Cybercrime and Cyberattacks PDF

Summary

This document provides an overview of cybercrime and cyberattacks, including various types and their impact. Different types of cyberattacks, such as malware, phishing, ransomware, denial-of-service, man-in-the-middle, and cryptojacking, are discussed. The document also highlights the importance of cybersecurity measures and the common types of perpetrators in a summarized explanation.

Full Transcript

Cybercrime and Cyberattacks Objective: Explain the effects of various cybercrimes in the IT industry, Identify types of Cybercrimes and the importance of the types and perpetrators of cybersecurity as protectio...

Cybercrime and Cyberattacks Objective: Explain the effects of various cybercrimes in the IT industry, Identify types of Cybercrimes and the importance of the types and perpetrators of cybersecurity as protection against cyberattacks. What is cybercrime? Cybercrime “also called computer crime, the use of a computer as an instrument to fur ther illegal ends, such as committing fraud, traff icking in child pornography and intellectual proper ty, stealing identities, or violating privacy Cyberattack Cyberattack is “an attempt to gain illegal access to a computer system for the purpose or causing damage or harm“. Types of Cyberattack C yb era tta c k is def ined a s “ an at t ac k l aunc he d fr o m o ne o r m o r e c o m p ut e r s ag ai ns t ano t he r c o m p ut e r, m ul t i p l e c o m p ut e r s o r ne t wo r k s ”. Ther e a r e tw o ( 2 ) ty p es of a tta c ks tha t c a n ha p p en: ( 1 ) the g oa l is to dis a ble the c omputer or ma ke it g o of f the g r id; ( 2 ) g a in a c c es s to the ta r g et ʼs d a ta a nd in mos t c a s es , c ontr ol the us er ʼs c omp uter ( g a in a d min p r iv ileg es ). Eight (8) types of Cyberattacks (Fruhlinger, 2020): M a lwa r e Phis hing Ra ns omwa r e D enia l- of- s er v ic e M a n in the mid d le C r y ptoja c king SQL injec tion Zer o- d ay ex p loits Malware Malware refers to sof tware that damages devices, steals data, and causes chaos. There are many types of malware ̶ viruses, Trojans, spyware, ransomware, and more. Virus A ty pe of ma lic ious s of twa r e tha t is loa ded onto the us er ʼs c omp uter w ithout his / her knowledg e. It c a n per for m ma lic ious a c tions s uc h c or r up ting your f ile, hid ing your f ile or even d es tr oy ing your c omp uter ʼs ha r d wa r e. A c omputer v ir us a tta c hes its elf to a f ile or a p r og ra m a nd s p r ea d s fr om c omp uter to c omp uter leav ing infec tions a s it travel. Worms Worms donʼ t need other programs they propel themselves through the Internet. Worms spread from computer to computer and has the capability to self-replicate without human intervention. Because of its ability to self-replicate, it can deplete system resources such as memory, hard disk space and bandwidth, thus, causing your computer system to slow down. Trojan Horse A Trojan horse appears to be a legitimate program designed to gain access to a computer without the user ʼs knowledge thereby getting access on important files on the user ʼs computer. Bots /Botnets A malicious bot is self-propagating. It infects a host computer and connects back to its control host. The control host has now control over the infected computer. These infected computers are now called botnets and can be used for various cybercrime attacks such as Denial-of-Service (DoS) Attack. Phishing Ø Ph i s h i n g is a c y ber c r ime in whic h s c a mmer s a ttempt to ob ta in s ens itive p er s ona l infor ma tion s uc h a s us er na me, p a s s w or d s , a c c ount numb er, c r ed it c a r d numb er a nd the like fr om the ta r g et or ta r g ets by pos ing a s s omeone fr om a leg itima te ins titution. Ø In Phis hing , the v ic tim is s ent a c ommunic a tion tha t p r etend s to b e fr om a n of f ic ia l w eb s ite of a r ep uta b le c omp a ny. The v ic tim is then lur ed into op ening a w eb s ite tha t is r outed to the p er p etra tor s. Shared Features of Phishing Emails (Phishing.org) 1. To o G o o d To B e Tr u e – S c a m m e r s m i g h t o f f e r u n b e l i e va b l e o f f e r s t h a t a r e i n t e n d e d t o a t t ra c t t h e t a r g e t ʼs a t t e n t i o n. 2. Sense of Urgency – In some cases, emails seem to look like from a r e p u t a b l e b a n k a n d t e l l i n g yo u t h a t t h e y a r e c u r r e n t l y u p d a t i n g t h e i r s y s t e m a n d t h a t yo u r a c c o u n t w i l l b e d e l e t e d i f yo u d o nʼ t u p d a t e yo u r p e r s o n a l i n f o r m a t i o n i m m e d i a t e l y. 3. H y p e r l i n k s – I n P h i s h i n g , p e r p e t ra t o r s w i l l p r o v i d e a l i n k t h a t l o o k s a l m o s t t h e s a m e w i t h t h e l e g i t i m a t e s i t e. H o w e ve r, i f yo u e x a m i n e c a r e f u l l y, t h e y m i g h t replace some letters like m for n. Shared Features of Phishing Emails (Phishing.org) 4. Attachments - If an email is sent to you with attachments from someone or from a company you do not recognize, do not open it. It might contain malicious sof tware that might harm your computer. 5. Unfamiliar Sender – When the sender does not seem like someone you know or unfamiliar to you, do not open it. Ransomware Ransomware is another form of malicious sof tware that prevents the user from accessing his /her files by encrypting it. The attacker then demands “ransom payment” from the victim to decrypt the files and regain access. Users are provided with instructions on how to deliver the “ransom payment” in exchange of the decryption key How Ransomware works One common delivery of ransomware is through email, usually done through Phishing. Once the victim opens the link, the perpetrator can now access the victimʼs computer. Perpetrators can gain administrative access on the victimʼs computer using social engineering tools. Best Security Practices to prevent Ransomware attack 1. E n s u r e f r e q u e n t u p d a t e o f yo u r c o m p u t e r ʼs o p e ra t i n g s y s t e m. U p d a t e s a r e i m p o r t a n t a s t h e y p r o v i d e p a t c h e s t o s e c u r i ty h o l e s m a k i n g yo u r c o m p u t e r l e s s v u l n e ra b l e t o c y b e r-a t t a c k s. 2. N e ve r i n s t a l l s o f t wa r e o r p r o v i d e a d m i n i s t ra t i ve p r i v i l e g e s t o i t u n l e s s yo u know what is and what it does. 3. I n s t a l l a n a n t i -v i r u s s o f t wa r e a n d k e e p i t u p d a t e d a s i t c a n d e t e c t m a l i c i o u s p r o g ra m s s u c h a s ra n s o mwa r e a s e a r l y a s t h e m o m e n t i t e n t e r s yo u r c o m p u t e r. I n a d d i t i o n , i n s t a l l a w h i t e l i s t i n g s o f t wa r e a s i t c a n p r e ve n t u n a u t h o r i z e d applications from running. 4. F r e q u e n t l y b a c k- u p yo u r f i l e s u s i n g a c l o u d o r e x t e r n a l s t o ra g e. I n c a s e , yo u b e c o m e t h e v i c t i m , t h e a t t a c k w o u l d b e i n s i g n i f i c a n t a s yo u h a ve a b a c k u p c o p y o f yo u r f i l e s. Denial of Service Attack According to the website paloaltonetworks.com, a Denial-of- Service (DoS) attack is “an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by f looding the target with traff ic, or sending it information that triggers a crash”. Denial of Service Attack It denies the legitimate users from accessing the websites depriving them of the services or resources they expect to get. Banks and high-profile organizations are the common victims of this attack. Denial of Service Attack In 2000, Michael Calce (photo above), a 15-year-old boy who used the online name “Mafiaboy,” launched one of the first recorded DDoS attacks. Calce hacked into the computer networks of a number of universities. He used their servers to operate a DDoS attack that crashed several major websites, including CNN, E-Trade, eBay, and Yahoo. Calce was convicted of his crimes in the Montreal Youth Court. As an adult, he became a “white-hat hacker ” identifying vulnerabilities in the computer systems of major companies. Michael Calce Victims of DOS Attack In 2016, Dyn, a major domain name system provider ̶ or DNS ̶ was hit with a massive DDoS attack that took down major websites and services, including AirBnB, CNN, Netflix, PayPal, Spotify, Visa, Amazon, The New York Times, Reddit, and GitHub. The gaming industry has also been a target of DDoS attacks, along with sof tware and media companies Man-in-the-Middle (MitM) Attack A man-in-the-middle attack is a type of cyberattack where a malicious actor inserts him /herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. Man-in-the-Middle (MitM) Attack A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late (DuPaul, n.d.). A Man-in-the-Middle attack is another type of cyberattack where the malicious person intercepts or eavesdrop in Cryptojacking Cryptojacking is the unauthorized use of someone elseʼs computer which may include tablets, laptops or desktop computers to mine cryptocurrency. Cryptojacking A common way of cryptojacking is by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victimʼs browser. SQL Injection SQL injection (SQLi) is a type of attack where a malicious SQL statements will be inserted and executed on data-driven applications (database servers) to manipulate data stored in any type of SQL databases. SQL Injection SQL injection attacks allow attackers to bypass application security measures. They can go around authentication and authorization of a web page or web application and retrieve the content of the entire SQL database. They can also use SQL Injection to add, modify, and delete records in the database Zero Day Exploits According to Kaspersky.com website, a zero day exploit is “a cyberattack that occurs on the same day a weakness is discovered in sof tware. At that point, it's exploited before a f ix becomes available from its creator ”. Zero Day Exploits When a vulnerability or security risk is discovered by a user, the user would initially report this to the sof tware developers. The developers would then create a patch or update to fix the error or flaw. Types of Cybercriminals Hackers Crackers Hacktivist Cyberterrorist Industrial spies Hackers As defined under Internet Usersʼ Glossary under RFC 1392, a hacker is “A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in par ticular. The term is of ten misused in a pejorative context, where ʻcracker ʼ would be the correct term.” Hackers Hackers use their knowledge and skills in programming, and general computer security to study how the computer system and networks work and find flaws, or security issues in it. They help improve and patch vulnerabilities within the computer system and networks. Hackers are of ten referred to as “white hat” or “ethical hackers”. They are what we call “the good guys”. Crackers As defined under Internet Usersʼ Glossary under RFC 1392, a cracker “is an individual who attempts to access computer systems without authorization. These individuals are of ten malicious, as opposed to hackers, and have many means at their disposal for breaking into a system.” Crackers Crackers are also called “black hats.” They look for backdoors in programs and systems, exploit those backdoors, and steal private information for use in a malicious way. Hacktivist According to Oxford Online Dictionary, a hacktivist is defined as “a person who gains unauthorized access to computer f iles or networks in order to fur ther social or political ends”. A hacktivist cracks the computer system and destroys or alters data as way to express their opposition to a certain issue. Majority of the hacktivists works anonymously. Hacktivist A cyber-terrorist is a criminal who uses computer technology and the Internet, especially to cause fear and disruption. Some cyber-terrorists spread computer viruses, and others threaten people electronically COMELEC Website Hacked in 2016 The Anonymous Philippines hacked the website of Commission on Elections (Comelec) on March 27, 2016. The hacktivist group defaced the website by posting a message, asking the Comelec to make sure that the machines to be used on election should have strong security features (CNN Philippines, Anonymous PH hacks Comelec website 2016). Industrial Spies Industrial spies use illegal means to obtain trade secrets from competitors (Reynolds, 2019). An industrial spy may have gained an employment with the company. The primary purpose is to spy and gather information in order to obtain relevant information from the company. An industrial spy may also be a disgruntled employee who wants to obtain revenge or use the obtained information for personal gain. Assignment: Please watch the documentary this documentary in Youtube: https://www.youtube.com /watch?v=qsKS6fwXTwg&t=23s Cybersecurity What is Cybersecurity? Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. When companies become a victim of any cybercrime, client trust and reputation is at stake. Kaspersky.com (2020) enumerates the various categories of Cyber security: Network security Application security Information Security Operational Security Disaster recovery and business continuity Google Data Center Security: 6 layers Protection against Internet Attacks A firewall is hardware and /or sof tware that protects a networkʼs resources from intrusion by users on another network such as the Internet. All networked and online computer users should implement a firewall solution. Protection against Internet Attacks A personal f irewall is a utility program that detects and protects a personal computer and its data from unauthorized intrusions. Some operating systems, such as Windows, include personal f irewalls. Protection against Internet Attacks Intrusion Detection Sof tware. Intrusion detection sof tware automatically analyzes all network traffic, assesses system vulnerabilities, identifies any unauthorized access (intrusions), and notifies network administrators of suspicious behavior patterns or system breaches. Firewall

Use Quizgecko on...
Browser
Browser