CyberTerrorism
Content
Seminar Report
Cyber Terrorism
CYBERTERRORISM
Seminar Report Submitted in partial fulfillment of the requirements for the award of degree of
BACHELOR OF TECHNOLOGY IN BY
COMPUTER SCIENCE & ENGINEERING
NAME: KASHETTY TARUN KUMAR ROLL NO: 08QJ1A0534
Under the Esteemed Guidance of NAME OF THE INTERNAL GUIDE PRASANTH SIR DESIGNATION
DEPARTMENT OF
JJ INSTITUTE OF INFORMATION TECHNOLOGY
(Approved by AICTE & Affiliated to JNTUH) Maheshwaram – 501 359, R. R. Dist. Phone: 9441119508
1
Seminar Report
Cyber Terrorism
JJ Institute of Information Technology
(Approved by AICTE & Affiliated to JNTUH)
Maheshwaram – 501 359, R. R. Dist. Phone: 9441119508
Department of Information Technology
CERTIFICATE
THIS IS TO CERTIFY THAT THE SEMINAR ENTITLED “SENSORS” IS THE BONAFIDE WORK OF
NAME: KASHETTY TARUNKUMAR (ROLL NO:08QJ1A0534)
SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENT FOR THE AWARD OF DEGREE OF BACHELOR OF TECHNOLOGY IN IT DURING THE YEAR 2011-2012.
Head of Dept. CSE GUIDE AME: PRASANTH SIR Mr. A. ARUN KUMAR Assoc. Professor & HOD
INTERNAL N Name with Designation
2
Seminar Report
Cyber Terrorism
Name with Designation
ACKNOWLEDGEMENT
I thank GOD almighty for guiding me throughout the seminar. I would like to thank all those who have contributed to the completion of the seminar and helped me with valuable suggestions for improvement.
I am extremely grateful to ARUN KUMAR, HOD , Division of Information Technology, for providing me with best facilities and atmosphere for the creative work guidance and encouragement. I would like to thank my coordinator, Omprakash Sir, Sr. Lecturer, Division of Information Technology, and my guide Mrs. Prashanth sir, Lecturer, Division of Information Technology , SOE for all help and support extend to me. I thank all Staff members of my college and friends for extending their cooperation during my seminar.
Above all I would like to thank my parents without whose blessings, I would not have been able to accomplish my goal.
TARUN KUMAR KASHETTY
3
Seminar Report
Cyber Terrorism
ABSTRACT Cyberterrorism is a new terrorist tactic that makes use of information systems or digital technology, especially the Internet, as either an instrument or a target. As the Internet becomes more a way of life with us, it is becoming easier for its users to become targets of the cyberterrorists. The number of areas in which cyberterrorists could strike is frightening, to say the least. The difference between the conventional approaches of terrorism and new methods is primarily that it is possible to affect a large multitude of people with minimum resources on the terrorist's side, with no danger to him at all. We also glimpse into the reasons that caused terrorists to look towards the Web, and why the Internet is such an attractive alternative to them. The growth of Information Technology has led to the development of this dangerous web of terror, for cyberterrorists could wreak maximum havoc within a small time span. Various situations that can be viewed as acts of cyber-terrorism have also been covered. Banks are the most likely places to receive threats, but it cannot be said that any establishment is beyond attack. Tips by which we can protect ourselves from cyberterrorism have also been covered which can reduce problems created by the cyberterrorist. We, as the Information Technology people of tomorrow need to study and understand the weaknesses of existing systems, and figure out ways of ensuring the world's safety from cyberterrorists. A number of issues here are ethical, in the sense that computing technology is now available to the whole world, but if this gift is used wrongly, the consequences could be disastrous. It is important that we understand and mitigate cyberterrorism for the benefit of society, try to curtail its growth, so that we can heal the present, and live the future...
4
Seminar Report
Cyber Terrorism
CONTENTS
1. INTRODUCTION Why IT IS SO ATTRACTIVE TO TERRORIST? WHAT THE CYBER TERRORIST CAN DO? EXAMPLES OF CYBER TERROTRISM 2. WHAT CAN BE DONE be ABOUT CYBER TERRORISM? CYBER CRIME TYPES OF CYBER CRIME HACKING CODE HACKERS
CYBER PUMPS
CRACKERS PHREAKERS NETWORK POCKET SNIFFERS
3. FRAUD ON INTERNET TYPEYS OF FRAUD ALTERNATION AND DESTRUCTION OF DIGITAL INFORMATION
5
Seminar Report
Cyber Terrorism
IMPACT OF CYBERCRIME ON FUNCTIONALITY, WORK CULTURE AND THEIR RESULT
4. CONTRAVENTOINS AND I.T. OFFENCES CONTRAVENTOINS AND COMPENSATOINS/PENALTIES
5. HACKING TYPES OF HACKING
PREVENTIVE MEASURES:
INTERLIANT BEEFS UP SECURITY OFFERING 6. INSTANCES OF CYBER TERRORISM FACTORS LEADING TO THE CYBERTERRORISM CYBER TERRORISM IN PRACTICE CYBER TERROR CAPABILITES
7. CYBER TERROR IN FUTURE 8. DRAW BACKS 9. CONCLUSION 10. REFERENCES
6
Seminar Report
Cyber Terrorism
Introduction
The world is a very large place, but it is getting smaller, thanks to the advent of computers and Information Technology. However, the progress that we've made in these fields also has a dark side, in that a new terrorist tactic, commonly called Cyberterrorism has developed. The old, conventional methods of assassination and hostage taking are slowly fading, as terrorists head towards the Internet to pull their stunts. The cause for this kind of a transition stems from the fact that the terrorist has long since realized that removing one official from office only causes another official to take his place; which is not the end-result the terrorist wished to achieve. This causes the terrorist to take to the net, thus affecting a wider section than could otherwise have been targeted. From disabling a country's economy to shutting off power in large areas, it's all possible, with less risk to the terrorists. Cyberterrorism is any act of terrorism that uses information systems or digital technology (computers or computer networks) as either an instrument or a target. Cyberterrorism can either be "international", "domestic" or "political", according to the nature of the act, but it is always an act involving a combination of the terrorist and the computer. Why IT is so attractive to the terrorist? Terrorist groups have been using computer technology to secure many of their goals. They have been exploiting existing modern technology to accomplish the same goals that they have been working towards in the past. However, the key differences
7
Seminar Report
Cyber Terrorism
between their old tactics and their newer methods lie in the ease with which their operations can be performed, as well as increased anonymity. It is extremely difficult to detect such clandestine operations, and needless to say, even more difficult to counter such acts. Terrorist groups take advantage of computer technology to create support structures that serve to strengthen their tactical and strategic plans and goals. These are achieved by: • Political propaganda • Recruitment • Financing • Intra and inter-group communication and coordination • Information and intelligence gathering • Ease of operations that are cost-effective, both in terms of resources used, and ability to strike worldwide.
Specific examples of the facilitation of terrorism through the use of computer technology illustrate the appeal this technology has for terrorist groups interested in advancing their particular agendas. The use of the Internet for propaganda and disinformation purposes is an especially popular one. Many exiled political opposition groups from such states as Iran, Iraq, Mexico, Northern Ireland and Saudi Arabia have used the World Wide Web for just such purposes. One of the most demonstrative examples, however, involves the case of the December, 1996 takeover of the Japanese Ambassador's residence in Lima, Peru by the Tupac Amaru Revolutionary Movement. Not only did this terrorist group use the Internet to communicate its revolutionary message to the rest of the world through a European website, it even offered a video clip of its members preparing for their mission.
8
Seminar Report
Cyber Terrorism
The added attractiveness of the Internet for terrorists is that the widest possible audience for their violent activity not only reminds them of the major themes of their campaigns, it also heightens fear in the target audience by reminding it of the potential for future violence. In addition to aiding terrorist propaganda, computer networks also enhance terrorist recruitment and financing. Various supremacist groups in the United States have also used the Internet for financial gain. The nature of modern computer technology is such that it also lends itself to the communication and intelligence activities of terrorist groups. The attractiveness of this feature for groups eager to expand their activities can be explained as follows: Information Technology gives individuals and groups a reach and influence that was previously reserved for well-organized, state-funded terrorist organizations. Physical distance and national borders that once separated terrorists from their coconspirators, their audience and their targets cease to exist in the world of modern telecommunications and the Internet. Organizations such as the Islamic fundamentalist groups that follow Osama Bin Ladin rely on computers to coordinate their activity. The Revolutionary Armed Forces of Colombia, for example, is known to respond to press inquiries via e-mail. In the case of the intelligence gathering activities of terrorist groups, computer networks and access to the World Wide Web are equally important. Modern computer technology has not only enhanced much of the above activity, but it has done so in such a fashion that the terrorist groups that utilize it are now able to operate beyond the range of traditional counter terrorist approaches. The terrorist ability to engage in "growth activity" such as recruitment, communication and especially financing without the knowledge of state authorities may inevitably lead to stronger and hence, more resilient terrorist groups. In turn, the potential for
9
Seminar Report
Cyber Terrorism
terrorist groups to engage in activity that focuses less on threats and more on actions that can be seen and felt is significantly heightened. Modern terrorist groups that are able to develop undetected may become stronger, more elusive and deadlier than their earlier counterparts.
Moreover, and perhaps even more importantly the advent of computer networks has spawned a new direction in the organizational structure of terrorist groups. Terrorist groups utilizing computers for communication are likely to move beyond hierarchical organizational structures and employ networked ones.
What the Cyberterrorist can do?
Terrorist groups engaging in cyberterrorism are noted for threats to commerce, public safety and national security. These threats can take any number of forms, but are generally seen as computer versus computer confrontations (While the current discussion focuses on the use of "high tech" applications in terrorist operations, "low tech" operations against a victim's "high tech" infrastructure should not be ignored.) Terrorist groups use their own computer technology to threaten or attack a victim's computer resources. This can take the form of threats or attacks against national infrastructures that have become heavily reliant and interconnected to computer networks. Activity of this sort is tangible in nature and thus, generates most of the interest we have in cyberterrorism today. Cyberterrorist threats can include: • rapid communication of threats to a wide or specific audience • threats to public utilities and transportation threats to commercial • threats to individuals institutions and transnational corporations • threats to IGOs and NGOs
10
Seminar Report
Cyber Terrorism
•
threats
to
political
groups
or
other
ethnic,
religious
or nationalist
entities (all of these can include other terrorist groups) identified as "the enemy" • threats to security forces • threats to nation states
What we occasionally see (what is reported) is actual damage to the above targets in the form of temporary disruption of services, public inconveniences or financial loss. These incidents, however, are most often in the form of cyber crime and fall short of what is considered as cyberterrorism. In summary, there have been no instances where cyberterrorism has been directly translated a catastrophic loss of life or physical destruction associated with the most violent acts of "conventional" terrorism. The threat, however, remains real and takes on an added significance when the growing potential of terrorist group resources is considered. At this point it is also helpful to speak in terms of "cyberspace-based threats." There is a wide spectrum of possibilities for "evil actions" in cyberspace. These include attacks on the data contained within the systems, the programs and processing hardware running those systems, and the environment (communications, networks, etc.) in which they operate.
Examples of Cyberterrorism
Cyber terrorism takes many forms. One of the more popular is to threaten a large bank. The terrorists hack into the system and then leave an encrypted message for senior directors, which threatens the bank. This message says that if the bank does not pay a set amount of money, then the terrorists will use anything from logic bombs to electromagnetic pulses and high-emission radio frequency guns to destroy the bank's files. The fact that the terrorists may be in another in another country adds
11
Seminar Report
Cyber Terrorism
to the difficulty of catching the criminals. A second difficulty is that most banks would rather pay the money than have the public know how vulnerable they are. Significant confusion in understanding cyberterrorism also emerges when cyberterrorism is confused with "cyber crime" and vice versa. Cyber crime is similar to cyberterrorism in its use of computer networks and information systems but clearly different in its motivation and goals. This appreciation, however, is often overlooked. In many instances there is little effort to distinguish the obvious differences between the two. Some people treat cyberterrorism simply as an extension of cyber crime. Cyberterrorists are often interested in gaining publicity in any possible way. For example, information warfare techniques like Trojan horse viruses and network worms are often used to not only do damage to computing resources, but also as a way for the designer of the viruses to "show off" his "creativity". This is a serious ethical issue, because many people are affected by these cases. For one, the viruses can consume system resources until networks become useless, costing companies lots of time and money. Even if the person never meant to harm someone with their virus, it could have unpredictable effects that could have terrible results. In one of its more unusual forms, cyber-terrorism can be used for an assassination. In one case, a Mafia boss was shot but survived the shooting. That night while he was in the hospital, the assassins hacked into the hospital computer and changed his medication so that he would be given a lethal injection. He was dead a few hours later. They then changed the medication order back to its correct form, after it had been incorrectly administered, to cover their tracks so that the nurse would be blamed for the "accident". Thus, a man was killed by the hackers' actions. Also, the life of the nurse was probably ruined, along with the reputation of the hospital and all its
12
Seminar Report
Cyber Terrorism
employees. Thus, there are often more victims in a terrorist situation that the immediate recipient of the terrorism. Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a group, known as the Chaos Computer Club, was discovered in 1997. They had created an Active X Control for the Internet that can trick the Quicken accounting program into removing money from a user's bank account. This could easily be used to steal money from users all over the world that have the Quicken software installed on their computer. This type of file is only one of thousands of types of viruses that can do everything from simply annoy users, to disable large networks, which can have disastrous, even life and death, results. Terrorism can also come in the form of disinformation. Terrorists can many times say what they please without fear of action from authorities or of accountability for what they say. Recently, the rumor that a group of people was stealing people's kidneys and putting them for sale was spread via the Internet. The rumour caused thousands of people to panic, and the number of people affected was unlimited. Minor attacks come in the form of "data diddling", where information in the computer is changed. This may involve changing medical or financial records or stealing of passwords. Hackers may even prevent users who should have access from gaining access to the machine. Ethical issues in this case include things like invasion of privacy and ownership conflicts. It could be even more serious if, for instance, the person who needed access to the machine was trying to save someone's life in a hospital and couldn't access the machine. The patient could die waiting for help because the computer wouldn't allow the necessary access for the doctor to save his or her life.
13
Seminar Report
Cyber Terrorism
What can be done about Cyberterrorism?
In response to heightened awareness of the potential for cyber-terrorism President Clinton, in 1996, created the Commission of Critical Infrastructure Protection. The board found that the combination of electricity, communications and computers are necessary for the survival of the U.S., all of which can be threatened by cyberwarfare. The resources to launch a cyber attack are commonplace in the world; a computer and a connection to the Internet are all that is really needed to wreak havoc. Adding to the problem is that the public and private sectors are relatively ignorant of just how much their lives depend on computers as well as the weaknesses of those computers. Currently there are no foolproof ways to protect a system. The completely secure system can never be accessed by anyone. Most of the militaries classified information is kept on machines with no outside connection, as a form of prevention of cyberterrorism. Apart from such isolation, the most common method of protection is encryption. The wide spread use of encryption is inhibited by the government's ban on its exportation, so intercontinental communication is left relatively insecure. The Clinton administration and the FBI opposed the export of encryption in favor of a system where by the government can gain the key to an encrypted system after gaining a court order to do so. The director of the FBI's stance was that the Internet was not intended to go unsupervised and that the police need to protect people's privacy and public-safety rights there. Encryption's drawback is that it does not protect the entire system, an attack designed to cripple the whole system, such as a virus, is unaffected by encryption. Others promote the use of firewalls to screen all communications to a system, including e-mail messages, which may carry logic bombs. Firewall is a relatively generic term for methods of filtering access to a network. They may come in the form of a computer, router other communications device or in the form of a network
14
Seminar Report
Cyber Terrorism
configuration. Firewalls serve to define the services and access that are permitted to each user. One method is to screen user requests to check if they come from a previously defined domain or Internet Protocol (IP) address. Another method is to prohibit Telnet access into the system. Here are few key things to remember to protect yourself from cyber-terrorism: 1. 2. 3. 4. 5. All accounts should have passwords and the passwords should be unusual, difficult to guess. Change the network configuration when defects become know. Check with venders for upgrades and patches. Audit systems and check logs to help in detecting and tracing an intruder. If you are ever unsure about the safety of a site, or receive suspicious email from an unkown address, don't access it. It could be trouble.
Types Of Cyber Crimes: -Broadly three types of cyber crimes are recognized: * Hacking without any intention to commit any further offence. * Unauthorized access with intention to commit further offences. These can include theft, fraud, miss-appropriations, forgery, cracking. * Distribution of digital information through use of virus, trogon horses, logic bombs.
Hacking:
Hackers might be
1. 2.
Code hackers – They know computers inside out. They can make the
computer do nearly anything they want it to. Crackers – They break into computer systems circumventing operating
systems and their security is their favourite pastime.
15
Seminar Report
Cyber Terrorism
3. 4.
Cyber pumps – They are masters of cryptography. Phreakers – They combine their in-depth knowledge of the Internet and
mass telecommunication systems. Hackers are becoming menacing, so uncontrollable that even largest companies in the world are finding it difficult to cope up with their incessant attacks. An act to constitute trespass under-section 441 I.P.C. must compromise one of the following. 1. There must be an unauthorised entry into or upon property against the
will of the person in possession; or 2. There must be an unauthorised entry lawfully obtained into or upon
property but unlawfully remaining therein. Five common methods of attacks through internet:
Network pocket sniffers: -
It is package softer which uses a network adaptor card in promiscuous made to capture all network pockets that are sent across a local area network this provide user with meaningful and often sensitive information such as accounts and passwords. Attacker uses pocket sniffers to get passwords accounts etc.
IP spoofing: -
An IP (internet protocol) Spoofing attack occurs when an attacker out side the network enters pretending as if he is inside network and takes all information from network or destroy information. Password attacks, Distribution of sensitive internal information to external sources.
16
Seminar Report
Cyber Terrorism
•
Man – in – the – middle attacks
Fraud on Internet:
This is a form of white collar crime whose growth may be as rapid and diverse as growth of the internet itself. In 1997 1152 crimes were reported. But in 1998 they skied up to 7500.
Types of Fraud 1.
Online investment newsletters: These are major tools for advertising
the investments in stock market and growth of companies. But some of them are found to be tools for fraud.
2.
Bulletin boards: Online bulletin boards – whether newsgroups, use nets
or web-based- have become popular tools for sharing the information in market. Some of these are also found to be fraudulent.
3.
E-mail online Spam: Because spam-junk e-mail- is so cheap and easy
to create, fraudsters increasingly use it to find investors for bogus investment schemes using a bulk e-mail program Spammers can send personalized messages to thousands and even millions of internet users at a time.
Alternation And Destruction Of Digital Information:
This is largest menace facing the world of computers. They are the programs created by humans which do destruction. They are :1. 2. VIRUS 2. Trojan horses 3. Worms 4. Logic bombs
Types of Viruses
1. File infectors 2. Boot sector virus 3.Macro VIRUS
17
Seminar Report
Cyber Terrorism
Impact of Cyber Crimes on functionality, work culture and their results:-
If any system which is working with help of internet is hacked, it is obvious that its source code will be modified and system falls in malfunctionality. Hence all functions taking this system’s help will also fall in malfunctionality. If this situation happened in banks, military control systems and etc the loss will be of great amount. Hence Government of India passed some rules to counter Cyber crimes.
Cyber crimes And Information Technology Act, 2000:----
This act, passed with the objective of promoting a secure electronic environment deals with issues subsidiary to this secure electronic environment such as contraventions relating to electronics transactions and I.T. offences. It also amends the I.P.C. along with a few other statutes.
CONTRAVENTIONS AND I.T. OFFENCES I.T. act delineates two separate types of penal provisions; contraventions and I.T. offences. Contraventions have resultant monetary penalties, the offences may result in the offender being imprisoned or paying a fine or both.
CONTRAVENTOINS AND COMPENSATOINS/PENALTIES Contraventions – Accessing or securing access to the computer/network, Downloading any data or information from the computer/network, Introducing or
18
Seminar Report
Cyber Terrorism
causing to be introduced any computer contaminant or computer VIRUS into the computer/network. Damaging or causing to be damaged the computer/network, data, data base or any other programs residing in it. Charging the service availed of by a person to the account of another person by tampering with or manipulating any computer/network.
The following acts are punishable according to I.T. offences as described in chapter XI of the I.T. ACT 2000 in I.P.C. 1. Source code attacks: KNOWINGLY OR INTENTIONALLY destroying
computer/network source code that is used to maintain computer/network. This offence is punishable with imprisonment up to three years or with fine up to 2 lakh rupees or both. 2. Hacking: Destroying, Deleting or altering any information or diminishing
its value or utility by any means with intent to cause loss or damage to the public or any person. Hacking is punishable with imprisonment up to 3 years or fine up to 2 lakh rupees or both.
3.
Obscenity: Publishing or transmitting any material which is lascivious or
appeals to the prurient interest or of its effect is such so as to tend to deprave and corrupt person who are likely concerned to it. This is punishable on FIRST CONVICTION with imprisonment of either description for a term which may extend to 5 years and with fine which may extend to 1 lakh rupees and in event of a SECOND or subsequent conviction with imprisonment of either description for a term which may extend to 10 years and also with fine 2 lakh rupees. 4. Failure to comply with controllers directions: The CCA [Controller
Complying Authority] may give certifying authorities to take certain measures to ensure compliance under act. If nay such person fails to comply with such
19
Seminar Report
Cyber Terrorism
directions liable to imprisonment up to three years or fine up to 2 lakh rupees or both. 5. Subscriber’s failure to comply with controller’s requirements for
decryption. In national or public interest or fails to support to CCA in such cases the subscriber is punishable with an imprisonment for a term that may extend to seven years. 6. Publishing false digital signature certificate: If a person knows that a
digital signature is false and still goes ahead and certifies it is guilty and he is punishable with imprisonment up to 2 years or fine up to 2 lakh or both. 7. Making Available Digital Signature for Fraudulent Purpose: Is punishable
with imprisonment for 2 years or fine up to 1 lakh rupees or both.
HACKING Original term referred to learn programming languages and computer systems; now associated with the process of bypassing the security systems on a computer system or network. HACKER: A term sometimes used to describe a person who pursues the knowledge of computer and security systems for it’s own sake, sometimes used to describe a person who breaks into computer system for the purpose of stealing or destroying data. Hacker's and criminals to transmit computer viruses, invade privacy, steal or corrupt valuable information.
TYPES OF HACKING
20
Seminar Report
Cyber Terrorism
1. CYBER MURDERS: A hacker breaks into hospital medical records and
maliciously alters prescriptions. Say, if a patient is allergic to penicillin, the hacker adds 500 mg of penicillin to his usual dose of medication. The nurse administers the drug causing immediate death.
2. EFFECT ON US GOVERNMENT SITES: US government sites were hacked
by ‘mujihadeen’.Two US government sites were hacked late last week by a group calling themselves ‘mujihadeen’. The pages were defaced with the flag of Saudi Arabia and a message in Urdu, which translates as “Allah is the greatest of all, Americans be prepared to die”. The hackers called themselves ‘mujihadeen’ threatened further cyber terrorism.
3. HACKING INCIDENT CLOSES SECURITY NEWS SITE: A hacker had
offered $10,000 bounty for information about fluffy bunny, a notorious hacker who defaced the schmitz site. The owner’s site came crashing down.
4. MANIPULATING STOCK MARKETS: A hacker can some how go to the
stock markets web site and manipulate various shares they by giving some companies great losses and some great profits.
5. TRANSMISSION OF VIRUS: In hacking a hacker can paralyze the systems
by transmitting virus they by affecting the whole data be it of any company. 6. CRASHING OF SITES: Sometimes a mischievous hacker tries to crash down site by sending millions of email like the tempest site. ADVANTAGES : Web business have recently found an old way to protect their new concepts by making the patent application public on his site Mr.Tim Grey effectively put copycats on notice. Like Grey Natgoldhaber had fears about his company cybergold being copied. He applied for a patent and after three years of waiting his site his one of a handful of net business that can count a newly granted patent as one of its assets.
21
Seminar Report
Cyber Terrorism
ARE HACKERS REALLY CRIMINALS? Not according to Pete Shipley, chief security architect at KPMG consultancy. Shipley is proud to call himself a hacker. He suggested the CHAOS THEORY which is given as below
Media misconceptions:
What is a hacker? A hacker is someone who pursues technology. Ben Franklin was an inventor, an experimenter and a hacker. According to him hackers are inventors who thirst for knowledge. They don’t want to destroy the world. They want to rule the world. The media typically mislabels hackers as crackers and crackers as hackers. DISADVANTAGES: If you have an account on hotmail, yahoo or excite it’s vulnerable to hacker’s. These services allow an unlimited number of log on attempts. Secondly the user is not notified when a number of failed login attempts have occurred.If a password attack has been attempted against a user. Password crackers attempt to obtain an account password by exhaustively guessing word and number combination. Password cracking is an extremely common hacker technique. BAG OF DIRTY TRICKS:
Password generators: Software in this genre is a hacker’s dream. These software
attacks serves millions of different combinations of letters and words until they find your password and hack into your system.
Credit card numbers: These are similar to password generators and can help a
hacker find and use your credit card number.
22
Seminar Report
Cyber Terrorism
Hacking is a euphemism for what is in fact an act of electronic war with devastating consequences.
VSN L
PROXY SERVER
INTERNET
USER LOGBOOK
AOL, YAH OO...
23
Seminar Report
Cyber Terrorism
e-mail leaves behind a trace leading back to it’s point of origin in the form of an email header. To view the header all we need to do is press ‘options’ button and then go to ‘preferences’. This will throw of two boxes where you can view your e-mail ‘in full’, complete with IP addresses. The IP address, usually a number like 120.12.111,can be traced to VSNL. But only the police have authority to trace back the route of message up to the doorstep of the offending subscriber. PREVENTIVE MEASURES : The FBI’s national infrastructure protection has released a test of seven simple preventive measures. Computer users can take to step up a security on their machines from hacking. 1. Use strong passwords: use passwords that are difficult or impossible to guess. Give different passwords to all accounts. 2. Make regular backup’s of critical data: Backup’s must be done atleast once each day. 3. Use virus protection software this means three things having it in your computer check daily for new virus signature updates and then scan it. 4. Use firewall as a gatekeeper between your computer and Internet. 5. Do not keep computers online when not in use: either shut them or disconnect them from Internet connection. 6. Do not open e-mail attachments from strangers. Regularly down load security.
INTERLIANT BEEFS UP SECURITY OFFERING: The security vulnerability includes comprehensive audit of an enterprises network security including internal and external penetration testing, host based operating
24
Seminar Report
Cyber Terrorism
system configuration topology and infra structure assessment and firewall router and switch analysis.
Instances Of Cyber Terrorism
Some attacks are conducted in furtherance of political and social objectives, as the following examples illustrate: • In 1998, Spanish protestors bombarded the Institute for Global Communications (IGC) with thousands of bogus e-mail messages. E-mail was tied up and undeliverable to the ISP's users, and support lines were tied up with people who couldn't get their mail. IGC finally relented and pulled the site because of the "mail bombings." • In 1998, ethnic Tamil guerrillas swamped Sri Lankan embassies with 800 emails a day over a two-week period. The messages read "We are the Internet Black Tigers and we're doing this to disrupt your communications." Intelligence authorities characterized it as the first known attack by terrorists against a country's computer systems. • During the Kosovo conflict in 1999, NATO computers were blasted with email bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organizations, and academic institutes received highly politicized virus-laden e-mails from a range of Eastern European countries, according to reports. Web defacements were also common. While these incidents were motivated by political and social reasons, whether they were sufficiently harmful or frightening to be classified as cyberterrorism is a judgement call. No attack so far has led to violence or injury to persons, although some may have intimidated their victims . Factors Leading To Cyberterrorism:
25
Seminar Report
Cyber Terrorism
• • •
Whether there are targets that are vulnerable to attack that could lead to violence Whether there are actors with the capability and motivation to carry them Misuse of the technology that make it open to attack even after the high security • Involvement of the insiders, acting alone or in concert with the other terrorist misusing their access capabilities. • Role of consultants and contractor causing grave harm.
or severe harm.
Cyberterror In Practice: Terrorists do use cyberspace to facilitate traditional forms of terrorism such as bombings. They put up Web sites to spread their messages and recruit supporters, and they use the Internet to communicate and coordinate action. However, there are few indications that they are pursuing cyberterrorism, either alone or in conjunction with acts of physical violence. It is believed that members of some Islamic extremist organizations have been attempting to develop a 'hacker network' to support their computer activities and even engage in offensive information warfare attacks in the future. The members of the militant Indian separatist group Harkat-ul-Ansar had tried to buy military software from hackers who had stolen it from Department of Defense computers they had penetrated. Cyberterror Capabilities: There are three levels of cyberterror capability
Simple-Unstructured: The capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target analysis,command and control, or learning capability. Advanced-Structured: The capability to conduct more sophisticated attacks
against multiple systems or networks and possibly, to modify or create basic
26
Seminar Report
Cyber Terrorism
hacking tools. The
organization possesses an elementary target analysis,
command and control, and learning capability.
Complex-Coordinated: The capability for a coordinated attacks capable of causing mass-disruption against integrated, heterogeneous defenses (including cryptography). Ability to create sophisticated hacking tools. Highly capable target analysis, command and control,and organization learning capability.
Drawbacks:
Systems are complex, so it may be harder to control an attack and Terrorists may be disinclined to try new methods unless they see their
achieve a desired level of damage than using physical weapons.
old ones as inadequate, particularly when the new methods require considerable knowledge and skill to use effectively.
Terrorists generally stick with tired and true methods. Novelty and sophistication of attack may be much less important than The risk of operational failure could be a deterrent to terrorists The barrier to entry for anything beyond annoying hacks is quite high,
assurance that a mission will be operationally successful.
and that terrorists generally lack the wherewithal and human capital needed to mount a meaningful operation.
27
Seminar Report
Cyber Terrorism
Cyberterror In Future:
The next generation of terrorists will grow up in a digital world, with ever more powerful and easy-to-use hacking tools at their disposal. They might see greater potential for cyberterrorism than the terrorists of today, and their level of knowledge and skill relating to hacking will be greater. Hackers and insiders might be recruited by terrorists or become self-recruiting cyberterrorists. Some might be moved to action by cyber policy issues, making cyberspace an attractive venue for carrying out an attack. Cyberterrorism could also become more attractive as the real and virtual worlds become more closely coupled, with a greater number of physical devices attached to the Internet.
28
Seminar Report
Cyber Terrorism
Conclusion
This article is not meant to give amateur hackers a crash-course in cyberterrorism, but to provide insights on the dangers of cyberterrorism. Computer professionals the world over need to be aware of the problem areas of information systems that may be susceptible to terrorist attacks, to be able to attempt putting an end to such activity. There are a large number of ethical issues to be taken into consideration, as well. For example, there are sites on the Internet that deal with methods of making bombs, and sites from which these materials can be purchased. This information is available to everybody. However, if an individual acted on this information, and made a bomb with evil intentions, then one could not blame technology, but society, for producing such a person. Technology must be used for the betterment of mankind, not with the intent of destroying what He created. Doomsday and other haunting scenarios involving weapons of mass destruction existed long before the advent of cyberterrorism and will continue to do so as long as political actors, security firms and others who can benefit from them can exploit the basic myths surrounding terrorism for their own purposes. Cyberterrorists have been giving the entire computing profession a bad reputation, but we, as part of the IT world need to realize that one of our immediate concerns must be to promote the good name of the profession we call our own. It is extremely important that we try to understand and mitigate cyberterrorism for the benefit of society as a whole, and try to curtail its growth, so that we can heal the present, and live the future...
29
Seminar Report
Cyber Terrorism
REFERENCES
♦ ♦ ♦ ♦ ♦ A Paper by Dr.Peter Grabosky – Cyber crime A Paper by Gaylen Duncan – Cyber crime Computers @Home Magazine www.cyberlawindia.com www.seminarsonly.com
30
Cyber Terrorism
CYBERTERRORISM
Seminar Report Submitted in partial fulfillment of the requirements for the award of degree of
BACHELOR OF TECHNOLOGY IN BY
COMPUTER SCIENCE & ENGINEERING
NAME: KASHETTY TARUN KUMAR ROLL NO: 08QJ1A0534
Under the Esteemed Guidance of NAME OF THE INTERNAL GUIDE PRASANTH SIR DESIGNATION
DEPARTMENT OF
JJ INSTITUTE OF INFORMATION TECHNOLOGY
(Approved by AICTE & Affiliated to JNTUH) Maheshwaram – 501 359, R. R. Dist. Phone: 9441119508
1
Seminar Report
Cyber Terrorism
JJ Institute of Information Technology
(Approved by AICTE & Affiliated to JNTUH)
Maheshwaram – 501 359, R. R. Dist. Phone: 9441119508
Department of Information Technology
CERTIFICATE
THIS IS TO CERTIFY THAT THE SEMINAR ENTITLED “SENSORS” IS THE BONAFIDE WORK OF
NAME: KASHETTY TARUNKUMAR (ROLL NO:08QJ1A0534)
SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENT FOR THE AWARD OF DEGREE OF BACHELOR OF TECHNOLOGY IN IT DURING THE YEAR 2011-2012.
Head of Dept. CSE GUIDE AME: PRASANTH SIR Mr. A. ARUN KUMAR Assoc. Professor & HOD
INTERNAL N Name with Designation
2
Seminar Report
Cyber Terrorism
Name with Designation
ACKNOWLEDGEMENT
I thank GOD almighty for guiding me throughout the seminar. I would like to thank all those who have contributed to the completion of the seminar and helped me with valuable suggestions for improvement.
I am extremely grateful to ARUN KUMAR, HOD , Division of Information Technology, for providing me with best facilities and atmosphere for the creative work guidance and encouragement. I would like to thank my coordinator, Omprakash Sir, Sr. Lecturer, Division of Information Technology, and my guide Mrs. Prashanth sir, Lecturer, Division of Information Technology , SOE for all help and support extend to me. I thank all Staff members of my college and friends for extending their cooperation during my seminar.
Above all I would like to thank my parents without whose blessings, I would not have been able to accomplish my goal.
TARUN KUMAR KASHETTY
3
Seminar Report
Cyber Terrorism
ABSTRACT Cyberterrorism is a new terrorist tactic that makes use of information systems or digital technology, especially the Internet, as either an instrument or a target. As the Internet becomes more a way of life with us, it is becoming easier for its users to become targets of the cyberterrorists. The number of areas in which cyberterrorists could strike is frightening, to say the least. The difference between the conventional approaches of terrorism and new methods is primarily that it is possible to affect a large multitude of people with minimum resources on the terrorist's side, with no danger to him at all. We also glimpse into the reasons that caused terrorists to look towards the Web, and why the Internet is such an attractive alternative to them. The growth of Information Technology has led to the development of this dangerous web of terror, for cyberterrorists could wreak maximum havoc within a small time span. Various situations that can be viewed as acts of cyber-terrorism have also been covered. Banks are the most likely places to receive threats, but it cannot be said that any establishment is beyond attack. Tips by which we can protect ourselves from cyberterrorism have also been covered which can reduce problems created by the cyberterrorist. We, as the Information Technology people of tomorrow need to study and understand the weaknesses of existing systems, and figure out ways of ensuring the world's safety from cyberterrorists. A number of issues here are ethical, in the sense that computing technology is now available to the whole world, but if this gift is used wrongly, the consequences could be disastrous. It is important that we understand and mitigate cyberterrorism for the benefit of society, try to curtail its growth, so that we can heal the present, and live the future...
4
Seminar Report
Cyber Terrorism
CONTENTS
1. INTRODUCTION Why IT IS SO ATTRACTIVE TO TERRORIST? WHAT THE CYBER TERRORIST CAN DO? EXAMPLES OF CYBER TERROTRISM 2. WHAT CAN BE DONE be ABOUT CYBER TERRORISM? CYBER CRIME TYPES OF CYBER CRIME HACKING CODE HACKERS
CYBER PUMPS
CRACKERS PHREAKERS NETWORK POCKET SNIFFERS
3. FRAUD ON INTERNET TYPEYS OF FRAUD ALTERNATION AND DESTRUCTION OF DIGITAL INFORMATION
5
Seminar Report
Cyber Terrorism
IMPACT OF CYBERCRIME ON FUNCTIONALITY, WORK CULTURE AND THEIR RESULT
4. CONTRAVENTOINS AND I.T. OFFENCES CONTRAVENTOINS AND COMPENSATOINS/PENALTIES
5. HACKING TYPES OF HACKING
PREVENTIVE MEASURES:
INTERLIANT BEEFS UP SECURITY OFFERING 6. INSTANCES OF CYBER TERRORISM FACTORS LEADING TO THE CYBERTERRORISM CYBER TERRORISM IN PRACTICE CYBER TERROR CAPABILITES
7. CYBER TERROR IN FUTURE 8. DRAW BACKS 9. CONCLUSION 10. REFERENCES
6
Seminar Report
Cyber Terrorism
Introduction
The world is a very large place, but it is getting smaller, thanks to the advent of computers and Information Technology. However, the progress that we've made in these fields also has a dark side, in that a new terrorist tactic, commonly called Cyberterrorism has developed. The old, conventional methods of assassination and hostage taking are slowly fading, as terrorists head towards the Internet to pull their stunts. The cause for this kind of a transition stems from the fact that the terrorist has long since realized that removing one official from office only causes another official to take his place; which is not the end-result the terrorist wished to achieve. This causes the terrorist to take to the net, thus affecting a wider section than could otherwise have been targeted. From disabling a country's economy to shutting off power in large areas, it's all possible, with less risk to the terrorists. Cyberterrorism is any act of terrorism that uses information systems or digital technology (computers or computer networks) as either an instrument or a target. Cyberterrorism can either be "international", "domestic" or "political", according to the nature of the act, but it is always an act involving a combination of the terrorist and the computer. Why IT is so attractive to the terrorist? Terrorist groups have been using computer technology to secure many of their goals. They have been exploiting existing modern technology to accomplish the same goals that they have been working towards in the past. However, the key differences
7
Seminar Report
Cyber Terrorism
between their old tactics and their newer methods lie in the ease with which their operations can be performed, as well as increased anonymity. It is extremely difficult to detect such clandestine operations, and needless to say, even more difficult to counter such acts. Terrorist groups take advantage of computer technology to create support structures that serve to strengthen their tactical and strategic plans and goals. These are achieved by: • Political propaganda • Recruitment • Financing • Intra and inter-group communication and coordination • Information and intelligence gathering • Ease of operations that are cost-effective, both in terms of resources used, and ability to strike worldwide.
Specific examples of the facilitation of terrorism through the use of computer technology illustrate the appeal this technology has for terrorist groups interested in advancing their particular agendas. The use of the Internet for propaganda and disinformation purposes is an especially popular one. Many exiled political opposition groups from such states as Iran, Iraq, Mexico, Northern Ireland and Saudi Arabia have used the World Wide Web for just such purposes. One of the most demonstrative examples, however, involves the case of the December, 1996 takeover of the Japanese Ambassador's residence in Lima, Peru by the Tupac Amaru Revolutionary Movement. Not only did this terrorist group use the Internet to communicate its revolutionary message to the rest of the world through a European website, it even offered a video clip of its members preparing for their mission.
8
Seminar Report
Cyber Terrorism
The added attractiveness of the Internet for terrorists is that the widest possible audience for their violent activity not only reminds them of the major themes of their campaigns, it also heightens fear in the target audience by reminding it of the potential for future violence. In addition to aiding terrorist propaganda, computer networks also enhance terrorist recruitment and financing. Various supremacist groups in the United States have also used the Internet for financial gain. The nature of modern computer technology is such that it also lends itself to the communication and intelligence activities of terrorist groups. The attractiveness of this feature for groups eager to expand their activities can be explained as follows: Information Technology gives individuals and groups a reach and influence that was previously reserved for well-organized, state-funded terrorist organizations. Physical distance and national borders that once separated terrorists from their coconspirators, their audience and their targets cease to exist in the world of modern telecommunications and the Internet. Organizations such as the Islamic fundamentalist groups that follow Osama Bin Ladin rely on computers to coordinate their activity. The Revolutionary Armed Forces of Colombia, for example, is known to respond to press inquiries via e-mail. In the case of the intelligence gathering activities of terrorist groups, computer networks and access to the World Wide Web are equally important. Modern computer technology has not only enhanced much of the above activity, but it has done so in such a fashion that the terrorist groups that utilize it are now able to operate beyond the range of traditional counter terrorist approaches. The terrorist ability to engage in "growth activity" such as recruitment, communication and especially financing without the knowledge of state authorities may inevitably lead to stronger and hence, more resilient terrorist groups. In turn, the potential for
9
Seminar Report
Cyber Terrorism
terrorist groups to engage in activity that focuses less on threats and more on actions that can be seen and felt is significantly heightened. Modern terrorist groups that are able to develop undetected may become stronger, more elusive and deadlier than their earlier counterparts.
Moreover, and perhaps even more importantly the advent of computer networks has spawned a new direction in the organizational structure of terrorist groups. Terrorist groups utilizing computers for communication are likely to move beyond hierarchical organizational structures and employ networked ones.
What the Cyberterrorist can do?
Terrorist groups engaging in cyberterrorism are noted for threats to commerce, public safety and national security. These threats can take any number of forms, but are generally seen as computer versus computer confrontations (While the current discussion focuses on the use of "high tech" applications in terrorist operations, "low tech" operations against a victim's "high tech" infrastructure should not be ignored.) Terrorist groups use their own computer technology to threaten or attack a victim's computer resources. This can take the form of threats or attacks against national infrastructures that have become heavily reliant and interconnected to computer networks. Activity of this sort is tangible in nature and thus, generates most of the interest we have in cyberterrorism today. Cyberterrorist threats can include: • rapid communication of threats to a wide or specific audience • threats to public utilities and transportation threats to commercial • threats to individuals institutions and transnational corporations • threats to IGOs and NGOs
10
Seminar Report
Cyber Terrorism
•
threats
to
political
groups
or
other
ethnic,
religious
or nationalist
entities (all of these can include other terrorist groups) identified as "the enemy" • threats to security forces • threats to nation states
What we occasionally see (what is reported) is actual damage to the above targets in the form of temporary disruption of services, public inconveniences or financial loss. These incidents, however, are most often in the form of cyber crime and fall short of what is considered as cyberterrorism. In summary, there have been no instances where cyberterrorism has been directly translated a catastrophic loss of life or physical destruction associated with the most violent acts of "conventional" terrorism. The threat, however, remains real and takes on an added significance when the growing potential of terrorist group resources is considered. At this point it is also helpful to speak in terms of "cyberspace-based threats." There is a wide spectrum of possibilities for "evil actions" in cyberspace. These include attacks on the data contained within the systems, the programs and processing hardware running those systems, and the environment (communications, networks, etc.) in which they operate.
Examples of Cyberterrorism
Cyber terrorism takes many forms. One of the more popular is to threaten a large bank. The terrorists hack into the system and then leave an encrypted message for senior directors, which threatens the bank. This message says that if the bank does not pay a set amount of money, then the terrorists will use anything from logic bombs to electromagnetic pulses and high-emission radio frequency guns to destroy the bank's files. The fact that the terrorists may be in another in another country adds
11
Seminar Report
Cyber Terrorism
to the difficulty of catching the criminals. A second difficulty is that most banks would rather pay the money than have the public know how vulnerable they are. Significant confusion in understanding cyberterrorism also emerges when cyberterrorism is confused with "cyber crime" and vice versa. Cyber crime is similar to cyberterrorism in its use of computer networks and information systems but clearly different in its motivation and goals. This appreciation, however, is often overlooked. In many instances there is little effort to distinguish the obvious differences between the two. Some people treat cyberterrorism simply as an extension of cyber crime. Cyberterrorists are often interested in gaining publicity in any possible way. For example, information warfare techniques like Trojan horse viruses and network worms are often used to not only do damage to computing resources, but also as a way for the designer of the viruses to "show off" his "creativity". This is a serious ethical issue, because many people are affected by these cases. For one, the viruses can consume system resources until networks become useless, costing companies lots of time and money. Even if the person never meant to harm someone with their virus, it could have unpredictable effects that could have terrible results. In one of its more unusual forms, cyber-terrorism can be used for an assassination. In one case, a Mafia boss was shot but survived the shooting. That night while he was in the hospital, the assassins hacked into the hospital computer and changed his medication so that he would be given a lethal injection. He was dead a few hours later. They then changed the medication order back to its correct form, after it had been incorrectly administered, to cover their tracks so that the nurse would be blamed for the "accident". Thus, a man was killed by the hackers' actions. Also, the life of the nurse was probably ruined, along with the reputation of the hospital and all its
12
Seminar Report
Cyber Terrorism
employees. Thus, there are often more victims in a terrorist situation that the immediate recipient of the terrorism. Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a group, known as the Chaos Computer Club, was discovered in 1997. They had created an Active X Control for the Internet that can trick the Quicken accounting program into removing money from a user's bank account. This could easily be used to steal money from users all over the world that have the Quicken software installed on their computer. This type of file is only one of thousands of types of viruses that can do everything from simply annoy users, to disable large networks, which can have disastrous, even life and death, results. Terrorism can also come in the form of disinformation. Terrorists can many times say what they please without fear of action from authorities or of accountability for what they say. Recently, the rumor that a group of people was stealing people's kidneys and putting them for sale was spread via the Internet. The rumour caused thousands of people to panic, and the number of people affected was unlimited. Minor attacks come in the form of "data diddling", where information in the computer is changed. This may involve changing medical or financial records or stealing of passwords. Hackers may even prevent users who should have access from gaining access to the machine. Ethical issues in this case include things like invasion of privacy and ownership conflicts. It could be even more serious if, for instance, the person who needed access to the machine was trying to save someone's life in a hospital and couldn't access the machine. The patient could die waiting for help because the computer wouldn't allow the necessary access for the doctor to save his or her life.
13
Seminar Report
Cyber Terrorism
What can be done about Cyberterrorism?
In response to heightened awareness of the potential for cyber-terrorism President Clinton, in 1996, created the Commission of Critical Infrastructure Protection. The board found that the combination of electricity, communications and computers are necessary for the survival of the U.S., all of which can be threatened by cyberwarfare. The resources to launch a cyber attack are commonplace in the world; a computer and a connection to the Internet are all that is really needed to wreak havoc. Adding to the problem is that the public and private sectors are relatively ignorant of just how much their lives depend on computers as well as the weaknesses of those computers. Currently there are no foolproof ways to protect a system. The completely secure system can never be accessed by anyone. Most of the militaries classified information is kept on machines with no outside connection, as a form of prevention of cyberterrorism. Apart from such isolation, the most common method of protection is encryption. The wide spread use of encryption is inhibited by the government's ban on its exportation, so intercontinental communication is left relatively insecure. The Clinton administration and the FBI opposed the export of encryption in favor of a system where by the government can gain the key to an encrypted system after gaining a court order to do so. The director of the FBI's stance was that the Internet was not intended to go unsupervised and that the police need to protect people's privacy and public-safety rights there. Encryption's drawback is that it does not protect the entire system, an attack designed to cripple the whole system, such as a virus, is unaffected by encryption. Others promote the use of firewalls to screen all communications to a system, including e-mail messages, which may carry logic bombs. Firewall is a relatively generic term for methods of filtering access to a network. They may come in the form of a computer, router other communications device or in the form of a network
14
Seminar Report
Cyber Terrorism
configuration. Firewalls serve to define the services and access that are permitted to each user. One method is to screen user requests to check if they come from a previously defined domain or Internet Protocol (IP) address. Another method is to prohibit Telnet access into the system. Here are few key things to remember to protect yourself from cyber-terrorism: 1. 2. 3. 4. 5. All accounts should have passwords and the passwords should be unusual, difficult to guess. Change the network configuration when defects become know. Check with venders for upgrades and patches. Audit systems and check logs to help in detecting and tracing an intruder. If you are ever unsure about the safety of a site, or receive suspicious email from an unkown address, don't access it. It could be trouble.
Types Of Cyber Crimes: -Broadly three types of cyber crimes are recognized: * Hacking without any intention to commit any further offence. * Unauthorized access with intention to commit further offences. These can include theft, fraud, miss-appropriations, forgery, cracking. * Distribution of digital information through use of virus, trogon horses, logic bombs.
Hacking:
Hackers might be
1. 2.
Code hackers – They know computers inside out. They can make the
computer do nearly anything they want it to. Crackers – They break into computer systems circumventing operating
systems and their security is their favourite pastime.
15
Seminar Report
Cyber Terrorism
3. 4.
Cyber pumps – They are masters of cryptography. Phreakers – They combine their in-depth knowledge of the Internet and
mass telecommunication systems. Hackers are becoming menacing, so uncontrollable that even largest companies in the world are finding it difficult to cope up with their incessant attacks. An act to constitute trespass under-section 441 I.P.C. must compromise one of the following. 1. There must be an unauthorised entry into or upon property against the
will of the person in possession; or 2. There must be an unauthorised entry lawfully obtained into or upon
property but unlawfully remaining therein. Five common methods of attacks through internet:
Network pocket sniffers: -
It is package softer which uses a network adaptor card in promiscuous made to capture all network pockets that are sent across a local area network this provide user with meaningful and often sensitive information such as accounts and passwords. Attacker uses pocket sniffers to get passwords accounts etc.
IP spoofing: -
An IP (internet protocol) Spoofing attack occurs when an attacker out side the network enters pretending as if he is inside network and takes all information from network or destroy information. Password attacks, Distribution of sensitive internal information to external sources.
16
Seminar Report
Cyber Terrorism
•
Man – in – the – middle attacks
Fraud on Internet:
This is a form of white collar crime whose growth may be as rapid and diverse as growth of the internet itself. In 1997 1152 crimes were reported. But in 1998 they skied up to 7500.
Types of Fraud 1.
Online investment newsletters: These are major tools for advertising
the investments in stock market and growth of companies. But some of them are found to be tools for fraud.
2.
Bulletin boards: Online bulletin boards – whether newsgroups, use nets
or web-based- have become popular tools for sharing the information in market. Some of these are also found to be fraudulent.
3.
E-mail online Spam: Because spam-junk e-mail- is so cheap and easy
to create, fraudsters increasingly use it to find investors for bogus investment schemes using a bulk e-mail program Spammers can send personalized messages to thousands and even millions of internet users at a time.
Alternation And Destruction Of Digital Information:
This is largest menace facing the world of computers. They are the programs created by humans which do destruction. They are :1. 2. VIRUS 2. Trojan horses 3. Worms 4. Logic bombs
Types of Viruses
1. File infectors 2. Boot sector virus 3.Macro VIRUS
17
Seminar Report
Cyber Terrorism
Impact of Cyber Crimes on functionality, work culture and their results:-
If any system which is working with help of internet is hacked, it is obvious that its source code will be modified and system falls in malfunctionality. Hence all functions taking this system’s help will also fall in malfunctionality. If this situation happened in banks, military control systems and etc the loss will be of great amount. Hence Government of India passed some rules to counter Cyber crimes.
Cyber crimes And Information Technology Act, 2000:----
This act, passed with the objective of promoting a secure electronic environment deals with issues subsidiary to this secure electronic environment such as contraventions relating to electronics transactions and I.T. offences. It also amends the I.P.C. along with a few other statutes.
CONTRAVENTIONS AND I.T. OFFENCES I.T. act delineates two separate types of penal provisions; contraventions and I.T. offences. Contraventions have resultant monetary penalties, the offences may result in the offender being imprisoned or paying a fine or both.
CONTRAVENTOINS AND COMPENSATOINS/PENALTIES Contraventions – Accessing or securing access to the computer/network, Downloading any data or information from the computer/network, Introducing or
18
Seminar Report
Cyber Terrorism
causing to be introduced any computer contaminant or computer VIRUS into the computer/network. Damaging or causing to be damaged the computer/network, data, data base or any other programs residing in it. Charging the service availed of by a person to the account of another person by tampering with or manipulating any computer/network.
The following acts are punishable according to I.T. offences as described in chapter XI of the I.T. ACT 2000 in I.P.C. 1. Source code attacks: KNOWINGLY OR INTENTIONALLY destroying
computer/network source code that is used to maintain computer/network. This offence is punishable with imprisonment up to three years or with fine up to 2 lakh rupees or both. 2. Hacking: Destroying, Deleting or altering any information or diminishing
its value or utility by any means with intent to cause loss or damage to the public or any person. Hacking is punishable with imprisonment up to 3 years or fine up to 2 lakh rupees or both.
3.
Obscenity: Publishing or transmitting any material which is lascivious or
appeals to the prurient interest or of its effect is such so as to tend to deprave and corrupt person who are likely concerned to it. This is punishable on FIRST CONVICTION with imprisonment of either description for a term which may extend to 5 years and with fine which may extend to 1 lakh rupees and in event of a SECOND or subsequent conviction with imprisonment of either description for a term which may extend to 10 years and also with fine 2 lakh rupees. 4. Failure to comply with controllers directions: The CCA [Controller
Complying Authority] may give certifying authorities to take certain measures to ensure compliance under act. If nay such person fails to comply with such
19
Seminar Report
Cyber Terrorism
directions liable to imprisonment up to three years or fine up to 2 lakh rupees or both. 5. Subscriber’s failure to comply with controller’s requirements for
decryption. In national or public interest or fails to support to CCA in such cases the subscriber is punishable with an imprisonment for a term that may extend to seven years. 6. Publishing false digital signature certificate: If a person knows that a
digital signature is false and still goes ahead and certifies it is guilty and he is punishable with imprisonment up to 2 years or fine up to 2 lakh or both. 7. Making Available Digital Signature for Fraudulent Purpose: Is punishable
with imprisonment for 2 years or fine up to 1 lakh rupees or both.
HACKING Original term referred to learn programming languages and computer systems; now associated with the process of bypassing the security systems on a computer system or network. HACKER: A term sometimes used to describe a person who pursues the knowledge of computer and security systems for it’s own sake, sometimes used to describe a person who breaks into computer system for the purpose of stealing or destroying data. Hacker's and criminals to transmit computer viruses, invade privacy, steal or corrupt valuable information.
TYPES OF HACKING
20
Seminar Report
Cyber Terrorism
1. CYBER MURDERS: A hacker breaks into hospital medical records and
maliciously alters prescriptions. Say, if a patient is allergic to penicillin, the hacker adds 500 mg of penicillin to his usual dose of medication. The nurse administers the drug causing immediate death.
2. EFFECT ON US GOVERNMENT SITES: US government sites were hacked
by ‘mujihadeen’.Two US government sites were hacked late last week by a group calling themselves ‘mujihadeen’. The pages were defaced with the flag of Saudi Arabia and a message in Urdu, which translates as “Allah is the greatest of all, Americans be prepared to die”. The hackers called themselves ‘mujihadeen’ threatened further cyber terrorism.
3. HACKING INCIDENT CLOSES SECURITY NEWS SITE: A hacker had
offered $10,000 bounty for information about fluffy bunny, a notorious hacker who defaced the schmitz site. The owner’s site came crashing down.
4. MANIPULATING STOCK MARKETS: A hacker can some how go to the
stock markets web site and manipulate various shares they by giving some companies great losses and some great profits.
5. TRANSMISSION OF VIRUS: In hacking a hacker can paralyze the systems
by transmitting virus they by affecting the whole data be it of any company. 6. CRASHING OF SITES: Sometimes a mischievous hacker tries to crash down site by sending millions of email like the tempest site. ADVANTAGES : Web business have recently found an old way to protect their new concepts by making the patent application public on his site Mr.Tim Grey effectively put copycats on notice. Like Grey Natgoldhaber had fears about his company cybergold being copied. He applied for a patent and after three years of waiting his site his one of a handful of net business that can count a newly granted patent as one of its assets.
21
Seminar Report
Cyber Terrorism
ARE HACKERS REALLY CRIMINALS? Not according to Pete Shipley, chief security architect at KPMG consultancy. Shipley is proud to call himself a hacker. He suggested the CHAOS THEORY which is given as below
Media misconceptions:
What is a hacker? A hacker is someone who pursues technology. Ben Franklin was an inventor, an experimenter and a hacker. According to him hackers are inventors who thirst for knowledge. They don’t want to destroy the world. They want to rule the world. The media typically mislabels hackers as crackers and crackers as hackers. DISADVANTAGES: If you have an account on hotmail, yahoo or excite it’s vulnerable to hacker’s. These services allow an unlimited number of log on attempts. Secondly the user is not notified when a number of failed login attempts have occurred.If a password attack has been attempted against a user. Password crackers attempt to obtain an account password by exhaustively guessing word and number combination. Password cracking is an extremely common hacker technique. BAG OF DIRTY TRICKS:
Password generators: Software in this genre is a hacker’s dream. These software
attacks serves millions of different combinations of letters and words until they find your password and hack into your system.
Credit card numbers: These are similar to password generators and can help a
hacker find and use your credit card number.
22
Seminar Report
Cyber Terrorism
Hacking is a euphemism for what is in fact an act of electronic war with devastating consequences.
VSN L
PROXY SERVER
INTERNET
USER LOGBOOK
AOL, YAH OO...
23
Seminar Report
Cyber Terrorism
e-mail leaves behind a trace leading back to it’s point of origin in the form of an email header. To view the header all we need to do is press ‘options’ button and then go to ‘preferences’. This will throw of two boxes where you can view your e-mail ‘in full’, complete with IP addresses. The IP address, usually a number like 120.12.111,can be traced to VSNL. But only the police have authority to trace back the route of message up to the doorstep of the offending subscriber. PREVENTIVE MEASURES : The FBI’s national infrastructure protection has released a test of seven simple preventive measures. Computer users can take to step up a security on their machines from hacking. 1. Use strong passwords: use passwords that are difficult or impossible to guess. Give different passwords to all accounts. 2. Make regular backup’s of critical data: Backup’s must be done atleast once each day. 3. Use virus protection software this means three things having it in your computer check daily for new virus signature updates and then scan it. 4. Use firewall as a gatekeeper between your computer and Internet. 5. Do not keep computers online when not in use: either shut them or disconnect them from Internet connection. 6. Do not open e-mail attachments from strangers. Regularly down load security.
INTERLIANT BEEFS UP SECURITY OFFERING: The security vulnerability includes comprehensive audit of an enterprises network security including internal and external penetration testing, host based operating
24
Seminar Report
Cyber Terrorism
system configuration topology and infra structure assessment and firewall router and switch analysis.
Instances Of Cyber Terrorism
Some attacks are conducted in furtherance of political and social objectives, as the following examples illustrate: • In 1998, Spanish protestors bombarded the Institute for Global Communications (IGC) with thousands of bogus e-mail messages. E-mail was tied up and undeliverable to the ISP's users, and support lines were tied up with people who couldn't get their mail. IGC finally relented and pulled the site because of the "mail bombings." • In 1998, ethnic Tamil guerrillas swamped Sri Lankan embassies with 800 emails a day over a two-week period. The messages read "We are the Internet Black Tigers and we're doing this to disrupt your communications." Intelligence authorities characterized it as the first known attack by terrorists against a country's computer systems. • During the Kosovo conflict in 1999, NATO computers were blasted with email bombs and hit with denial-of-service attacks by hacktivists protesting the NATO bombings. In addition, businesses, public organizations, and academic institutes received highly politicized virus-laden e-mails from a range of Eastern European countries, according to reports. Web defacements were also common. While these incidents were motivated by political and social reasons, whether they were sufficiently harmful or frightening to be classified as cyberterrorism is a judgement call. No attack so far has led to violence or injury to persons, although some may have intimidated their victims . Factors Leading To Cyberterrorism:
25
Seminar Report
Cyber Terrorism
• • •
Whether there are targets that are vulnerable to attack that could lead to violence Whether there are actors with the capability and motivation to carry them Misuse of the technology that make it open to attack even after the high security • Involvement of the insiders, acting alone or in concert with the other terrorist misusing their access capabilities. • Role of consultants and contractor causing grave harm.
or severe harm.
Cyberterror In Practice: Terrorists do use cyberspace to facilitate traditional forms of terrorism such as bombings. They put up Web sites to spread their messages and recruit supporters, and they use the Internet to communicate and coordinate action. However, there are few indications that they are pursuing cyberterrorism, either alone or in conjunction with acts of physical violence. It is believed that members of some Islamic extremist organizations have been attempting to develop a 'hacker network' to support their computer activities and even engage in offensive information warfare attacks in the future. The members of the militant Indian separatist group Harkat-ul-Ansar had tried to buy military software from hackers who had stolen it from Department of Defense computers they had penetrated. Cyberterror Capabilities: There are three levels of cyberterror capability
Simple-Unstructured: The capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target analysis,command and control, or learning capability. Advanced-Structured: The capability to conduct more sophisticated attacks
against multiple systems or networks and possibly, to modify or create basic
26
Seminar Report
Cyber Terrorism
hacking tools. The
organization possesses an elementary target analysis,
command and control, and learning capability.
Complex-Coordinated: The capability for a coordinated attacks capable of causing mass-disruption against integrated, heterogeneous defenses (including cryptography). Ability to create sophisticated hacking tools. Highly capable target analysis, command and control,and organization learning capability.
Drawbacks:
Systems are complex, so it may be harder to control an attack and Terrorists may be disinclined to try new methods unless they see their
achieve a desired level of damage than using physical weapons.
old ones as inadequate, particularly when the new methods require considerable knowledge and skill to use effectively.
Terrorists generally stick with tired and true methods. Novelty and sophistication of attack may be much less important than The risk of operational failure could be a deterrent to terrorists The barrier to entry for anything beyond annoying hacks is quite high,
assurance that a mission will be operationally successful.
and that terrorists generally lack the wherewithal and human capital needed to mount a meaningful operation.
27
Seminar Report
Cyber Terrorism
Cyberterror In Future:
The next generation of terrorists will grow up in a digital world, with ever more powerful and easy-to-use hacking tools at their disposal. They might see greater potential for cyberterrorism than the terrorists of today, and their level of knowledge and skill relating to hacking will be greater. Hackers and insiders might be recruited by terrorists or become self-recruiting cyberterrorists. Some might be moved to action by cyber policy issues, making cyberspace an attractive venue for carrying out an attack. Cyberterrorism could also become more attractive as the real and virtual worlds become more closely coupled, with a greater number of physical devices attached to the Internet.
28
Seminar Report
Cyber Terrorism
Conclusion
This article is not meant to give amateur hackers a crash-course in cyberterrorism, but to provide insights on the dangers of cyberterrorism. Computer professionals the world over need to be aware of the problem areas of information systems that may be susceptible to terrorist attacks, to be able to attempt putting an end to such activity. There are a large number of ethical issues to be taken into consideration, as well. For example, there are sites on the Internet that deal with methods of making bombs, and sites from which these materials can be purchased. This information is available to everybody. However, if an individual acted on this information, and made a bomb with evil intentions, then one could not blame technology, but society, for producing such a person. Technology must be used for the betterment of mankind, not with the intent of destroying what He created. Doomsday and other haunting scenarios involving weapons of mass destruction existed long before the advent of cyberterrorism and will continue to do so as long as political actors, security firms and others who can benefit from them can exploit the basic myths surrounding terrorism for their own purposes. Cyberterrorists have been giving the entire computing profession a bad reputation, but we, as part of the IT world need to realize that one of our immediate concerns must be to promote the good name of the profession we call our own. It is extremely important that we try to understand and mitigate cyberterrorism for the benefit of society as a whole, and try to curtail its growth, so that we can heal the present, and live the future...
29
Seminar Report
Cyber Terrorism
REFERENCES
♦ ♦ ♦ ♦ ♦ A Paper by Dr.Peter Grabosky – Cyber crime A Paper by Gaylen Duncan – Cyber crime Computers @Home Magazine www.cyberlawindia.com www.seminarsonly.com
30
