SlideShare a Scribd company logo

ETHICS09 - Case Study - The Cuckoo's Egg

Download as PPTX, PDF
Michael Heron
Michael Heron

An overview of the hacking incident documented in the book 'The Cuckoo's Egg'. Intended for computing students as part of a professional and ethical issues module.

Technology
1 of 30
+ The Cuckoo’s Egg Ethical and Professional Computing Michael Heron
+ Introduction  The Cuckoo’s Egg is a tremendously interesting book about computer hacking and espionage.  Set back in 1986, when network access was rarer.  It is a fascinating look at some of the issues and legalities about computer crime at that period.  Although centred on America, there are lessons that are generalisable to here.  We’ll use it as the launchpad for today’s discussion on the early history of cybercrime.  And how we ended up where we are today.
+ The Cuckoo’s Egg  Clifford Stoll is a Berkley astronomer/programmer at the Lawrence Berkeley National Laboratory.  Astronomers say ‘He’s not much of an astronomer, but man what a programmer’  Programmers say ‘He’s not much of a programmer, but man what an astronomer’  When his research project is cancelled, he is reassigned to a sysadmin role within the organisation.  His first job:  ‘Resolve an accounting error of 75 cents’  Back then, computing time was expensive.  Departments were billed by the second.
+ The Cuckoo’s Egg  It is technically impossible for this to happen.  All users are registered with a department  All departments have a billing code  All CPU cycles are strictly monitored.  Stoll investigated the existing programs.  A patchwork of tools and routines that worked very well  The problem wasn’t in the accounting.  Every user was being properly billed.  It wasn’t a rounding error.  It had to be something else.
+ The Cuckoo’s Egg  Stoll managed to trace the discrepancy to a nine second allocation of computer time that hadn’t been paid for.  But that couldn’t happen, surely.  This was a user without a department  The only people who could add accounts would know of the existing routines.  And nobody added the account as best they can recall.  The only users who could add ‘raw’ accounts were root users.  The superusers on the system.  None of them had done it.  However, an unexpected user was logging into the system.  He had left some time ago.
+ The Response  Incident was brought to the attention of the division head.  They expected the question ‘Why the hell did you leave our doors wide open?’  Chief system admin wanted to lock the door.  Disable the suspect account and then forget about it.  Cliff wanted to send a warning to the hacker.  ‘Quit it or we’ll tell your parents’  The division head pointed out the lack of proof.  ‘Why are you wasting my time? You don’t know anything and you haven’t proven a whit. Go back and find out. Show me proof’
+ To Catch A Hacker  They set up to catch the hacker.  But how do you go about doing this?  ‘Eyeballs on the problem’ ineffective  They didn’t know when and where the hacker would strike.  They couldn’t add any tracking software.  The hacker might notice and quit the system forever.  They just had to wait until he logged in.  Which they did  Which allowed them to find out the physical wire from which the connection came.
+ To Catch a Hacker  Line lead to a 1200 baud modem.  A telephone connection  Stoll planned to watch all command traffic coming over a 1200 baud connection.  Ethical implications here should be obvious.  Department had 50 1200 baud lines.  The hacker could be using any.  Tracking from the system itself problematic.  ‘Hey, if your hacker has any Unix experience, he’s bound to notice a change in the daemons’
+ To Catch A Hacker  Solution(?)  Fifty teletypes, all connected to a line.  Located between the modems and the computers.  Sourcing equipment is an issue.  Where do you get all of that equipment for a 75 cent intrusion?  Equipment was procured, and Cliff spent a weekend in the lab.  They caught the suspect user logging in.  And then they caught him sneaking into the main system through a hole in the operating system.
+ The Cuckoo’s Egg  An unauthorised user had gained access to that account.  Bad, but not hugely problematic.  However, that account permitted an escalation.  Access to one part of the system allows someone to leverage it into access to other parts of the system.  What is now known as hacking, but what was then known as cracking.  The language has changed a bit since then.  The teletype had caught something not just of interest, but importance.
+ The Exploit  Most of the systems of the day were running on Unix.  Berkeley had its own particular variant of Unix on its machines.  Most of these systems ran a piece of software called GNU Emacs.  This is still around today in an updated form.  In that program is a function called movemail.  It could be exploited to move a particular file anywhere in the computer system.  In order to send mail between users on a system.  That could be used to move a file into a privileged directory.  Which would allow a file to be executed by the root account.
+ The Exploit  In doing this, any user who understood the flaw could become a super-user.  With full, unrestricted access to the underlying system.  … including adding accounts without going through the auditing software.  Super users can go anywhere, change anything, and then silently remove all evidence.  No-one can spy on a super-user unless from a machine to which the super user had access.  An exploit in the movemail system permitted full access to the entire machine.  The hacker could read sensitive files, explore user mail messages, and so on.
+ Ethical Considerations  In small groups:  What are the professional and ethical implications of someone having superuser access?  What are the professional and ethical implications of there being a security hole like this?  What responsibilities lie with the systems administrators for not knowing the exploit existed?  Remember, you couldn’t just google information back then.  What are the ethical and professional implications for Clifford Stoll who uncovered the hack?  What should the systems administrators do next?
+ The calls are coming from inside the house!  With access to emails, the hacker was able to locate new accounts to compromise.  People would email each other usernames and passwords at the time.  The hacker watched his tracks carefully.  Made sure nothing important had changed.  Killed programs that may have caught his activity.  Reading personal files revealed new computers to exploit.  And often the passwords.  Hacker exploited trust relationships to access remote computers.
+ Trust Relationships  One of the ways in which systems can interact is through whitelists.  If this request is coming from this computer, it must be fine.  However, that works on the assumption that computers are secure.  Those whitelists permit security violations if compromised.  In many cases, passwords weren’t needed.  Superuser access on one system permitted access to another.  Every new machine yielded new secrets.
+ What now?  What should happen now?  There is a real risk to the system.  They couldn’t just reinstall a base installation if the system was torched.  Backups existed, but were irregular and perhaps unreliable.  Endemic at the time.  Closing up shop is ‘easy’  Delete the suspect accounts.  Patch the flaw in the operating system.  But…
+ Informational Asymmetry  Here we encounter a situation of informational asymmetery.  Each parties knows things the others don’t  Each party is unaware of things that the others are aware of.  The hacker knows:  What exploits he has made use of in the system.  What logic bombs or viruses he may have planted in previous journeys  The hacker doesn’t know:  His intrusions have been noticed  He’s being recorded
+ Informational Asymmetry  The danger is that closing up shop will allow the hacker to sneak in under other loopholes.  If there’s one, it must be assumed there are others.  They don’t know how long the hacker has been active.  If it’s been long enough, even the backups held by the organisation might be tainted by the hacker’s modifications.  The lab’s decision:  ‘This is electronic terrorism. Use all the resources you need. Take all the time you want. Track him down and nail him’
+ Ethics  In small groups  What are the ethics of surveillance here?  Does a private company have the right to snoop on all conversation in the hope of catching a bad guy?  What are the ethics of shutting up shop?  What are the ethics of allowing the hacker to continue to roam through the system?  Should users be warned?  But what if that tips off the hacker?  Is this electronic terrorism?
+ Shift the Scene  Let’s shift the scene a bit.  Modern day United Kingdom.  We have a piece of legislation that is relevant here.  The Computer Misuse Act of 1990  Creates three criminal offences:  Unauthorised access to computer material,  6 months imprisonment and a £5000 fine  Unauthorised access with intent to commit or facilitate commission of further offensives.  6 months/fine on summary conviction, 5 years on indictment.  Unauthorized modification of computer material.  6 months/fine on summary conviction, 5 years on indictment.
+ The Computer Misuse Act  Under what sections is the hacker behaviour now made illegal?  Section 1  Access to computer material is unauthorized – he was never given a password to the system.  Section 2  Intent to commit or facilitate commission of further offences – searching out new systems and recording passwords, as well as killing monitoring.  Section 3  Unauthorized modification of computer material – killing running processes, modifying user accounts.
+ The Computer Misuse Act  The act was amended in 2006  To make it a criminal offence to ‘make, supply or obtain articles for use in computer misuse offences’  Hacking and cracking tools  Before the act, such activities were not illegal.  In 1985, Robert Scifreen was part of a hack that obtained sysadmin access to the Prestel computer system.  This gave him access to 50,000 customers.  Including Prince Phillip  He couldn’t be charged with hacking.  It wasn’t an offence.  He was instead charged with forgery.  And was acquitted.
+ Computer Crime  There is a lot more to the Cuckoo’s Egg scenario than discussed here.  I heartily recommend the excellent book on the subject.  However, our discussion so far has highlighted the context within which the computer industry once functioned.  Based on trust  Little direct legislation  Numerous ethical issues in detection.  Security systems have hardened since then.  Legislation has been enacted.  Still, computer crime is rampant.
+ Timeline of Computer Crimes (Derived from Parker, SRI)  1960s  Hacking (exploratory), specialized fraud, blackmail  1970s  Privacy violations, salami slicing violations, phreaking  1980s  Software piracy, viruses  1990s  IP spoofing, computer espionage  2000s  Automated hacking, transnational organised crime and terrorism
+ An Escalating Problem  To begin with, computers were relatively rare and localised.  A hacker couldn’t do too much damage to a local system.  Some subsets of computer were located on the burgeoning internet.  Riskier, but access was more limited.  Computer data is valuable.  Often more valuable than the computer equipment.  Understanding the value of data began reasonably early.  A programmer who destroyed test data for Concorde demanded £250k for the return of backups.
+ An Escalating Problem  Computers begin to find a niche in economic fraud.  Fake insurance policies  Shaving pennies off large transactions  Falsified earning figures  Employees hired with the purpose of creating programs to institute financial fraud.  November 2, 1970 – an employee hired to create a program that generated fictitious insurance policies.  1971, program extended to reinsure phony policies, and to create death claims on policies.  1973, program extended to ‘kill off’ enough phantom policyholders to meet requirements but not raise suspicions of auditors.
+ An Escalating Problem  In 1983, Department of Defence computers are penetrated.  Sometimes by bedroom hackers  Sometimes by foreign intelligence.  Pay per view television channels hacked with the use of fixed ‘decryption’ boxes  Denial of service attacks begin to escalate from ’98 onwards.  Now account for 2% of all the traffic on the internet  Napster and Limewire  Pirate Bay and Demonoid
+ Categories of Computer Crime  Many categories of computer crime.  Spam  Fraud  Obscene content  Harassment and Threats  Cyber Espionage  Cyber Warfare  In some cases, computers are an incidental tool.  Used for their ability to facilitate other kinds of crime.  High level encryption  Steganography
+ Discussion  Group discussion:  Outline several highly prominent incidents of cyber crime you can recall.  What are the ethics of providing high level encryption on the open market.  Used by restrictive governments  Used by child pornographers  Used by drug traffickers  Used by upstanding citizens  Is ‘hacking’ a ‘proper crime’ if it’s done purely for the love of knowledge?  What about white hat versus black hat hacking?
+ Conclusion  Computer crime is a growing problem.  And was a problem even in the early days of the computer revolution.  The Cuckoo’s Egg case highlights numerous issues with enforcement.  Who watches the watchers?  How far can surveillance go?  How do you balance user requirements with investigatory responsibilities?  Can you ever truly protect a system?  And if you can, at what cost?

Recommended

A to z of Cyber Crime
A to z of Cyber CrimeA to z of Cyber Crime
A to z of Cyber CrimeJessore University of Science & Technology, Jessore.
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017HackerOne
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrimepatelripal99
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 

Recommended

A to z of Cyber Crime
A to z of Cyber CrimeA to z of Cyber Crime
A to z of Cyber CrimeJessore University of Science & Technology, Jessore.
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Nessus Basics
Nessus BasicsNessus Basics
Nessus Basicsamiable_indian
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017HackerOne
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrimepatelripal99
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Cyber security
Cyber security Cyber security
Cyber security Shivam Yadav
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Cyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
Cyber Security - Unit - 5 - Introduction to Cyber Crime InvestigationCyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
Cyber Security - Unit - 5 - Introduction to Cyber Crime InvestigationGyanmanjari Institute Of Technology
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscapeJisc
 
Active and Passive Network Attacks
Active and Passive Network AttacksActive and Passive Network Attacks
Active and Passive Network AttacksPradipta Poudel
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploitdevilback
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
Metasploit
MetasploitMetasploit
MetasploitInstitute of Information Security (IIS)
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissancen|u - The Open Security Community
 
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network VaptApurv Singh Gautam
 
Security Threats at OSI layers
Security Threats at OSI layersSecurity Threats at OSI layers
Security Threats at OSI layersDepartment of Computer Science
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKSAnil Antony
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensicsprimeteacher32
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingAkshay Kale
 
Basic hacking tutorial i
Basic hacking tutorial iBasic hacking tutorial i
Basic hacking tutorial iGeraldine Indira Jayo Escalante
 

More Related Content

What's hot

The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
Cyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
Cyber Security - Unit - 5 - Introduction to Cyber Crime InvestigationCyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
Cyber Security - Unit - 5 - Introduction to Cyber Crime InvestigationGyanmanjari Institute Of Technology
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscapeJisc
 
Active and Passive Network Attacks
Active and Passive Network AttacksActive and Passive Network Attacks
Active and Passive Network AttacksPradipta Poudel
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploitdevilback
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 

What's hot (20)

The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Cyber security
Cyber security Cyber security
Cyber security
 
Asset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & ControlAsset, Vulnerability, Threat, Risk & Control
Asset, Vulnerability, Threat, Risk & Control
 
Cyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
Cyber Security - Unit - 5 - Introduction to Cyber Crime InvestigationCyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
Cyber Security - Unit - 5 - Introduction to Cyber Crime Investigation
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscape
 
Active and Passive Network Attacks
Active and Passive Network AttacksActive and Passive Network Attacks
Active and Passive Network Attacks
 
Finalppt metasploit
Finalppt metasploitFinalppt metasploit
Finalppt metasploit
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing Explained
 
Metasploit
MetasploitMetasploit
Metasploit
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissance
 
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network Vapt
 
Security Threats at OSI layers
Security Threats at OSI layersSecurity Threats at OSI layers
Security Threats at OSI layers
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
 

Similar to ETHICS09 - Case Study - The Cuckoo's Egg

Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingAkshay Kale
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crimeAlisha Korpal
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET Journal
 
Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...
Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...
Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...PavanKumarSurala
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hackingHassanAhmedShaikh1
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network SecurityKirubaburi R
 
Internet Security
Internet SecurityInternet Security
Internet SecurityParv Poddar
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Qazi Anwar
 
Are Computer Hacker Break-ins Ethical -- Spafford
Are Computer Hacker Break-ins Ethical -- SpaffordAre Computer Hacker Break-ins Ethical -- Spafford
Are Computer Hacker Break-ins Ethical -- SpaffordMia Eaker
 

Similar to ETHICS09 - Case Study - The Cuckoo's Egg (20)

Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Basic hacking tutorial i
Basic hacking tutorial iBasic hacking tutorial i
Basic hacking tutorial i
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crime
 
ethical hacking
ethical hackingethical hacking
ethical hacking
 
Computer security
Computer securityComputer security
Computer security
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical Hacking
 
One Time Pad Journal
One Time Pad JournalOne Time Pad Journal
One Time Pad Journal
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...
Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...
Hacking_ The Ultimate Hacking for Beginners_ How to Hack_ Hacking Intelligenc...
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimes
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
 
Are Computer Hacker Break-ins Ethical -- Spafford
Are Computer Hacker Break-ins Ethical -- SpaffordAre Computer Hacker Break-ins Ethical -- Spafford
Are Computer Hacker Break-ins Ethical -- Spafford
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical Hacking Essay
Ethical Hacking EssayEthical Hacking Essay
Ethical Hacking Essay
 

More from Michael Heron

Meeple centred design - Board Game Accessibility
Meeple centred design - Board Game AccessibilityMeeple centred design - Board Game Accessibility
Meeple centred design - Board Game AccessibilityMichael Heron
 
Musings on misconduct
Musings on misconductMusings on misconduct
Musings on misconductMichael Heron
 
Accessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS FrameworkAccessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS FrameworkMichael Heron
 
ACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility SupportACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility SupportMichael Heron
 
Authorship and Autership
Authorship and AutershipAuthorship and Autership
Authorship and AutershipMichael Heron
 
Text parser based interaction
Text parser based interactionText parser based interaction
Text parser based interactionMichael Heron
 
GRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and RadiosityGRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and RadiosityMichael Heron
 
GRPHICS07 - Textures
GRPHICS07 - TexturesGRPHICS07 - Textures
GRPHICS07 - TexturesMichael Heron
 
GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)Michael Heron
 
GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)Michael Heron
 
GRPHICS03 - Graphical Representation
GRPHICS03 - Graphical RepresentationGRPHICS03 - Graphical Representation
GRPHICS03 - Graphical RepresentationMichael Heron
 
GRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D GraphicsGRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D GraphicsMichael Heron
 
GRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D GraphicsGRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D GraphicsMichael Heron
 
GRPHICS09 - Art Appreciation
GRPHICS09 - Art AppreciationGRPHICS09 - Art Appreciation
GRPHICS09 - Art AppreciationMichael Heron
 

More from Michael Heron (20)

Meeple centred design - Board Game Accessibility
Meeple centred design - Board Game AccessibilityMeeple centred design - Board Game Accessibility
Meeple centred design - Board Game Accessibility
 
Musings on misconduct
Musings on misconductMusings on misconduct
Musings on misconduct
 
Accessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS FrameworkAccessibility Support with the ACCESS Framework
Accessibility Support with the ACCESS Framework
 
ACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility SupportACCESS: A Technical Framework for Adaptive Accessibility Support
ACCESS: A Technical Framework for Adaptive Accessibility Support
 
Authorship and Autership
Authorship and AutershipAuthorship and Autership
Authorship and Autership
 
Text parser based interaction
Text parser based interactionText parser based interaction
Text parser based interaction
 
SAD04 - Inheritance
SAD04 - InheritanceSAD04 - Inheritance
SAD04 - Inheritance
 
GRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and RadiosityGRPHICS08 - Raytracing and Radiosity
GRPHICS08 - Raytracing and Radiosity
 
GRPHICS07 - Textures
GRPHICS07 - TexturesGRPHICS07 - Textures
GRPHICS07 - Textures
 
GRPHICS06 - Shading
GRPHICS06 - ShadingGRPHICS06 - Shading
GRPHICS06 - Shading
 
GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)GRPHICS05 - Rendering (2)
GRPHICS05 - Rendering (2)
 
GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)GRPHICS04 - Rendering (1)
GRPHICS04 - Rendering (1)
 
GRPHICS03 - Graphical Representation
GRPHICS03 - Graphical RepresentationGRPHICS03 - Graphical Representation
GRPHICS03 - Graphical Representation
 
GRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D GraphicsGRPHICS02 - Creating 3D Graphics
GRPHICS02 - Creating 3D Graphics
 
GRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D GraphicsGRPHICS01 - Introduction to 3D Graphics
GRPHICS01 - Introduction to 3D Graphics
 
GRPHICS09 - Art Appreciation
GRPHICS09 - Art AppreciationGRPHICS09 - Art Appreciation
GRPHICS09 - Art Appreciation
 
2CPP18 - Modifiers
2CPP18 - Modifiers2CPP18 - Modifiers
2CPP18 - Modifiers
 
2CPP17 - File IO
2CPP17 - File IO2CPP17 - File IO
2CPP17 - File IO
 
2CPP16 - STL
2CPP16 - STL2CPP16 - STL
2CPP16 - STL
 
2CPP15 - Templates
2CPP15 - Templates2CPP15 - Templates
2CPP15 - Templates
 

Recently uploaded

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Recently uploaded (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

ETHICS09 - Case Study - The Cuckoo's Egg

  • 1. + The Cuckoo’s Egg Ethical and Professional Computing Michael Heron
  • 2. + Introduction  The Cuckoo’s Egg is a tremendously interesting book about computer hacking and espionage.  Set back in 1986, when network access was rarer.  It is a fascinating look at some of the issues and legalities about computer crime at that period.  Although centred on America, there are lessons that are generalisable to here.  We’ll use it as the launchpad for today’s discussion on the early history of cybercrime.  And how we ended up where we are today.
  • 3. + The Cuckoo’s Egg  Clifford Stoll is a Berkley astronomer/programmer at the Lawrence Berkeley National Laboratory.  Astronomers say ‘He’s not much of an astronomer, but man what a programmer’  Programmers say ‘He’s not much of a programmer, but man what an astronomer’  When his research project is cancelled, he is reassigned to a sysadmin role within the organisation.  His first job:  ‘Resolve an accounting error of 75 cents’  Back then, computing time was expensive.  Departments were billed by the second.
  • 4. + The Cuckoo’s Egg  It is technically impossible for this to happen.  All users are registered with a department  All departments have a billing code  All CPU cycles are strictly monitored.  Stoll investigated the existing programs.  A patchwork of tools and routines that worked very well  The problem wasn’t in the accounting.  Every user was being properly billed.  It wasn’t a rounding error.  It had to be something else.
  • 5. + The Cuckoo’s Egg  Stoll managed to trace the discrepancy to a nine second allocation of computer time that hadn’t been paid for.  But that couldn’t happen, surely.  This was a user without a department  The only people who could add accounts would know of the existing routines.  And nobody added the account as best they can recall.  The only users who could add ‘raw’ accounts were root users.  The superusers on the system.  None of them had done it.  However, an unexpected user was logging into the system.  He had left some time ago.
  • 6. + The Response  Incident was brought to the attention of the division head.  They expected the question ‘Why the hell did you leave our doors wide open?’  Chief system admin wanted to lock the door.  Disable the suspect account and then forget about it.  Cliff wanted to send a warning to the hacker.  ‘Quit it or we’ll tell your parents’  The division head pointed out the lack of proof.  ‘Why are you wasting my time? You don’t know anything and you haven’t proven a whit. Go back and find out. Show me proof’
  • 7. + To Catch A Hacker  They set up to catch the hacker.  But how do you go about doing this?  ‘Eyeballs on the problem’ ineffective  They didn’t know when and where the hacker would strike.  They couldn’t add any tracking software.  The hacker might notice and quit the system forever.  They just had to wait until he logged in.  Which they did  Which allowed them to find out the physical wire from which the connection came.
  • 8. + To Catch a Hacker  Line lead to a 1200 baud modem.  A telephone connection  Stoll planned to watch all command traffic coming over a 1200 baud connection.  Ethical implications here should be obvious.  Department had 50 1200 baud lines.  The hacker could be using any.  Tracking from the system itself problematic.  ‘Hey, if your hacker has any Unix experience, he’s bound to notice a change in the daemons’
  • 9. + To Catch A Hacker  Solution(?)  Fifty teletypes, all connected to a line.  Located between the modems and the computers.  Sourcing equipment is an issue.  Where do you get all of that equipment for a 75 cent intrusion?  Equipment was procured, and Cliff spent a weekend in the lab.  They caught the suspect user logging in.  And then they caught him sneaking into the main system through a hole in the operating system.
  • 10. + The Cuckoo’s Egg  An unauthorised user had gained access to that account.  Bad, but not hugely problematic.  However, that account permitted an escalation.  Access to one part of the system allows someone to leverage it into access to other parts of the system.  What is now known as hacking, but what was then known as cracking.  The language has changed a bit since then.  The teletype had caught something not just of interest, but importance.
  • 11. + The Exploit  Most of the systems of the day were running on Unix.  Berkeley had its own particular variant of Unix on its machines.  Most of these systems ran a piece of software called GNU Emacs.  This is still around today in an updated form.  In that program is a function called movemail.  It could be exploited to move a particular file anywhere in the computer system.  In order to send mail between users on a system.  That could be used to move a file into a privileged directory.  Which would allow a file to be executed by the root account.
  • 12. + The Exploit  In doing this, any user who understood the flaw could become a super-user.  With full, unrestricted access to the underlying system.  … including adding accounts without going through the auditing software.  Super users can go anywhere, change anything, and then silently remove all evidence.  No-one can spy on a super-user unless from a machine to which the super user had access.  An exploit in the movemail system permitted full access to the entire machine.  The hacker could read sensitive files, explore user mail messages, and so on.
  • 13. + Ethical Considerations  In small groups:  What are the professional and ethical implications of someone having superuser access?  What are the professional and ethical implications of there being a security hole like this?  What responsibilities lie with the systems administrators for not knowing the exploit existed?  Remember, you couldn’t just google information back then.  What are the ethical and professional implications for Clifford Stoll who uncovered the hack?  What should the systems administrators do next?
  • 14. + The calls are coming from inside the house!  With access to emails, the hacker was able to locate new accounts to compromise.  People would email each other usernames and passwords at the time.  The hacker watched his tracks carefully.  Made sure nothing important had changed.  Killed programs that may have caught his activity.  Reading personal files revealed new computers to exploit.  And often the passwords.  Hacker exploited trust relationships to access remote computers.
  • 15. + Trust Relationships  One of the ways in which systems can interact is through whitelists.  If this request is coming from this computer, it must be fine.  However, that works on the assumption that computers are secure.  Those whitelists permit security violations if compromised.  In many cases, passwords weren’t needed.  Superuser access on one system permitted access to another.  Every new machine yielded new secrets.
  • 16. + What now?  What should happen now?  There is a real risk to the system.  They couldn’t just reinstall a base installation if the system was torched.  Backups existed, but were irregular and perhaps unreliable.  Endemic at the time.  Closing up shop is ‘easy’  Delete the suspect accounts.  Patch the flaw in the operating system.  But…
  • 17. + Informational Asymmetry  Here we encounter a situation of informational asymmetery.  Each parties knows things the others don’t  Each party is unaware of things that the others are aware of.  The hacker knows:  What exploits he has made use of in the system.  What logic bombs or viruses he may have planted in previous journeys  The hacker doesn’t know:  His intrusions have been noticed  He’s being recorded
  • 18. + Informational Asymmetry  The danger is that closing up shop will allow the hacker to sneak in under other loopholes.  If there’s one, it must be assumed there are others.  They don’t know how long the hacker has been active.  If it’s been long enough, even the backups held by the organisation might be tainted by the hacker’s modifications.  The lab’s decision:  ‘This is electronic terrorism. Use all the resources you need. Take all the time you want. Track him down and nail him’
  • 19. + Ethics  In small groups  What are the ethics of surveillance here?  Does a private company have the right to snoop on all conversation in the hope of catching a bad guy?  What are the ethics of shutting up shop?  What are the ethics of allowing the hacker to continue to roam through the system?  Should users be warned?  But what if that tips off the hacker?  Is this electronic terrorism?
  • 20. + Shift the Scene  Let’s shift the scene a bit.  Modern day United Kingdom.  We have a piece of legislation that is relevant here.  The Computer Misuse Act of 1990  Creates three criminal offences:  Unauthorised access to computer material,  6 months imprisonment and a £5000 fine  Unauthorised access with intent to commit or facilitate commission of further offensives.  6 months/fine on summary conviction, 5 years on indictment.  Unauthorized modification of computer material.  6 months/fine on summary conviction, 5 years on indictment.
  • 21. + The Computer Misuse Act  Under what sections is the hacker behaviour now made illegal?  Section 1  Access to computer material is unauthorized – he was never given a password to the system.  Section 2  Intent to commit or facilitate commission of further offences – searching out new systems and recording passwords, as well as killing monitoring.  Section 3  Unauthorized modification of computer material – killing running processes, modifying user accounts.
  • 22. + The Computer Misuse Act  The act was amended in 2006  To make it a criminal offence to ‘make, supply or obtain articles for use in computer misuse offences’  Hacking and cracking tools  Before the act, such activities were not illegal.  In 1985, Robert Scifreen was part of a hack that obtained sysadmin access to the Prestel computer system.  This gave him access to 50,000 customers.  Including Prince Phillip  He couldn’t be charged with hacking.  It wasn’t an offence.  He was instead charged with forgery.  And was acquitted.
  • 23. + Computer Crime  There is a lot more to the Cuckoo’s Egg scenario than discussed here.  I heartily recommend the excellent book on the subject.  However, our discussion so far has highlighted the context within which the computer industry once functioned.  Based on trust  Little direct legislation  Numerous ethical issues in detection.  Security systems have hardened since then.  Legislation has been enacted.  Still, computer crime is rampant.
  • 24. + Timeline of Computer Crimes (Derived from Parker, SRI)  1960s  Hacking (exploratory), specialized fraud, blackmail  1970s  Privacy violations, salami slicing violations, phreaking  1980s  Software piracy, viruses  1990s  IP spoofing, computer espionage  2000s  Automated hacking, transnational organised crime and terrorism
  • 25. + An Escalating Problem  To begin with, computers were relatively rare and localised.  A hacker couldn’t do too much damage to a local system.  Some subsets of computer were located on the burgeoning internet.  Riskier, but access was more limited.  Computer data is valuable.  Often more valuable than the computer equipment.  Understanding the value of data began reasonably early.  A programmer who destroyed test data for Concorde demanded £250k for the return of backups.
  • 26. + An Escalating Problem  Computers begin to find a niche in economic fraud.  Fake insurance policies  Shaving pennies off large transactions  Falsified earning figures  Employees hired with the purpose of creating programs to institute financial fraud.  November 2, 1970 – an employee hired to create a program that generated fictitious insurance policies.  1971, program extended to reinsure phony policies, and to create death claims on policies.  1973, program extended to ‘kill off’ enough phantom policyholders to meet requirements but not raise suspicions of auditors.
  • 27. + An Escalating Problem  In 1983, Department of Defence computers are penetrated.  Sometimes by bedroom hackers  Sometimes by foreign intelligence.  Pay per view television channels hacked with the use of fixed ‘decryption’ boxes  Denial of service attacks begin to escalate from ’98 onwards.  Now account for 2% of all the traffic on the internet  Napster and Limewire  Pirate Bay and Demonoid
  • 28. + Categories of Computer Crime  Many categories of computer crime.  Spam  Fraud  Obscene content  Harassment and Threats  Cyber Espionage  Cyber Warfare  In some cases, computers are an incidental tool.  Used for their ability to facilitate other kinds of crime.  High level encryption  Steganography
  • 29. + Discussion  Group discussion:  Outline several highly prominent incidents of cyber crime you can recall.  What are the ethics of providing high level encryption on the open market.  Used by restrictive governments  Used by child pornographers  Used by drug traffickers  Used by upstanding citizens  Is ‘hacking’ a ‘proper crime’ if it’s done purely for the love of knowledge?  What about white hat versus black hat hacking?
  • 30. + Conclusion  Computer crime is a growing problem.  And was a problem even in the early days of the computer revolution.  The Cuckoo’s Egg case highlights numerous issues with enforcement.  Who watches the watchers?  How far can surveillance go?  How do you balance user requirements with investigatory responsibilities?  Can you ever truly protect a system?  And if you can, at what cost?