370 likes | 562 Views
Computers in Society. Introduction. Gary Thomas Sr. Computer Fraud Investigator Corp Fraud Investigative Services Wachovia Corp. Topics of Discussion. IC3 Internet White Collar Crime Unit Phishing Denial of Service Attacks Wireless (WI-FI) US Federal Code Title 18.
E N D
Introduction • Gary Thomas Sr. Computer Fraud Investigator Corp Fraud Investigative Services Wachovia Corp
Topics of Discussion • IC3 Internet White Collar Crime Unit • Phishing • Denial of Service Attacks • Wireless (WI-FI) • US Federal Code Title 18
Internet White Collar Crime Unit • IC3 Internet White Collar Crime Unit Internet Crime Complaint Center http://www.ic3.gov/ • The Internet Fraud Complaint Center (IFCC) was established as a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to serve as a means to address Internet related criminal complaints, research these complaints, develop and refer the criminal complaints to law enforcement agencies for any investigation they deem to be appropriate. • The IFCC continues to emphasize serving the broader law enforcement community, which includes Federal, State, and local agencies. • Crime Partnerships INFRAGARD FBI USS Local law enforcements
Phishing Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to Fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.
Phishing • Example Ebay People bid on objects. When it becomes apparent they were out bid they are approached via email to purchase the object that they bid on but cheaper than it was auctioned off for. They make arrangements to pay for the object they give up their credit card numbers and other personal information. The people pay for the objects, but they never receive them. The communications appears to have the Ebay logo and formats normally seen on the Ebay site.
Wachovia Phishing Site Captured !
Denial of Service Attacks (Distributed Denial of Service Attack DDOS) A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include attempts to "flood" a network, thereby preventing legitimate network traffic attempts to disrupt connections between two machines, thereby preventing access to a service attempts to prevent a particular individual from accessing a service attempts to disrupt service to a specific system or person
DOS & DDOS Attacks Denial-of-service (DOS) or Distributed Denial-of-service attacks (DDOS) can essentially disable your computer or your network. Depending on the nature of your enterprise, this can effectively disable your organization. Some denial-of-service attacks can be executed with limited resources against a large, sophisticated site. This type of attack is sometimes called an "asymmetric attack." For example, an attacker with an old PC and a slow modem may be able to disable much faster and more sophisticated machines or networks.
Methods of Attack Bots – Zombie PC’s Trojans –DDOS- Smurf attack This is a DDOS Attack tool, used by a attacker to send a specified number of data packets to a victim. A hacker can control both of these attacks remotely. Virus – Code Red Exploited MS OS’s used mathematic algorithm to generate IP addresses to attack. NOTE: First variant of Code Red’s Algorithm code was flawed and only specific IP address ranges were exploited. Once the author found out the algorithm was flawed, he/she corrected the code and the code traversed the world in a matter of hours.
Wireless WI-FI What is war driving ? Imagine a car equipped with nothing more than a laptop computer, a portable GPS receiver, and a wireless network card slowly strolls through your neighborhood !
What is the War-driver doing ? The computer is looking for what is called an SSID. An SSID is your wireless network name and it is being constantly transmitted by your access point letting computers know of its presence. Transmitting SSID’s will improve network access times, but be aware of the trade off !
What can the War-driver see ? WI-FI programs can track several access points at the same time and are able to: ·Identify the SSID (if being broadcast) ·Monitor the signal strength ·Check to see if the network is encrypted. ·Obtain the IP address ·Obtain the MAC address ·The war-driver will generally configure his or her software to log any strong unencrypted signals even using a GPS receiver to record and log the coordinates of the strong signal.
Steps to Protect your WI-FI ! • Do not broadcast (turn off) transmitting your SSID • If you must use the SSID, change it from the default value. • MAC addresses on a Wireless Access Point (issue) – Specific types / wireless hardware vendors are assigned specific MAC address ranges. Wireless scanning software can identify the MAC and thus a experienced war-drive can then associate the MAC with a specific hardware device. The next thing they will do is to try to exploit the access point using known hardware and software exploits.
Steps to Protect your WI-FI ! • Configure the WI-FI access point to only accept connection with known MAC addresses. (your computers) • Use some type of Firewall and configure at a high level • Use Encryption (the highest WEP level available 64 or 128 bit) • Turn off File Sharing Given enough time, using Brut Force attacks, a hacker may be able to access your wireless network.
Example of War-driving • Lowe’s (public record) Correct Configurations setups are a must or you ‘will’ loose your identity !
Internet • Firewalls (Hardware & Software) importance of using Firewalls • View defaults, change the configurations passwords • Anonymizers – what they are, and how they work.
Computers and the Law • Is it cool to access another computer without the person knowing ? • What about Remote Access software ? • What about Hacking another PC ? • What about stealing another person’s userid and password ? • What about Government and Financial institutions ?
Title 18 Section 1030 http://assembler.law.cornell.edu/uscode/ Title 18 Section 1030 – DOJ Detail http://www.usdoj.gov/criminal/cybercrime/1030_anal.html Identity Theft & Fraud http://www.usdoj.gov/criminal/fraud/idtheft.html