Unit 2 Theft, sabotage, bugging and Terrorism
Theft is one of the most common crimes against computer system
(i) Thefting information with the intent to defraud other people.
(ii) Thefting hardwares for monetary purposes.
Solutions to (ii) are easier since this can be done via a number of physical
methods. Commercial companies such as Computer security superstore provides a lot of such security products. http://www.computersecurity.com/
Sabotage
Sabotage refers to any damage done intentionally by people to a system.
Cases
Lloyd built and planted a software time bomb that went off on July 31, 1996, deleting and purging the 1200 manufacturing programs that kept Omega up and running.
The Lloyd case is the tip of the iceberg. This past summer, a New Hampshire man pleaded guilty to twice breaking into and sabotaging his former employer's computer network after being terminated. In September, a former IS worker at a Florida-based national grocery distributor was found guilty in the U.S. District Court in Miami, on two federal counts of computer sabotage.
In another case that is getting ready to go to trial in Las Vegas, a network consultant is charged with sabotaging the computer network of one of his clients, Steinberg Diagnostic Medical Imaging. The consultant is charged with three counts of network intrusion for changing passwords in the network and locking company administrators out of their own system.
http://www.npr.org/templates/
Bugging refers to the technique(s) used to steal information/intelligence from an information system.
All Things Considered audio
All Things Considered, December 19, 2000 · NPR's Larry Abramson reports that a recent FBI bust of a bookie has focused attention on another weapon in law enforcement's high-tech arsenal. Agents put a keystroke monitor on a suspect's computer and were able to recreate every letter typed into it for months. The idea was to get a password he used to encrypt data.
Q: Would vibrations of glass windows reflect the sound made inside a quiet room?
Q: What is the purpose of putting a big capacitor around cables of computer and its peripheral accessories?
Q: CCTV are always used to enhance the level of security of a company. Would it raise another security issue?
Q: Trojan horse is world famous technique to do the job of bugging. How can it go inside your computer?
Terrorism
The invention of Internet originally started with the idea of multi-point operation in mind. In case of war, the information flwo would not be stopped by sabotaging part of the network.
Osama bin Laden and his followers terrorists/extremists hided maps and photogrsphs of terrorist targets in sports chat rooms, on porn bulletin boards and other popular websites. Hamas and many members of al Qaeda group use e-mail and encryption to support their operation.
Q: Should encryption technique be restricted to military use? Why?
Cyber-terrorists
Today, many devices are controlled mainly by computer systems. Banks around the world deal with billions of transactions worth $$$ each day. Imagine half of the computer systems of these banks failed (due to whatever attack), the financial disruption would be enormous.
Nuclear power stations are named targets of many terrorist groups. Missiles launching systems are also popular targets. Civil aviation and hospitals are also on the list. A complete blackout of a city, say New York, can be done by a well trained hacker in a cybercafe.
Cyber weapons
HERF guns (High energy radio frequency) aim at disturbing em signals. e.g. a fly-by-wire A-340 airbus commercial plane.
EMP (electro-magnetic pulse) side product of nuclear explosion; damage most electronic devices.
Low energy lasers: used to destroy optical data collection devices.
Electrical power disruption technology: used conducting materials such as aluminium foils or graphite fibers to shower over EHT power cables (to cause short-circuit).
Q: What is the relationship between computers and mass destruction weapons?
There are large amounts of high-tech information, either being stolen or can be found on the internet, which are user-friendly, easy to get and use!!! Data in hard-drive are ample and compact. Just 1 small disc contain 25 years of research in nuclear weapons. Internet can also be used to recruit terrorists, to collect financial contribution and coordinate any attacks. Encryption techniques (RSA, MD5 and 3DES) are widely used to hinder any anti-terrorist investigation.
Malicious hackers penetrated Tentagon network security at least 25,160 times between Jan and July of 2000. Cyber attack capability is easy to develop with a small number of skilled computer professionals.
Increasing threats about computer crimes is caused by
· large number of computer professionals are unemployed/underemployed
· large number of militarily trained computer professionals are available for hire
· many countries have large volume of weapons for sale
· some countries have high-ended weapons for sale
· traditional criminals use more high-tech aid, e.g. computers
· the number of amateurs hackers increases by large numbers
· more and more global discontent against more developed countries
· regional crisis become global issues, e.g. Israelis vs Arabians
· commercial business is very vulnerable to attacks
Possible offense of commercial organizations
· email virus
· password cracking/thefting
· packet sniffing (reconstruct the first 125 strokes = psw + logon id + user id)
· attackers gained access to a system can attack within the system
· trojan horses
· logic/time bomb
5 Steps in launching a cyber attack
(1) Invaders collect information by sniffing programs; usually scan ports
(2) Collect or crack for passwords, identifies the machine and softwares.
(3) Gain root privilege, then modifies the data/programs
(4) Cover tracks
(5) Wait for results. e.g. watch TV news.
Defensive tactics of commercial organizations
· anti-virus management
· backup of critical information: full volume/incremental backup
· system backups: applications programs, datafiles+database; utility programs, etc.
· keep log of all changes in the system
· need-to-know/least privelege policy
· keep log of abnormal system commands/messages/parameters
· have security documentation of the system for all ranks of people
· record retention: e.g. tape for 90 days?
· label/marking technique of sensitive information media
· care of storage of media: tape and equipment separately stored; not with inflammable materials. Risks: clearing, purging, reuse, declassification, destruction.
· Disposal of media: formating a hard disc 8 times; degaussing a hard disc?
· establish password policy; e.g. at least 8 characters, with upper/lower cases + numeric + special characters; no names/dictionary string; no weak password such as user name = password; life-cycle not more than 2 months
A complete threat list on Information Systems
C= confidentiality; I = Integrity; A = Availability; L = legal liability
Access External hacking, CIA Internal hacking, CIA Errors and omissions, CIA weak encryption, C loose media control, C Intentional system overload, IA / Communications Repudiation, CIL modification, IAL message interception, CIAL message spoofing, IL message alternation, IAL FAX forging, IL Toll fraud, AL / Networks Reliability problems, IAL unauthorized external access, CIAL unauthorized internal access, CIAL snooping/tapping, CLPower Spike/surge damage, IA Power outage, A Interference, IA Eavesdropping, C Electromagnetic attack ,IA / Nature Fire, IA Flood, IA typhoons/storms, IA earthquake, IA Cooling failure, IA / Human problems discontented employees, CIAL Errors and omissions, CIA health hazards, L
Hardware thefting of systems, CIA thefting of components, A damageto systems, IA technical failure of systems, IA / Malicious codes viruses, IA Trojans, IA Worms, A Logic bombs, IA / Piracy, bugs Bootleg software, IAL Bugs, IAL Copyright related legal procedure, L
8