1 / 38

S10: Computer Crime and Security, Part 1

C20.0001 Information Technology in Business and Society. S10: Computer Crime and Security, Part 1. Prof. Dylan Walker. Take a Bite Out of (Cyber) Crime. McGruff, crime dog, goes cyber

lziemer
Download Presentation

S10: Computer Crime and Security, Part 1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. C20.0001 Information Technology in Business and Society S10:Computer Crime and Security,Part 1 Prof. Dylan Walker

  2. Take a Bite Out of (Cyber) Crime McGruff, crime dog, goes cyber McGruff the crime dog is jacking in to the Net. In surely the most convincing sign yet that Internet crime has gone mainstream, the National Crime Prevention Council is teaming up - somewhat incongruously - with the Chief Marketing Officer Council to unleash McGruff on a new virtual beat. Spurred by frightening online crime stats, like the fact that "77% of youths are contacted in some manner by online predators by age 14," the new McGruff campaign has picked up backing by big-name tech firms including Intel, McAfee, Verisign, USA Today and CNET. To match his new turf, the dog has tweaked his old line. He now says: "Take a Bite Out of Cyber Crime." The idea is cute, but the backing is serious. For example, Comcast, reports the Philadelphia Inquirer will ante up $2 million in televised public service announcements. CNNMoney - Monday, September 11, 2006

  3. Learning Objectives for Sessions 10&11 Computer crime and security • Understand some common forms of computer crime and their impact on individuals and businesses • Recognize some common classes of viruses, how they work, how they spread, and their impact on individuals and businesses • Understand how denial of service (DoS) and distributed DoS attacks are implemented • Discuss spyware, web defacing, identity theft and their consequences • Discuss some typical computer security precautions • Understand the basics of cryptography, symmetric key encryption, and public/private key encryption (and the applications in digital signatures)

  4. Security and Employees Most of the press reports are about outside attacks on computer systems, but actually, companies are in far more danger of losing money from employee misconduct than they are from outsiders.

  5. Security and Outside Threats • 85% of large companies and governmental agencies were broken into during 2003. • 64% suffered financial loss; Only 35% could estimate the loss value. • Fraud examiners’ Rule of Thumb - Employees • 10% honest • 10% steal • 80% depends on circumstances • Jupiter Media Metrix: Cyber-security issues cost businesses almost $25 billion by 2006 up from $5.5 billion in 2001 • Security products market: tripled from 2002-2005 to $21 billion

  6. TECHNOLOGY AS A WEAPON • Suppose you really wanted to be malicious or nasty to someone. What are all the different IT-related ways in which you could go about this? • Now suppose you were potentially the target. How would you go about protecting yourself?

  7. Types of computer crime

  8. Security: The Players • Hackers:very knowledgeable computer users who delight in having intimate knowledge of systems inner workings. Crackers: use their knowledge to invade other people’s computers. • White-hat hackers: Find vulnerabilities in order to fix them, they notify owners about problems and holes • Black-hat hackers: Find vulnerabilities and exploit them for personal benefit • Hacktivists: They break systems to protest; targets usually have high symbolic value (e.g., CIA, DoD, etc.) • Script kiddies / Script bunnies: Users who know little programming but use ready tools to exploit vulnerabilities

  9. Hackers Video • http://www.youtube.com/watch?v=R9vDzaBwD_k&feature=related

  10. Viruses What exactly is a virus? Some commonly encountered viruses Some common types of viruses • Program or set of programs • Written to cause annoyance or damage (200 new ones every day) • Welchia, SoBig, Blaster, Slammer, Code Red, Love Bug, Melissa • Stand-alone viruses – can run without a VB script. • Macro viruses – infects an app and runs a macro or program. (can be an email virus like Melissa) • Worms – Self replicating, unlike viruses do not need to attach to an existing program or app. • Trojan horses (not really a virus but usually classified as such) – seems to one thing but performs another (e.g. install backdoors)

  11. Viruses Example: The Love Bug

  12. Love Bug’s Objectives • Spread itself by mailing itself to everyone through Outlook address book and Internet chat software • Melissa was only for first 50 addresses • Wipes out files with certain extensions • .doc, .xls, .wav, .jpg,…………. • Puts itself in their place and adds .vbs • Changes IE Start page and downloads program looking for passwords sending them by email to the virus originator

  13. Other security attacks • Spoofing - the forging of the return address on an e-mail so that the e-mail message appears to come from someone other than the actual sender. • Klez (appears to come from a technical support person) • Key logger, or key trapper, software - a program that, when installed on a computer, records every keystroke and mouse click. • Available in trojan horse form so you can hide it in email • e.g., SC-Keylog http://www.majorgeeks.com/download4136.html

  14. DoS and D-DoS attacks: What are they • Denial-of-service (DoS) attacks: • Attack a machine/server and make it unusable (e.g., flood a Web site with so many requests for service that it slows down or crashes.) • Usually the attacker does not get access to the system which is being attacked • Distributed denial-of-service (D-Dos): • Attack a single machine/server from multiple computers (e.g., flood a Web site with so many requests for service that it slows down or crashes.) • The term “Ping of Death” is NOT used to describe the D-DoS described in the textbook (i.e., the textbook is wrong) • E-trade, Amazon, Yahoo, Microsoft, Whitehouse…

  15. Ping of Death • A ping of death: A ping is normally 64 bytes; many computer systems cannot handle a ping larger than the maximum IP packet size, which is 65,535 bytes. Sending a ping of this size can crash the target computer. • Sending a 65,536 byte ping packet is illegal according to networking protocol, but a packet of such a size can be sent if it is fragmented; when the target computer reassembles the packet, a buffer overflow can occur, which often causes a system crash.

  16. Distributed denial-of-service attacks Target Sets of company servers are hacked Sets of company servers are hacked At a specific time, all hacked servers ‘ping’ their clients, but with a wrong reply IP address The clients reply to the wrong IP address, which is the target The clients reply to the wrong IP address, which is the target The target web site is overloaded

  17. Spyware • Software that gathers information about users without their knowledge • Initially created for marketing purposes, and called adware. • Tracks Web surfing or online buying so marketers can send you targeted--and unsolicited--ads • Potential Damage: • Monitor keystrokes (including username, passwords, email content); take snapshots of screen; scan your hard disk. • Having a number of unauthorized programs running on your PC at once makes it sluggish, unstable, and, ultimately, more likely to crash. • Monitors and transmits user activity to someone else. Other spyware may have a more malicious intent, such as stealing passwords or credit-card information.

  18. Spyware • How do we get it? • Insidious: the user often unwittingly installs spyware when trying to install something else • Simply clicking on a banner ad can install spyware. • Worms, which are self-propagating viruses, can also carry spyware. They search for machines that don't have up-to-date security patches. • Sometimes spyware is secretly bundled with free software you download from the Internet. Sites that offer music-sharing, videos, weather data, games, and screen savers often are paid to distribute adware. • When you install the software, you might see a pop-up window that asks you to agree to certain conditions. Most users just click “I agree” without reading the fine print. Often they are authorizing the installation of additional data-collection and ad-serving software that can muck up their PCs.

  19. Web defacing How would someone go about ‘defacing’ a web site? • Find a username and password which provides (FTP) access to the server on which the web site’s files are stored • If someone knew your NetID and Stern password, they could post a web site under your identity How can defacing affect the firm whose site changes?

  20. Computer CrimeWeb Defacing

  21. Computer CrimeWeb Defacing

  22. Example of Computer Crime • Identity theft (Movie “Face Off”) • Existed before the web/Internet but became widespread only after… • Theft of SSN, driver’s license, credit cards: • Financial charges, ruin your credit ratings • Bill X-rated material on your account • Engage in illegal activities with your identity (E-Bay) • Phishing • attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message

  23. Security precautions The most effective security precautions More commonly used precautions by organizations • Lock up your computers, disconnect them from all networks, don’t use shared storage media. • Data backups • Anti-virus software • Firewalls (keep outsiders out) • Access authentication (keep insiders out) • Encryption • Intrusion-detection and security-auditing software

  24. Security precautions Individual precautions Precautions built into web browsers/email clients • Be careful when you download and install free software. Always check the site you download software from. • When your browser asks you whether you want to install/run any software, say no unless you know exactly what you’re doing. • Open only those email attachments you were expecting. • Install anti-virus software on your computer. Schedule a daily scan. Enable periodic anti-virus updates (LiveUpdate). • Permit only a small set of carefully screened content types • Do not allow writing/modifying user disks (minor exceptions) • Allow users to block out ‘suspicious’ content

  25. Password Precautions A simple precaution: changing your password at Stern Guidelines for strong passwords • http://simon.stern.nyu.edu • Pre-requisite for posting your Web site on the Stern server • At least 8 characters long • One or more chaNgeS of cAse • One or more numerical d1g1ts • One or more non-alph@numer!c ch@racters, in betwe*en • Change your password periodically • Use “temporary travel passwords” if you will have to use public computers

  26. Firewall • Network layer (TCP/IP): packet filtering • Application layer: FTP, Telnet • Hardening of an operating system involves the removal of all non essential tools, utilities and other system administration options, any of which could be used to ease a hacker's path to your systems. Attack Message Hardened Client PC Firewall Internet Attacker Hardened Server With Permissions Corporate Network

  27. Technical Aspects of Information Security

  28. Four Critical Information Security Issues • Confidentiality • keeping information from unauthorized usage. • Authentication • determining whose information you are receiving • determining who is on the other end before sending information • Non-repudiation • preventing repudiation after an agreement by dealing with digital signatures • Integrity Control • determining whether the information you receive is genuine (or unadulterated).

  29. Cryptography • http://www.youtube.com/watch?v=XeaZGt8_j1k&feature=related

  30. Cryptology: Cryptography and Cryptanalysis • Two concepts • Cryptography: the art of devising ciphers • Cryptanalysis: the art of breaking ciphers • Two types of cryptography • Symmetric Key Algorithm • One common secret key to encrypt and decrypt • Public Key Algorithms • Two set of keys • Use Publickey to encrypt a message • Use Privatekey to decrypt • Diffie and Hellman (1976) • RSA--Rivest, Shamir, Adleman (1978)

  31. Cryptography: A Historical Example • Developers/Users of Cryptology • Military, Diplomatic Cops, Intelligence, Lovers • Caesar Ciphers • shifting letters rightward by k letters • e.g. right shifting by 1 letter (abc -> bcd) • P, Plaintext: “Cross the river” • C, Cyphertext: “Dsptt uif sjwfs” • E, Encryption function: Right-shift letters by k locations • D, Decryption: Left-shift letters by k locations • k , Key: 1 • C = E1(P), Cross the river -> Dsptt uif sjwfs • P = D1(C), Dsptt uif sjwfs -> Cross the river

  32. Cryptography Example: Symmetric Key • Substitution Ciphers e.g. mono-alphabetic substitution abcdef ghijkl mnopqr stuvwx yz qwerty uiopas dfghjk lzxcvb nm P = (i go to nyu) -> Ek(P) -> C = (o ug zg fnx) • Problem: Both parties need to know the “key”

  33. Public-Key Cryptography 3 Bob’s Private Key 1 2 • Public key used to encode data • Private key used to decode data Alice Public Directory Bob Plaintext 101101010 Bob’s Public Key Ciphertext ???????? Bob’s Public Key UNLOCKING KEY (K) Decryption LOCKING KEY (L) Encryption Ciphertext ???????? Plaintext 101101010

  34. Symmetric Vs. Public Key • Symmetric key • much faster • key needs to be transmitted or maintained • Public key •  much slower •  no transmission of key necessary

  35. Digital Signature for Authentication Bob’s Private Key 3 1 2 • Private key used to encode data • Public key used to decode data • Since the plaintext is locked with Bob’s private key, it has to have come from Bob Bob Public Directory Alice Plaintext 101101010 Bob’s Public Key Ciphertext ???????? This is Bob!! Bob’s Public Key LOCKING KEY (L) Encryption UNLOCKING KEY (K) Decryption Ciphertext ???????? Plaintext 101101010 This is Bob!!

  36. KEY ESCROW AND KEY RECOVERY • What if key(s) are lost? • What if an employee is away, gets fired, leaves for a competitor? • What if the government wants to listen in? • legal wiretaps • espionage • Key Escrow and Recovery Systems allow to access encrypted information without the proper key • like a Master key or a locksmith • encryption only as secure as the escrow/recovery procedures

  37. Some applications of cryptography • Secure communications • telephones, faxes and email • business transactions • web pages • Authentication • software programs • information • Electronic Cash • verifiable, yet anonymous • smart cards or net cash • Tamper-proof documents • driver’s licenses • designs & plans • checks & contracts • Digital rights management • all digital goods

  38. Learning Objectives for Sessions 10&11 Computer crime and security • Understand some common forms of computer crime and their impact on individuals and businesses • Recognize some common classes of viruses, how they work, how they spread, and their impact on individuals and businesses • Understand how denial of service (DoS) and distributed DoS attacks are implemented • Discuss spyware, web defacing, identity theft and their consequences • Discuss some typical computer security precautions • Understand the basics of cryptography, symmetric key encryption, and public/private key encryption (and the applications in digital signatures)

More Related