Development in Hacking, Cybercrime and Malaware

In: Computers and Technology

Submitted By nikkiv85
Words 850
Pages 4
Web browser vulnerabilities are a serious security concern due to their role in online fraud and in the spread of malicious code, spyware, and adware. Web browsers are security concerns because they are exposed to a great amount of potentially untrusted or hostile content than most other applications. Every year there is an increased reliance on browsers and their plug-ins as the Internet becomes more integral to business and leisure activities. Attacks can originate from malicious websites as well as legitimate websites that have been compromised to serve malicious content. Browsers also facilitate client-side attacks because of their use of plug-ins and other applications in handling potentially malicious content served from the Web, such as compromised documents and media files.

According to recent statistics from late 2009, there was an increase in the market share of Chrome, Firefox, and Safari at the expense of Internet Explorer over the course of the year. Symantec speculates that security concerns may have been a factor in the shifting browser demographics. While it is certain that the increase in the percentage of Internet Explorer 8 users is due to installations of Windows 7, which includes the browser by default, enhanced security is also believed to be a factor in its increased use even as Internet Explorer loses market share overall. The shifting market share should not significantly endanger browsers other than Internet Explorer in terms of attacks in the wild as it is unlikely that a tipping point has yet been reached that will make the development of concerted attacks on other browsers sufficiently profitable to be viable.

In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. The security of…...

Similar Documents

Cybercrime

...Some might say the crime of the 21st century will be white collar. If that is true, what will be the major types of cybercrime? How can we safeguard against it? At the rate technology is evolving, and all the monetary transactions going on, it can create an attraction for thieves. Major types of cybercrime can be anything from illegal betting, to identity theft, or more serious crimes such as human trafficking and child pornography. “to find violators and also propose new legislation to protect law-abiding citizens from cyber-crimes.” There are something we can do to protect ourselves from cybercrime like having anti-spyware, virus protection and malware software, but even with all of that we still might need some help. The government has tried to step up, and protect us but their efforts don’t always lead to a physical person to be punished for their crimes. Cyber bullying is a serious issue in today’s schools and business. If everyone adopted and educated people on netiquette guidelines would this issue be solved? Explain. It may help in a small way, but it will not eliminate the problem, because although we might not like to admit it we tend to be bullies on and off line. If we educate our kids and ourselves on how to behave and treat people well, that might have an impact on other people that are victims of cyber-bullying. It is a serious subject, there has been rumors that teenage kids have committed suicide, as a result from being bullied. “There also have...

Words: 509 - Pages: 3

Cybercrime

...Nowadays, E-commerce is a fundamental part of marketing activity. Most of e-commerce proceeds on the websites of publicly traded companies. A challenge that e-business face is that vulnerably experience e-crime, also known as cybercrime. As Internet technology continues to rise throughout the world, the threat of cyber crime also grows. While some of these crimes are relatively harmless and commonplace, others are very serious and carry with them felony charges. Various types of Cyber crimes that can be encountered over the net are spam, fraud, cyber terrorism and so on. Whether for individuals, companies or governments, cybercrime has become a big problem. Spam is defined as unsolicited junk e-mail. It is used by chain mailers, forger and some others who selling dubious products.  “The Federal Trade Commission (FTC) has identified 12 types of scams that are most likely to arrive in consumers’ e-mail boxes. The “dirty dozen” are: business opportunities, bulk e-mail, work at home schemes, health and diet scams, effortless income, free goods, investment opportunities, cable descrambler kits, guaranteed loans or credit on easy terms, credit repair, and vacation prize promotions”(Phommalinh). Meanwhile, the most common type of cybercrimes occurred in spam is virus which spread by e-mails. When one receive an e-mail with a virus, the default settings of your computer do not have any action required to resist virus. At that point, virus can follow instructions and does anything...

Words: 1173 - Pages: 5

Cybercrime

...Case Study – Cybercrime International Centre for Criminal Law Reform and Criminal Justice Policy 1822 East Mall, Vancouver British Columbia, Canada V6T 1Z1 Tel: 1 (604) 822-9875 Fax: 1 (604) 822-9317 Email: icclr@law.ubc.ca www.icclr.law.ubc.ca Case Study – Cybercrime By Annemieke Holthuis Counsel Criminal Law Policy Section Department of Justice Canada Case Study prepared for Co-Teaching at the National Prosecutors College Beijing China November-December 2006 As part of the International Centre for Criminal Law Reform and Criminal Justice Policy (ICCLR) and GeoSpatial SALASAN Programme: The Canada China Procuratorate Reform Cooperation Project, supported by the Canadian International Development Agency 2 Case Study - Cybercrime Public concern about the incidence of child pornography on the Internet is increasing in British Columbia. The police decide to crack down and seek the help of members of the public and Internet Service providers like XYZ Corporation. Brian, a concerned citizen and the divorced father of a young girl, contacts police expressing concerns about his roommate Dwayne. Dwayne is always on the computer and he has no idea what Dwayne is doing. Dwayne’s door is always locked and Dwayne won’t let Brian borrow the computer, even to send a quick e-mail. Lately, Dwayne acts more strangely than ever. Brian said that he didn’t know what it is but he’s no longer comfortable bringing his daughter home when Dwayne was there. Brian...

Words: 7138 - Pages: 29

Cybercrime

... messaging are some of the ways cybercriminals can attack. Even when the attack is direct, as in the case of a former employee hacking a network or sending out viruses, there is no physical evidence to show who committed the crime. (Anonymous, 1997) (Cross, 2008). I guess people think of cybercrime as high tech evil men or women who want to rule the world who look like Calvin Klein or Victoria's Secret models who are so clever and eye candy material, in other words the Hollywood version depicted on movies or television are not your regular cybercriminal. The regular people who commit these types of crimes are just ordinary folks who have different reason to do such bad things. The reasons these individuals do these things are: (Anonymous, 1997) * Curiosity, such as going to download sites that contain illegal content such as music, games, movies especially porn sites. * Emotional, as threats sent by e-mail, pissed off programmers who send out logic bombs to bring down a website or send out viruses to get back at their former employer. * Financial, which includes embezzlement and fraud, misappropriation of funds, etc. * Bad behavior such as a person accesses child porn or other illegal material. * Intellectual, such as hackers attempt to gain access to a secure site or stealing secure passwords. (Mitnick & Simon, 2002) (Cross, 2008). Before I go further into this term paper, I want to say that Cybercrime is a serious problem facing the world...

Words: 2360 - Pages: 10

Cybercrime

...Cyber Crime has become a top priority for law enforcement on a local, state and federal level. We are becoming increasingly concerned about cyber threats, most particularly on computer intrusions and network attacks. Computer intrusions are becoming more commonplace, more dangerous and more sophisticated. Our nation’s critical infrastructure and our military’s command and control networks are most certainly being targeted by our enemies and other potential adversaries alike. Our companies are being targeted for insider information and our colleges and universities for their valuable research and development. All of that being said, cyber crime is hitting us at home as we are being targeted for fraud and identity theft and our children are often targeted by online predators. No one is immune to these cyber risks, individuals, countries, Fortune 500 companies and the neighborhood “Mom and Pop” store. These threats are evolving and expanding every day. It is important to be wary and safeguard information and cyber access by these fraudsters and predators. I am using the law enforcement perspective, one I am most familiar with, in this paper. Computer intrusions and network attacks can affect many different facets of national security and organizational information. It is clear that terrorists and their organizations are using the internet to recruit and maintain their strength. For example, in the Arabian Peninsula, Al Qaeda has produced a full-color, English...

Words: 873 - Pages: 4

Development in Hacking, Cybercrime and Malaware

... the wild as it is unlikely that a tipping point has yet been reached that will make the development of concerted attacks on other browsers sufficiently profitable to be viable. In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. The security of applications should be evaluated on a platform-by-platform basis to ensure that platform-specific security issues do not come up when the application is installed. This will ensure that desktops within the organization are not running unauthorized software. Browser security features and add-ons should be employed wherever possible to disable JavaScript, Adobe Flash Player, and other content that may present a risk to the user when visiting untrusted sites. Organizations should consider adopting a policy of identifying a list of whitelisted, trusted, or authorized websites and block access to all other sites. Whitelists must be actively maintained due to the risk presented when trusted sites are compromised and used to host attacks or malicious software. Of the phishing URLs situated in the United States, 70 percent of phished brands were associated with financial services. This is in keeping with the global trend, in which 74 percent of phishing URLs detected across the Internet as a whole were associated with the financial services sector. This is in keeping with the global trend...

Words: 850 - Pages: 4

Developments in Hacking, Cybercrime and Malware

...David S Lindsay Jr. IS4560 Unit1assignment Developments in hacking, cybercrime and malware Hydraq Trojan (a.k.a., Aurora) uses a basic approach on how to attack a enterprise, it starts with a little snooping and a little deeper research in the public domain to decover information about the company and its personnel which usally comes from social networking sites and create special phishing email. SQL-injection attack.- malicious code designed to gather sensitive information from the network, easy access to the network and is web based Fragus,18 Eleonore,19 and Neosploit.20. come bundled with a variety of different exploits, including some exploits for older vulnerabilities. Because an older vulnerability is likely to be included, older vulnerabilities see a vast amount of exploitation, These exploit and attack kits are often frequently used in conjunction with some of the crimeware kits available in the underground, that don’t make it very hard to obtain mostly free of charge. Zeus kit use spam to lure users to a website that uses social engineering or that exploits a Web browser vulnerability to install the bot on a victim’s computer, mosly through remote access. Summary The above mentioned threats are important issues, the fact of the matter is people have their personal information in everything they do from education to bill paying. Everything is connected to our lives one way or another and must be protected at all cost, social networking sites like......

Words: 314 - Pages: 2

Cybercrime

..., the crimes are done so from the luxury of a hacker's house or place of business while traditionally crimes are not. Another difference worth noting is that cybercrime criminals have the ability to commit these crimes from different states, even internationally at some levels. When cybercrimes are committed liken that, it makes it hard to prosecute as the laws may vary from place to place. That is usually when federal laws are reviewed for a prosecution to happen. Purposes of Hacking Hacking dates back to the 1950's. This is long before the birth of the internet. Hacking began as a method or searching for shortcuts when encountering a computer issue. According to "Marriam Webster" (2014), A hacker is "a person who secretly gets access to a computer system in order to get information, cause damage" (para. Hacker). Today hacking of often referred to a person wanting to cause havoc in a computer or many computer systems for a reason. Hacking has evolved over the years. In the beginning, hacking was often used to prank, cause mischief and curiosity. Hacking today has grown very large and has been categorized into the types of hacking. Although hackers use different methods of accessing unauthorized information, the most common reason for doing such things is for financial gain. Kevin Mitnick vs the USA Kevin Mitnick began hacking at an early age of 12.  As this age he began making punch cards for the Los Angeles transit authority. Mitnick also joined a phone phreak......

Words: 1128 - Pages: 5

Cybercrime

...Cybercrime There are approximately 40 federal statutes that govern the prosecution of computer-related crimes. Some of the most prominent are the Copyright Act, the National Stolen Property Act, mail and wire fraud statutes, the Electronic Communications Piracy Act, the Communications Decency Act of 1996, the Child Pornography Prevention Act, and the Child Pornography Prevention Act of 1996. Congress recognized computer related computer-related crimes as discrete federal offense with the passage of the counterfeit access device and computer fraud and abuse law in 1984. So as you can see there are quite a few different statutes that apply to computer crime. As for local and state statutes that involve cybercrime there is not too many. In Michigan the terms of cybercrime are these. Mental state must be intentional, misdemeanor if violation involves $200 or less, felony if violation involves more than $1000, attempt is not considered a crime, and civil lawsuits are not permitted. Federal, state, and local statutes apply to the phenomenon of cybercrime by more and more cybercrimes happening and being taken into court proceedings. For example there was a case recently where the US government charged 8 people in a cyber-crime scene that netted close to $45 million dollars in just a few hours. Many of these crimes do not have clearly drawn lines on what charges will be applied to what crime so statutes must be followed to decide the severity of the crime and the punishment.......

Words: 255 - Pages: 2

Is4560 Unit 1 Assignment 1 Developments in Hacking, Cybercrime, and Malware

...Nancy R. Daly June 26, 2014 IS4560 Hacking and Countermeasures Unit #1 Development in Hacking, Cybercrime, and Malware Unit 1 Assignment 1 Developments in Hacking, Cybercrime, and Malware In this assignment we are asked to identify the major threats and security concepts from a whitepaper located on the internet: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf. This report stated that: “There are a number of recent and growing trends in the threat activity landscape that were observed by Symantec in 2009.” These threats are identified as: * Malicious code activity * Tends to increase in countries experiencing rapid growth in broadband infrastructure and connectivity, , readily available malicious code kits are making it simple for attackers to mount attacks, the online underground economy and malicious activity are benefiting from the downturn in the global economy. * Web-based targeted attacks on enterprises are increasing * Targeted attacks using advanced persistent threats (APT ) * Designed to remain undetected in order to gather information over prolonged periods. This type of attack has been observed in other large-scale data breaches that caused large numbers of identities to be exposed * Hacking attack using an SQL-injection attack * The hackers can gain access to a company’s payment processing network. The attackers then installed......

Words: 298 - Pages: 2

Cybercrime

..., participants were asked to self-report their cyber crime engagement, and pre-employment integrity. Results indicated that the anonymity manipulation had a main effect on self-reported cyber crime engagement. The results also showed that there is a statistically significant negative relationship between self-reported cyber crime engagement and pre-employment integrity. Suggestions for future research are also discussed. Keywords: Self reported Cybercrime, Anonymity, Pre-employment Integrity, Cyber Crime engagement. Introduction Cyber crime is an unlawful act in which a computer/s is/are used as means of committing a crime against a person, property or the government (Babu & Parishat, 2004). Sukhai (2004) explained that an FBI and Computer Security Institute annual survey of 520 companies and institutions reported more than 60% unauthorized use of digital computer systems during a period of 12 months and 57% of all break-ins involved the Internet. Even though these numbers seem large, Sukhai (2004) describes that about 60% of cyber attacks are not even detected. Research indicates that only about 15% of exposed attacks are reported to law enforcement agencies (Sukhai, 2004). In the newer 2006 FBI and Computer Security Institute annual survey of 313 companies and institutions, it was Assistant Professor and Director of the Advanced Cyber Forensics Research Laboratory, Zayed University, United Arab Emirates. Email: Ibrahim.Baggili@zu.ac.ae 2 Professor, Department of......

Words: 6388 - Pages: 26

Cybercrime

... of making certain functions easier. They also would experiments to see what computing obstacles could be hacked or bypassed when using the computer as a tool for hacks. Many computer crimes committed today involve the perpetrator hacking into accounts without authorization in order to obtain private information as a means to inconvenience, steal, or commit fraud against their victim(s). One of the biggest hacking crimes today is that used against the government. This is called cyber warfare, this is implemented when terrorist hacks into a private account to obtain classified information as a means to cause real world harm. There is no doubt about it that cybercrime is part of new crime used today to cause harm against another person. Hacked computer systems remain one of the most dangerous and frightening fears of the modern era, not least because often it is unclear that a computer system has been hacked until it is too late (Purpose of Hacking, 2015). References http://www.dailytech.com/Five+Charged+in+Largest+Financial+Hacking+Case+in+US+History/article32050.htm http://www.reviewjournal.com/news/las-vegas/phoenix-man-gets-20-years-prison-federal-cybercrime-case http://www.denverpost.com/parole/ci_26200423/ap-source-thieves-got-into-1k-stubhub-accounts http://www.forbes.com/sites/katevinton/2014/07/23/seven-arrested-for-fleecing-stubhub-for-1-6-million-in-tickets/ ŞTEFAN, I. (2011). CYBER CRIME. Juridical Current, 14(3), 115-120. Purpose of Hacking. (n.d.).......

Words: 1242 - Pages: 5

Cybercrime

... have noted that the cyber terror on infrastructure are an unlikely threat to the security of the United States. In 2005, Cyber-attacks cost were $48 billion to businesses and $680 million to consumers. While a physical attack involves weapons against a specific target, a cyber-attack includes codes that are used as weapons to infect enemies’ computer in order to manipulate the software, system configuration or the use of restricted computer system. Although cyber-attacks has taken place against critical infrastructure, industry, and companies, the gathered data cannot be used to determine if a terrorist group has initiated these attacks. One of the concept that is creating a big concern in our infrastructure is the term cyber terrorism. Cyber terrorism can be define as the use of a computer as a weapon or as a target by any group who threaten to cause violence and fear with the purpose of influence to an audience or produce a government to change its policies (Wilson). Like terrorism, cyber terrorism is used to intimidate the government in order to change their opinions about social objectives. In order to be consider cyber terrorism, attacks perform against a person of property should cause enough harm, such as attacks that lead to death, explosions, and economic loss. There are many reasons why a terrorist would want to conduct cyber terrorism. First, cybercrime is a cheaper method that consist on the use of a computer and an online connections, without the necessity to......

Words: 2224 - Pages: 9

Cybercrime

... integrated approach to security of their cyber. Cyber securities need to be tailored to a particular risk and business profile that not only addresses the technical aspects of their profile, but also organizational elements and people. There have been a number of cyber-crimes which have been reported in the recent past. The CIA has been one of the high profile targets of on-line attackers. With the high-profile cyber-crimes being reported, 2012 reported the highest number of incidents of data loss. Cybercrime can result in a major financial loss and damage of organizational image. On June 15 2012, an outage was reported by the CIA, and the LulzSec hacker group took the responsibility of the crime. Cyber-crimes are multifaceted and vary from negligent to disgruntled insiders to external hacking. The Verizon Security Consultants, 2013, recently gave an insight report on the areas of risks in America. From the samples of 620 breaches, the external attackers were responsible for a majority of data breaches, with 92% being attributed to external agents. 14% implicated insiders with business partners being responsible for 1% of the data breaches. In terms of the methods of the attack, 92% used some malware or hacking form, while 29% leveraged on social tactics. 75 percent of all the data breaches took more than one month to be discovered, while 96% of the initial attacks were not difficult to execute. On the other hand, the past few decades have seen attackers from...

Words: 7435 - Pages: 30

Cybercrime

...Research Paper CS-310 Summer, 2013 People all over the world use computers and the Internet for just about everything from shopping to paying bills, and research to leisurely searching for whatever their interests lay. Computers are now in almost every school, home, and business. They have helped increase productivity and made our lives so much easier. Due to the ease computers have made, it has also opened a door for a new breed of criminal. Cybercrime is on the rise. Cybercriminals use the Internet to spread their viruses, worms, and other hacking tools, like phishing, to steal people’s identity or sign them up for expensive services, which they reap the profits. However, some of these criminals do it for thrill of the chase. According the reading CompCriminal.doc there are two types of cybercriminals, the non-professional hacker and the professional hacker. Another form a cyber-attack called the DoS attack or denial-of-service. “The attack is designed to paralyze websites, financial networks and other computer systems by flooding them with data from outside computers.” (James, 2009). The first document case of a DoS attack was in 2000 by a 15-year old Canadian boy nicknamed “Mafiaboy”. This attack was against several e-commerce sites including eBay.com and Amazon.com. There have been several other hackers prior to “Mafiaboy”. Two of the notorious cybercriminals were Kevin Mitnick and Robert Morris. In 1982...

Words: 1009 - Pages: 5