Sample Report On History

Information Systems Management – Online Security

Introduction
In this digital age of the internet, corporate houses, businesses and individuals should be particularly concerned about cyber crime, which can simply shut down a computer system or cause losses amounting to billions. Amidst growing concerns of data and identity thefts, cyber terrorism, and national security concerns, there is an increasing clamor for more stringent cyber crime laws. Hacking, or the unauthorized entry into a network or an individual computer, is assuming dangerous dimensions and the need of the hour is to put in better security measures to oppose them. Any Merchant or financial institution, such as banks, shopping malls, gas stations, hotels and restaurants, hospitals, which store their data electronically are open to hacking attempts in a bid to get access to their customer’s databases, which will contain their addresses, phone numbers, credit card and banking account details. It is relatively simple. Anyone with a desktop or laptop having access to the internet is in a position to use hacking methods. No much is known about these hackers. They exist in a nebulous world and their existence is only experienced when unplanned, unforeseen events take place in terms of a breach of computer security. In the early days of hacking, it used to be individuals or smalls groups engaged in this activity, more out of curiosity and seeking glory, rather than for financial gain. Today, criminal organizations are using innovative methods to connect individuals across the world to commit fraud on a hitherto unprecedented scale. The internet has connected the world, so a cyber crime taking place in the U.S, may be originating from any corner of the world. Even if identified timely, this brings forth the thorny issue of international jurisdiction. This has given a reason for seeking a global cyber crime law.
The breach of system security impacts not only the immediate financial loss, but translates to huge persistent economic loss in terms of damage to reputation, intellectual property theft, including trademarks and logos. The victims whether individuals or companies make it easier for the hackers by seldom reporting the details of the intrusion. It is very difficult to estimate the loss caused by intellectual property theft, since most of it is intangible. According to a study done by MacAfee in 2013, the cost of cyber crime globally is at 0.8% of GDP. The facile manner in which hackers breach systems security indicates that more development is required in the field of the defense systems, to make them more robust and fortress like. More research in this area and newer defense systems created would entail more peace of mind to IT managers and IT security supervisors.

Hacking first began in the 1960s on the campuses of MIT, by a group of students hacked a model train system to make it run faster (Leeson and Coyne, 2004). The meaning of “Hacks” then referred to systems shortcuts. In 1969, two employees of AT&TBell Laboratories, created the UNIX operating system by way of experimenting with these system shortcuts. Initially, hacking was more driven by curiosity to learn new systems and experimenting with modifications. There were no planned illicit activities motivating these original hacks, who were in reality expert programmers. Around this time the “ARPANET” was launched. The Advanced Research Projects Agency Network was the forerunner of the internet and the first system to implement TCP/ IP. The early 1970s saw the emergence of a different profile of hackers, who targeted telephone systems. They would exploit the weaknesses in the newly installed electronic telephone exchange and make free long distance calls (Clarke, Clawson and Cordell, 2003). The phone hackers were known as “phreakers. With the spread of the computer culture in the 1980s, and the advent of companies like Apple and IBM, the number of people interested in hacking increased, though it was still largely unobtrusive in nature. It also spawned the birth of hacking clubs or groups. Towards the end of the decade, divisions started forming between the “ethical” hackers and those who had malafide intentions. Some publications, specifically for hackers came into being around this period. Two rival hacking gangs, “Legion of Doom” and “Masters of Deception” were formed in the 80s and they wrecked havoc in the unprepared systems security space.. This period also saw the birth of the internet virus. In the 1990s, in the face of growing cyber crime, the U.S government performed a crackdown called Operation Sundevil, on 14 states and made some arrests. This was not enough of a deterrent, and hackers turned their attention to making financial gains. This was an easy route, with ill defined security systems. It was an ideal low cost high returns scenario. In 1986, the U.S government enacted the computer Fraud and Abuse Act, which ordained that computer tampering, was a felony, and conviction would lead to prison along with substantial monetary fines. Through this act, some high profile hackers were arrested and fined.
In the 90s E commerce started gaining prominence and internet was much in demand. During this period, the hackers lost any sympathy they enjoyed with the public. During this time, a Russian hacker was thought to have illegally accessed Citibank’s computer systems and siphoned of nearly $10 Million. This incident gave the hacker community a bad name. Starting 2000, with the Y2K scare safely crossed over, the internet gained more popularity and started becoming a common essential feature in a lot of organizations and businesses as also amongst educational institutions. The original ethical hackers differentiated themselves from the hackers with malicious intent by classifying them as crackers. Amongst the crackers, a new group emerged, called “script kiddies”, whose description was that most were males in the age group of 12-30. Highly intelligent hence easily bored. Though bright, they lacked in depth computer skills and depended on ready to use softwares to wreak damage.
Then there are professional criminals, who find it easier to commit crimes over the internet. Their modus operandi is to breach systems for the purpose of data theft and subsequently selling the stolen data. The latest addition to the cracker community, are the virus programmers and coders. They are experts in programming and create malicious programs, which are used by them and others to cause damage through the net. More classifications emerged, like the white hats – the ethical hackers, the grey hats – sometimes malicious hackers and the black hats who are concerned with their own selfish requirements in terms of making financial gains or causing damage.
Some ex- hackers have turned good and offer their services to systems security firms. Their main task is to try and breach the security systems and report in vulnerabilities, so that the firm may fix them based on their inputs. It is win-win situation for both the security firms and the former hackers, who can now legitimately sell their hacking expertise.

Hacking Methods

There are many methods of entering into a computer system in an unauthorized fashion. We will discuss the ones most often used:
Denial of Service: Also abbreviated to DoS, the purpose of these attacks is to create inconvenience to the user by restricting access to required resources. Network attacks are achieved by congesting the resources with false traffic, which adversely impacts mail, TCP and packets services. Network targeted attacks initiate TCP SYN overload. When a client tries to connect to a TCP (Transmission Control Protocol) server, it sends a SYN request to the server, whereupon the server responds with SYN-ACK message and awaits the client’s ACK response, so that the link can be opened. On receiving the ACK response, the connection is established for the required exchange of data. The infiltration takes place at the stage when the server is awaiting the ACK response from the client. It an incomplete connection and the server allocates the necessary memory required to keep the connection live, and the memory is not released till the completion of the connection or a time out takes place. Hackers can keep the partially open connection active creating false IPs or ignoring the SYN-ACK messages. Attackers can also keep sending TCP SYN packets, thereby jamming the allocated memory space of the server. The result is that the server is congested with partially open connections and cannot accept legitimate requests for access. Another method used is UDP (User Datagram Protocol) flooding. In this method, large amounts of UDP packets are sent to the hacked network, thus causing flooding and authentic requests cannot be taken care of.
Host based attacks are done by targeting authentication protocols and corrupting algorithms. Most commonly used to infiltrate E commerce sites. In these sites, normally, SSL /TLS protocols are used to ensure secure connections between the client and the servers. These protocols enable RSA decryption. The attackers congest the authentication process for payments by sending large number of fake client certificates, resulting in the web site remaining active, but no payments are processed, thus no purchases take place. To infiltrate and install disruptive programs, different types of scanning is done before execution. Random scanning, sign post scanning, hit list scanning and permutation scanning are some of the common methods of scanning, preparatory to an attack.
Sniffers and Snoopers: A sniffer monitors network traffic and tries to pick up user name password combinations. In networks which lack encryption, the sniffer can assimilate information to infiltrate other hosts. A snooper, more commonly known as spyware monitors system memory and can copy an user’s keystrokes. Spywares can also infiltrate other computers on the same network.
Spoofing: All data packets contain an originating address, and a network can identify these through the source address. The attackers conceal the source address by replacing their address with another or a non-existent one. This is used to intrude on a secure network by replicating source addresses from the same domain, which pass through the system’s firewalls and can be used to insert malicious contents.
Trojan Horse: As the name suggests (based on an ancient Greek legend), these are executable malicious programs, hiding within a normal program. When that normal program is run, the hidden program also runs its malicious contents and cause damage. It may be hidden in a game or a download or in an e mail.
Key Loggers: The user’s key strokes, including for user names and passwords are mailed to the attacker, while remaining unknown to the user.
Social Engineering: It is an old method, wherein the user is asked to share user id and password details for ensuring the continuation of some service.
Cracking: Hackers use this method to break in to system, altering as well as stealing data. They also hack copyright protected software, videos and music. Cracking is done by breaking passwords. Three primary methods are used. Dictionary – crackers run a preloaded file of words to look for matches with passwords. Hybrid- focuses on the user’s logic for changing passwords. It simply adds character or special symbols in order to crack passwords. Brute force – This is the most exhaustive method of cracking passwords. All combinations of words and characters are tried till the password is cracked. It is very time consuming. Rainbow table - A huge list of hashes are used to compare with the password file to unearth passwords. Syllable – Uses a combination of dictionary and brute force.

Unsecured Wireless: Used to enter unsecured WFIF networks and access all other computers logged in to the same network.

Security
Every organization, corporate house, business and individual using the internet needs to be first aware of the common scams, frauds and cyber crime activities taking place and take preventive measures before any such incident takes place. It has to be kept in mind that while cyber security systems are getting stronger, the intrusion mechanisms are also keeping pace exploiting any vulnerability. The most common method of online security is the “firewall”, which monitors traffic between the computer/network and the internet. It is a first line defense mechanism. It monitors both inbound and outbound internet usage and restricts access as per a predefined set of rules, which can be configured by the user or in the case of organizations, by the network administrator. IT managers also implement antivirus softwares at the server level which prevent unauthorized access from external sources and also restrict users from accessing restricted websites, which are known to spread malicious software.
Most operating systems come with their own preconfigured firewall and variable levels of security access. These are updated automatically on a regular basis to keep abreast of the latest developments. Similarly antivirus systems also have an updating feature which downloads the latest patches released by the antivirus manufacturer. Also in use are “intrusion detection systems” (IDS). It operates by assimilating and analyzing data from systems and sources for possible break ins. It is a real time monitoring process for system and user activities. Broadly, there are two categories of IDS. Network intrusion detection system and Host intrusion detection system. The former can monitor multiple hosts by monitoring traffic at the network ends. The latter monitors one host at a time and checks system logs, application usage and access control tables. The common functions executed by IDS are auditing system configurations, checking for vulnerabilities, checking the integrity of critical files and databases, signature matches from known malicious attackers based on a preloaded list, activity pattern monitoring, auditing operating systems and any abnormal activity detection. IDS need to be correctly configured to prevent excessive or false alarm generation. In addition, compatibility checks need to be performed prior to implementation to avoid conflict with existing systems.
Experts advocate a multilayered approach to systems security. Any institution having employees needs to have clear policies governing internet usage. Some companies’ administrators have limited private internet use to certain time frames depending on role and level of the employee. Other companies have started an employee’s education program, which tries to cover a number of security aspects to prevent inadvertent misuse. Some of these are training employees to identify social engineering, protection against online scams and phishing and fake offers on the internet.

IT manager and supervisors also require keeping a control over the following:

Internal network: Internal networks should be separated from the internet by way of strong authentication processes. The network boundary points should be identified and appropriate security measures should be implemented. IDS should be engaged to prevent any illegal infiltration attempts. Also it must be ensured that the internet bandwidth subscribed to is capable of supporting the installed security system. Otherwise, there may be network congestion and choking.
Cloud Based Servers: Background and security system details should be obtained before signing up with any cloud based provider. SLAs (service level agreements) and TATs (turn around time) offered, should be carefully scrutinized to check for lag during maintenance and system restore processes.

Strong Password policies: Mandatory changing of passwords within a specified time frame and encryption with special characters and minimum length.

Wireless Network Encryption: to prevent unauthorized access, WAP2 (wifi protected access) should be implemented.
Encryption: All sensitive data should be encrypted, to make it more difficult to break into.
In addition, companies should employ competent and experiences security systems administrators. Contingency planning and disaster recovery management practices should be implemented. Regular security audits should be performed. Directory listing should be disabled to prevent access to entire network in the event of an intrusion.

Conclusion

Hacking and intrusive activities have existed for a long time now. Security systems came into being to combat these malicious activities. As seen from the news, hacking still happens. More research is required on developing stronger security. At the same time, stricter cyber crime laws require to be drafted. The crimes need to be better defined, with each category of cyber crime attracting a separate penalty, the severity of which should be linked to the severity of the crime. The computer fraud and abuse act in the U.S was mandated in 1986 and subsequently was modified to include the USA Patriot act and the Homeland security act. Not too long ago, the FBI and the Pentagon systems were breached, which were high security networks.
It is seen that most financial companies do not report their systems breach, or report it inadequately. Their main concern is that stakeholder and investors will lose faith in them. This sends the wrong signal to hackers, who think they can get away with it time and again. Knowledge of hacking techniques and understanding the correct protection from them is a must for anyone using a computer with internet or a network connected to the internet. Constantly updating that knowledge is even more crucial. Breaches can prove very expensive and global studies indicate that it is more profitable in the long run to invest in good security systems, competent

Systems administrators and an adequate post breach response plan.

Overall, ongoing research needs to be undertaken to develop logic based foolproof security systems, imbued with artificial intelligence to combat the new cyber threats springing up each day.

References

Bhardwaj, M, and Singh, G.P. (2011), “Types of Hacking Attack and their Counter Measure”, p.p. 1-5, Available At: http://www.ripublication.com/ijepa/ijepav1n1_7.pdf. (Last Accessed on 23 March, 2015)
Clarke, Z., Clawson and Cordell. (2003), “Historical Approaches to Digital Media”, p.p. 1-2. Available At: http://steel.lcc.gatech.edu/~mcordell/lcc6316/Hacker%20Group%20Project%20FINAL.pdf. (Last Accessed on 23 March, 2015)
Chicago Tribune, (2015), “U.S. hopes reward offers can help net foreign cyber criminals”, Available At: http://www.chicagotribune.com/bluesky/technology/chi-rewards-for-foreign-cyber-criminals-20150319-story.html. (Last Accessed on 24 March, 2015)
“Cost of Data Breach Study: Global Analysis”,(2013), p.p.6-7. Available At: https://www4.symantec.com/mktginfo/whitepaper/053013_GL_NA_WP_Ponemon-2013-Cost-of-a-Data-Breach-Report_daiNA_cta72382.pdf. (Last Accessed on 24 March, 2015)
“Denial of Service Attacks”, p.p 3-7. Available At: https://www.cs.columbia.edu/~smb/classes/f06/l22.pdf. (Last Accessed on 24 March, 2015)
Farhat, V.et al. (2011), “Cyber Attacks: Prevention and Proactive Responses”, p.p. 2-5. Available At: http://www.hklaw.com/files/Publication/bd9553c5-284f-4175-87d2-849aa07920d3/Presentation/PublicationAttachment/1880b6d6-eae2-4b57-8a97-9f4fb1f58b36/CyberAttacksPreventionandProactiveResponses.pdf. (Last Accessed on 24 March, 2015)
Gandhi, M. and Srivatsa, S.K. (2004), “Detecting and preventing attacks using network intrusion detection systems”, p.p. 2-4, Available At: http://www.cscjournals.org/manuscript/Journals/IJCSS/Volume2/Issue1/IJCSS-28.pdf. (Last Accessed on 24 March, 2015)
Gu,Q., Liu,p. And Chu, C.H. (2004), “Hacking Techniques in Wired Networks”, p.p. 3-8. Available At: http://s2.ist.psu.edu/paper/hack-wired-network-may-04.pdf. (Last Accessed on 23 March, 2015)
Hazem,M.S.H. (2012), “A Review and Comparing of all Hacking Techniques and Domain Name System Method”, p.p. 4-11, , Available At: http://www.m-hikari.com/ces/ces2012/ces5-8-2012/hatamlehCES5-8-2012.pdf. . (Last Accessed on 23 March, 2015)
Hunter. K. (2008), “Methods to Hacking and Cyber Invasion’, p.p 11-13, Available At: http://www.emich.edu/ia/pdf/research/Hunter,%20Kien,%20Cyber%20Attacks,%202008.pdf. . (Last Accessed on 23 March, 2015)
INFOSEC Institute,(2013), “The Impact of Cybercrime”, Available At: http://resources.infosecinstitute.com/2013-impact-cybercrime/. (Last Accessed on 24 March, 2015)
Leeson, P.T and Coyne,CJ. (2004) , “The Economics of Computer Hacking”, p.p. 4-5. Available At: http://www.peterleeson.com/hackers.pdf. (Last Accessed on 23 March, 2015)
Lewis, J.A. (2013), “Raising the Bar for Cybersecurity”, p.p. 1-5, Available At: http://csis.org/files/publication/130212_Lewis_RaisingBarCybersecurity.pdf. (Last Accessed on 24 March, 2015)
Mayuri,N.A, Bawane,S. And Shelke,C.J. (2014), “ANALYSIS OF INCREASING HACKING AND CRACKING TECHNIQUES”, International Journal of Application or Innovation in Engineering & Management, Vol.3, Issue 2, February 2014”. p.p 2-3. Available At: http://www.ijaiem.org/volume3issue2/IJAIEM-2014-02-28-085.pdf. (Last Accessed on 23 March, 2015)
Muncaster, P. “UK Police Lack Skill and resources to fight Cybercrime – Report”, Available At: http://www.infosecurity-magazine.com/news/uk-police-lack-skills-to-fight/. (Last Accessed on 24 March, 2015)
New York Times, (2014), “Cybercrime Scheme Uncovered in Brazil”, Available At: http://www.nytimes.com/2014/07/03/technology/cybercrime-scheme-aims-at-payments-in-brazil.html?_r=0. (Last Accessed on 24 March, 2015)
“Penalties for Internet Attacks and Cyber Crime”, (2003), “LEGISLATIVE AND REGULATORY TASK FORCE REPORT”, p.p. 5-6. Available At: https://www.dhs.gov/sites/default/fneles/publications/LRTF%20Cyber%20Crime%20Report_0.pdf. (Last Accessed on 24 March, 2015)
PWC,(2014), “US cybercrime: Rising risks, reduced readiness”, p.p. 5-9, Available At: http://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/2014-us-state-of-cybercrime.pdf. (Last Accessed on 24 March, 2015)
Shah, S. (2002), “Top Ten Web Attacks”, p.p. 11-16, Available At: http://www.blackhat.com/presentations/bh-asia-02/bh-asia-02-shah.pdf. Last Accessed on 23 March, 2015)
Steward, M.J. (2007), “Expert Reference Series of White papers”, p.p. 2-6. Available At: http://Ten%20Ways%20Hackers%20breach%20security.pdf . (Last Accessed on 23 March, 2015)
The Guardian, (2015), “Hackers are ahead in the cyberwar- businesses need to wake up”, Available At: http://www.theguardian.com/technology/cybercrime. (Last Accessed on 24 March, 2015)