attack, and relative ease of accessibility. System designers try to perfect the ideal "safe" environment, one that will check the progress of insiders as they move through the system. Insiders know exactly what assets to aim for, of course, because they are close to the computers and the treasures locked within these machines. This book began with an emphasis on the word "trust." Insiders are by definition trusted, for they have access to the computers. The prevalence of insider crime reflects badly on the trust shared among employees, loyalty to a company, and management practices. 5.4.3 Harassment and cyberstalking You're a young girl, you should be at home now. You should be going with boys ,you should be going to school, you know, that kind of stufl. Robert de Niro, in Taxi Driver Harassment on the Internet can take a variety of guises. Perpetrators can send abusive, threatening, or obscene email messages. They may commit electronic sabotage, by sending the victim hundreds or thousands of junk email messages (spam) or sending computer viruses. A harasser can impersonate his or her victim online, and send abusive email or spam in the victim's name. The harasser may subscribe the victims to a number of mailing lists, with the result that they receive hundreds of unwanted email messages everyday. Cynthia Armistead of Atlanta, Georgia, received threatening and obscene email messages from a cyberstalker, as well as harassing telephone calls. Her harasser posted fake advertisements to a Usenet discussion group. The ads offered 5.6 Cell phone crime Have you been followtd I - e at all duri ’ kind of surveillance at all? Anythigif‘mc versations and forw , or cause the phone's owner t I ‘ ’ . . 11st ft to days? Any suspzczous phone calls? Am/ FBI agent, in Die Hard: With a Vengeance , future viruses may target assistants (PDAs). The new viruses ard them to other people, steal L 0 face enormous 5.7 Fraud Floyd: Doyle, I KNOW [gave himfour THREES. He had to make a SWITCH. We can't let him get away with that. Doyle: What was I supposed to do —— call him for cheating better than me, in front of the others? Paul Newman and Robert Redford, in The Sting People can use computers to engage in new kinds of consumer fraud that would have never been possible before. In one case, two hackers in Los Angeles pleaded guilty to computer crimes involving contests at local radio stations. When the stations announced that they would award prizes to a particular caller, for example the ninth caller, the hackers manipulated the local telephone switch to ensure that the winning call was their own. Their prizes included two Porsche automobiles and $30,000 in cash. Both of perpetrators received substantial jail terms.73 Some frauds use technologies unique to the Internet. In one case, the Federal Trade Commission sued an group that essentially hijacked consumers' modems. When a consumer viewed its site, the viewer program disconnected the computer from the consumer's own access provider and dialed an international telephone number purportedly linked to Moldova, one of the Russian Republics. Charges continued to accrue until the computer was turned off. When the telephone bills arrived, they reflected the costly international calls." Online auctions by far have sparked the largest number of complaints to the Internet Fraud Complaint Center; the federal office that tracks fraud on the Internet. The FBI stated that online auctions accounted for about 50 percent of the complaints. The center receives an average of 1,000 complaints a week.75 5.7.1 Gambling Fraud Your mother has this crazy idea that gambling is wrong. Homer, in The Simpsons Computer crime hit the horseracing world when three men, who all had been in the same college fraternity, "fixed" a Pick Six ticket that paid a $3.1 million jackpot. The group member who was an insider worked as a senior programmer with Autotote, a company that processed computerized bets on the Breeders’ Cup and other races. He pleaded guilty in federal court to conspiracy to commit wire and computer fraud and money laundering. The insider placed an electronic phone bet and later modified it using his Autotote access so it would win in the Pick Six at the 2002 Breeders' Cup. Investigators found that he "fixed" at least three other winning multiple—race tickets.“ Sadly, the National Thoroughbred Racing Association and IBM had earlier recommended to racetracks that they make a $100 million investment in technology upgrades and that they purchase of a company handles all bets and computes the payoffs in pari—mutuel betting. The industry rejected the proposal outright.77 ...
View Full Document

This note was uploaded on 01/03/2012 for the course CIS 3347 taught by Professor Ronviseh during the Fall '11 term at University of Houston.

Page1 / 12

ComputerCrime - 52:36“ 106 W l9 Safe Surfin‘.

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online