Download and Preview : Hacking KSU Faculty Web Faculty Web Pages
Report CopyRight/DMCA Form For : Hacking KSU Faculty Web Faculty Web Pages
THIS PRESENTATION WALKS YOU THROUGH THEBaase Ch 5 CrimeCOURSE TEXTBOOK A GIFT OF FIRE 4TH EDITIONCHAPTER 5 CRIMEThis chapter will introduce you to . Hacking Identity Theft and Credit Card Fraud Whose Laws Rule the WebCorresponding page number 229 Baase Ch 5 Crime. Intentional unauthorized access tocomputer systems The term has changed over time Phase 1 The joy of programming Early 1960s to 1970s. It was a positive term A hacker was a creative programmer whowrote elegant or clever code A hack was an especially clever piece ofCorresponding page number 230 231. Baase Ch 5 CrimePhase 2 1970s to mid 1990s Hacking took on negative connotations Breaking into computers for which thehacker does not have authorized access. Still primarily individuals Includes the spreading of computer wormsand viruses and phone phreaking Companies began using hackers to analyzeand improve security.Corresponding page number 231 232 Baase Ch 5 CrimePhase 3 The growth of the Web and mobile Beginning in mid 1990s The growth of the Web changed hacking .viruses and worms could be spread rapidly Political hacking Hacktivism surfaced Denial of service DoS attacks used to shutdown Web sites Large scale theft of personal and financial.informationCorresponding page number 232 235 Baase Ch 5 CrimeIs harmless hacking harmless Responding to nonmalicious or prank.hacking uses resources Hackers could accidentally do significant Almost all hacking is a form of trespass Corresponding page number 235 Baase Ch 5 Crime.Hacktivism or Political Hacking Use of hacking to promote a political cause Disagreement about whether it is a form ofcivil disobedience and how whether itshould be punished. Some use the appearance of hacktivism tohide other criminal activities How do you determine whether somethingis hacktivism or simple vandalism Corresponding page number 236 237. Baase Ch 5 CrimeHackers as Security Researchers White hat hackers use their skills todemonstrate system vulnerabilities andimprove security.Corresponding page number 237 239 Baase Ch 5 CrimeHacking as Foreign Policy Hacking by governments has increased Pentagon has announced it would consider.and treat some cyber attacks as acts ofwar and the U S might respond withmilitary force How can we make critical systems saferfrom attacks .Corresponding page number 239 240 Baase Ch 5 Crime An extremely sophisticated worm Targets a particular type of control system Beginning in 2008 damaged equipment in.a uranium enrichment plant in IranCorresponding page number 240 Baase Ch 5 Crime Hacking is a problem but so is poor Variety of factors contribute to security.weaknesses History of the Internet and the Web Inherent complexity of computer systems Speed at which new applications develop Economic and business factors. Human natureCorresponding page number 241 244 Baase Ch 5 Crime Internet started with open access as ameans of sharing information for research . Attitudes about security were slow to catchup with the risks Firewalls are used to monitor and filter outcommunication from untrusted sites or thatfit a profile of suspicious activity . Security is often playing catch up tohackers as new vulnerabilities arediscovered and exploited Corresponding page number 241 244 Baase Ch 5 Crime.Responsibility for Security Developers have a responsibility to developwith security as a goal Businesses have a responsibility to usesecurity tools and monitor their systems to.prevent attacks from succeeding Home users have a responsibility to askquestions and educate themselves on thetools to maintain security personalfirewalls anti virus and anti spyware .Corresponding page number 244 245 Baase Ch 5 CrimeDiscussion QuestionsIs hacking that does no direct damage avictimless crime .Do you think hiring former hackers toenhance security is a good idea or a badidea Why Corresponding page number 230 245 Baase Ch 5 Crime.The Law Catching and Punishing Hackers 1984 Congress passed the Computer Fraudand Abuse Act CFAA Covers government computers financial andmedical systems and activities that involve.computers in more than one state includingcomputers connected to the Internet Under CFAA it is illegal to access a computerwithout authorization The USA PATRIOT Act expanded the definition of.loss to include the cost of responding to anattack assessing damage and restoringsystems 14Corresponding page number 245 Baase Ch 5 Crime.The Law Catching and Punishing Hackers Catching hackers Law enforcement agents read hackernewsletters and participate in chat roomsundercover. They can often track a handle by lookingthrough newsgroup or other archives Security professionals set up honey pots whichare Web sites that attract hackers to record and Computer forensics specialists can retrieve.evidence from computers even if the user hasdeleted files and erased the disks 15 Investigators trace viruses and hacking attacksCorresponding page number 246by using ISP records and router logs. Baase Ch 5 CrimeThe Law Catching and Punishing Hackers Penalties for young hackers Many young hackers have matured and gone onto productive and responsible careers. Temptation to over or under punish Sentencing depends on intent and damage Most young hackers receive probation community service and or fines Not until 2000 did a young hacker receive time.in juvenile detentionCorresponding page number 247 248 Baase Ch 5 CrimeThe Law Catching and Punishing HackersWhat is your view about criminalize.virus writing and hacker tools Corresponding page number 248 249 Baase Ch 5 CrimeThe Law Catching and Punishing Hackers Expansion of the Computer Fraud and. The CFAA predates social networks smartphones and sophisticated invisibleinformation gathering Some prosecutors use the CFAA to bringcharges against people or businesses that do.unauthorized data collection Is violating terms of agreement a form ofCorresponding page number 248 249 IDENTITY THEFT AND CREDIT CARDBaase Ch 5 Crime.Stealing Identities Identity Theft various crimes in which criminalsuse the identity of an unknowing innocent person Use credit debit card numbers personalinformation and social security numbers. 18 29 year olds are the most common victimsbecause they use the Web most and areunaware of risks E commerce has made it easier to steal and usecard numbers without having the physical card.Corresponding page number 250 253 IDENTITY THEFT AND CREDIT CARDBaase Ch 5 CrimeStealing Identities Techniques used to steal personal and financial.information Requests for personal and financial informationdisguised as legitimate business communication Phishing e mail Smishing text messaging. Vishing voice phishing Pharming false Web sites that fish for personaland financial information by planting false URLsin Domain Name Servers Online resum s and job hunting sites may.reveal SSNs work history birth dates and otherinformation that can be used in identity theftCorresponding page number 252 253 IDENTITY THEFT AND CREDIT CARDBaase Ch 5 Crime.Responses to Identity Theft Authentication of email and Web sites Use of encryption to securely store data so it isuseless if stolen Authenticating customers to prevent use of stolen.numbers may trade convenience for security In the event information is stolen a fraud alert canflag your credit report some businesses will coverthe cost of a credit report if your information hasbeen stolen.Corresponding page number 253 256 IDENTITY THEFT AND CREDIT CARDBaase Ch 5 CrimeResponses to Identity Theft Authenticating customers and preventing use of.stolen numbers Activation for new credit cards Retailers do not print the full card number andexpiration date on receipts Software detects unusual spending activities.and will prompt retailers to ask for identifyinginformation Services like PayPal act as third party allowinga customer to make a purchase withoutrevealing their credit card information to a.Corresponding page number 255 256 IDENTITY THEFT AND CREDIT CARDBaase Ch 5 CrimeBiometrics Biological characteristics unique to an individual. No external item card keys etc to be stolen Used in areas where security needs to be high such as identifying airport personnel Biometrics can be fooled but more difficult to doso especially as more sophisticated systems are.Corresponding page number 257 258 Baase Ch 5 CrimeWHOSE LAWS RULE THE WEBWhen Digital Actions Cross Borders Laws vary from country to country . Corporations that do business in multiplecountries must comply with the laws of allthe countries involved Someone whose actions are legal in theirown country may face prosecution in.another country where their actions areCorresponding page number 258 262 Baase Ch 5 CrimeWHOSE LAWS RULE THE WEBYahoo and French censorship. Display and sale of Nazi memorabilia illegalin France and Germany Yahoo was sued in French court becauseFrench citizens could view Nazimemorabilia offered on Yahoo s U S based.auction sites Legal issue is whether the French lawshould apply to Yahoo auction sites onYahoo s computers located outside ofFrance 25.Corresponding page number 260 261 Baase Ch 5 CrimeWHOSE LAWS RULE THE WEBApplying U S copyright law to foreign companies Russian company sold a computer program that.circumvents controls embedded in electronicbooks to prevent copyright infringement Program was legal in Russia but illegal in U S Program s author Dmitry Sklyarov arrestedwhen arrived in U S to present a talk on the.weaknesses in control software used in ebooks After protests in U S and other countries hewas allowed to return to Russia Corresponding page number 261 Baase Ch 5 Crime.WHOSE LAWS RULE THE WEBArresting executives of online gambling and payment An executive of a British online gamblingsite was arrested as he transferred planesin Dallas Online sports betting is not.illegal in Britain Unlawful Internet Gambling EnforcementAct prohibits credit card and online payment companies from processingtransactions between bettors and gambling.Corresponding page number 262 Baase Ch 5 CrimeWHOSE LAWS RULE THE WEBLibel Speech and Commercial Law Even if something is illegal in both.countries the exact law and associatedpenalties may vary In cases of libel the burden of proof differsin different countries Corresponding page number 262 263. Baase Ch 5 CrimeWHOSE LAWS RULE THE WEBLibel Speech and Commercial Law Libel tourism Traveling to places with strict libel laws in order. SPEECH Act of 2010 makes foreign libeljudgments unenforceable in the U S if theywould violate the First Amendment Foreign governments can still seize assets Where a trial is held is important not just for.differences in the law but also the costsassociated with travel between the countries cases can take some time to come to trial and mayrequire numerous trips Freedom of speech suffers if businesses follow.laws of the most restrictive countries Corresponding page number 263 264 Baase Ch 5 CrimeWHOSE LAWS RULE THE WEBLibel Speech and Commercial Law. Some countries have strict regulations oncommercial speech and advertising Corresponding page number 264 Baase Ch 5 CrimeWHOSE LAWS RULE THE WEB.Discussion QuestionsWhat suggestions do you have forresolving the issues created bydifferences in laws between differentcountries .What do you think would work andwhat do you think would not Corresponding page number 263 264 Baase Ch 5 CrimeCULTURE LAW AND ETHICS. Respecting cultural differences is not thesame as respecting laws Where a large majority of people in acountry support prohibitions on certaincontent is it ethically proper to abandon.the basic human rights of free expressionand freedom of religion for minorities Corresponding page number 265 Baase Ch 5 CrimePOTENTIAL SOLUTIONS.International agreements Countries of the World Trade Organization WTO agree not to prevent their citizensHacking as Foreign Policy. Hacking by governments has increased. Pentagon has announced it would consider and treat some cyber attacks as acts of war, and the U.S. might respond with military force. How . can we make critical systems safer from attacks? Hacking. 239-240. Baase Ch 5 Crime. Many cyber attacks come from China.