CS 103 Course Page
People who commit high tech crimes:
Hacker - A person who writes programs in assembly language or in system-level languages, such as C. Although it may refer to any programmer, the term means laboriously "hacking away" at bits and bytes. The term is used to define people who illegally enter computer systems, insert viruses and illegally gain information. True "hackers" resent the illegal hackers who sully their names.
Cracker - A person who performs an illegal act and breaks into a computer system without authorization. The cracker's purpose is to do harm, to damage or destroy riles, steal credit cards, insert viruses, perform computer espionage, etc.
Cyberpunk - An online delinquent, with high tech skills, who breaks the law by breaking into computer systems. The term comes science fiction novels such as Neuromancer, by William Gibson
Computer viruses - "troublesome" computer programs that attack themselves to a file, reproduce and spread from one file to another and one computer to another. They can be spread from computer to computer, over a network and over the Internet. The payload is the mission it is intended to accomplish.
[[A bug is NOT a virus. a bug is an error in software or hardware. If the bug is in software, it can be corrected with programming changes. If the bug is in hardware, the faulty circuits need to be redesigned. The Y2K ("Year 2000" or "Millennium Bug") problem is not a malicious program, but a "glitch" in the software. They are is stored with only two digits; for example, 10-12-82, instead of 10-12-192. When the year changes from 1999 to 2000, the date becomes 01-01-00, but the system still thinks the year is 1-1-1900, 1-1-2000.]]
Types of files generally affected by viruses -
Major categories of viruses include :Trojan horse, a time bomb, a logic bomb and a worm.
Trojan horse - a program that appears to perform one function, but is actually programmed to do something else. It can be used to break security and enter a network illegally.
Worm - usually enters a network and reproduces itself. It does not need to be attached to an executable or document file.
Time Bomb - set to go off on a particular date
Internet Worm - perpetrated by Robert Morris Jr. 1988. This worm did not actually modify or delete any files, but it replicated itself to the extent that it brought down over 6000 systems.
Michelangelo - a time bomb set to activate on Michelangelo's birthday, March 6. Occurred in 1994 - can be contracted by reading an infected floppy.
Melissa - self-replicating Macro virus - which is reactivated each time the next user opens the Word attachment - does not damage individual hard drives, but freezes up the Internet through the enormous volume of emails it generates.
Chernobyl - The ICSA has issued a warning against the latest variant of the CIH Virus. This time bomb is expected to strike Monday, 26 April 1999, the thirteenth anniversary of the Chernobyl disaster, and has the potential to erase hard drives and corrupt a PC's BIOS. The CIH virus infects 32-bit Windows 95/98/NT executable files. It infects the computer's memory, then files as they are opened. It modifies and corrupts certain types of Flash BIOS, software that initializes and manages relationships and data flow between the system devices, including the hard drive, serial and parallel ports and the keyboard. By overwriting part of the BIOS, CIH can keep a computer from starting up when the power is turned on. Some variants of CIH activate on April 26th or June 26th, while others activate on the 26th of every month.
Encryption - science of scrambling text so that no one but the desired parties, sender and receiver, can read the data. Encryption turns the data into a secret code. Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits in the key), the greater the number of potential patterns can be created, thus making it harder to break the code and descramble the contents.
Example of encryption software: PGP: "Pretty Good Privacy" - a method of encrypting email. released by Phil Zimmermann in 1991. PGP combines two algorithms, RSA and IDEA, to encrypt plaintext. Zimmermann was the subject of a Federal Investigation for exporting his PGP software. Charges were eventually dropped. See more details on encryption by Prof Marchant. See legislation about encryption.
espionage - military, government, corporate
Example of a famous espionage case: Clifford Stoll, with FBI help, cracked a case in which crackers in Germany enter a military network and the Internet to gather information on military research in the U.S. and then sold to to the KGB.
The Computer Fraud and Abuse Act of 1986 was signed into law in order to clarify definitions of criminal fraud and abuse for federal computer crimes and to remove the legal ambiguities and obstacles to prosecuting these crimes. The Act established two new felony offenses for the unauthorized access of "federal interest" computers and a misdemeanor for unauthorized trafficking in computer passwords.
Two prominent cases :
Herbert Zinn, a high school dropout. "Shadowhawk," as he called himself was the first to be convicted under the Act of 1986. Zinn was only 16 when he broke into AT&T and Department of Defense systems. He was convicted on January 23, 1989. He destroyed $174,000 worth of files, copied programs valued at millions of dollars, and published passwords and instructions on how to violate computer security systems. He was sentenced to nine months in prison and fined $10,000. Zinn, had he been 18, could have received 13 years in prison and a fine of $800,000.
Robert Morris, a 22 year old graduate student at Cornell. Morris launched a "worm" which navigated the Internet on its own, searched for security weaknesses and replicated itself. More than 6000 systems had crashed or were seriously crippled. Eradicating the worm cost victims millions of dollars. Morris was convicted and sentenced to three years of probation, 400 hours of community service and a $10,000 fine under the Act.
The Computer Emergency Response Team (CERT) was formed to deal with Internet security vulnerabilities.
Protect your data
Anti-viral software - Symantec, McAfee, Norton Anti-virus, Dr. Solomon
Backups - back up data regularly on storage media
Password protect - your computer files if you share a computer with someone else.
Passwords - don't give out password. Devise unique passwords
encryption - an option for sensitive data
Restrict Access to networks:
Hardware Key (dongle) - a copy protection device that plugs into a computer port, often the parallel port. The software sends a code to the port, and the hardware key reads the serial number and verifies its presence to the program. The key hinders software duplication, since each copy of the program has a unique number. (see picture of a dongle)
Firewalls - used to keep internal network segments secure and
provide secure access to the Internet. A firewall can also separate
Types of firewalls
Proxy Server - serves as a relay between two networks, breaking the connection between the two. Also typically caches Web pages .
Network Address Translation (NAT) - hides the IP addresses of client stations in an internal network by presenting one IP and translates back and forth.
Stateful Inspection - tracks the transaction in order to verify that the destination of an inbound packet matches the source of a previous outbound request. Generally can examine multiple layers of the protocol stack, including the data, if required, so blocking can be made at any layer or depth.
PROTECT YOURSELF ON THE INTERNET: See these
guidelines to help you protect your privacy, avoid
copyright infringement, and protect your reputation and future job prospects.
Workplace safety: health issues - computer related - eye strain; repetitive stress injury (RSI) - Repetitive Stress/Strain Injury - repeated physical movements doing damage to tendons, nerves, muscles, and other soft body tissues; carpal tunnel syndrome