CYBERCRIME PENETRATORS:
Hacker is a person who breaks into computers and computer networks for profit, in protest, or because they are motivated by the challenge. The subculture that has evolved around hackers is often referred to as the computer underground but it is now an open community.
Script kiddie or skiddie, occasionally skid, script bunny, script kitty, script-running juvenile (SRJ) or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites.
Cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site's security system.
Industrial espionage, economic espionage or corporate espionage is a form of espionage conducted for commercial purposes instead of purely national security purposes. Economic espionage is conducted or orchestrated by governments and is international in scope, while industrial or corporate espionage is more often national and occurs between companies or corporations.
Cyberextortionist(s) is an individual or group who uses email as an offensive force. The group or individual usually sends a company a threatening email stating that they have received confidential information about their company and will exploit a security leak or launch an attack that will harm the company's network. The message sent through the email usually demands money in exchange for the prevention of the attack.
Cyberterrorist is the one who uses Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.
2. Computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
Computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Trojan horse, or Trojan, is a destructive program that masquerades as an application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but (perhaps in addition to the expected function) steals information or harms the system. Unlike viruses or worms, Trojan horses do not replicate themselves, but they can be just as destructive.
Rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. The term rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware.
Botnet is a collection of compromised computers connected to the Internet, termed bots, that are used for malicious purposes. When a computer becomes compromised, it becomes a part of a botnet. Botnets are controlled via protocols such as IRC and http.
Backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit.
denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used with regards to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management. One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
CONTROLS:
Firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions.
Intrusion detection system (IDS) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Intrusion detection is not a monitoring process. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Intrusioners detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, and reporting attempts. In addition, organizations use IDPSs for other purposes, such as identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies. IDPSs have become a necessary addition to the security infrastructure of nearly every organization.
IDPSs typically record information related to observed events, notify security administrators of important observed events, and produce reports. Many IDPSs can also respond to a detected threat by attempting to prevent it from succeeding. They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g., reconfiguring a firewall), or changing the attack’s content.
Honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
3. Operating system and software patches and updates
There is no such thing as perfect software, often a software program may have several issues and could potentially have security vulnerabilities that can leave your computer open to attacks that compromise your computer and your data.
Software patches, updates, and drivers are made available, often for free, to consumers to help keep a software program and operating systems running properly and secure. If the program you're using does not have any method of checking for updates on its own it is up to you to verify the program is up-to-date. Often this can be done by visiting the web site of the developer who created the program. A listing of third-party companies and links to each of their pages can be found on our third-party support page.
Passwords
Make sure a password has been set on computer. Default passwords such as password, root, admin or no password will allow easy access to your computer or your Internet account.
- Change passwords often. It is recommended at least once every few months.
- Create a BIOS password.
- When creating a password, add numbers or other characters to the password to make it more difficult to guess; for example: 1mypassword23!.
- Do not use sticky notes around your computer to write down passwords. Instead use a password manager.
Get a hardware or software firewall
We highly recommend all computer users have a firewall solution. There are two ways a firewall can protect your computer and network.
- Hardware firewall - A hardware firewall is a hardware device that is connected to your network. Often many home users who have a home network use their network router as a firewall solution.
- Software firewall - A software firewall is a software program that you install on your computer that helps protect that computer from unauthorized incoming and outgoing data. Below is a listing of a few of the more widely used software firewall programs.
Agnitum Outpost Firewall
BlackICE PC Protection
Kerio Personal Firewall
Sygate Firewall
Tiny software Tiny Personal Firewall
Network Associates
Zone Labs Zone Alarm
BlackICE PC Protection
Kerio Personal Firewall
Sygate Firewall
Tiny software Tiny Personal Firewall
Network Associates
Zone Labs Zone Alarm
Note: A software firewall is only going to protect the computer that has the firewall installed on it.
In addition to the above listed firewall software programs many of the antivirus scanners released today also include their own version of a firewall program. If you have an antivirus scanner that also has a firewall program you do not need to worry about getting one of the above programs or another third-party firewall program.
Trojans, viruses, spyware, and other malware
Software Trojans, viruses, spyware, and other malware can not only damage or destroy your computer data but is also capable of monitoring your computer to learn more about your viewing habits on the Internet or even log all your keystrokes to capture sensitive data such as passwords and credit card information.
To help protect your computer from these threats we suggest installing a virus protection program as well as a spyware protection program.
Know how to handle e-mails
Today, e-mail is one of the most popular features on the Internet. Being able to identify threats sent through e-mail can help keep your computer and your personal information safe. Below are some of the most common threats you may encounter while using e-mail.
- Attachments - Never open or run e-mail attachments. Viruses, spyware, and other malware are commonly distributed through e-mails that have attachments. For example, an e-mail may want you to open an attachment of a funny video, when it's actually a virus.
- Phishing - Phishing or an e-mail phish is an e-mail that appears to be from an official company (such as your bank) indicating you need to log onto the site to check your account settings. However, the e-mails are actually sites setup to steal confidential information such as your passwords, credit card information, social security information, etc. See the phishing definition for additional information about this term as well as examples of these e-mails.
Alternative browser
Before the release of Microsoft Windows XP SP2 and Internet Explorer 7.0, Microsoft Internet Explorer was notorious for security and spyware related issues. Although it has improved since then we still highly recommend considering an alternative browser such as Mozilla Firefox.
Run system scans to check for vulnerabilities
There are several sites on the Internet that allow users to check their computers for potential threats or issues their network or computer may have that can allow users unauthorized access to their computer. Below are a listing of recommend sites to try:
Gibson Research Corporation - The Gibson Research Corporation, or GRC, is a great location to learn about network security as well as well as test your computer or network for vulnerabilities.
Hacker Wacker - Another great site with computer security related information, help, and programs to help test your computer and network.
4. Hardware theft is the act of stealing computer equipment. Hardware vandalism is the act of defacing or destroying computer equipment. The best preventive measures against hardware theft and vandalism are common sense and a constant awareness of the risk. Physical devices and practical security measures, such as locked doors and windows, can help protect equipment. Passwords, possessed objects, and biometrics can reduce the risk of theft or render a computer useless if it is stolen.
Hardware theft is the act of stealing computer equipment. Hardware vandalism is the act of defacing or destroying computer equipment. The best preventive measures against hardware theft and vandalism are common sense and a constant awareness of the risk. Physical devices and practical security measures, such as locked doors and windows, can help protect equipment. Passwords, possessed objects, and biometrics can reduce the risk of theft or render a computer useless if it is stolen.
5. [1] Copy protection system
There are copy protection systems which you can use. They vary in features, and one widely used is SoftwarePassport (previously known as Armadillo). These cost something, but they’ll save time, nerves and money in a long run. Small tip: If you choose to use this kind of anti-piracy options, make sure your copy protection doesn’t annoy customer.
[2] Separate demo and full version
This is another very fine way to copy protect your software: simply create separate versions of your product. Your demo version might contain only 30% of the assets, and when people purchase the full version you can give them the full 100% of the elements. It’s very practical and inexpensive way to copy protect your game.[3] Online game features or online registration
If you have features that require Internet, you can use online copy protection for your product. One example could be that you wouldn’t send player server list unless user has sent a valid username and password to your game server. That way you couldn’t play the game illegally with others since you wouldn’t get their server information.[4] Give discounts or lower the product price
I’m not really recommending this – just rather listing this one as a general way that might decrease piracy. I’m not even that convinced this one is really a solid answer to problems of piracy.Some people say that this might help getting rid of some pirates. The problem with this approach is naturally that when you lower your price, you get less profits per sale. Then the problem continues: lowering your product price doesn’t not necessarily lead to increased sales.
[5] Give your product for free
Some people have done radical moves and are giving their product for free. These guys might use some different tactics (like these) to generate income while providing their product for no cost.[6] Don’t give away your software source code
This might sound quite basic, but projects with multiple programmers carry a risk of shared source code. While I believe in open development, there is a risk that your source code gets stolen or leaked. If you keep your source code hidden, it means other people cannot get it – but then you face a problem regarding the product progress. I believe in open atmosphere and I focus on getting reliable people in the team, rather than focusing on protecting my code in case somebody isn’t reliable. Working with reliable guys has been better option rather than worrying piracy.Nevertheless, you might need to consider this to protect your code.
[7] If your product ends up to some warez site, take legal actions
If your product ends up hacked and into some illegal site, contact the internet service provider of the warez site and tell them about the problem (not the warez people, but those who own and manage the servers physically). Since one email might get ignored, it’s useful to discuss about the warez site first in a forum. While 1 email might get ignored, 10 or 100 emails from different indies can help shutting down the illegal site.6. Encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted). Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, the Computer Security Institute reported that in 2007, 71% of companies surveyed utilized encryption for some of their data in transit, and 53% utilized encryption for some of their data in storage. Encryption can be used to protect data "at rest", such as files on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers' personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection) are another somewhat different example of using encryption on data at rest. Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years. Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks.
7. A system failure is the prolonged malfunction of a computer. A common cause of system failure is an electrical power variation such as noise, an undervoltage, or an overvoltage. A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment. An uninterruptible power supply (UPS) contains surge protection circuits and one or more batteries that can provide power during a temporary loss of power.
8. Optical Disk
Computer Resources does not recommend zip disks because of their unreliable track record. We do recommend that you burn a labeled and dated CD or DVD at every project milestone, then store them in different places. Why so many? In order to make CD/DVD writable media, the surface that gets written on needs to be a little soft in order to burn the data onto it (in contrast to the commercial CD/DVD made from a glass master mold), and that surface is easily scratched. A CD/DVD can also get lost or stolen. But as backups go, they're one of the easiest, most reliable things available, and relatively inexpensive. Discs are available from the vending machine on the 5th floor or many 3rd party retailers.
USB Memory Key
Another very good device for backup purposes is a Memory Key. They are inexpensive and easy to handle. Memory Keys are plug and play devices that can be used on Mac and PC platform interchangeably. Size of Memory Keys range, but something like 512 MB or 1 GB should be sufficient. They are very useful when working on multiple computers. You can use them to carry your files between computers and at the same time have a most recent copy of your work backed up. USB keys are available from the vending machine on the 5th floor.Network Storage
Your home account is networked and available from anywhere on the internet, and the disc on which it lives is much less likely to fail than your internal local hard drive, which can be exposed to electromagnetic fluctuations, spilled coffee, and any number of other hazards associated with life on the trays.However, if you accidentally delete a file from your home account or other network storage area, there is no chance of recovery. Without exception, every user is responsible for backing up their own work.
The GSD maintains many network storage areas, including every users' home account, in a temperature controlled, RAID protected environment that gets regularly backed up to tape and stored offsite.
Computer Resources restores files from tape only in the event of a system wide emergency.
9. Wireless access poses additional security risks. Intruders connect to other wireless networks to gain free Internet access or an organization's confidential data. Some individuals intercept and monitor communications as they transmit. Others connect to a network through an unsecured wireless access point (WAP), sometimes using the techniques of war driving or war flying. Some safeguards include firewalls, reconfiguring the WAP, and ensuring equipment uses a wireless security standard, such as Wi-Fi Protected Access (WPA) and 802.11i.
10. A computer-related repetitive strain injury (RSI) can include tendonitis and carpal tunnel syndrome (CTS). Another health-related condition is eyestrain associated with computer vision syndrome (CVS). To prevent health-related disorders, take frequent breaks, use precautionary exercises and techniques, and use ergonomics when planning the workplace. Computer addiction occurs when the computer consumes someone's entire social life.
11. Computer ethics govern the use of computers and information systems. Issues in computer ethics include the responsibility for information accuracy and the intellectual property rights to which creators are entitled for their works. An IT (information technology) code of conduct helps determine whether a specific computer action is ethical or unethical. Green computing reduces the electricity and environmental waste while using a computer.
12. Discuss issues surrounding information privacy, including electronic
profiles, cookies, spyware and adware, spam, phishing, privacy laws, social
engineering, employee monitoring, and content filtering.
Information privacy is the right of individuals and companies to deny or restrict the collection and use of information about them. Issues surrounding information privacy include the following.
An electronic profile combines data about an individual's Web use with data from public sources, which then is sold.
A cookie is a file that a Web server stores on a computer to collect data about the user.
Spyware is a program placed on a computer that secretly collects information about the user.
Adware is a program that displays an online advertisement in a banner or pop-up window.
Spam is an unsolicited e-mail message or newsgroup posting sent to many recipients or newsgroups at once.
Phishing is a scam in which a perpetrator attempts to obtain personal or financial information.
The concern about privacy has led to the enactment of many federal and state laws regarding the disclosure of data. As related to the use of computers, social engineering is defined as gaining unauthorized access or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others. Employee monitoring uses computers to observe, record, and review an employee's computer use. Content filtering restricts access to certain materials on the Web.