Upload
lilah
View
51
Download
0
Tags:
Embed Size (px)
DESCRIPTION
History of Hacking and Cybercrime. By Bruce Phillips Crissy Hughes Carlos Betetta. Technological Developments . Blackberry. Xbox. IPad. Technological Developments. Internet & Computer Networks. Personal Computers . John draper aka captain crunch. John draper aka captain crunch. - PowerPoint PPT Presentation
Citation preview
HISTORY
OF HACKING
AND CYBERCRIME
BY
BRUCE PH I L L I PS
CR ISSY HUGHES
CARLOS BETETTA
TECHNOLOGICAL DEVELOPMENTS
IPad Blackberry
Xbox
TECHNOLOGICAL DEVELOPMENTS
Personal Computers
Internet & Computer Networks
JOHN DRAPER AKA CAPTAIN CRUNCH
JOHN DRAPER AKA CAPTAIN CRUNCHKNOWN AS FATHER OF MODERN HACKING
ORIGINALLY RADAR TECHNICIAN
SUPPOSDLY CALLED NIXON
HACKED PHONE WITH THE USE OF A CAPTAIN CRUNCH CEREAL WHISTLE
TAUGHT STEVE WOZNIAK AND STEVE JOBS HOW TO MAKE “BLUE BOXES”
JOHN DRAPER AKA CAPTAIN CRUNCH70’S SERVED TWO STINTS IN PRISON
CURRENTLY UNEMPLOYED
HACKED FOR THE FUN OF IT, NOT FOR $$$
STEVE WOZNIAK
STEVE WOZNIAKCO-FOUNDER OF APPLE
1970’S WAS A STUDENT AT BERKLEY & MEMBER OF “CALIFORNIA’S HOMEBREW COMPUTER CLUB”
MASS PRODUCED “BLUE BOXES” FOR TWO REASONS
1) GENERATE ENOUGH CASH FOR THEIR STARTUP COMPANY “APPLE”
2) FASCINATION BEHIND “THE POWER OF IDEAS” “THAT TWO TEENAGERS COULD BUILD A SMALL BOX FOR A HUNDRED DOLLARS AND CONTROL HUNDRED MILLIONS OF DOLLARS OF PHONE INFRASTRUCTURE
KEVIN MITNIK
KEVIN MITNIKSTARTED AT AGE 12
HACKED:LA’s BUS PUNCH CARD SYSTEMCELL PHONESFAST FOOD SPEAKER SYSTEMSDEC COMPUTER SYSTEM
WENT ON TWO AND A HALF YEAR HACKING SPREE ACROSS THE COUNTRYCAUGHT BY “CELLULAR FREQUENCY DIRECTION-FINDING ANTENNA HOOKED UP TO A LAPTOP TO NARROW THE SEARCH TO AN APARTMENT COMPLEX”SENTENCED TO FIVE YEARS OF PRISON AND EIGHT MONTHS OF SOLITARY
KEVIN MITNIKOWNS HIS OWN COMPUTER SECURITY CONSULTING COMPANY (MITNIK SECURITY CONSULTING, LLC)
NOW CAN LEGALLY HACK INTO SERVERS
STATED “IF I HAD PERFORMED THE SAME HACKS THAT I HAD DONE IN THE PAST TODAY, I WOULD MOST LIKELY BE IN GUANTANAMO BAY, CONSIDERING ALL THE SECURITY LAWS PASSED AFTER 9/11
HACKER LAWS• Why do we have hacker laws? • Development of New Technologies for
business and / or personal use
•Computers and Microchips
HACKER LAWSOld Days
Thief’s Tools Crow Bar
HACKER LAWSToday
Computer Wireless Sniffer Device
FIRST COMPUTER HACKER LAWS• Computer Fraud and Abuse Act of 1984
to protect from cybercrimes Defined illegal acts with computer Computer EspionageComputer TrespassingDamage and Fraud with Computer
FIRST COMPUTER HACKER LAWS• Computer Fraud and Abuse Act of 1984
Defined Criminal Conduct Accessing computers without authorization Accessing computers in excess of authority
** Company must have a good DBA and access policy
And using stolen information to cause loss, damage or fraud
FIRST COMPUTER HACKER LAWS• Computer Fraud and Abuse Act of 1984 • In 1984, why the need for new computer
hacker laws? • Latest High Tech Device: Personal Computer
IBM-PC Bill Gates and Windows
FIRST COMPUTER HACKER LAWS• Computer Fraud and Abuse Act of 1984
In 1984, Expansion of Programming Writing computer code to develop ‘Apps’ (software tools)
Some Programmers succumb to the Dark Side and developed worms and viruses
PATRIOT ACT OF 2001 Disclosure of Electronic Communications to Law Enforcement
Authorities can get permission to intercept communications on Protected Computers
Bypassing Wiretap Statutes Including Computers outside the United States
CALIFORNIA COMPREHENSIVE COMPUTER DATA ACCESS AND FRAUD
ACT State Specific Law
Allows Civil Actions (Lawsuits) and Compensatory Damages
Fines of $10,000 per offense and / or prison time
SARBANES-OXLEY ACT 2002 created to improve corporate and auditing responsibilities
Section 404 establishing and maintaining internal controls
Results: Better internal controls and higher protection standards for all companies
Most companies implemented COSO
CRITICS OF SARBANES-OXLEY ACT 2002 requirements are too strict and waste precious company resources
Association of Certified Fraud Examiners
Argued waste of company resources
2010 Restoring American Financial Stability Act – removed Sect 404 requirement for non-accelerated filers
SARBANES-OXLEY ACT & PCAOB Audit Standard 5 provides guidance for conducting audits of the effectiveness of Internal Controls of Financial Reporting
Critics complain about the vagueness of the guidance and reporting standards
People are the problem!
Getting Into The Network• Keeping attackers out of your IT network all together provides
the best protection. • Hackers are continually finding new ways to get beyond
corporations’ IT security. • Employee education
•What needs to be protected?•What are the procedures and policies to follow?
• When an attack is successful, data and applications can be affected.
Inside the Network BarrierUSB thumb drives
Laptops
Netbooks
Inside the Network BarrierMP3 players
Digital Cameras
Printers
Scanners
Inside the Network BarrierSmart Phones are carried in and out of corporations on a daily basis.
Inside the Network BarrierCloak and Dagger!
• A hacker disguised as a repairman?
• Do they look like they should be there?
Inside the Network BarrierIdentity Theft• Is your home network safe.• Do you understand and know the threats that are out
there.• Corporate protection of customer data.
Inside the Network BarrierEmployee Threats• Can be intentional or unintentional.• Work stations left unattended.• Allowing a fellow employee access to an unauthorized
area.• Education of employees is essential.
History of Hacking and Cybercrime
• Questions?