Professional Documents
Culture Documents
Crimes
Dr. Stephen Blythe
SIUE
Hacking
To gain access to a computer illegally
-Miriam-Webster on-line dictionary
To write computer programs for enjoyment
-Miriam-Webster on-line dictionary (also!!)
1960 - 1970:
good hack -- especially clever program code
considered clever circumvention of imposed limits
Art, science, and play had merged into the magical activity
of programming
-Steven Levy, Hackers:Heroes of the Computer Revolution
History of Hacking, part II
1970-1990:
using computers still a mystery to most people
breaking in to computers became commonplace
trophy hacking - breaking into as many systems as
possible
Virus/Worm Growth
Suppose a virus replicates twice at each infection:
1 infected computer
Virus/Worm Growth
Suppose a virus replicates twice at each infection:
3 infected computers
Virus/Worm Growth
Suppose a virus replicates twice at each infection:
7 infected computers
Virus/Worm Growth
Suppose a virus replicates twice at each...infection:
...
...
...
...
...
15 infected computers ...
...
after 20 steps, will be > 1,000,000 infected computers
Catching Hackers
How are hackers caught?
honey pots - traps too enticing for hackers to resist
digital forensics - gets evidence from digital devices
a.k.a computer forensics
analyzing disks for erased files (or even disks)
examining invisible data in files
Computer Emergency Response Team (CERT)
catalogs and warns about security threats
posts (links to) solutions and patches
Security
a.k.a. : Why can hackers still succeed?
problems are often fixed only after exploited
many companies ignore CERT warnings
use software for reasons other than security
it is so bad that some companies hire hackers
they rarely hire crackers, though ...
big business for computer consultants!
many companies believe in security via secrecy
opposite of open source model
hackers (and crackers) love this challenge!
Internet Scams
On-Line Auction Fraud
some E-Bay sellers bid on their own items!
shill bidding (raises the prices of their items)
eventually E-Bay added customer feedback, etc...
On-Line Stock Fraud
spread rumors about potential stock performance
people buy the stock, so price rises
perpetrator then sells his stock, making $$$!
sudden large volume of selling drops price
purchaser looses most of invested money
Phishing Scams
Phishing?
sending email that either:
looks identical to official enterprise e-mail
directs user to a facsimile of an enterprise website
and then tricks a user into divulging:
on-line user-ids
passwords
social security numbers
phone numbers
....
Phishing Protection
Protection from Phishing
most businesses will never ACTIVELY ask for:
on-line user-ids
passwords
social security numbers
phone numbers
....
so, dont divulge them as a result of e-mail
watch the true web site address in the address box
phishers usually dont have the correct one