Upload
jessica-nicole-grimm
View
215
Download
1
Embed Size (px)
Citation preview
Hacking Attempts: How to Protect Against Hacking 1
Hacking Attempts: How to Protect Against Hacking
Jessica Grimm
University of North Carolina at Charlotte
Spring 2014
Hacking Attempts: How to Protect Against Hacking 2
Background Information
Hacking is increasing because of the amount of people in the world using Internet. It is easy to
use someone else’s information when shopping online because there is no face to face contact.
Throughout this paper, we will explore the significant increase of hacking attempts and modes of
protection against hacking. Using a combination of primary interviews and case studies
involving hacking we will discuss ways of responsibilities using technology to prevent farther
highjack of personal information.
Terms:
Cyber jihad: Kloet, J. (2002), is a group of Muslim hackers who hacked the Indonesian police
web site to force them to let the rebellious Muslim leader free.
Cyber war: is the use of computers to disrupt the activities of an enemy country.
Code Red Worm: Kloet, J. (2002), this was a virus that attacked computers running Microsoft’s
IIS web server in 2001.
Lion Worm: Kloet, J. (2002), this was a virus made by a Chinese cracker named “Lion”; he says
that he created the worm to show Chinese anger towards Japan.
Ethical hackers: Smith, B., Yurcik, W., & Doss, D. (2001), according to this article an ethical
hackers is someone who hacks the computer network to test and evaluate its security, instead of
malicious or criminal intent.
Cyber-terrorism: Lewis, J. A. (2002), hacking computer networks to endure fear into society.
Love Bug virus: Lewis, J. A. (2002), was a worm that attacked millions of Windows personal
computers in 2000. It also cost billions of dollars.
Firewall: is software or hardware based security system that controls the incoming and outgoing
network traffic.
Comment [Biag1]: Indent the paragraph. Needs to be in paragraph form.
Comment [Biag2]: More detail.
Comment [Biag3]: Include your position in the figured world.
Hacking Attempts: How to Protect Against Hacking 3
RFID: Venkataramani, G., & Gopalan, S. (2007, April), radio frequency identification, it is a
technology that uses electronic tags to relay identification information to electronic readers by
using radio waves.
Generation Y: Freestone, O., & Mitchell, V. (2004), in this article Generation Y means the
youngest group of people in the population.
Phone Line Hacked
A power company in Baltimore, Constellation Energy Group Inc., is tried to be hacked
into hundreds of times each day. The chief risk officer for the company, John Collins, says that
they have no idea who is trying to hack their system, but they know someone is trying to hack it.
Even though, the hackers have not caused any damage to the nation’s power grid, the company is
very concerned with their efforts. Power companies are worried that one of the hackers could be
a terrorist. If a terrorist were to hack into the company they could cause a blackout or damage
power plants, which could lead into an outage. Patrick H. Wood III, chairman of Federal Energy
Regulatory Commission, has told companies that they need to focus more on security. They are
taking the proper steps an ensuring that their systems are protected. Although, there are many
attacks on the cyber networks across the industries in the U.S., the biggest fear for the
government is the threat to the country’s power supply. Some of the problems that company
security has are viruses and worms. During the Fast and the Furious series, Dom needed
someone who can hack into security systems, safes, and phone lines. Tej is the man to count on.
In Fast 5, Tej hacks into a safe that has millions of dollars. Also, Santos and Leo help Tej hack
into the police station by cutting the wires and installing a device so they can see the live feed.
In Fast 6, Tej saves Mia’s life by hacking into the phone line before Shaw was able to call his
team and tell them to kill her.
Comment [Biag4]: Include in-text citation.
Hacking Attempts: How to Protect Against Hacking 4
Companies Hacked
My interview with William and Lisa Grimm talked about the Target credit card scam
during Christmas time. They were none too happy about that because William was laid off at the
time and they were low on money. William went to the bank to cancel their credit cards and
their banker told him if they did not get a call from Target they would be 95% in the clear. Lisa
would check their bank account every day to make sure there were no changes. Recently, when
they checked their bank account was negative. Someone took Lisa’s credit card information and
spent $190 on GoDaddy.com and the very last time she used that card was at Target during
Christmas. When they called GoDaddy to tell them that they did not buy anything from them
and the call rep said that they knew it was a fraud. The money was refunded right away. They
said they are having a hard time coping because they are borrowing money from family members
to keep stable until William starts his new job.
According to Schneier, computer security is failing regularly. CEOs of businesses want
the security on their network to be improved. When you increase security it will also increase
the spending. Auditors want firewalls because without them they would fail an audit and be
accused of not following proper guidelines. In Schneier’s paper he has a three step program that
will help motivate the business.
State Government Hacked
When interviewing William Grimm about his Social Security Number getting hacked, he
told me exactly the reason why it happened. He worked in the state of South Carolina for a
couple months and because of that he had to file taxes for South Carolina. A few months later,
he was watching the local news and a news story shared that the department of South Carolina’s
IRS had been hacked. Since that happened, he was able to get 12 months of free credit
Comment [Biag5]: Clear content. Especially
after defining the terms.
Comment [Biag6]: Elaborate on the three step
program. Give more detail.
Hacking Attempts: How to Protect Against Hacking 5
monitoring. Knowing he had his social security number hacked is very scary. He will have to
watch his credit record very closely and most likely for the rest of his life. He told me that he is
worried someone will open credit cards and his credit score will decrease.
Lewis’s paper Assessing the Risks of Cyber Terrorism, Cyber War and other Cyber
Threats talks about cyber terrorism and how it affects the computer network. Lewis compares
the theories of cyber-warfare and air power. Even though, the costs of cyber-attacks are cheaper
than physical attacks, they are less effective. He says that if the cyber-attack does not cause
harm then there is no need for immediate risk for national security. Lewis cited a post from The
Washington Post and it states that U.S. analysts believe that “by disabling or taking command of
the floodgates in a dam, for example, or of substations handling 300,000 volts of electric power,
an intruder could use virtual tools to destroy real-world lives and property.” Cyber-terrorist
needed to attack numerous targets for a long period of time for it to be considered terror. He
states that The Love Bug virus cost computer users worldwide between $3 billion to $15 billion.
Internet Hacked
In the article, Ethical Hacking, C.C. Palmer talks about the two definitions for “hacker”
in the computer industry. When the media saw a numerous amount of damaged computers they
made it into news. They would use the word hacker rather than using the proper term computer
criminal. Network security is becoming a major concern for business and governments because
the Internet is increasing rapidly. An “ethical hacker” is someone who would act like a “criminal
hacker”, but would not damage anything on the computer. To be an ethical hacker you have to
be trustworthy and responsible. When evaluating the security they ask themselves three
questions. After they answer the questions, they make an agreement between their client and
themselves and this protects them from any lawsuits.
Hacking Attempts: How to Protect Against Hacking 6
Anyone who is good with computers can be a hacker. The word hacker has so many
definitions. Smith and Doss explain in their article Ethical Hacking: The Security Justification,
what an ethical hacker is and why they are able to get away with a crime. Ethical hackers use
their knowledge to improve security. Just like in the article Ethical Hacking, they ask
themselves a series of three questions. They believe that people are being hypocrites because
they are paying the ethical hackers to do a crime, while they are putting the unethical hackers in
prison.
In this article, Generation Y Attitudes towards E-ethics and Internet-related
Misbehaviours, Freestone and Mitchell talk about the cost of hacking and viruses on computers.
Annually, the cost is about $4 billion and the number of people affected is 700,000 in the U.S.
alone. They did an experiment with 12 groups. Each group consisted of 6 students ranging from
ages 18 to 21. They asked the groups a couple of questions. The results should that five
dimensions emerged: illegal activities, questionable activities, hacking related activities, human
internet trade, and downloading material. This study acknowledged 24 unethical activities,
despite the fact that these activities are costly to the businesses and society, most of them are not
seen as wrong.
China and Indonesian
The article, Digitisation and its Asian discontents: the Internet, politics, and hacking in
China and Indonesia, talks about how the Chinese and Indonesian governments feel about the
Internet. Hackers sometimes challenge the government. Wenas is one of the major hacker in
Indonesia. Hacking is nothing new to the Indonesians. In May 2001, a group of Muslim
hackers, Cyber jihad, hacked the police web site to force them to let a militant Muslim leader
free. Chinese government has banned some of the U.S. websites. Americans think that the Code
Comment [Biag7]: Elaborate on the questions they ask. Give more detail.
Hacking Attempts: How to Protect Against Hacking 7
Red Worm and Lion Worm were caused by the Chinese. All over the Asian countries cyberwar
is happening. A hacker from China was arrested for replacing the content of the government
wed sites with pornography. Indonesia was banned from e-Bay because of a hacker
manipulating sellers.
Credit Card Hacked
In this article, Mobile phone based RFID architecture for secure electronic Payments
using RFID credit cards, it starts off by saying if someone steals a credit card they can use it to
buy an online purchase and they would never know who the true owners of the credit card are.
In this article, Venkataramani and Gopalan both agree that RFID credit cards will be used in the
future. RFID (radio-frequency identification) is defenseless to security breaches. Their major
goal is to improve the security of electronic payments. They give real life scenarios. For
example, Jack forgot his credit card when he purchased something at a store. Someone picked
up his card and used it to purchase expensive items. Jack did not even know his credit card was
missing until he got a credit card statement. The use of online shopping has increased because of
the rapid growth of the Internet. They use different scenarios to motivate business/individuals.
Entering the Conversation
I believe computer security should be increased no matter what the cost is. Businesses are
worried that they will spend too much money and the security will not work. After researching
different types of hacking attempts, I see how easy it is to hack into the security system because
the companies do not have proper software or hardware to protect against that. Venkataramani
and Gopalan have a very valid point when they talked about how online shopping is increasing.
They believe that RFID should be used on credit cards because it will help the companies
become aware of fraud. I agree with them because RFID would give identification information
Hacking Attempts: How to Protect Against Hacking 8
when someone would try to use the credit card. Regardless of the cost, I believe it would be
beneficial to businesses and the government if they increase the network security. A main reason
why it would be beneficial is because businesses and the government have a lot of important
information from people and if they do not protect that information properly there can be serious
consequences. Another reason why it would be beneficial is because it would make it harder for
a terrorist to cause harm to the country or business. For example, my dad works for a nuclear
power plant and he told me that a nuclear power plant needs a very secure security system
because if a terrorist attacks the security system it could cause a widespread blackout or a nuclear
power plant can be damaged and lead into an outage. A way businesses and the government can
test this theory would be having an ethical hacker try to hack into the computer that is fully
protected and try to hack into another computer that is not fully protected. The ethical hacker
would not know which computer is fully protected and which one is not fully protected.
So What?
With the national security having tons of information, they need to research ways to
protect against hackers. Businesses hire people to make sure that their business is safe from
hackers. Improving the security on the national security system will help businesses and the
government from being hacked. It also protects individuals from credit card theft, social security
theft, and identity theft. Some people think it is a problem when we allow ethical hackers hack
into the computers because we consider it a crime when a normal human being hacks into a
computer because they are trying to steal from individuals. Hacking causes billions of dollars in
damages for a company or the government. To solve that problem companies and the
government need to stop worrying about the cost of security and worry about the billions of
Comment [Biag8]: Great example.
Comment [Biag9]: Like the idea of increasing the security on businesses and government.
Comment [Biag10]: Add to, so it says ethical
hackers to hack.
Hacking Attempts: How to Protect Against Hacking 9
dollars in damages that they have to pay for now. In the long run, the cost of security is cheaper
than the cost of the damages.
Hacking Attempts: How to Protect Against Hacking 10
Works Cited
Blum, J., & Friday, M. (2005). Hackers Target US Power Grid. Washington Post, 11, E01.
Freestone, O., & Mitchell, V. (2004). Generation Y attitudes towards e-ethics and internet-
related misbehaviours. Journal of Business Ethics, 54(2), 121-128.
Grimm, J. Fast and the Furious observation [Document]. Retrieved from
http://moodle2.uncc.edu/course/view.php?id=37598
Grimm, W., & Grimm, L. (2014, February 20). Interview by J Grimm []. Credit card information
hacked.
Grimm, W. (2014, February 20). Interview by J Grimm []. Social security number hacked.
Kloet, J. (2002). Digitisation and its Asian discontents: the Internet, politics and hacking in
China and Indonesia. First Monday, 7(9).
Lewis, J. A. (2002). Assessing the risks of cyber terrorism, cyber war and other cyber threats.
Center for Strategic & International Studies
Palmer, C. C. (2001). Ethical hacking. IBM Systems Journal, 40(3), 769-780.
Schneier, B. (2004). Hacking the business climate for network security. Computer, 37(4), 87-89.
Smith, B., Yurcik, W., & Doss, D. (2001). Ethical hacking: the security justification.
Venkataramani, G., & Gopalan, S. (2007, April). Mobile phone based RFID architecture for
secure electronic Payments using RFID credit cards. In Availability, Reliability and
Security, 2007. ARES 2007. The Second International Conference on (pp. 610-620).
IEEE.