Computer Viruses and Worms Overview

Questions and Answers

What is a virus in the context of computer programs?

• A programming glitch that causes software to crash
• A standalone application that performs automated tasks
• A type of hardware that damages computer systems
• A piece of self-replicating code embedded in another program (correct)

How do viruses typically spread?

• Through social media platforms exclusively
• By being intentionally deleted by users
• Via diskettes, email, and files downloaded from the Internet (correct)
• Only through websites with known vulnerabilities

What major step allows a virus to replicate once a user executes an infected program?

• The virus modifies system preferences to allow access
• The virus creates a new version of another executable program (correct)
• The virus sends email notifications to all contacts
• The virus automatically updates the user’s system

Which action can trigger an email virus spread?

Opening an attachment that contains a virus (D)

What is the importance of keeping antivirus software up-to-date?

It allows for detection and destruction of new viruses (A)

What type of application should consumers be wary of?

Fake antivirus applications (A)

What moral accountability does Butler have regarding Firesheep?

He has some moral responsibility for facilitating wrong actions (B)

What is a defining characteristic of a worm in computer networks?

It is a self-contained program. (A)

How did Robert Tappan Morris, Jr. release the Internet worm?

From an MIT computer. (D)

What was one significant consequence of the Internet worm's release?

Infected computers kept crashing or became unresponsive. (D)

What ethical theory argues that Morris violated others by accessing their computers without permission?

Kantian ethics. (B)

What was a societal benefit attributed to Morris's actions with the worm?

Organizations learned of security flaws. (A)

Which of the following consequences did Morris face for releasing the Internet worm?

Three years' probation and 400 hours of community service. (B)

What did the Sasser worm disrupt in its attack?

Operations at Delta Airlines and several other organizations. (C)

Who confessed to being responsible for the Sasser worm?

Sven Jaschan, a German juvenile. (A)

What punishment did Sven Jaschan receive for his actions with the Sasser worm?

30 hours of community service and probation. (D)

Which ethical evaluation suggests that Morris acted selfishly by using the Internet as a lab?

Virtue ethics evaluation. (D)

What significant cyber attack occurred in Estonia in 2007?

Politically motivated cyber attacks (A)

Which countries were targeted during the Fourth of July attacks in 2009?

United States and South Korea (B)

What specific vulnerability is associated with Internet-based SCADA systems?

They create potential security risks due to remote diagnostics (C)

Which cyber weapon was developed to attack Iran's nuclear capabilities?

Stuxnet worm (A)

What event coincided with the DDoS attack on Twitter and other sites in 2009?

The anniversary of the Georgia-Russia war over South Ossetia (B)

What was the primary concern addressed by the Department of Justice regarding Apple?

Apple could maintain custody of the software used. (D)

What does sidejacking involve?

Capturing a user’s cookie on an open Web session. (B)

What was the main function of the Firesheep extension released by Eric Butler?

To allow users to sidejack Web sessions easily. (B)

What was a notable outcome following the release of Firesheep?

Improved security measures from Facebook and Twitter. (A)

How did the act utilitarian analysis view the release of Firesheep?

It was viewed as good due to raised awareness of security issues. (A)

Which ethical attribute did Butler demonstrate by making Firesheep freely available?

Benevolence (C)

What was the primary security vulnerability highlighted by the internet security community?

Sidejacking on unencrypted wireless networks. (A)

What was the FBI's motive for requesting Apple to unlock the iPhone?

To create a legal precedent regarding privacy. (B)

What notable effect did Firesheep have on users in its first week after release?

It reached more than 500,000 downloads. (B)

What is a significant benefit of the Bring Your Own Device (BYOD) policy for employers?

Reduced hardware and software expenditures (A)

What is a main security risk associated with Bring Your Own Device?

Compromise of company data if the device is stolen (B)

What does spear-phishing specifically target?

Specific individuals or groups through selective email addresses (B)

What action can a company take regarding its data on a stolen personal device?

They may erase all data from the device (D)

How does SQL injection attack a web application?

By injecting SQL queries into text strings (D)

What is the primary purpose of phishing attacks?

To gain sensitive information from unwary users (C)

What should companies consider for personal devices under a BYOD policy?

Security standards like password requirements and anti-malware (B)

What potential harm can occur due to insecure personal devices in a BYOD environment?

Vulnerability to data breaches (D)

How many phishing attacks were recorded globally in the second half of 2014?

124,000 (A)

What type of support might a company's IT department provide under a BYOD policy?

Limited support for specific applications (B)

What was the primary target of the Stuxnet worm?

SCADA systems running Siemens software in Iran (A)

Which attack occurred on the Fourth of July weekend in 2009?

A DDoS attack on governmental agencies in the U.S. and South Korea (C)

What security risk is associated with Internet-based SCADA systems?

Vulnerability to external hacking due to remote accessibility (D)

Which notable event coincided with the DDoS attacks on Twitter and other social networking sites in 2009?

The anniversary of the war between Georgia and Russia over South Ossetia (A)

Which group is believed to have orchestrated the DDoS attack during the Fourth of July weekend in 2009?

North Korean cyber forces (B)

What characteristic defines a worm in computer networks?

It spreads through exploitation of security holes. (B)

What was one of the immediate effects of the Internet worm released by Robert Tappan Morris, Jr.?

Significantly slowed traffic on communication networks. (A)

What alone can be considered a violation of property rights in Morris's actions?

Accessing computers without permission. (A)

What was one of the benefits associated with Morris's release of the Internet worm?

It helped organizations identify security flaws. (C)

What ethical evaluation suggests Morris demonstrated a lack of responsibility for his actions?

Virtue ethics evaluation. (A)

What disruption did the Sasser worm cause upon its release?

Disrupted operations at major transportation organizations. (C)

What was the consequence for Sven Jaschan regarding his involvement in the Sasser worm?

30 hours of community service. (D)

What motivation might Morris have had for releasing the Internet worm according to ethical evaluations?

To demonstrate his coding skills. (D)

Which of the following evaluations considers the consequences of Morris's actions on overall societal benefit?

Utilitarian evaluation. (B)

What conclusion did the Act Utilitarian Analysis draw about the release of Firesheep?

It was considered beneficial as it highlighted security issues. (A)

What did the release of Firesheep prompt Facebook and Twitter to announce?

Options to use their sites securely. (D)

What action did the FBI take regarding Apple's software request for unlocking the iPhone?

They withdrew their request after successfully accessing the iPhone. (C)

What vulnerability allowed sidejacking to occur, according to the content?

Cookies being sent over unencrypted networks. (C)

How did Eric Butler's release of Firesheep affect public awareness?

It increased public understanding of security vulnerabilities. (B)

What ethics-related attributes did Butler demonstrate by releasing Firesheep?

Courage and a commitment to public good. (A)

What was a common criticism of e-commerce sites regarding sidejacking?

They failed to change their practices despite vulnerability complaints. (A)

What is the primary purpose of the Conficker worm?

To propagate itself (D)

What is a characteristic of a Trojan horse in malware?

It appears to have a legitimate function (D)

How can ransomware be installed on a victim's computer?

All of the above are potential methods (D)

What method do attackers use in cross-site scripting attacks?

Inserting harmful code into web applications (B)

What is a defining feature of drive-by downloads?

They happen without user intent when visiting a website (D)

Which of the following examples is a known instant messaging worm?

Kelvir (B)

In which year did the Conficker worm emerge?

2008 (A)

Which of the following can potentially lead to cross-site scripting vulnerabilities?

Websites allowing user-generated content (C)

What is the main action performed by backdoor Trojans?

Provide unauthorized access to attackers (C)

What percentage of Google's search queries return a malicious URL, according to the Google Anti-Malware Team?

1.3% (C)

What is the main objective of a denial-of-service (DoS) attack?

To prevent legitimate users from using a computer service (B)

Which of the following describes a Distributed Denial-of-Service (DDoS) attack?

An attack launched from multiple compromised devices simultaneously (A)

Which IoT devices are commonly exploited for DDoS attacks?

Network routers and baby monitors (B)

What significant event occurred during the DDoS attack on Dyn in October 2016?

Multiple prominent websites went offline for several hours (D)

What challenge did Blue Security face that led to the termination of its anti-spam activities?

Spammers retaliated with DDoS attacks and increased spam volume (B)

Which factor contributed to the vulnerability of IoT devices being co-opted for DDoS attacks?

Default passwords that are often unchanged by users (A)

Which organization was Jeanson James Ancheta associated with in the context of cybercrime?

Avalanche Gang (D)

What response did Blue Frog implement against spam messages?

Auto-replying with opt-out messages (D)

What was the outcome of the DDoS attacks launched by PharmaMaster against Blue Security?

Termination of Blue Security's anti-spam initiatives (C)

How did spammers react to Blue Security's spam deterrence system initially?

Many agreed to stop sending spam to Blue Frog users (D)

Which principle best describes the moral implications of Butler releasing Firesheep?

He facilitated privacy breaches for personal gain. (A)

What is a common misconception about how viruses spread through email?

They can only spread through email attachments. (D)

Which method do users often neglect that affects antivirus software effectiveness?

Regularly updating it. (A)

In what manner does a virus typically replicate after a user runs an infected program?

It embeds itself into executable files and spreads through downloads. (C)

What ethical issue is highlighted by Butler's decision to release Firesheep?

Neglecting informed consent of users. (D)

What is a significant misconception many users have regarding fake antivirus applications?

Purchasing them always guarantees device security. (A)

What specific behavior by users can exacerbate the spread of viruses through email?

Ignoring security warnings for attachments. (B)

Which activity is criminalized under the Computer Fraud and Abuse Act?

Transmitting classified government information (D)

What is the maximum penalty for offenses under the Computer Fraud and Abuse Act?

$250,000 fine and 20 years in prison (A)

Which of the following actions is illegal under the Electronic Communications Privacy Act?

Interception of telephone conversations (B)

What was Apple's main concern regarding the FBI's request to disable iPhone security features?

Risk of creating a vulnerability for all iPhone users (C)

Which security feature of the iPhone 5C protects personal data after multiple incorrect passcode attempts?

Encryption key deletion (A)

What was the outcome of the FBI's order for Apple to comply with unlocking the iPhone?

The FBI found another way to unlock the phone (A)

What aspect of Malik's actions raised concerns regarding national security?

Her pledge of allegiance to the Islamic State (A)

Which method did the FBI utilize to compel Apple to assist with the locked iPhone?

A magistrate's court order (C)

What impact did the delay between incorrect passcode attempts have on the security of the iPhone?

It helped deter brute force attacks (B)

What was a primary concern of the FBI regarding Apple's software?

The possibility of setting a legal precedent (B)

What was one of the immediate effects of the Firesheep release?

Widespread media coverage and public awareness of security issues (C)

Which ethical theory best describes Butler's actions in releasing Firesheep?

Virtue ethics emphasizing character and virtue (D)

Which factor contributed to the sidejacking vulnerability?

The transmission of cookies over unencrypted networks (B)

What was the response of Facebook and Twitter following the Firesheep release?

They allowed users to enable security protocols for better protection (A)

What aspect of public perception did the release of Firesheep primarily influence?

The recognition of the importance of encryption in web security (D)

How did the Department of Justice ultimately resolve its request to Apple regarding the locked iPhone?

By withdrawing the request entirely after accessing the phone (D)

What minimal harm was observed following the release of Firesheep?

A significant rise in identity theft cases (C)

What characteristic of Butler was highlighted in the virtue ethics analysis?

His willingness to take responsibility for his actions (B)

What was a significant outcome of the Stuxnet worm's attack on Iran's nuclear facilities?

Halt of uranium enrichment temporarily (C)

Which of the following best describes the nature of the 2009 DDoS attack on Twitter and other sites?

A politically motivated attack coinciding with a significant anniversary (D)

What characteristic of SCADA systems increases their vulnerability to security risks?

The exposure of their protocols to Internet Protocol (C)

What was the common attribution for the Fourth of July attacks in 2009?

Retaliation by North Korea for United Nations sanctions (C)

Which event involved a significant espionage threat attributed to China's military?

Espionage aimed at gaining access to SCADA systems (A)

What is the primary aim of a Denial-of-Service (DoS) attack?

To disrupt a server's ability to respond to clients (D)

What type of attack involves using multiple devices to overwhelm a target?

Distributed Denial-of-Service (DDoS) attack (D)

Which event is primarily associated with the Mirai botnet?

The 2016 attack on Dyn's DNS services (A)

What was Blue Security known for before its decline?

Selling a spam deterrence system (D)

What tactic did PharmaMaster use to combat Blue Security’s efforts?

Sending more spam and executing DDoS attacks (C)

Which characteristic of Internet-of-Things (IoT) devices made them susceptible to DDoS attacks?

Many users do not change default passwords (B)

What significant consequence did Blue Security face from the DDoS attacks?

Terminating their anti-spam activities (D)

Which group was primarily known for generating revenue from malware attacks?

Criminal organizations (D)

Which of the following was NOT a reason for the success of the Mirai botnet?

The complex encryption methods employed (C)

What was a significant outcome of the Blue Frog bot's operation?

A reduction in spam for Blue Frog users (D)

Flashcards

Sidejacking

Hijacking an open web session by capturing a user's cookie.

Virus definition

A self-replicating piece of code hidden inside another program (host).

Virus spreading methods

Viruses spread through floppy disks, CDs, email attachments, and downloaded files from the internet.

Unencrypted Wireless Networks

Wireless networks without security measures.

Firesheep

Firefox extension that enabled sidejacking web sessions.

Virus Replication Process

A virus infects a program, creates an infected copy of another program, and then returns control to the original program, leaving the user unaware of the infection.

Act Utilitarian Analysis of Firesheep

Analysis showing the release of Firesheep, while potentially harmful, led to a positive outcome by raising awareness of security problems and promoting more secure online practices.

Email virus spread

An email virus infects a user by opening an attachment, reads the user's email contacts, and sends viruses to others via email.

FBI and the Locked iPhone

The FBI's attempt to compel Apple to unlock a suspect's iPhone.

Antivirus software

Software used to detect and remove viruses from a computer system.

Antivirus software updates

Regular updates to antivirus software are crucial for its effectiveness.

Virtue Ethics Analysis of Firesheep

Analysis evaluating the ethical character and motivations of the Firesheep creator.

Fake antivirus applications

Software disguised as antivirus software but designed to harm users' computer systems.

Kantian analysis of Firesheep

Using Firesheep to access others' accounts is morally wrong because the tool facilitates privacy violation. The creator, Butler, bears responsibility for the misdeeds of those using his tool.

BYOD security risks

Using personal devices for business apps can make company data vulnerable if devices are lost or insecure.

BYOD benefits

Companies save money on hardware/software and see employee productivity increases while workers are satisfied.

Phishing

Large-scale attacks to trick people into revealing sensitive information.

Spear Phishing

A phishing attack targeting specific individuals or groups.

SQL Injection

Hacking a database-driven website by inserting malicious SQL code.

BYOD policy

Rules and standards for employees using personal devices for work, addressing security, usage, and data management.

Politically Motivated Cyber Attacks

Cyberattacks driven by political motivations, targeting countries, governments or organizations.

DDOS Attack

A Distributed Denial-of-Service attack floods a target website with traffic to make it unavailable.

SCADA Systems

Supervisory Control and Data Acquisition systems control industrial processes using computers.

Stuxnet Worm

A sophisticated computer worm that targeted SCADA systems, causing the temporary shutdown of Iran's nuclear program.

Estonia (2007)

A major example of a politically motivated cyberattack.

Georgia (2008, 2009)

Another example demonstrating politically motivated cyberattacks.

Worm (computer)

A self-contained program that spreads through a computer network, exploiting security vulnerabilities.

Worm Propagation

The process by which a worm spreads to other computers, leveraging security gaps in networks.

The Internet Worm

A significant malware instance released by Robert Tappan Morris, causing extensive disruption on the early internet.

Robert Tappan Morris, Jr.

The graduate student who released the Internet Worm.

Security Holes

Vulnerabilities in computer networks that worms exploit to spread.

Sasser Worm

A highly disruptive worm that infected millions of computers in 2004, causing widespread operational problems.

Ethical Evaluation of Cyberattacks

Assessing the moral implications of actions like releasing a worm, considering different ethical frameworks.

Kantian Evaluation

An ethical framework judging actions based on whether they are universalizable principles.

Social Contract Theory

An ethical framework examining actions in terms of respect for societal agreements regarding property rights.

Utilitarian Evaluation

An ethical framework evaluating actions based on their overall benefit and harm to society.

Virtue Ethics Evaluation

An ethical framework assessing actions based on the character or motivations behind them.

Sidejacking

Hijacking an open web session by stealing the user's cookies.

Firesheep

A Firefox extension that allowed easy sidejacking of web sessions.

Act Utilitarian Analysis of Firesheep

Analysis of Firesheep's release, focusing on its overall positive impact (increased security measures) despite possible minor harms.

FBI and the Locked iPhone

The FBI's request for Apple to create software to unlock a suspect's iPhone.

Virtue Ethics Analysis of Firesheep

Analysis of Firesheep focusing on the moral character and motivations of the creator.

Worm (computer)

A self-contained program that spreads through a computer network, exploiting security vulnerabilities.

Worm Propagation

The process by which a worm spreads to other computers, leveraging security gaps in networks.

The Internet Worm

A significant malware instance released by Robert Tappan Morris, causing extensive disruption on the early internet.

Robert Tappan Morris, Jr.

The graduate student who released the Internet Worm.

Security Holes

Vulnerabilities in computer networks that worms exploit to spread.

Sasser Worm

A highly disruptive worm that infected millions of computers in 2004, causing widespread operational problems.

Ethical Evaluation of Cyberattacks

Assessing the moral implications of actions like releasing a worm, considering different ethical frameworks.

Kantian Evaluation

An ethical framework judging actions based on whether they are universalizable principles.

Social Contract Theory

An ethical framework examining actions in terms of respect for societal agreements regarding property rights.

Utilitarian Evaluation

An ethical framework evaluating actions based on their overall benefit and harm to society.

Denial-of-Service (DoS) attack

An attack intending to prevent legitimate users from accessing a computer service.

Politically Motivated Cyber Attacks

Cyberattacks driven by political motivations, targeting countries, governments, or organizations.

Estonia (2007)

A significant example of a politically motivated cyberattack, targeting Estonian government and financial institutions.

Distributed Denial-of-Service (DDoS) attack

A DoS attack launched from multiple computers, often part of a botnet.

Mirai botnet

Botnet used in a major 2016 DDoS attack, exploiting IoT devices.

Georgia (2008, 2009)

Examples of politically motivated cyberattacks during or following a conflict, with possible ties to the conflict with Russia

Internet-of-Things (IoT) devices

Devices connected to the internet, vulnerable to exploitation.

DDOS Attack

A Distributed Denial-of-Service attack overwhelming a target website with traffic to make it unavailable.

SCADA Systems

Supervisory Control and Data Acquisition systems that control industrial processes through computers.

Cyber Crime

Criminal activities involving computers and networks.

Stuxnet Worm

A sophisticated computer worm targeting SCADA systems, particularly affecting Iranian nuclear facilities.

Blue Security

An Israeli company that created a spam deterrence system.

Spam deterrence system

A system designed to reduce spam messages by automatically flagging spam.

Instant Messaging Worms

Malware that spreads through instant messaging services, infecting many users

Conficker Worm

A worm that targets older Windows systems without security updates

Cross-Site Scripting

A method of downloading malware by injecting malicious scripts into websites

Drive-By Downloads

Downloading harmful software by simply visiting a compromised website or clicking on a pop-up

Trojan Horses

Programs appearing benign but secretly carrying malicious intent

Backdoor Trojans

Trojans that grant attackers access to a victim's computer

Ransomware

Malware that encrypts files and demands payment for decryption

Computer Fraud and Abuse Act

A law that criminalizes various hacker-related activities, including damaging computers, unauthorized access, and transmitting classified information.

Electronic Communications Privacy Act

A law that makes it illegal to intercept or access stored electronic communications without authorization.

FBI and the Locked iPhone

The FBI's attempt to compel Apple to create a software to unlock a suspect's encrypted iPhone.

Computer Fraud

Criminal activity involving the use of computers to defraud someone or an organization.

Computer extortion

The use of computers or technology to obtain something through threats.

Maximum penalty for Computer Crimes

Up to 20 years in jail and a $250,000 fine.

Virus

A self-replicating program embedded within another program (host).

Virus Spread

Viruses spread through disks, email attachments, and downloaded files.

Virus Replication

A virus infects a program, creates an infected copy of another program, and returns control to the original program.

Email Virus

A virus spread through email attachments.

Antivirus Software

Software that detects and removes viruses from a computer.

Antivirus Update

Software updates maintaining antivirus effectiveness.

Fake Antivirus

Software imitating antivirus to harm computers.

Kantian Analysis

Analysis of actions based on whether actions are universal.

Firesheep

A tool enabling sidejacking of open web sessions.

Privacy Violation

An action that infringes upon another's right to privacy.

Sidejacking

Hijacking an open web session by capturing a user's cookie.

Firesheep

Firefox extension enabling sidejacking of web sessions.

Act Utilitarian Analysis of Firesheep

Analysis where the release of Firesheep was deemed good due to increased security awareness and improvement as a result.

FBI and Locked iPhone

FBI's request to Apple to create software to unlock a suspect's iPhone.

Virtue Ethics Analysis of Firesheep

Analysis focusing on the moral character and motivations of the Firesheep creator.

Denial-of-Service (DoS) attack

An attack designed to prevent legitimate users from accessing a computer service.

Distributed Denial-of-Service (DDoS) attack

A DoS attack launched from multiple computers, often in a botnet.

Mirai botnet

A botnet used in a major DDoS attack, exploiting IoT devices.

Internet-of-Things (IoT) devices

Devices connected to the internet, easily compromised.

Cyber Crime

Criminal activities using computers and networks.

Blue Security

An Israeli company creating spam deterrence.

Spam Deterrence System

A system designed to reduce spam.

DDoS attack (2016)

Attack on Dyn, an internet service provider, disrupting various sites.

Politically Motivated Cyber Attacks

Cyberattacks with a political objective, often targeting governments or countries.

Estonia (2007)

A significant example of a politically motivated cyberattack.

Georgia (2008, 2009)

Cyberattacks that happened around or following political conflicts.

DDOS Attack

A denial-of-service attack using multiple computers.

SCADA Systems

Systems controlling things like factories or power grids.

Stuxnet Worm

A sophisticated computer worm targeting SCADA systems.

Fourth of July Attacks (2009)

DDOS attacks on US and South Korean government sites.

Attacks on Social Networking Sites (2009)

Massive DDOS attacks on major social media platforms.

Study Notes

Chapter 7: Computer and Network Security

• Chapter covers computer and network security, including hacking, malware, cybercrime, and online voting.

Learning Objectives

• Introduction to computer security
• Hacking definitions and methods
• Types of Malware
• Cybercrime and cyberattacks
• Online voting

7.1 Introduction

• Increasing computer use highlights the growing importance of computer security.
• Lack of security leads to harmful consequences like stolen information and extortion.
• Computer systems can be weaponized, impacting governments and organizations.

7.2 Hacking

• Original meaning of "hacker" involved exploration, risk-taking, and system innovation (e.g., MIT Tech Model Railroad Club).
• Modern meaning of "hacker" is someone who gains unauthorized access to computers and networks.
• Methods for gaining login names and passwords include eavesdropping, dumpster diving, social engineering, brute-force searches, and dictionary attacks.

Password Dos and Don'ts

• Avoid short, dictionary-based passwords.
• Do not reuse passwords.
• Utilize strong, complex passwords.
• Enable two-factor authentication when available.
• Have password recoveries sent to a secure email address.

Computer Fraud and Abuse Act

• Criminalizes various hacker activities, such as transmitting damaging code, gaining unauthorized access to computers, transmitting classified information, and trafficking in passwords.
• Maximum penalty includes 20 years in prison and a $250,000 fine.

Electronic Communications Privacy Act

• Illegal to intercept phone conversations, emails, or other data transmissions.
• Criminal to access stored email messages without authorization.

FBI and the Locked iPhone

• December 2015: Syed Farook and Tashfeen Malik killed and wounded people in California. FBI recovered an iPhone 5C from the perpetrator but it was encrypted.
• February 2016: FBI asked Apple to create a new version of iOS to disable passcode security features. Apple refused.
• FBI persuaded a US magistrate for an order.
• Apple argued that creating a "backdoor" for the FBI would harm the security of all iPhones.

Sidejacking

• Sidejacking is hijacking an open web session by capturing user cookies.
• Sidejacking is frequently achievable with unencrypted wireless networks.
• Internet security community long warned about this phenomenon, but ecommerce didn't act upon it for years.

Case Study: Firesheep

• October 2010: Eric Butler released a Firesheep Firefox extension.
• Firesheep allowed easy sidejacking of web sessions.
• In its first week, more than 500,000 downloads occurred.
• Firesheep brought media attention to security issues.
• Early 2011: Facebook and Twitter introduced new ways to increase site security.

Act Utilitarian Analysis for Firesheep

• Release of Firesheep helped focus media's attention on security.
• Benefits: improved security by prompting changes to Facebook and Twitter.
• Harms: minimal evidence suggesting Firesheep increased malicious activity in online theft.
• Conclusion: Releasing Firesheep, according to Act Utilitarianism, was likely a good act.

Virtue Ethics Analysis for Firesheep

• Butler's actions helped the public understand security issues on unencrypted networks.
• Butler's actions reflected an interest in protecting privacy and good.
• Butler's courage in taking responsibility for the program and the benevolence in making the software freely.

Kantian Analysis for Firesheep

• Accessing someone else's account is an invasion of privacy and therefore wrong.
• Butler created a tool for malicious activities; therefore, he had some moral responsibility for the misuse of Firesheep.
• Butler's hope that public pressure would prompt improvement of site security led to negative outcomes when he was willing to tolerate short-term increase in privacy violations.
• Treating victims as mere tools was ethically objectionable.
• Butler's release of Firesheep was wrong under a Kantian framework.

7.3 Malware

• Virus: A self-replicating code embedded within other programs (like documents or executables).
• Viruses are often included in downloaded software.
• Viruses are often associated with:
  • Hard disks
  • Floppy disks
  • CDs/DVDs
  • Email attachments
• Viruses spread via:
  • Diskettes or CDs
  • Email attachments
  • Files downloaded from the Internet

Email Attachments with Possible Virus

• Email attachments can conceal viruses.

How an Email Virus Spreads

• Users open attachments containing viruses.
• The virus reads the user's address book.
• The virus sends emails with virus-containing attachments.

Antivirus Software Packages

• Antivirus software is used to detect and destroy viruses.
• Antivirus software needs to be kept up-to-date.
• Consumers need to be cautious of fake antivirus applications.

Worm

• Worm: A self-contained program that spreads through a computer network, often exploiting vulnerabilities.
• It spreads by exploiting security holes in interconnected computers.
• Examples include the:
  • Internet Worm (Morris Worm)
  • Sasser Worm
  • Conficker Worm
  • Other instant messaging worms

The Internet Worm

• Released by Robert Tappan Morris.
• Infected Unix computers.
• Led to widespread computer crashes.
• Resulted in significant penalties for Morris.

Ethical Evaluation of the Internet Worm

• Kantian evaluation— Morris used others by gaining access without authorization.
• Social contract theory evaluation – violated organizations’ property rights.
• Benefits—organizations learned about their security vulnerabilities.
• Harms—waste of time, unavailable computers, disrupted network traffic, and Morris's punishment.
• Virtue ethics evaluation— Morris misused the Internet and did not take responsibility for the consequences of his actions.
• Conclusion—Morris acted wrongly, exhibiting poor ethical character.

Sasser Worm

• Launched in 2004.
• Infected 18 million computers.
• Disrupted the operations of companies (Delta Airlines, European Commission, Australian railroads, British Coast Guard).
• German juvenile Sven Jaschan confessed and received 30 hours of community service.

Instant Messaging Worms (e.g., Choke and Hello, Kelvir, Palevo)

• Malware spreads through instant messaging services.
• Some required users to delete or downgrade their systems to remove the worms.

Conficker Worm

• 2008 Windows computer worm.
• Widely circulated among computers using older software.
• Often found in legacy systems of factories and healthcare facilities.

Cross-Site Scripting

• Downloading malware without knowing.
• Web sites used by others to view posted documents or comments used to inject malware.
• Victims download malicious code from web servers when clicking links or reading comments.

Drive-By Downloads

• Malware unknowingly downloaded by visiting a compromised website.
• Pop-up windows prompt users for consent and downloads.
• Google's search engine occasionally returns a malicious link resulting in drive-by-downloads.

Trojan Horses and Backdoor Trojans

• Trojan horse: A program with a benign capability that conceals a sinister purpose.
• Backdoor Trojan: A type of Trojan that grants attackers access to the victim's computer.

Ransomware

• Malware that extorts money from the victim, often by encrypting victims files and asking for payments to release them.
• Installed via:
  • Drive-by downloads
  • Trojan Horses
  • Email attachments
  • Other means.

Rootkits

• A set of programs that provides privileged access to the computer.
• Activated whenever the computer is started.
• Uses security privileges to prevent recognition by the user.

Spyware and Adware

• Spyware: Software communicating over the internet without user knowledge.
• Monitors web surfing.
• Logs keystrokes.
• Captures snapshots of the computer screen.
• Sends reports back to the host computer.
• Adware: displays pop-up advertisements.
• Backdoor Trojans sometimes used to install spyware/adware.

Bots

• Bots are Trojan backdoor programs that respond to commands from another computer.
• First bots involved in legitimate activities such as internet relay chat/multiplayer games.
• Later bots were also used for illegal activities such as distributing spam/collecting personal information for theft and denial of service attacks.

Bots and Botnets

• Bot: a backdoor Trojan program that responds to commands from another computer.
• Botnet: a collection of infected computers controlled by the same command-and-control software.
• Botnet herders distribute spam and launch distributed denial-of-service attacks.

Protecting Your Internet-Connected Devices

• Keep security patches up-to-date on systems.
• Install and maintain anti-malware.
• Examine manufacturer's precautions before purchasing an Internet-connected device.
• Change default passwords on devices immediately upon connection to the Internet.
• Never use the same password on multiple devices.
• If possible, replace insecure Internet-of-Things (IoT) devices.

Security Risks of "Bring Your Own Device"

• 87% of US companies rely on employees using their personal devices for work purposes.
• The advantages of BYOD include reduced investments in hardware.
• Productivity and employee job satisfaction also improve when employees are allowed to use their personal tech for work.
• The risks of BYOD include corporate data breaches, especially when devices are lost or stolen.

"Bring Your Own Device" Policy Questions

• The concerns related to this policy regarding the security of employed devices.
• The apps that employers permit employees to utilize on personal devices.
• The type of technical support the company offers.
• In case of data breaches, the company's control over personal worker data.
• Company procedure for removing company data from employee devices.

7.4 Cyber Crime & Cyberattacks

• Phishing: Large-scale efforts to acquire user information.
• Spear Phishing: A variant where targeted users are selected.
• SQL Injection: Attacks on improperly secured database-driven web applications.
• Denial-of-Service Attacks (DoS): Attacks disrupting computer services.
• Distributed Denial-of-Service Attacks (DDoS): Attacks from numerous computers.

Internet-of-Things Devices Co-opted for DDoS Attacks

• IoT devices like network routers, security cameras, baby monitors, are often vulnerable to use in DDoS attacks.

Cyber Espionage

• Large-scale government hacking. Hundreds of terabytes of stolen data, dozens of countries.
• People's Liberation Army suspected of involvement.

Anonymous

• Loosely organized hacktivism group with various political aims.

Actions Attributed to Anonymous

• Cyberattacks often related to protests or social/political issues.

Convictions of Anonymous Members

• Numerous people arrested and convicted for Anonymous-related cyber activities.
• Examples of specific individuals and prison sentences provided.

7.5 Online Voting

• The 2000 US Presidential election, particularly in Florida, highlights the issues with using traditional voting machines.
• Two voting irregularities included:
  • Hanging chads
  • The "Butterfly ballot" design

Benefits of Online Voting

• Increase voter participation - more people would participate at a quicker rate.
• Faster vote counting.
• Eliminates ambiguity present in traditional voting.
• Reduced costs.
• Eliminates ballot-box tampering and potential manipulation.
• Accurate vote counts through software protections against over/under-voting.

Risks of Online Voting

• Possible bias in digital voting since some may rely on home computers over others.
• Voter privacy is more threatened in electronic voting.
• More opportunities to sell votes.
• Online voting is often a target for attacks such as denial-of-service.
• Vulnerability to software and/or hard drive manipulation/hacks affecting votes.
• Lack of physical ballots for auditing or recounts.

Utilitarian Analysis of Online Voting

• Time savings from online voting is weighed against the increased risk of DDoS attacks.
• The probability of a successful attack that changes the outcome of the election needs a determination.

Kantian Analysis of Online Voting

• Voter's will to be reflected in their ballots - integrity of the votes is necessary.
• Recounts require the ability to verify votes – integrity is paramount.
• A paper record of each vote is crucial for auditing and recounting, protecting vote integrity.
• Electronic voting may decrease costs, but the lack of paper records means a loss of auditability, impinging upon vote integrity.
• Eliminating paper votes may seem cost-effective, but at the expense of vote integrity.

Summary of Cyber Security

• Cyber security issues highlight the trade-off between security and convenience.
• Individuals can become infected with malware in several ways.
• Internet-of-Things (IoT) devices are a new vector for cyberattacks.
• Issues need to be addressed regarding when cyberattacks become acts of war.