3 the Malicious Opponents Of

8/7/2019 3 the Malicious Opponents Of

1/18

THE MALICIOUS OPPONENTS OFE-BUSINESS

Hilal H. Nuha


2/18

Agenda

Statistic kejahatan Internet

Definisi hacker, cracker, dan security

professional Contoh hacker dan cracker, organisasi cracker

Cara menangani serangan cracker


3/18

Statistic kejahatan Internet

viruses and the denial-of-service (DoS)

attacks

White House, the U.S. Army and Navy, NASA,Ameritech, Bell South, Estee Lauder, Ford MotorCompany, Hewlett Packard, Packard Bell,Microsoft, Amazon.com, eBay, E-Trade, and

Yahoo theft and unauthorized modifications of

source code intellectual property

Microsoft


4/18

stats

Except for the White House, the Department ofDefense, NASA, and Microsoft,the names are largely inconsequential because for every attack that is reportedor uncovered bythe media, hundreds more go unreported.

The Department ofDefense estimates that only 1 in 500 attacks is reported eachyear. Many others, especially banks, wantto avoid the negative publicity and

repercussions of such news becoming public. In a 2001 survey commissioned bythe FBI's Computer Intrusion Squad and the

Computer Security Institute, 91 percent of 538 organizations respondingdetected computer security breaches over the pastyear. Even more alarming,40 percent reported penetration oftheir systems from the outside.

This number grew in 2001 by 37.5 percent over the previous year. The survey alsoindicated that 186 of the 538 organizations, or the 35 percent willing and/or able,

reported combined losses from security breaches costing approximately $377.8million. Of these losses, $151.2 million resulted from theft of proprietaryinformation; $93 million, to financial fraud.

In response to the juggernaut, the market for providing security solutions isexpected to reach an estimated $700 million in 2002, up from $45 million in1998. So the question remains, can hackers be stopped? Depending on whomyou ask, the answer is a qualified no.


5/18

Hackers motive

including malicious intent and financial gains,

butthey hack mainly because they enjoy it!

The traditional view is that hackers break infor the sake of improving security.

There are even written accounts of a

successful hack that was fully documented bythe hacker and left behind for the benefit of

the IT managers.


6/18

Hacking is simply fun!

Interestingly enough, a 1999 studycommissioned bythe U.S. military concurredthat most hackers lack malicious intent. For the

record, the study also revealed that hackers havean inherent interest in technology and aremotivated by ideals. Because this appears to bethe basis ofthe hacker psyche, another

revelation suggested that hackers don't like thenotion that information is private. The culturalmantra of the hacker underground is that"information wants to be free."


7/18

Hackers versus Crackers

Hacker: In the programming community, where the term originated,this term describes a person who pursues knowledge of computersystems for its own sakesomeone willing to hack through the stepsof putting together a working program.

More recently, in popular culture at large, the term has come to mean aperson who breaks into other peoples computers with malicious intent(what programmers call a cracker). Many countries now treatconvicted crackers in the same waythattheytreat conventionalbreaking-and-entering criminals.

Cracker An unauthorized person who breaks into a computer systemplanning to do harm or damage or with criminal intent.

The popular press often portrays crackers as people with exceptionaltalent for eluding detection, and some ofthem are, but most ofthemuse a set of well-worn tricks to exploit common security weaknesses inthe systems theytarget.

intruder An unauthorized user of a computer system, usually a personwith malicious intent.


8/18

Security Profesional

CompTIA Security+

Cisco Systems CCNA Security CCSP CCIE Security

EC-Council ENSA CEH CHFI ECSA LPT CNDA ECIH ECSS ECVP EDRP ECSP ECSO

GIAC

GSIF GSEC GCFW GCIA GCIH GCUX GCWN GCED GPEN GWAPT

GAWN GISP GLSC GCPM GLEG G7799 GSSP-NET GSSP-JAVA GCFE

GCFA GREM GSE

ISACA CISA CISM CGEIT CRISC

(ISC) SSCP CAP CSSLP CISSP ISSAP ISSEP ISSMP

ISECOM OPST OPSA OPSE OWSE CTA

Offensive Security OSCP OSCE OSWP

Mile2 CPTEngineer (CPTE) CPTConsultant

CREST CREST Consultant

IACRB CPT CEPT

eLearnSecurity eCPPT

SCP SCNS SCNP SCNA

CERT CSIH

Innobuzz CISE


9/18

Contoh hackerdan cracker,

organisasi cracker Adrian Lamo

AlbertGonzalez

Dennis Moran

Ehud Tenenbaum HD Moore

Jonathan James

Kevin Mitnick

Kevin Poulsen

KristinaS

v

echinskaya Leonard Rose

RobertTappan Morris

Tim Berners-Lee

weev


10/18

Cult of the Dead Cow

known for the development of Back Orifice

and Back Orifice 2000, designed mainlyto

expose Microsoft's security weaknesses. Back Orifice is a GUI-driven software utility

that enables unauthorized users to gain

remote access to computer systems through

the back doors of PCs running Microsoft'sWindows 95 or 98.


11/18

Global Hell

Global Hell debuted in the mainstream when

it hacked into the White House Web site.

In May 1999, the White House staff wasconfronted with a picture of flowered pantieson its home page.

Global Hell took credit for defacing the sitefor the whole world to see.


12/18

Script Kiddies

The innocent-soundingScript Kiddies group, bycontrast, is one ofthe most dangerous andmalicious cracker groups wreaking havoc on the

Internet. For example, two oftheir disciples, California

teens who go bythe handles Makaveli andTooShort, literally ransacked a group of high-level military servers in 1998.

In contrastto the altruistic hackers, their goal wasnot to enter and patch up but to enter and tear up.For the most part, Script Kiddies qualify ascrackers, and their modus operandi is destruction.


13/18

Hacking for Girlies (HFG)

Hacking for Girlies (HFG) are the political activists ofthe underground hacker culture. Apparently, onemember ofthe group has been held in custody bythe federal authorities since 1995.

InSeptember 1998, HFG hacked into the New YorkTimes's Web site in protest and to show discontentwith a Times reporter who wrote a book thatchronicled the comrade's capture.

The Times's home page was plastered with slogansdemanding the release of the fallen HFG comrade.

HFG has also hacked into NASA's Jet PropulsionLaboratory and Motorola in support of its incarceratedcolleague.


14/18

Why Hackers Love to Target

Microsoft Consequently, hackers love Microsoft

because ofthe various classes of

v

ulnerabilities presented by its suite ofproducts. If any company can address these

issues, Microsoft can because of its financial

muscle.(www.ntbugtraq.com)

superworms Nimda, Code Red, and Love Bug

Worm: Love Bug, New Love (Herbie)


15/18

Trojan Horse: A type of computer virus that pretends to be a useful program,such as a game or a utility, to entice you to use it, when in reality it containsspecial code that will intentionally damage any system onto which it is loaded.

Virus: A program intended to damage a computer system withoutthe usersknowledge or permission. A virus clones itself from disk to disk or from system to

system ov

er a network. Numbers are hard to come by, but certain authoritiesclaim thatthere are approximately 30,000 known viruses, with 400 new onesappearing each month. A virus may attach itselfto a program or to the partitiontable or boottrack on a hard disk. When a certain event occurs, a date passes, ora specific program executes, the virus is triggered into action.

worms are programs that reproduce, execute independently and travel acrossthe network connections. The key difference between a virus and worm is themanner in which it reproduces and spreads. A virus is dependent upon the host

file or boot sector, and the transfer of files between computers to spread,whereas a computer worm can execute completely independently and spread onits own accord through network connections


16/18

Handle the Threat

CERT: Computer Emergency ResponseTeam is a name given to expert groups thathandle computer security incidents. Mostgroups append the abbreviation CERT orCSIRT

TIM INSIDEN KEAMANAN INTERNET DANINFRASTRUKTUR INDONESIAIndonesia Security Incident ResponseTeamon Internet Infrastructure(ID-SIRTII)


17/18

National Security Agency (NSA)tested the

Pentagon using available program on the

internet, and successfullytear down thesecurity.

National Infrastructure Protection Center

catch the love bug

Central Intelligence Agency

FBI

FIRST


18/18

done

References

ManagerSecurityGuide(chapter 3)

CEH Network Dictionary

Internet

Documents

3 the Malicious Opponents Of