CHAPTER 2 LESSON

INTERNETCRIME
2
WEEK 4 QUOTE
It is a fairly open secret that almost all systems
can be hacked, somehow. It is a less spoken of
secret that such hacking has actually gone quite
COMPUTER AND mainstream. - Dan Kaminsky

I. INTRODUCTION

In a cyber security world, the person who is able to discover weakness in a

system and managed to exploit it to accomplish his goal referred as a Hacker ,
and the process is referred as Hacking.

Now a days, People started think that hacking is only hijacking Facebook
accounts or defacing websites. Yes, it is also part of hacking field but it doesn’t
mean that it is the main part of hacking. The main thing you need to become a
hacker is self-interest. You should always ready to learn something and learn to
create something new
II. LEARNING OBJECTIVES
At the end of the topic session the students are expected to:
∙ identify the primary perpetrators of computer crime, and what are their
objectives;

∙ enumerate the key elements of a multilayer process for managing security

vulnerabilities based on the concept of reasonable assurance;

∙ discuss actions that must be taken in response to a security incident;

∙ explain computer forensics, and what role does it play in responding to a

computer incident.

III. LEARNING ACTIVITIES

1. READING:
Types of Perpetrators
• Perpetrators include:
– Thrill seekers wanting a challenge
– Common criminals looking for financial gain
– Industrial spies trying to gain an advantage
– Terrorists seeking to cause destruction
• Different objectives and access to varying resources
• Willing to take different levels of risk to accomplish an objective

Hackers and Crackers

 • Hackers
– Test limitations of systems out of intellectual curiosity
• Some smart and talented
• Others inept; termed “lamers” or “script kiddies”
• Crackers
– Cracking is a form of hacking
– Clearly criminal activity

Malicious Insiders
• Major security concern for companies
• Fraud within an organization is usually due to
weaknesses in internal control procedures
• Collusion
– Cooperation between an employee and an outsider
• Insiders are not necessarily employees
– Can also be consultants and contractors
• Extremely difficult to detect or stop
– Authorized to access the very systems they abuse
• Negligent insiders have potential to cause damage

Industrial Spies
• Major security concern for companies
• Fraud within an organization is usually due to
weaknesses in internal control procedures
• Collusion
– Cooperation between an employee and an outsider
• Insiders are not necessarily employees
– Can also be consultants and contractors
• Extremely difficult to detect or stop
– Authorized to access the very systems they abuse
• Negligent insiders have potential to cause damage

Cybercriminals
Major security concern for companies
• Fraud within an organization is usually due to
weaknesses in internal control procedures
• Collusion
– Cooperation between an employee and an outsider
• Insiders are not necessarily employees
– Can also be consultants and contractors
• Extremely difficult to detect or stop
– Authorized to access the very systems they abuse
• Negligent insiders have potential to cause damage
• Smart cards
• Contain a memory chip
• Updated with encrypted data each time card is used
• Used widely in Europe
• Not widely used in the U.S.

Hacktivists and Cyberterrorists

• Hacktivism
– Hacking to achieve a political or social goal
• Cyberterrorist
– Attacks computers or networks in an attempt
to intimidate or coerce a government in order to
advance certain political or social objectives –
Seeks to cause harm rather than gather
information
– Uses techniques that destroy or disrupt services
Implementing Trustworthy Computing
• Trustworthy computing
– Delivers secure, private, and reliable computing
 – Based on sound business practices •
Security of any system or network
– Combination of technology, policy, and people
– Requires a wide range of activities to be effective
• Systems must be monitored to detect possible intrusion
• Clear reaction plan addresses:
– Notification, evidence protection, activity log maintenance,
containment, eradication, and recovery

Risk Assessment
• Process of assessing security-related risks:
– To an organization’s computers and networks
– From both internal and external threats
• Identifies investments that best protect from most
likely and serious threats • Focuses security efforts
on areas of highest payoff

Eight-step risk assessment process

• #1 Identify assets of most concern
• #2 Identify loss events that could occur
• #3 Assess likelihood of each potential threat
• #4 Determine the impact of each threat
• #5 Determine how each threat could be mitigated
• #6 Assess feasibility of mitigation options
• #7 Perform cost-benefit analysis
• #8 Decide which countermeasures to implement

Establishing a Security Policy

• A security policy defines:
– Organization’s security requirements
– Controls and sanctions needed to meet the requirements
• Delineates responsibilities and expected behavior
• Outlines what needs to be done
– Not how to do it
• Automated system policies should mirror written policies
• Trade-off between:
– Ease of use
– Increased security
 • Areas of concern
– Email attachments
– Wireless devices
• VPN uses the Internet to relay communications but
maintains privacy through security features
• Additional security includes encrypting originating
and receiving network addresses

Educating Employees, Contractors, and Part-Time

Workers
• Educate and motivate users to understand and follow policy
• Discuss recent security incidents
• Help protect information systems by:
– Guarding passwords
– Not allowing sharing of passwords
– Applying strict access controls to protect data
– Reporting all unusual activity
– Protecting portable computing and data storage devices

Prevention
• Implement a layered security solution
– Make computer break-ins harder
• Installing a corporate firewall
– Limits network access
• Intrusion prevention systems
– Block viruses, malformed packets, and other threats
• Installing antivirus software

• Safeguards against attacks by malicious insiders

• Departing employees and contractors
– Promptly delete computer accounts, login IDs, and passwords
• Carefully define employee roles and separate key
responsibilities
• Create roles and user accounts to limit authority
Detection
Implement a layered security solution
– Make computer break-ins harder
• Installing a corporate firewall
– Limits network access
• Intrusion prevention systems
– Block viruses, malformed packets, and other threats
• Installing antivirus software
Response
• Response plan
– Develop well in advance of any incident
– Approved by:
• Legal department
• Senior management
• Primary goals
– Regain control and limit damage
– Not to monitor or catch an intruder
• Only 56% have response plan
• Incident notification defines:
– Who to notify
– Who not to notify
• Security experts recommend against releasing specific information
about a security compromise in public forums
• Document all details of a security incident
– All system events
– Specific actions taken
– All external conversations
• Act quickly to contain an attack
• Eradication effort
– Collect and log all possible criminal evidence
– Verify necessary backups are current and complete
– Create new backups
• Follow-up
– Determine how security was compromised
• Prevent it from happening again
• Review
– Determine exactly what happened
– Evaluate how the organization responded
• Weigh carefully the amount of effort required to capture the
perpetrator
• Consider the potential for negative publicity
• Legal precedent
– Hold organizations accountable for their own IT security
weaknesses
Computer Forensics
• Combines elements of law and computer science to identify,
collect,
examine, and preserve data and preserve its integrity so it is admissible
as
evidence
• Computer forensics investigation requires extensive training and
certification and knowledge of laws that apply to gathering of
criminal
evidence

2.ANALYSIS:
1. Fill in the blanks:
 3.ABSTRACTION:

4.ASSESSMENT:
Instruction: Read the case below and answer the questions that
follows. Write your answer in a one whole sheet long bond
paper.

1.SITUATION 1:
It appears that someone is using your firm’s corporate
directory—which includes job titles and email addresses—to
contact senior managers and directors via email. The email
requests that the recipient click on a URL, which leads to a Web
site that looks as if it were designed by your Human Resources
organization. Once at this phony Web site, the employees are
asked to confirm the bank and account number to be used for
electronic deposit of their annual bonus check. You are a
member of IT security for the firm. What can you do?

2.SITUATION 2:
You are a member of the Human Resources Department
of a three-year-old software manufacturer that has several
products and annual revenue in excess of $500 million. You’ve
just received a request from the manager of software
development to hire three notorious crackers to probe your
company’s software products in an attempt to identify any
vulnerabilities. The reasoning is that if anyone could find a
vulnerability in your software, they could. This will give your
firm a head start on developing patches to fix the problems
before anyone can exploit them. You’re not sure, and you feel
uneasy about hiring people with criminal records and
connections to unsavory members of the hacker/ cracker
 community. What would you do?

IV. REFERENCES:

∙ George W. Renolds,Ethics in Information Technology 5th Edition,2015

∙ Dan Goodin, “Mushrooming Ransomware Now Extorts $5

Million a Year,” Ars Technica, November 8, 2012,
http://arstechnica.com/security/2012/11/mushrooming
growth-ofransomware-extorts-5-million-a-year.

∙ Pelin Aksoy and Laura Denardis, Information

Technology in Theory, (Boston: Cengage Learning,
©2007), 299–301.

∙ “How to Remove Win 7 Anti-Virus 2012,” Viruses2,

June 7, 2011, www.2- viruses.com/ remove-win-7-
anti-virus-2012.

∙ Securelist, “Spam in October 2012,” November 23, 2012,

www.securelist.com/en/analysis/
204792253/Spam_in_October_2012.

∙ Matthew J. Schwartz, “DDoS Tools Flourish, Give

Attackers Many Options,” InformationWeek,
February 9, 2012,
www.informationweek.com/security/attacks/ddos-
tools-flourishgive-attackers many/232600497.

∙ Robert McGarvey, “Big Banks Hit with Denial of Service

Attacks,” Credit Union Times, September 20, 2012,
www.cutimes.com/2012/09/20/big-banks-hit-with
denial-of-serviceattacks.