cyber crimes and securities

8/9/2019 Cyber Crimes and Securities

1/51

EC-Council

The Computing Transformation


2/51

EC-Council


3/51

EC-Council

Revisiting past year

Sophos Security threat report, 2008


4/51EC-Council

Hey ! WhatHey ! What

Happened to Security?Happened to Security?


5/51EC-Council


6/51EC-Council

Typical Organization :Security Technologies Used


7/51EC-Council

Level of Protection!


8/51EC-Council

Organizations are more vulnerable toattacks than in the past

Source:InformationWeek Analytics 2008 Strategic Security Study


9/51EC-Council

Hey ! WhatHey ! WhatHappened to IT Audits?Happened to IT Audits?


10/51

EC-Council


11/51

EC-Council

Humans are the weakest link of asecurity chain


12/51

EC-Council


13/51

EC-Council

Sophistication of the Underground


14/51

EC-Council

EC-Council Global Incident Monitor:ForecastingFY 2009 IS Trends


15/51

EC-Council

Why are Security Mistakes Made?


16/51

EC-Council

Common Threats

Botnets

Fastflux

Distributed denial of

service (DDoS) Phishing

Vishing

Virus Spam

Malware

Crimeware

Ransomware


17/51

EC-Council

Hacking Tools

LegionLOphtcrack

John the Ripper

SMB Grind

Alchemy Remote Executor

Fu

AFX Rootkit

Nuclear

VanquishMp3Stego

Tini

iCmd

NetBus

Netcat

Beast

MoSucker

Phatbot

Amitis

Senna Spy

QAZ

Let Me Rule!

dsniff

SmartSniff

Hunt

Sniffit

Aldebaran

Jolt2

Land and LaTierra

Targa

Blast20Nemesy

Panther2

Crazy PingerTrin00

Tribe Flood Network (TFN)

Hunt

Juggernaut

IISxploit.exe

WindowBomb

BlackWidow

Cain And Abel

Hydra

Absinthe

WEPCrack

Torn


18/51


19/51

EC-Council

A Typical Corporate Network

It is IndeedIt is Indeed

Complex!Complex!To WhatTo What

Extent CanExtent Can

you Defendyou DefendYourYour

PerimeterPerimeter

Security?Security?


20/51

EC-Council


21/51


22/51

EC-Council

Breach Mechanism


23/51

EC-Council

Examples of Virus Construction Kits


24/51

EC-Council


25/51

EC-Council

Breach Mechanism


26/51

EC-Council

Breach Mechanism

Source: http://www.ccc.de/biometrie/


27/51

EC-Council

Breach Mechanism

Source: http://www.ccc.de/biometrie/


28/51


29/51


30/51

EC-Council

Hardware keyloggers : KeyGhost


31/51

EC-Council

Hardware keyloggers : KeyKatcher


32/51


33/51

EC-Council


34/51

I id Att k


35/51

EC-Council

Insider Attack

P ti I id Th t


36/51

EC-Council

Preventing Insider Threat

Ana Belen Montes, who had been a Senior Intelligence Analyst for Defense Intelligence Agency, was convicted ofspying for Cuba on October 16, 2002 and sentenced to 25

years in prison.

Breach Mechanism


37/51

EC-Council

Breach Mechanism

Breach Mechanism


38/51

EC-Council

Breach Mechanism

Placing Backdoors Through


39/51

EC-Council

Placing Backdoors ThroughFirewalls


40/51

EC-Council


41/51


42/51

EC-Council

Mistakes committed by Informationi f i l


43/51

EC-Council

Security Professionals


44/51

Teenager guilty of million-dollar hackingi


45/51

EC-Council

campaign

A New Zealand teenager accused of leading an international ring of computerhackers which skimmed millions of dollars from bank accounts was todayconvicted of illegal computer hacking.

Owen Thor Walker, 18, pleaded guilty yesterday to six charges related to usingcomputers for illegal purposes. Police allege that he led a group of

hackers who took control of 1.3m computers around the worldwithout their owners' knowledge.

Hackers routinely send out viruses, worms and malicious Trojan horseprograms which allow them to take control of a victim's machine. Linkedthrough the internet to form a "bot-net" network, the infiltrated computers

are used to access personal bank accounts, steal credit card details orbombard users with spam.

Police alleged that Walker wrote software that evaded normalcomputer anti-spyware systems, and then sold his skills tocriminals around the world.

Source: http://www.guardian.co.uk

Hacked Texas National Guard site servesl


46/51

EC-Council

up malware

Attackers have hacked the Web site of the Texas National Guard and are usingit to serve up offers of fake security software and plant rootkits on unpatchedPCs, a security researcher said today.

The National Guard's site was hacked sometime before yesterday, said Roger

Thompson, the chief research officer of Czech Republic-based security vendor AVG Technologies Cz SRO. Thompson confirmed Thursday that the site wasstill pushing phony antispyware software and infecting users with a rootkit.

The malicious site tries to trick users into forking over money for

fake security software, said Thompson. "If you're not patched, when youclose your browser, you find that your desktop has changed," he said, referringto a pop-up message that claims the user's PC is infected with spyware.

http://www.zdnet.com.au

Source: http://www.computerworld.com

Forever 21 says nearly 99,000 cardsi d i d t th ft


47/51

EC-Council

compromised in data thefts

Nearly 99,000 payment cards used by customers at several Forever 21 Inc. retail stores may have been compromised in aseries of data thefts dating back to August 2004.

In a statement released last week and posted on its Web site, the Los Angeles-based discount retailer said it discovered the thefts only after being notified of

them by the U.S. Department of Justice in Boston on Aug. 5.

Forever 21 said it was notified by the DOJ that it was one of the victims of thoseattacks and was given a disk containing "potentially compromised file data."

A subsequent forensic analysis revealed that transaction data for approximately98,930 credit and debit card numbers had been illegally accessed, with morethan 20,000 of the transactions made at the company's Fresno store. Thecompany's investigations indicated that the intrusions affected customers whoshopped at its stores on nine specific dates. The first intrusion dated backto March 25, 2004, the most recent one occurred Aug. 14, 2007.



48/51

BusinessWeek site attacked, turnedinto malware playground


49/51

EC-Council

into malware playground

The Web site of BusinessWeek magazine suffered a major SQL injectionattack in recent days that left it hosting malware on hundreds of itspages, security vendor Sophos PLC has reported.

Once compromised by such a server hole, the attack scripts could, in principle, launch

anything desired by the attacker except currently included code for automatic attacks based on JavaScript. That means a visitor could be hit by malware just bylanding on one of the pages, without even interacting in any way.

The code that's still on the magazine site pointed to a Russian site that appeared to benonfunctioning -- although leaving the code in place meant it could be reactivated atany time.

The compromised part of the site is used by the magazine to advertise jobs to MBAgraduates.



50/51


51/51

EC-Council

.

Security awareness poster. U.S. Department of Commerce/ Office of Security

cyber crimes and securities

Documents