Professional Documents
Culture Documents
Lecture 39
Cyber Crime
1
Table rows are called records; row elements are called fields
3
RDBMS
Relational DBMS software Examples:
Access FileMaker Pro SQL Server Oracle
Server-based/Multi-user/Enterprise (GB-TB)
These two processing delays, the associated processing, and time spent in writing and maintaining the translation code are the key disadvantages of the current RDBMSes
Forms can be used for entering, editing, or viewing data, one record at a time 9
10
11
12
07 February 2000
Users trying to get on to the Web sites of Yahoo, couldnt! Reason: Their servers were extremely busy! They were experiencing a huge number of hits The hit-rate was superior to the case when a grave incident (e.g. 9/11) occurs, and people are trying to get info about what has happened The only problem was that nothing of note had 13 taken place!
In the weeks leading to the attack, there was a noticeable rise in the number of scans that Internet servers were receiving
Many of these scans appeared to originate from IP addresses that traced back to Korea, 14 Indonesia, Taiwan, Australia
15
18
The Aftermath
None of the Yahoo computers got broken-into; The attackers never intended to do that None of the user data (eMail, credit card numbers, etc.) was compromised Ill-effects:
Yahoo lost a few millions worth of business Millions of her customers got annoyed as they could not access their eMail and other info from the Yahoo Web sites
20
After installing the DoS SW on the drones, setting the target computer and time, the attackers carefully wipe away any info on the drone that can be used to track them down
End result: Almost impossible to track and 21 punish clever attackers
Internet does not know any geographical boundaries, therefore jurisdiction is a key issue when prosecuting the cyber-criminal 23
24
Cyberwar! (1)
In 1997, blackouts hit New York City, Los Angeles The 911 (emergency help) service of Chicago was shut down A US Navy warship came under the control of a group of hackers What was happening? A cyber attack!
25
Cyberwar! (2)
All of the above did not happen in reality, but in a realistic simulation The US National Security Agency hired 35 hackers to attack the DoDs 40,000 computer networks
By the end of the exercise, the hackers had gained root-level (the highest-level!) access to at least 3 dozen among those networks 26
Cyberwarfare:
A clear and present threat as well opportunity for all of the worlds armed force!
27
Cyberwarfare Cybercrime
28
More cybercrimes
29
Mail Bombing
Similar in some ways to a DoS attack A stream of large-sized eMails are sent to an address, overloading the destination account This can potentially shut-down a poorlydesigned eMail system or tie up the telecom channel for long periods Defense: eMail filtering
30
Break-Ins
Hackers are always trying to break-in into Internet-connected computers to steal info or plant malicious programs
31
The thief then uses that info to order stuff on the Internet
32
Defense: Use single-use credit card numbers for your Internet transactions
33
For whatever reason, many computer users do not consider it to be a serious crime, but it is!
34
35
Industrial Espionage
Spies of one business monitoring the network traffic of their competitors They are generally looking for info on future products, marketing strategies, and even financial info
The collected credit card info is either auctioned on the Web or used to buy goods and services on the Web 37
Viruses (1)
Self-replicating SW that eludes detection and is designed to attach itself to other files Infects files on a computers through:
Floppy disks, CD-ROMs, or other storage media The Internet or other networks
38
Viruses (2)
Viruses cause tens of billions of dollars of damage each year One such incident in 2001 the LoveBug virus had an estimated cleanup/lost productivity cost of US$8.75 billion The first virus that spread world-wide was the Brain virus, and was allegedly designed by someone in Lahore
39
Neutral
May display an annoying, but harmless message
Helpful
May hop from one computer to another while 40 searching for and destroying malicious viruses
Anatomy of a Virus
A virus consists of 2 parts: Transmission mechanism
Payload
41
Transmission Mechanism
Viruses attach themselves to other computer programs or data files (termed as hosts) They move from one computer to another with the hosts and spring into action when the host is executed or opened
42
Payload
The part of the virus that generally consists of malicious computer instructions The part generally has two further components:
Infection propagation component:
This component transfers the virus to other files residing on the computer
Use floppy disks and CDROMs that have been used in trusted computers only
When transferring files from your computer to another, use the write-protection notches
44
45
Antivirus SW
Designed for detecting viruses & inoculating
Continuously monitors a computer for known viruses and for other tell-tale signs like:
Most but, unfortunately not all viruses increase the size of the file they infect Hard disk reformatting commands Rewriting of the boot sector of a hard disk
The moment it detects an infected file, it can 46 automatically inoculate it, or failing that, erase it
Three types:
Trojan horses Logic- or time-bombs Worms
47
Trojan Horses
Unlike viruses, they are stand-alone programs The look like what they are not
They appear to be something interesting and harmless (e.g. a game) but when they are executed, destruction results
48
Logic- or Time-Bombs
It executes its payload when a predetermined event occurs Example events:
A particular word or phrase is typed
Worms
Harmless in the sense that they only make copies of themselves on the infected computer Harmful in the sense that it can use up available computer resources (i.e. memory, storage, processing), making it slow or even completely useless
50
51
Todays Lecture:
We found out about several types of computer crimes that occur over cyber space We familiarized ourselves with with several methods that can be used to minimize the ill effects of these crimes
52