Tommy Coyne MPM Class A 111416 29/08/08

ABSTRACT

Cyber space is constantly being attacked or abused. There are many criminals out there out to achieve their ulterior motives (most of them, criminal in nature). The first obvious motive of a crime is usually money. Why risk getting thrown into prison for a long time? Because if you can get away with it, youll be many times richer than you are presently. Examples of networks which when intruded yield a lot of money can include bank networks and information networks.

WHAT AFFECT DO HACKERS POSE ON THE IRISH ECONOMY?

By

Tommy Coyne

WHAT AFFECT DO HACKERS POSE ON THE IRISH ECONOMY?

By

Tommy Coyne

A Dissertation submitted in partial fulfilment of the requirements for the degree of Bachelor of Arts in Media Production Management

At

Ballyfermot College of Further Education

In conjunction with

Dublin City University

August 29th 2008

CONTENTS ABSTRACT: INTRODUCTION: RESEARCH QUESTIONS: AIMS: EFFECTS: STATISTICS: THE BEGINNINGS: WORLD WIDE WEB: HACKERS: BANK ACCOUNT INFORMATION: CYBER TERRORISM: MOTIVES: TACTICS: GAINING ACCESS: THE CORPORATE SECTOR: HACKING GOOGLE: LITERATURE REVIEW: CYBER CRIMINOLOGY: PROTECTION: IP SPOOFING & SNIFFING: CONCLUSSION: BIBLIOGRAPHY: 1 3 5 6 7 8 11 12 14 16 18 19 20 23 24 25 26 28 29 33 35

ABSTRACT

Cyber space is constantly being attacked or abused. There are many criminals out there out to achieve their ulterior motives (most of them, criminal in nature). The first obvious motive of a crime is usually money. Why risk getting thrown into prison for a long time? Because if you can get away with it, youll be many times richer than you are presently. Examples of networks which when intruded yield a lot of money can include bank networks and information networks. With hackers growing exponentially, the threat of E-commerce infiltration is an issue that various internet security firms have tried to overcome. With news reports of thousands of customers credit card details being lost due to either a misplacement of a laptop or hacker infiltration through secure networks, it easy to see that there is a big problem that is affecting all financial organisations be they Irish or international. According to the Irish Cyber crimes survey - cybercrime is virtually universal. 98% of Irish companies (who responded to the survey) reported issues, the most common of which were viruses and other malicious software (90%), misuse of systems (88%), asset theft (63%) and phishing (56%). A hacker by definition believes in access to free information. They are usually very intelligent people who could care very little about what you have on your system. Their thrill comes from system infiltration for information reasons. Hackers unlike crackers and anarchist know being able to break system security doesnt make you a hacker any more than adding 2+2 makes you a mathematician. Cyber-terrorism basically means the act of carrying out terrorism using cyberspace, or in other words, the Internet. It is the hacking or attacking of networks and computers to obtain or modify information for political and/or social objectives or rather, a way to quickly and easily distribute propaganda and get a lot of attention drawn to it.

Hackers and their effect on Electronic CommerceAre hackers a threat? The degree of threat presented by any conduct, whether legal or illegal, depends on the actions and intent of the individual and the harm they cause. Kevin Mitnick Today, the cyber economy is the economy. Corrupt those networks and you can disrupt a nation. Condoleezza Rice, National Security Advisor to President George W. Bush, March 22, 2001 This dissertation is intended to find out what are the effects hackers have on the Irish economy, how much of the Irish economy is lost annually due to hackers and what prevention measures should be enforced to protect businesses and corporations from the hacking community. There have been many reports as of late, in the news about various hacker activities in places like the United States, Europe and Asia. One of the latest of those reports was of a Scottish hacker (Gary McKinnon)

On the lookout for information about UFOs, Gary McKinnon, a Glaswegian by birth, broke into several dozen computers used by NASA and the US military. Today, Mr. McKinnon lost his plea to the Lords of Appeal in London to prevent his extradition to the US where the 42year-old may face at least 10 years behind bars. US officials accuse the man of having stolen 950 passwords and deleting documents. His crime may be treated as an act of terrorism. McKinnon was arrested in the UK in 2002 but not charged. http://www.heise.de/english/newsticker/news/113593 Even in Ireland, hackers are making an appearance. The Irish hacker is a couple of years behind their international peers when it comes to the numbers of hackers per capita. That and the fact, that there havent been that many High Profile Hacks, associated with Elite Hackers, which is surprising since there has been a massive increase of I.T. professionals emerging within the I.T. industry.

1

Hacking is not territorial though, so international hackers from anywhere in the world can hack a system in a matter of minutes. Irelands only saving grace is that there are not that many multi-corporational entities worth attacking compared to international conglomerates. The dramatic shut-down of Eircom's ISP (Eircom.net) following a successful hack attack perpetrated by a teenager in 2000 demonstrated how even major companies can fall victim to such attacks. The best way for businesses to avoid this type of disaster is to keep online security on their minds and make it part of the culture of the firm. Buying sophisticated security software is only part of the solution. Firms have to constantly monitor their security and simulate hacking scenarios to keep secure. Due to the way security had been

implemented on these products, hackers and anybody with reasonable computer knowledge could freely use them to access the internet. The wireless routers use a security protocol called Wired Equivalent Privacy (WEP). This protocol requires anybody accessing the wireless network to enter a 16-digit password. This code is generated from the serial number of the router as well as some text which is converted to numerical values. The text used includes eight snippets of lyrics from guitar legend Jimi Hendrix. The security problem occurs because the unique eight digit number that is broadcast as the name of the network is also derived from the serial number. As a result hackers simply have to look at the name of the Eircom network to get access to it. Both downloadable tools and websites have emerged which automatically create the 16-digit key when the network name is keyed in. Eircom issued a statement saying it is aware of the issue and would contact all affected broadband customers. The Netopia routers in question were the 3300 and 2247 series. Users who had changed the default set up were unaffected by the problem. All new modems sold by Eircom would have instructions on how to change the default WEP key while existing customers were advised to visit www.broadbandsupport.eircom.net for instructions.

2

Eircom pointed out that accessing wireless networks without permission is a criminal offence under the Criminal Damage Act 1991 and the Criminal Justice (Theft and Fraud Offences) Act 2001.

Hacking isn't a kid's game anymore. It's big business. Online black markets are flush with stolen credit card data, driver's license numbers, and malware, the programs that let hackers exploit the security weaknesses of commercial software. Cybercriminals have become an organized bunch; they use peer-to-peer payment systems just like they're buying and selling on eBay, and they're not afraid to work together.

Some hackers take the direct approach. Ransom scams, in which a criminal infects a company's systems with malware that encrypts data and then demands money to provide the decryption key--are common in Russia. Uriel Maimon, a researcher with the consumer division of RSA, a security vendor now owned by EMC, says he's seen a half-dozen of these scams over the past five months.

Last week there was a security at Irelands largest online recruiter. Jobs.ie reported that last Thursday, March 27th, there was a security breach of their website and a number of CVs were stolen. Obviously these CVs contained a number of personal details and in the wrong hands these details could be used for illegal activities. One report mentions that up to 60,000 Irish CVs were stolen in this breech, which it is said were mostly archived CVs as opposed to current ones. 31 March 2008 http://www.eirjobs.com/news/ MORE THAN a hundred Irish websites have fallen victim to hacker attacks in the last month including one for the Irish presidency of the EU, which was developed at a cost of over 2 million. The EU presidency website at www.eu2004.ie is now off-line. A spokeswoman for the Department of Foreign Affairs confirmed that the website was taken down on May 1st as soon as the infection was discovered. http://www.irishtimes.com/newspaper/finance/2008/0606/1212677071145.html

3

Research Questions:I hope to be able to find out how Irelands economy is affected and to what extent. By doing individual research of Newspaper articles.

Previous journal articles on the Irish economy.

Gathering of statistics from online archives.

I will use graphs to illustrate the amount of revenue that has been misappropriated from Ireland. This study should also help to find out any information if any, on where the attacks are originating from and what preventive measures can be taken in the future to help decrease further internet based attacks on the economy.

Cybercrime: are you prepared for an attack?A new study carried out by the Centre for Cybercrime Investigation, along with the Information Systems Security Association (ISSA) and University College Dublin's School of Computer Science and Informatics, found over half of all Irish companies that experienced some form of cybercrime ended up reporting losses of more than EUR25,000 as a direct result. The survey, which included input from academics, industry and An Garda Siochana computer experts, noted that although companies were aware of the presence of threats from hackers and malicious programs like computer viruses, a disturbing 68 percent of respondents said incidents are predominantly discovered only by accident and - more worryingly - usually after the damage is already done. A new study carried out by the Centre for Cybercrime Investigation, along with the Information Systems Security Association (ISSA) and University College Dublin's School of Computer Science and Informatics, found over half of all Irish companies that experienced some form of cybercrime ended up reporting losses of more than EUR25,000 as a direct result. Enterprise Ireland eBusiness Live, March 20th 2007 http://www.ebusinesslive.ie/newsletter/Story/4/791/ob.html/179

4

AIMS

The primary aim is to determine whether cybercrime is affecting Irish organisations. This question is answered very clearly: cybercrime is virtually universal, with 98% of our respondents reporting issues, the most common of ISSA / UCD Irish Cybercrime Survey 2006 which were viruses and other malicious software (90%), misuse of systems (88%), asset theft (63%) and phishing (56%). In order to gauge the impact on each organisation, respondents were asked to identify the cost of their most significant incident. 76% of respondents reported incidents which cost over 5,000 to correct, while costs of over 100,000 were incurred by 22% of organisations. The most common consequences of breaches were reported as loss of productivity (89%), loss of data (56%) and the departure of employees through either termination or resignation (44%). Internal detection appears dominated by chance discoveries, such as accidental detection (68%) and discovery by nonIT employees (58%), however detection through technology is also significant, identifying issues in 61% of organisations. 62% of overall respondents have experienced external reporting of issues, with sources including connected organisations (46%), unconnected organisations (58%) customers (42%), and individuals (39%). Finally, in assessing how organisations respond to cybercrime our questions included the outcome of issues involving internal personnel and the role of the law. Virtually all respondents (97%) reported invoking internal disciplinary processes to deal with problems, while 39% have had employees resign or be terminated. 18% of respondents have engaged law enforcement to deal with an internal employee issue and of those, two-thirds have seen an investigation result in prosecution.

5

What effect does the hacker community have on E-commerce?

With hackers growing exponentially, the threat of E-commerce infiltration is an issue that various internet security firms have tried to overcome. With news reports of thousands of customers credit card details being lost due to either a misplacement of a laptop or hacker infiltration through secure networks, it easy to see that there is a big problem that is affecting all financial organisations be they Irish or international. According to the Irish Cyber crimes survey - cybercrime is virtually universal. 98% of Irish companies (who responded to the survey) reported issues, the most common of which were viruses and other malicious software (90%), misuse of systems (88%), asset theft (63%) and phishing (56%). The scary part is that each of these incidents costs money - anything from 5,000, to well over 100,000. What's even scarier is the fact that in 2006 only 42 organisations were prepared to respond to the survey! No one wants to admit to being a victim of cybercrime (as it infers that your IT security isn't as good as it could be), but I'm certain that there was more than 42 organisations affected in 2006.

In one of the most high-profile cases of telecoms fraud, the phone system at the Department of Social and Family Affairs was hijacked in 2002 and used to route international calls. This allows callers to dial international numbers at little or no cost to the caller, as the owner of the system foots the bill for the calls. A report by the Comptroller and Auditor General found the department incurred significant losses, amounting to 300,000, over a single weekend.

6

Org anisation information shows that the majority of responses come from organisations in financial services (29%), IT / ICT (18%) or education (11%). Each remaining category represents fewer than 8% of responses, however when combined, government and semi-state bodies represent 11% of respondents

7

.

The beginnings:

The introduction of home computers in large numbers in the 1980s was probably the beginning of the era of premature attackers. Computers such as the commodore C64, Amiga 500, Atari ST and IBM PCs were introduced into the bedroom of teenagers. These computers had several advantages over other toys such as game consoles. You could program them yourself and users were encouraged to do just that.

8

Recently, the term hacker has taken on a new meaning, (someone who maliciously breaks into systems for personal gain.) Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable.

The Internet has grown explosively, with no end in sight. At its inception as ARPANET it held only 4 hosts. A quarter of a century later, in 1984, it contained only 1000 hosts. But over the next 5 years this number grew tenfold to 10,000 (1989). Over the following 4 years it grew another tenfold to 1 million (1993). Two years later, at the end of 1995, the Internet was estimated to have at least 6 million host computers. There are probably over 10 million now. There appears to be no end in sight yet to the incredible growth of this mutant child of ARPANET. In fact, one concern raised by the exponential growth in the Internet is that demand may eventually far outrace capacity. Because now no entity owns or controls the Internet, if the capacity of the communications links among nodes is too small, and it were to become seriously bogged down, it might be difficult to fix the problem. For example, in

1988, Robert Morris, Jr. unleashed a "virus"-type program on the Internet commonly known as the Morris Worm. This virus would make copies of itself on whatever computer it was on and then send copies over communications links to other Internet hosts. (It used a bug in send-mail that allowed access to root, allowing the virus to act as the super-user). Quickly the exponential spread of this virus made the Internet collapse from the communications traffic and disk space it tied up. At the time the Internet was still under some semblance of control by the National Science Foundation and was connected to only a few thousand computers. The Net was shut down and all viruses purged from its host computers, and then the Net was put back into operation. Morris, meanwhile, was put in jail.

9

There is some concern that, despite improved security measures (for example, "firewalls"), someone may find a new way to launch a virus that could again shut down the Internet. Given the loss of centralized control, restarting it could be much more time-consuming if this were to happen again. But reestablishing a centralized control today like what existed at the time of the Morris Worm is likely to be impossible. Even if it were possible, the original ARPANET architects were probably correct in their assessment that the Net would become more susceptible for massive failure rather than less if some centralized controls were in place. Perhaps the single most significant feature of today's Internet is this lack of centralized control. No person or organization is now able to control the Internet. In fact, the difficulty of control became an issue as early as its first year of operation as ARPANET. In that year email was spontaneously invented by its users. To the surprise of ARPANET's managers, by the second year, email accounted for the bulk of the communication over the system. Because the Internet had grown to have a fully autonomous, decentralized life of its own, in April 1995, the NSF quit funding NSFNET, the fiber optics communications backbone which at one time had given NSF the technology to control the system. The proliferation of parallel

communications links and hosts had by then completely bypassed any possibility of centralized control. There are several major features of the Internet:

World Wide Web -- a hypertext publishing network and now the fastest growing part of the Internet.

Email -- a way to send electronic messages

Usenet -- forums in which people can post and view public messages

Telnet -- a way to login to remote Internet computers

file transfer protocol -- a way to download files from remote Internet computers

Internet relay chat -- real-time text conversations -- used primarily by hackers and other Internet old-timers

10

Gopher -- a way of cataloging and searching for information. This is rapidly growing obsolete.

As you port surfers know, there are dozens of other interesting but less well known services such as whois, finger, ping etc.

The World Wide WebThe World Wide Web is the newest major feature of the Internet, dating from the spring of 1992. It consists of "Web pages," which are like pages in a book, and links from specially marked words, phrases or symbols on each page to other Web pages. These pages and links

together create what is known as "hypertext." This technique makes it possible to tie together many different documents which may be written by many people and stored on many different computers around the world into one hypertext document.

This technique is based upon the Universal Resource Locator (URL) standard, which specifies how to hook up with the computer and access the files within it where the data of a Web page may be stored.

A URL is always of the form http://, where includes a domain name which must be registered with an organization called InterNIC in order to make sure that two different Web pages (or email addresses, or computer addresses) don't end up being identical. This registration is one of the few centralized control features of the Internet.

11

HackersA hacker by definition believes in access to free information. They are usually very intelligent people who could care very little about what you have on your system. Their thrill comes from system infiltration for information reasons. Hackers unlike crackers and anarchist know being able to break system security doesnt make you a hacker any more than adding 2+2 makes you a mathematician. Unfortunately, many journalists and writers have been fooled into using the word hacker. They have attributed any computer related illegal activities to the term hacker. Real hackers target mainly government institution. They believe important information can be found within government institutions. To them the

risk is worth it. The higher the security, the better the challenge. The better the challenge the better they need to be. Whos the best keyboard cowboy? So to speak! These individuals come in a variety of age classes. They range from Secondary School Students to University Grads. They are quite adept at programming and are smart enough to stay out of the spotlight. They dont particularly care about bragging about their accomplishments as it exposes them to suspicion. They prefer to work from behind the scenes and preserve their anonymity. Not all hackers are loners, often youll find they have a very tight circle of associates, but still there is a level of anonymity between them. From the research that has been carried out, it has been found that there is access to all manners of hacking tools and tutorials which are readily available for the ever curious internet user. An internet user can go online and now find through torrent sites like The Pirate Bay or Torrent Portal any and all information that they may need to pull off successful hacks, ranging from beginner to elite hacker. These would include tutorials, eBooks and then the actual hacking tools themselves (Trojans, Viruses, and Port Scanners). The fact that the internet is basically the biggest source of free information is also an immense draw for the curious.

12

There is also now a growing trend of introducing actual hacking courses which the below text is an example:

Description: This course will teach students how to scan, test, break into and secure their own systems. The lab intensive environment provides each student with in-depth knowledge and practical experience with current essential computer systems. Students will begin by understanding how perimeter defences work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. They will also be taught about Vulnerability Assessment, PenTesting, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5-day class, he will be equipped with a thorough understanding along with practical exposure to the subject of Ethical Hacking.

http://www.hackerscenter.com/index.php?/Blogs/2086-Want-to-learn-to-hack-in-5-Days.html Thanks to sensationalism, the definition of hacker has transformed from harmless tinkerer to malicious criminal. Hackers often state that the general public misunderstands them, which is mostly true. Its easy to prejudge what you dont understand. Hackers can be classified by both their abilities and underlying motivations. Some are skilled, and their motivations are benign; theyre merely seeking more knowledge. At the other end of the spectrum, hackers with malicious intent seek some form of personal gain. Unfortunately, the negative aspects of hacking usually overshadow the positive aspects, resulting in the stereotyping. Historically, hackers have hacked for the pursuit of knowledge and the thrill of the challenge. Script kiddies aside, hackers are adventurous and innovative thinkers, and are always thinking about exploiting computer vulnerabilities. They see what others often overlook. They wonder what would happen if a cable were unplugged, switches were flipped, or lines of code were changed in a program. More recent evidence shows that many hackers are hacking for political, competitive, and even financial purposes, so times are changing. When they were growing up, hackers rivals were monsters and villains on video game screens. Now hackers see their electronic foes as only that electronic.

13

Hackers who perform malicious acts dont really think about the fact that human beings are behind the firewalls and Web applications theyre attacking. They ignore that their actions often affect those human beings in negative ways, such as jeopardizing their job security. Hackers and the act of hacking drive the advancement of security technology. After all, hackers dont create security holes; they expose and exploit existing holes in applications. Unfortunately, security technology advances dont ward off all hacker attacks, because hackers constantly search for new holes and weaknesses. The only sure-fire way to keep the bad guys at bay is to use behaviour modification to change them into productive, well-

adjusted members of society. Good luck with that. However you view the stereotypical hacker, one thing is certain: Some people always will try to take down your computer systems through manual hacking or by creating and launching automated worms and other malware. You must take the appropriate steps to protect your systems against them.

Bank Account InformationIm sure if youre like most people you have web banking of some kind. You probably pay your bills online via your banks website. Most banks require you to use 128bit encryption browsers to do your banking online. This form of banking online does encrypt your information and protect it from otherwise prying eyes of the world that may wish to gain access to such vital information. This should further illustrate how powerful the encryption method is: 40-bit encryption means there are 240 possible keys that could fit into the lock that holds your account information. That means there are many billions (a 1 followed by 12 zeroes) of possible keys. 128-bit encryption, means there are 288 (a three followed by 26 zeroes) times as many key combinations as there are for 40-bit encryption.

14

That means a computer would require exponentially more processing power than for 40-bit encryption to find the correct key. Thats a very powerful method of encrypting data sent from your machine to the banks machine. Unfortunately its useless to you once your computer has been compromised.

Question: How?

One of the features of a Trojan is a key logger. The principle behind this is all keystrokes pressed will be recorded and sent back to the hacker. What sort of information do you enter when you are banking online? Most banks have a login screen of some kind, where you type in your username and password. Heres where it gets interesting. This means that once you type your login and password for your online bank account the hacker now has access to that. Youre probably asking yourself well How do they know what bank Im with? This information is easily achieved by doing what is called a screen shot. This gives the hacker a picture of your desktop and all windows currently open at the time. The screen shot would look like this.

15

From that screen shot they can tell what site you are at (in which case it would be your bank). From there its just a matter of logging into your bank account and doing whatever they want. As you can see although you are on a secure web site, it still doesnt protect your information once your computer is compromised. Perhaps there are some of you who do not use online banking. Perhaps you use another program for managing your finances. There is a variety of programs out there available for financial purposes. Problem is that once a hacker has

access to your system, they have access to those files. They can copy the files from your computer to theirs and browse through them at their leisure.

Cyber terrorismCyber space is constantly being attacked or abused. There are many criminals out there out to achieve their ulterior motives (most of them, criminal in nature). Since computers are so powerful nowadays, many very powerful and complex software programs exist to facilitate these criminal acts. In addition to that, these programs are very user-friendly are easy to use. So much so that even people who are new to computers can use these software to carry out abuse. Cyberterrorism basically means the act of carrying out terrorism using cyberspace, or in other words, the Internet. It is the hacking or attacking of networks and computers to obtain or modify information for political and/or social objectives or rather, a way to quickly and easily distribute propaganda and get a lot of attention drawn to it. An important criterion in classifying an act as cyberterrorism is that it spawns fear amongst the masses and it should cause at least some damage to people or property. Acts which cause damage to non-critical structures or are just a nuisance are not acts of cyberterrorism. Cyberterrorism causes a lot of financial damage. They usually affect huge numbers of people. Cyberterrorism is a very serious crime as it can cause problems to many people at any one time. It has crippling effects on the economy. 16 By crippling a countrys economy, a cyber terrorist can also potentially weaken the country for a military attack to be successful. Attacks on e-commerce websites such as Yahoo and eBay caused over a US$1 billion in losses as these sites work on the basic, clichd principle, Time is Money. Every second these sites are down, they are potentially losing thousands of customers. Imagine if each customer spent 100 in purchases each. They would be losing millions of Euros per second! Because of the real and imaginary threats hackers pose, an

entire industry exists that is dedicated to stopping the hacker. Seminars are held every week across the world where computer security experts tell government and corporate managers what they need to fear and how they need to stop it. Even the United States government has created a "Cyber Czar" position responsible for protecting their critical infrastructure from hacker attacks. Such efforts to develop security measures are not without good reason. Computer viruses are damaging, and every day different hackers across the world find their way into computer systems they are not supposed to enter. Still, to throw all hackers into the same negative category too easily simplifies what is a complex situation. In fact, many who would consider themselves "true" hackers define their identity in large part by their creation of (or positive additions to) computer systems that are the backbone of todays technology infrastructure, and by their opposition to those that seek to control information and access to technology that many, not just hackers, believe should not be controlled. In fact, some exceptionally skilled, more socially and politically conscious hackers, discouraged by the actions and policies of governments they feel to be arrogant, corrupt and oppressive, are increasingly lending their skills to political or social causes. Working individually or in virtual collectives and sometimes associated with established nongovernmental groups (NGOs) or other political activists or associations, these hackers, also called hacktivists, are hacking for a cause. Using hacker tools already available or creating their own, they are targeting those governments responsible for what they consider political, economic, or social injustice or oppression. 17

MotivesThe first obvious motive of a crime is usually money. Why risk getting thrown into prison for a long time? Because if you can get away with it, youll be many times richer than you are presently. Examples of networks which when intruded yield a lot of money; can include bank

networks and information networks. This type of business deals a lot with money and any intruder who gets super-user access into the system can conveniently change the details of the user accounts within the network or even silently transfer the money over to his bank account. With super-user access and enough skills, the hacker can even remove any trace whatsoever of the transaction ever taking place. In the movie Hackers, the master hacker sent out a virus which silently transfers very small amounts of money from hacked user bank accounts. Nobody ever suspects anything as the amount is small when looked at individually, but collectively, the amount is enough to make the master hacker a millionaire.

Personal Information

Sometimes hackers are not out for an easy way to get rich. Rather, theyre out for power. Just like not all criminals commit crimes for money. Some steal information in order that their own companies can become powerful. Similarly, personal data like your passport number, your user id and password to some secure server or even to your bank account can make the hacker both more powerful and/or richer. In some countries, just by knowing the passport number of a person, you can check what books he has loaned out from the library, what school he was posted to and even get to cancel his mobile account. That is pretty scary. What more if a hacker silently intrudes a network and spies on the user of that network for any typed user ids and passwords or even passport numbers?

18

The hacker will ultimately become God after being granted such divine powers as to affect the lives of those he stole personal information from. It can even become a form of blackmail.

Tactics - Sniffing Passwords

Perhaps the most common loss of computer privacy is the loss of passwords. Typical users type a password at least once a day. Data is often thought of as secure because access to it requires a password. Users usually are very careful about guarding their password by not sharing it with anyone and not writing it down anywhere. Passwords are used not only to authenticate users for access to the files they keep in their private accounts but other passwords are often employed within multilevel secure database systems. When the user types any of these passwords, the system does not echo them to the computer screen to ensure that no one will see them. After jealously guarding these passwords and having the computer system reinforce the notion that they are private, a setup that sends each character in a password across the network is extremely easy for any Ethernet sniffer to see. End users do not realize just how easily these passwords can be found by someone using a simple and common piece of software.

Sniffing Financial Account NumbersMost users are uneasy about sending financial account numbers, such as credit card numbers and checking account numbers, over the Internet. This apprehension may be partly because of the carelessness most retailers display when tearing up or returning carbons of credit card receipts. The privacy of each users credit card numbers is important.

19

Although the Internet is by no means bulletproof, the most likely location for the loss of privacy to occur is at the endpoints of the transmission. Presumably, businesses making electronic transactions are as fastidious about security as those that make paper transactions, so the highest risk probably comes from the same local network in which the users are typing

passwords. However, much larger potential losses exist for businesses that conduct electronic funds transfer or electronic document interchange over a computer network. These transactions involve the transmission of account numbers that a sniffer could pick up; the thief could then transfer funds into his or her own account or order goods paid for by a corporate account. Most credit card fraud of this kind involves only a few thousand dollars per incident.

Sniffing Private DataLoss of privacy is also common in e-mail transactions. Many e-mail messages have been publicized without the permission of the sender or receiver. It is not at all uncommon for email to contain confidential business information or personal information. Even routine memos can be embarrassing when they fall into the wrong hands.

Gaining Access and Securing the Gateway Sniffing Low-Level Protocol InformationInformation network protocols send between computers includes hardware addresses of local network interfaces, the IP addresses of remote network interfaces, IP routing information, and sequence numbers assigned to bytes on a TCP connection.

20

Knowledge of any of this information can be misused by someone interested in attacking the security of machines on the network. See the second part of this chapter for more information on how these data can pose risks for the security of a network. A sniffer can obtain any of

these data. After an attacker has this kind of information, he or she is in a position to turn a passive attack into an active attack with even greater potential for damage.

Hacking is said to have cost the global economy an estimated $1.2 Billion Niccolai (2000). Hacking caused and still causing till the moment bankruptcy to plenty of companies, thats because companies are being hacked plenty of times which leads to the loss of customer confidence or belief in the security capabilities of the company Furnell (2002). Banks (1997) believes that companies are a main target for hackers who break into their systems to steal trade information or customers payment details. Pipkin (1997) focuses on denial of service and the effects on companies. The company server will be broken due to huge traffic causing customer frustration and hurt the company reputation. Same for software theft that causes bankruptcy to companies which spend millions to develop and create software that sadly later on is stolen and copied for cheap prices. The main problem is that some companies hire or use hackers to break into other competitor systems to steal precious information Randall et al. (2000). Thomas and Loader (2000) discuss the effect of hacking on E-commerce. Web sites for online selling are being hacked for the sake of getting customer and company information which then used for nefarious purposes.

Hackers access information sent to Irish jobs agency:Personal Information supplied by job applicants to online recruitment agency Jobs.ie has been illegally accessed by internet hackers. It is understood that the hackers used an illegally obtained log-in and password given to employers who are registered with Jobs.ie to access 21 the job applications area of the site. They then downloaded personal information from CVs submitted, along with job applications. Most of the stolen information relates to archive CVs rather than those of people now looking for jobs. The company, which is owned by

businessman Denis O'Brien, has in recent days contacted those affected to warn them of the possibility that they may receive e-mails from people using their information. "All of the people affected have been contacted and informed of the situation. We have urged them to exercise extra vigilance with inbound e-mails in the coming weeks to ensure online security," Olivia Kelly.

With the electronic commerce spreading over the Internet, there are issues such as non repudiation to be solved. Financial institutions will have both technical concerns, such as the security of a credit card number or banking information, and legal concerns for holding individuals responsible for their actions such as their purchases or sales over the Internet. Issuance and management of encryption keys for millions of users will pose a new type of challenge. While some technologies have been developed, only an industry-wide effort and cooperation can minimize risks and ensure privacy for users, data confidentiality for the financial institutions, and non repudiation for electronic commerce. With the continuing growth in linking individuals and businesses over the Internet, some social issues are starting to surface. The society may take time in adapting to the new concept of transacting business over the Internet. Consumers may take time to trust the network and accept it as a substitute for transacting business in person. Another class of concerns relates to restricting access over the Internet. Preventing distribution of pornography and other objectionable material over the Internet has already been in the news. We can expect new social hurdles over time and hope the great benefits of the Internet will continue to override these hurdles through new technologies and legislations.

22

The World Wide Web is the single largest, most ubiquitous source of information in the world, and it sprang up spontaneously. People use interactive Web pages to obtain stock

quotes, receive tax information from the Internal Revenue Service, make appointments with a hairdresser, consult a pregnancy planner to determine ovulation dates, conduct election polls, register for a conference, search for old friends, and the list goes on. Hackers investigating a target can use munged site values based on the targets name to dig up Googles pages (and subsequently potential data) that may not be available to Google searches using the valid site operator.

The Corporate SectorFor the moment, set aside dramatic scenarios such as corporate espionage. These subjects are exciting for purposes of discussion, but their actual incidence is rare. Instead, I'd like to concentrate on a very real problem: cost. The average corporate database is designed using proprietary software. Licensing fees for these big database packages can amount to tens of thousands of dollars. Fixed costs of these databases include programming, maintenance, and upgrade fees. In short, development and sustained use of a large, corporate database is costly and labour intensive. When a firm maintains such a database onsite but without connecting it to the Internet, security is a limited concern. To be fair, an administrator must grasp the basics of network security to prevent aspiring hackers in this or that department from gaining unauthorized access to data. Nevertheless, the number of potential perpetrators is limited and access is usually restricted to a few, well-known protocols. Now, take that same database and connect it to the Net. Suddenly, the picture is drastically different. First, the number of potential perpetrators is unknown and unlimited. An attack could originate from anywhere, here or overseas. Furthermore, access is no longer limited to one or two protocols. The very simple operation of connecting that database to the Internet opens many avenues of entry.

23

For example, database access architecture might require the use of one or more foreign languages to get the data from the database to the HTML page. I have seen scenarios that were incredibly complex. In one scenario, I observed a six-part process. From the moment the user clicked a Submit button, a series of operations were undertaken:

The variable search terms submitted by the user were extracted and parsed by a Perl script.

The Perl script fed these variables to an intermediate program designed to interface with a proprietary database package.

The proprietary database package returned the result, passing it back to a Perl script that formatted the data into HTML

Anyone legitimately employed in Internet security can see that this scenario was a disaster waiting to happen. Each stage of the operation boasted a potential security hole.

How Hackers Use Google to hack:Example: A hacker is interested in sensitive information about ABCD Corporation, located on the web at http://www.ABCD.com. Using a query like Site: ABCD, may find mistyped links (http://www.abcd) instead of (http://www.abcd.com) containing interesting information. There is a system out now that is under the concept of a honey-pot which is a computer system on the internet that is expressly set up to attract and trap people who attempt to penetrate other peoples computer systems. In order to learn about how new attitudes might be conducted, the maintainers of a honey-pot system, monitor, dissect and catalogue each attack, focusing on those attacks which seem unique.

24 A simple entry like inurl: admin inurl: userlist, could easily be replicated with a web-based honey-pot by creating an index.html page which referenced another index.html page in a /admin/user list directory. If a web search engine like Google was instructed to crawl the toplevel index.html. This link would satisfy the Google query of inurl: admin inurl: userlist, eventually attracting a Google searcher.

Literature Review:In the study, A Qualitative Analysis of Advance Fee Fraud E-mail Schemes, Holt and Graves discuss the implications of a study for law enforcement and computer security, exploring the mechanisms that are employed by scammers through a qualitative analysis of 412 fraudulent email messages. Criminals utilize the Internet to perpetrate all manner of fraud, with the largest dollar losses attributed to advance fee fraud e-mail messages. Half of all the messages also request that the recipient forward their personal information to the sender, thereby enabling identity theft. The findings demonstrate that multiple writing techniques are used to generate responses and information from victims.

Maura Conway quotes Denning in her paper Cyberterrorism and Terrorist 'Use' of the Internet that Cyberterrorism is the convergence of cyberspace and terrorism. It refers to unlawful attacks and threats of attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives. Further, to qualify as cyberterrorism, an attack should result in violence against persons or property, or at least cause enough harm to generate fear. Attacks that lead to death or bodily injury, explosions, or severe economic loss would be examples. Serious attacks against critical infrastructures could be acts of cyber-terrorism, depending on

their impact. Attacks that disrupt nonessential services or that are mainly a costly nuisance would not." 25

Cyber Criminology: Evolving a novel discipline with a new journalIn the study, A Qualitative Analysis of Advance Fee Fraud E-mail Schemes, Holt and Graves discuss the implications of this study for law enforcement and computer security, exploring the mechanisms that are employed by scammers through a qualitative analysis of 412 fraudulent email messages. Criminals utilize the Internet to perpetrate all manner of fraud, with the largest dollar losses attributed to advance fee fraud e-mail messages. Half of all the messages also request that the recipient forward their personal information to the sender, thereby enabling identity theft. The findings demonstrate that multiple writing techniques are used to generate responses and information from victims. The World Intellectual Property Organisation (WIPO) has developed several treaties to assist in the protection of copyrights. Specifically, WIPO has three treaties that preclude the unlawful taking of copyrighted material: The Copyright Treaty, The Performers and Producers of Phonograms Treaty, and The Databases Treaty. Regardless of these treaties, Rao (2003) showed that the international piracy rates increased in the years of 2000 and 2001. Therefore, piracy is a worldwide behaviour. Because of the attributes of the Internet, piracy took place in almost complete deceit making the tracking of rates nearly impossible. However, an industry groups had estimated that software piracy accounted for nearly 11 billion dollars in lost revenue and contributed to loss of jobs and reduced government revenues (Business Software Alliance, 2003). Whatever approach hackers take, most malicious hackers prey on ignorance. They know the following aspects of real-world security: The majority of systems that hackers want to attack arent managed properly.

The computer systems arent properly patched, hardened and monitored as they should be. Hackers often can attack by flying below the average radar of common firewalls, IDS and authentic systems.

26

Hack attacks are usually carried out after typical business hours and can be carried out slowly, which makes that much harder to detect.

Companys defences are often weaker during off-peak hours which have less intrusion monitoring and less physical security.

Access through proxy servers is the most common form of intrusion.

A proxy server is simply a program that relays data from one system to another. There is a number of free proxy servers available designed to offer the users some type of "anonymity" or access to "restricted" websites. For example, if your IP address was 1.1.1.1 and you connected to the internet through a proxy server with an IP address of 2.2.2.2 everyone would see you as connected to the internet with IP 2.2.2.2 not 1.1.1.1. Or at least that is the idea. There are a whole host of applications for proxy servers and issues associated with them. Although many are used to privacy or anonymity this is not necessarily a feature or benefit. For example, many proxy services are designed to pass on the

HTTP_X_FORWARDED_FOR value, which would tell any server you connect to through the proxy service that you are using a proxy server at 2.2.2.2, but your real IP is 1.1.1.1. This is useful in many business applications where the objective of the proxy service is not privacy, but something else. How do you know if that proxy server you are using for privacy passes this variable or not? Since a proxy server relays data through the proxy server system,

it is possible for data to be logged and/or modified. If you want to have real fun, modify the code in a proxy server to change all the letters "i" to "a" and see someone try to use it. Not useful, but very illustrative of the power the operator of a proxy server have. When you enter your login and password, it will be relayed through the proxy server, but will it be logged too? How will you ever know? Now the proxy server can provide a real benefit when you want to access blocked websites say from China or your school.

27

Of course any decent blocking program would easily decode the proxy packet and block the sites direct or through a proxy server. Now there are some real dangers of proxy servers and that is with respect to crime. I have seen some enticing sales pitches for a public proxy server you can setup for people to access blocked sites. Basically the pitch goes like this... install our program and watch the money roll in as users use your proxy on your server to access blocked sites. That also means that when someone uses your proxy to commit credit card fraud or hack into something, the victim will see the IP address of your server not the bad guy! Open proxy servers are another bad idea. This might be installed by spyware or they might be installed by mistake. They will turn your computer into a proxy server and you might not even know it! There are many people that scan the internet for open proxy servers about publish lists of open proxy server IPs.

ProtectionThere is a new phenomenon emerging on the Internet. Security consults are now being done (although perhaps not in great number) from remote locations. This is where someone in the same city (or another city) tests, defines, and ultimately implements your security from the outside. In other words, it is done from a location other than your offices or home. I have a couple points to make regarding this type of procedure:

Scan or penetration testing is commonly done from a remote location. The purpose of penetration testing (at the end of the day) is to simulate a real-time attack from the void. There is no replacement for doing this from a remote location. In this limited area of concern, at least, analysis from a remote location is warranted and reasonable.

28

All other forms of security testing and implementation should be done onsite. Implementing security from a remote location is not a secure method and may result in security breaches.

As much as the idea may seem attractive to you, I would strongly advise against having any firm or individual handle your security from a remote location. If your network is large and is meant to be as secure as possible, even the existence of a privileged user who can gain remote access to do maintenance work is a security risk. (For example, why would one cut a hole through a firewall just for the convenience of off-site work?)

Avoiding Transmission of PasswordsIn some sense, the prevention of sniffing by installing hardware barriers may be considered the last line of defence in a security system. When building medieval fortresses, the last line of defence was typically the most formidable but could only protect those who would be left inside after the outer defences had been breached. In dealing with sniffing, the first line of defence is simply not to transmit anything sensitive on the network in the first place. The local hardware defences may limit intrusion into the local systems. However, if authorized users may access those systems from remote locations, one must not transmit sensitive

information over remote parts of the Internet lest the information be sniffed somewhere along the way. One extreme that preserves security is simply not to permit access from remote locations. Also, the most formidable defences against inward directed attack do nothing to provide for the security of one leaving the area being protected. Legitimate Internet sessions initiated inside a network with those outside must also be protected.

29

IP Spoofing and SniffingThe most glaring security hole beyond simple loss of privacy is the opportunity for a sniffer to gather passwords. The best way to deal with this problem is simply not to transmit cleartext passwords across the network. Simply transmitting an encrypted password that could be captured and replayed by a sniffer is also not acceptable. Several different methods are in use to provide this kind of protection:

The rlogin family of protocols

Using encrypted passwords

Zero knowledge authentication

Information protection does not always protect information systems from harm. Designers may decide to shred paper, burn electronic media, or even blow up computers. Shredding paper prevents leakage of potentially harmful information in paper form, burning used floppy

disks prevents their contents from being read and exploited and blowing up electronic devices is used in smart bombs as a cost -effective way to keep the information technology used to guide the bomb from getting into enemy hands. Information protection has been, is, and will likely always be a study in tradeoffs.

Designers trade costs against potential harm, long term for short term, people solutions with technical solutions, integrity with availability with privacy, and one person's harm for another person's benefit. Discussions should also include how current security policies and practices are impacting how well an agencys network environment is able to protect both its information and employees.

30

For example, organizations that fail to institute anonymous surfing practices when their staff members use the Internet for official business may unintentionally disclose their operating system, browser version, physical address and other sensitive information. Adversaries can use this information to uncover a government organizations confidential plans and jeopardize their entire operation. Additionally, once an enemy knows an agencys IP address, they can start scanning and attacking its network directly, endangering the organizations data and infrastructure. Addressing these kinds of practices during the summit will put any conversation about the technical aspects of a networks security architecture in perspective. Most people probably want to feel that their computers are safe, and many people in the computer security business try to get money for helping them feel that way, but frankly, a good psychologist might be less expensive. Relatively few organizations or individuals behave as if they really want to be kept from harm, especially if it costs them something or if they haven't just been harmed. In many organizations, effective information protection requires cultural change. This is one of the hardest sorts of change for most people to make

because it requires that they find new ways of thinking about issues, that they gain a new level of awareness about things around them, and that they act based on this awareness. Information protection can't be left to someone else. This doesn't work, no matter who you are in an organization. In the information age, information protection is everyone's problem. From the highest ranked officer in the largest organization to the lowest paid office clerk, everyone has responsibility for information protection, and protection will not be fully effective until everyone assumes their responsibility What is often disconcerting is how much an organization freely contributes to the hacker's weapon stockpile. Most organizations are haemorrhaging data; companies freely give away too much information that can be used against them in various types of logical and physical attacks. Here are just a few common examples of what a hacker can learn about an organization, often in minutes:

31

The names of the top executives and any flashy employees they have by perusing their archive of press releases.

The company address, phone number, and fax number from domain name registration.

The service provider for Internet access through DNS lookup and trace route.

Employee home addresses, phone numbers, employment history, family members, previous addresses, criminal record, driving history, and more by looking up their names in various free and paid background research sites.

The operating systems, major programs, programming languages, specialized platforms, network device vendors, and more from job site postings.

Physical weaknesses, vantage points, lines of sight, entry ways, covert access paths, and more from satellite images of your company and employee addresses.

Usernames, e-mail addresses, phone numbers, directory structure, filenames, OS type, Web server platform, scripting languages, web application environments and more from Web site scanners.

Confidential documents accidentally posted to a Web site from archive.org and Google hacking. Flaws in your products, problems with staff, internal issues, company politics, and more from blogs, product reviews, company critiques, a competitive intelligence services. Another solution is to use encrypted passwords over the network. You must use caution, however, when simplifying this technique. Even with encryption, a sniffer can still record the encrypted password and decipher the encrypted password at his or her leisure. One way around this is to use an encryption key that involves the current time.

32

If the sender and receiver are closely synchronized, the sniffer must replay the encrypted password within one tick of the two machines shared clock. If the sender and receiver are widely separated, however, this technique becomes less practical and effective because shared clocks will lack sufficient time resolution to prevent an attacker from using a quick replay. One way around this lack of close synchronization is to set a limited number of attempts at typing the password correctly. It also does not suffice to simply encrypt the password with an algorithm using a key that allows an attacker to determine the encryption key. The attacker would decrypt it for repeated use at a later time. Some protocols use an encryption technique equivalent to the one used by the UNIX password program when it stores passwords in the password file. This encryption technique is no longer considered particularly secure against brute force cryptographic attacks where all likely passwords are encrypted with the same algorithm used by the password file. Any two words that encrypt the

same must be the same. Hence, poorly chosen (for example, dictionary words) or short passwords are particularly easy to crack by brute force.

ConclusionThere are many possible ways that a hacker can gain access to a seemingly secured environment. It is the responsibility of everyone within an organization to support security efforts and to watch for abnormal events. We need to secure IT environments to the best of our abilities and budgets while watching for the inevitable breach attempt. In this continuing arms race, vigilance is required, persistence is necessary, and knowledge is invaluable. Our findings in relation to the detection of cybercrime strongly suggest that organisations need assistance in this area, with 67% of respondents reporting that accidental detection and employee reporting are their most common means of detection.

33

Given the significant impact of cybercrime we hope to see improvement in this figure, for example with a greater number of organisations detecting issues through routine IT checks, security products or audits. Increased awareness of hacker attacks is also growing as internet security agencies are working together in a combined manner such as (the honey-pot initiative), and with a constant updating of a security companies knowledge and inter agency cooperation , hackers will find it a lot harder to break into once easy and unprotected systems. The hacking black market is still a profitable enterprise though with insider, company secrets being at the top of the most requested and sought after commodity. With the fact that hackers can receive up to 500,000 for system infiltration software, the monetary gain is, in the hackers eyes, a lot more rewarding.

34

Bibliography

Banks, Michael A. (1997), Web psychos, stalkers, and pranksters: How to protect yourself online, Arizona (USA), The Coriolis group. Chakrabati, Anirban and Manimaran, G. (2002), Internet infrastructure security: A Taxonomy, IEEE Network, November/December 2002, P.13. CNET (2001), FBI hack raises global security concerns [online]. Available from: http://news.com.com/FBI+%22hack%22+raises+global+security+concerns/2100-1001_3256811.html [Accessed 14th December 2004]. Conway Maura (2002) Cyberterrorism and Terrorist 'Use' of the Internet, First Monday, volume 7, number 11 (November 2002) URL: http://firstmonday.org/issues/issue7_11/conway/index.html

Crucial paradigm (2003), Hacking attacks-How and Why [online], Crucial paradigm. Available from: http://www.crucialparadigm.com/resources/tutorials/website-web-page-siteoptimization/hacking-attacks-how-and-why.php [Accessed 7th December 2004]. Darlington, Roger. (2001) Crime on the net [online], United Kingdom, Darlington, Roger. Available from: http://www.rogerdarlington.co.uk/crimeonthenet.html [Accessed 4th December 2004]. Digital Guards data base (2001), Glossary [online]. Available from: http://www.digitalguards.com/Glossary.htm [Accessed 10th December 2004]. Furnell, Steven. (2002), Cybercrime: Vandalizing the information society, Boston; London: Addison-Wesley. Himanen, Pekka. (2001), The hacker ethic and the spirit of information age, Great Britain, Secker & Warburg. Jaishankar, K. (2007) Cyber Criminology: Evolving a novel discipline with a new journal International Journal of Cyber Criminology Vol 1 Issue 1 January 2007

35 Jewkes Yvonne (2006). Comment on the book 'Cyber crime and Society by Majid Yar, Sage Publications. Levy, S. (1984), Hacker: Heroes of the computer revolution, New York: Bantam Doubleday dell. Cited in: Taylor, Paul A. (1999), Hackers: Crime in the digital sublime, London, Routledge. Mann, David and Sutton, Mike, (1999). NetCrime. More Change in the Organisation of Thieving, British Journal of Criminology, vol. 38, no. 2, Spring 1998. Marotta, M.E. (1993), online with the super hacker. Available from: http://www.kzsu.stanford.edu.uwi/post/mercury.html. Cited in: Taylor, Paul A. (1999), Hackers: Crime in the digital sublime, London, Routledge. McClure, Stuart. Et al. (2003), Hacking exposed: Network security secrets & solutions, Fourth edition, Berkley, California (USA), McGraw-Hill/Osborne. McKenzie, S. (2000). Child Safety on the Internet: An Analysis of Victorian Schools and Households using the Routine Activity Approach. A thesis submitted to the University of Melbourne, February, 2000.

http://www.criminology.unimelb.edu.au/research/internet/childsafety/index.html Niccolai, James. (2000), Analyst puts hacker damage at $ 1.2 billion. Available from: http://archive.infoworld.com/articles/ic/xml/00/02/10/000210icyankees.xml [Accessed 7th December 2004]. Ninemsn (2004), North Korea has 600 computer hackers [online], [national Nine news]. [SCI Tech news]. Available from: http://news.ninemsn.com.au/article.aspx?id=19653 [Accessed 10th December 2004]. Oxford English Dictionary. (1995), Concise, 9th edition. Oxford.oup. Pipkin, Donald L. (1997), Halting the hacker: A practical guide to computer security, United States of America, Prentice Hall. Randall, Nichols K. et al. (2000), Defending your digital assets: Against hackers, crackers, spies and thieves, United States of America, McGraw-Hill. Seebach, Peter. (1999), Care and feeding of your hacker [online], Seebach, Peter. Available from: http://web.demigod.org/~zak/geek/hack.shtml [Accessed 6th December 2004].

36 Selwyn, Neil and Gorard, Stephen. (2001), 101 key ideas in information technology, United Kingdom: United States of America: Hodder and Stoughton-McGraw-Hill. Seo, Jung.U. (2001), Toward the global information society opportunities and challenges [online], [minister of science and technology, Republic of Korea]. Available from: http://web.ptc.org/library/proceedings/ptc2001/plenary/seo.html [Accessed 10th December 2004]. Server pipeline (2004), Simulated hacker attacks [online], Server pipeline, Available from: http://www.nwc.serverpipeline.com/trends/trends_archive/46200228 [Accessed 15th December 2004]. Sterling, Bruce. (2004), The hacker crackdown: (Law and disorder on the electronic frontier), McLean, Virginia (USA), Indypublish.com. Taylor, Paul A. (1999), Hackers: Crime in the digital sublime, London, Routledge. Thomas, Douglas and Loader, Brian D (eds.) (2000), Cybercrime: Law enforcement, security and surveillance in the information age, London: Routledge. Thomas and B. Loader (Eds.), Cyber crime: Law Enforcement, Security and Surveillance in the Information Age, London.

Williams, Sam. (2002), Free as in freedom: Richard Stallmans crusade for software, Farnham, Sebastopol, California: OReilly.

37