cyber terrorism

1

2

• The use of computing resources to intimidate, coerce or harm people, places or systems we depend upon.

• Amalgamation of Cyberspace and Terrorism.• Leveraging of a target's computers and

information technology, particularly via the Internet, to cause physical, real-world harm or severe disruption with the aim of advancing the attacker's own political or religious goals.

3

4

Why would a terrorist decide to use the Internet, rather than using the usual methods of assassination, hostage taking and guerrilla

warfare?

5

• Chances of capture, injury, or death to a cyber terrorist are less

• Cyber terrorism is difficult to track

• Easy to accomplish due to lack of understanding of security risks

But, in one of its more unusual forms, cyber-terrorism can be related with physical, real world terrorism.

6

7

• Crackers -A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.

• White Hat Hackers – Hackers who break into computers. They have no right to access but they often report the security leaks to the victims.

• Script bunnies -    People who would like to be hackers but don’t have much technical expertise. They download click-and-point software that automatically does the hacking for them.

8

9

10

• Dependence on Network Infrastructure and the Internet

• Lack of Understanding of Security Risks

• Lack of Funding for Adequate Network Security Tools

• Difficulty in tracking the Cyber terrorist

11

12

• Information Gathering Purposes

• Prank

• National pride

• Financial gains

• Hatred

13

14

• Information theft Minor attacks come in the form of "data diddling", where

information in the computer is changed. This may involve changing medical or financial records or stealing of passwords. Hackers may even prevent users who should have access from gaining access to the machine.

Ethical issues in this case include things like invasion of privacy and ownership conflicts.

• Credit Card Number Theft People are using credit cards for more and more of their

purchases as time goes on.. Credit cards are especially easy to use fraudulently, because they require no extra identification number to use.

All that a thief needs is pure information-they don't need the card, but just the number on the card. Recently, with people spending more on purchases transacted over the internet, credit card fraud is becoming easier.

More than 40 million credit card numbers belonging to U.S. consumers were accessed by a computer hacker in the year 2005 according to MasterCard International Inc.

15

• Electronic Cash We are already well on the way to a cash-free society. People now

use ATM cards, credit cards, and check-cards for a large percentage of their purchasing. As we move further from a paper-money society, to a purely electronic economy, new types of crime will emerge as accessing these is quite easier.

All we can be sure of, is that criminals of tomorrow, like those of last century and those of today, will keep on innovating.

This is because, as a system advances, so does the criminals.

• Hacking Hacking is basically knowing programmable systems and how they

work. How can hacking be helpful ? Some agencies hire hackers to show them the downfalls in their

security system so they can improve it against hackers that want information or access into the computer for other reasons.

Hacking is a form of art for some people . But generally , it is being used adversely. One of the popular terror act is to threaten a large bank. 16

17

• In 2001 ,12 billion dollars in losses due to security breaches, virus attacks and hacked network

• The NIMDA virus alone accounted for 2 billion dollars in losses

• The Mydoom virus sent 100 million infected e-mails in the first 36 hours, and accounted for roughly a quarter of global e-mail traffic on Jan. 26, 2004.

• The pessimists claim that cyber attacks cost $10-$15 billion per year and would cost tens of billions more to fix, the optimists claim that all cyber crime over a five year period cumulatively cost only $1 billion and fixing the current vulnerabilities would only cost $4-$5 billion more.

As the Cyberspace continues to expand, and systems continue to be assigned more responsibility while becoming more and more complex and interdependent, sabotage or terrorism via cyberspace may become a more serious threat.

18

19

• Cooperate and share intelligence among all agencies.

• The tools of a counter-Cyber Terrorist team must be real-time and dynamic, as the weapons will continually change.

• Make building, network and desktop security a priority.

• Report instances of cyber crime to local law enforcement agencies.

20

21

Building/Office Security

• Use of secure entrances – card keys, biometric entry devices

• Personnel should question why non-staff are in the building

• Security personnel• Standard operating procedures in cases of

dismissal or reprimand• Background checks on contracted service

personnel looking for a past history of theft, drug use or sale, assault, computer crime

22

Desktop/Laptop Computer Security

• Virus detection software that is regularly updated

• Secure physical set-up that is not open to the public or unmonitored

• Passworded screen savers• Require network logins if you are on a network• Standardize the desktop so as to limit what an

end-user can and cannot do

23

Server Security

• The server should be kept in a locked and restricted area

• Administrative passwords and equivalencies should be given to a minimal number of people

• Administrative passwords should be changed regularly

• Users should only be given access to file systems that they will actually need to use

• Virus detection software that is regularly updated

24

Network Security

• Require logins and passwords• Users should be required to change passwords

at least every 30 days• The passwords should be easy enough to

remember and difficult enough to guess• Use of Firewalls and Routers• Standard Operating procedures when an

employee leaves, is terminated or is given formal reprimands

25

• Disable unused accounts• Require users to log-out and login each day

• Encrypt all traffic over the LAN

26

27

• Cyber forensics is a newly emerged and developing field, which can be described as the study of digital evidence resulting from an incident.

• It involves collection and analysis of digital data within an investigative process. Cyber forensics involves the investigation and analysis of a computer to determine the potential of legal evidence

28

29

• To prevent cyber stalking avoid disclosing any information pertaining to oneself. This is as good as disclosing your identity to strangers in public place.

• Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs.

• Never send your credit card number to any site that is not secured, to guard against frauds.

• Always keep a watch on the sites that your children are accessing to prevent any kind of harassment or depravation in children.

• Use of firewalls may be beneficial.30

31

• Provide for Contingencies if Critical Systems and Networks are Unavailable or Damaged– Determine alternate ways of processing data– Determine dependencies between systems

and equipment– Determine backup personnel

• The plan should be current and known

32

33

• BEST BOOKS:-• >Hacking exposed by Stuart McClure• >Unofficial guide to ethical hacking by Ankit Fadia• >Google Hacks by Calishain & Cornets• BEST WEBSITES:- • >www.google.com• >www.securityfocus.com• >www.darkangel.pro.tcq• http://www.cybercrimelaw.org/index.cfm - Cybercrime

Law • http://www.rbs2.com/ccrime.htm#anchor666666 -

Computer Crimes, Ronald B. Standler

34

35