powerpoint
DESCRIPTION
PowerpointTRANSCRIPT
HACKINGDeath or Glory
VSB 2006-008December 6, 2011
DiAmante AstilleroShannon BonaJohn LoCasioMarcelo Mazzocato
What is a Hacker?
A person who enjoys exploring the details of programmable systems and how to stretch
their capabilities, as opposed to most users, who prefer to learn only the
minimum necessary.
High Tech Super Spy?or
Tech Savvy Anti-Social Teen?
Into the Mind of a Cyber Hacker
ATTITUDE•Thrill•“Moral Obligation”•Boredom•Freedom
SKILLS•Programming•Write HTMLs•Use and run a Unix
PERSONAL PREFERENCES•Science Fiction•Meditation•Martial Arts
Recognition in the Hacking Community
•Writing open-source software
•Testing and debugging open-source software
•Keeping the infrastructure working
THE HACKER’S SYMBOLTHE GLIDER from John Conway’s Game of Life
GOOD vs EVILin the Cyber Realm
Hacker
Cracker
AKA “WHITE HAT”• Builds• Helpful
AKA “BLACK HAT”• Destroys• Malicious
A Deeper Exploration
A Brief History of Hacking
1932- Polish Cryptologist Broke the Enigma Machine
-Enabled the allies to read substantial amounts of Morse Code -Dwight D. Eisenhower considered this hack “decisive” in the Allied victory in WWII
Marian Rejewski
Henryk Zygalski Jerzy Rozycki
1971- John T. Draper (Captain Crunch) hacks AT&T’s long distance calling system
John T. Draper (Captain Crunch)
Used the toy whistle found in Cap n’ Crunch cereal to generate a 2600 hertz signal allowing him to make free long distance calls
1983 - the group KILOBAUD is formed
Neal Patrick of The 414’s
First Hacker group publically acknowledged Kick started the creation of various groups
The 414’sLegion of DoomMasters of Deception
1986- Congress passes the Computer Fraud and Abuse Act
Lloyd Blankenship
The late 80’s were plagued with many worms
Arrest of Lloyd Blankenship aka “The Mentor”
Author of The Hacker Manifesto
1998- Split between Free and Open Source Software
Free Software vs. Open Source
-The Freedom to……run the program for any purpose…study how it works, and change it to do what you want…redistribute copies for your neighbor…redistribute copies including your changes to your neighbor
-The Freedom to……redistribute copies for your neighbors …make changes
-Also includes source codes
-Includes licenses protecting the integrity of the code’s author
June 2002- The Bush Administration files a bill to create The Department of Homeland Security
Responsible for protecting the nations critical IT infrastructure
Within the Last Year…
2011 April 17th: PlayStation network is hacked The Hacker Groups, Lulz Security and LulzRaft are formed
September: Bangladesh hacker “Tiger-M@te” infiltrates 700,000 websites in one shot
October 26th: Sesame street channel on YouTube was hacked for 22 minutes
November 1st: Palestinian territory phone and internet networks are hacked
CYBER CRIMEthrough
the Decades
CLAIM TO FAME: KIIS-FM Radio Station Contest
The 80’sKevin Poulsen“Dark Dante”
MOTIVE: Fun and Curiosity Criminal Exploits and Espionage
TARGETS: Radio Station, High Profile Government Systems
EARLY LIFE: Consultant at the Pentagon
White Hat by Day… Black Hat by Night
CRIMES: -Win A Porsche by Friday Contest
-Wiretapped Celebrities-Cracked Military Computer Discovered FBI
investigation of former Philippines President Fernidad Marcos
Penalty: -4 year sentence -$56,000 restitution -Restricted from computer for 3 years
Further Thoughts…Is it worth it? More Likely than not, Poulsen wasn’t going to use the information he extracted from the FBI. Is personal satisfaction worth 4 years of one’s life?
The 90’sJonathan James“c0mrade”
CLAIM TO FAME: 1st Juvenile sent to prison for hacking
MOTIVE: Sense of Power
“Well, it's power at your fingertips. You can control all these computers from the government, from the military, from large corporations. And if you know what you're doing, you can travel through the internet at your will, with no restrictions. That's power; it's a power trip”
TARGET: -US Department of Defense-School Systems-NASA
“I certainly learned that there's a serious lack of computer security. If there's a will, there's a way, and if a computer enthusiast such as myself was determined to get into anywhere, be it the Pentagon or Microsoft, it's been demonstrated that it's possible and they will do it. And there's next to nothing they can do about it, because there's people with skill out there, and they'll get what they want.”
Implications: -US Security Breach -NASA forced to shut down computers $40,000 in damages
CRIMES: -$1.7 million stolen from NASA -Series of intrusions to school systems -Created a backdoor in DTRA
Accessed sensitive emails, usernames and passwords
PENALTY: 6 months in Juvenile Detention
FURTHERTHOUGHTS…
In a Post 9/11 world, would James receive the same sentencing?
THE 2000’sAlbert GonzalezTARGETS:-ATMS -Credit Card holders
IMPLICATIONS: Millions of victims globally
PENALTY: Serving time until 2025
Claim to Fame: Received longest sentence for cyber crime
The Dual Life of Albert Gonzalez
2000 20112003 2006 2009
Early 2000’s – Moderator on shadowcrew.com
2003 - Caught “Cashing Out” & Had Millions of Credit Card Data
To Avoid Prosecution, asked to become an informant
2004 – Installed Operation Firewall: Took Down “Shadow Crew”
Meanwhile Obtained over 40 million Credit Card Data
2007 – Ceased to be an Informant 2008 – Arrested after being Under Surveillance
2011 – Sentenced to Two Concurrent 20 year terms
“As a leader? Unparalleled. Unparalleled in his ability to coordinate contacts and continents and expertise. Unparalleled in that he didn’t just get a hack done — he got a hack done, he got the exfiltration of the data done, he got the laundering of
the funds done. He was a five-tool player.” –Seth Kosto, Assistant U.S. Attorney (New Jersey)
FurtherThoughts…Gonzalez not only betrayed the FBI who gave him a job instead of jail time, but also the Black Hat Community. However, hackers such as Jonathan James still were willing to collaborate with him. What are your thoughts on the relationships in the Black Hat Community?
Where are they now?
Kevin Poulsen“Dark Dante”
Senior Editor of Wired Magazine
Jonathan James“c0mrade”
Committed Suicide in 2008
Albert Gonzalez
MY PERSONAL EXPERIENCES
An Inner Look at the Authorities’ Responses“Tagging a damage amount or number of machines
compromised to a single virus (let alone a single person) is very difficult. Data can be transmitted
across the globe in a matter of seconds, and computers are infected with malware just as quickly.
As a result, accurately counting the number of machines infected by a particular worm is impossible
and can only be estimated.” -Nicholas Newman, National White Collar Crime Center
LOCAL CASES• BANK / ATM FRAUD• FICTIOUS EMPLOYEE• HOTEL / REWARDS
HACKER TRIVIAOther Notable Names…
FRED COHEN 1st Virus
ROBERT T MORRIS 1st Worm(Internet Virus)
SHAWN FANNING
Open Source CodeDefinition
Open source software is software whose source code is published and made available to the public, enabling anyone to copy, modify and redistribute the source code
Problems with Open Source Code
Attempts to Stop “Black Hat” Hacking
Problem with stopping hacking
Reputational TechnologySymantec
Firewalls Company Security Policies
The Future of Hacking Mobile Device Hacking
Apple vs. Android Bio-hacking Advanced Malware Combined Technology Hacking
What direction do you see hacking going in the future? Think about both the “Black Hat” and “White Hat” Communities.
ANY FURTHER QUESTIONS?
Thank you for your time!
We hope you enjoyed our presentation!
WORKS CITED