SlideShare a Scribd company logo

hacker culture

Download as PPT, PDF
Amy McMullin
Amy McMullin

This document provides an introduction to hacker culture and methodology. It discusses the different types of hackers, including their motives and levels of knowledge. It outlines the basic phases of a hacker's methodology, including information gathering, scanning, gaining access, privilege escalation, exploiting vulnerabilities, and installing backdoors. The document also summarizes two cyberwar stories, GhostNet and its targeting of computers in 103 countries, including the office of the Dalai Lama, and China's denial of involvement in the espionage ring. In conclusion, it stresses understanding hackers and their techniques in order to better defend against attacks.

Education
1 of 35
Introduction to Computer Security and Information Assurance Cyber Security Pilot Course Summer 2011 Draft 1Lesson 3
Introduction to Computer Security and Information Assurance Lesson 3: Hacker Culture Cyber Security 1 Pilot Summer 2011 DRAFT - Lesson 3
Draft Lesson 1 © 3 Copyright Notice This work is a derivative of the original High School Cyber Curriculum by The MITRE Corporation (© 2011 The MITRE Corporation) used under a Creative Commons Attribution 3.0 Unported License. Information about the original work and its creative commons license may be available at The MITRE Corporation (POC: Dr. Robert Cherinka, rdc@mitre.org, or MITRE's Technology Transfer Office, 703-983-6043). For more information on creative commons licenses, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA. This work is copyright of the Career Technical Education Foundation, Inc. Information and/or permissions regarding the use of this material may addressed to Mr. Paul Wahnish, President, Career Technical Education Foundation, Inc. (Paul.Wahnish@CareerTechEdFoundation.org, (407) 491-0903).
Introduction to Computer Security and Information Assurance Lesson Objectives • Understand Hacking • Recognize the mentality of the Hacker • Recognize common hacker methodologies • Learn about some example cyber war stories 4DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Why Study “The Hacker”? “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” -Sun Tzu “On the Art of War” 5 DRAFT - Lesson 3
Introduction to Computer Security and Information AssuranceWhy Study “The Hacker”? 2008 FBI/CSI Cyber Crime Survey Companies Experiencing Computer Security Incidents 6 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance 20 Year Trend password guessing self-replicating code password cracking exploiting known vulnerabilities disabling audits back doors hijacking sessions sniffer / sweepers stealth diagnostics packet forging / spoofing GUI Hacking Tools Average Intruder 1980 1985 1990 1995 RelativeTechnicalComplexity Source: GAO Report to Congress, 1996 via Divinci Group 7 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance And a bit more recently Windows Remote Control Stacheldraht Trinoo Melissa PrettyPark ? DDoS Insertion Tools Hacking Tools Kiddie Scripter RelativeTechnicalComplexity 1998 1999 2000 2001 8 DRAFT - Lesson 3
Introduction to Computer Security and Information AssuranceWho are they? NationalNational InterestInterest PersonalPersonal GainGain PersonalPersonal FameFame CuriosityCuriosity Script-KiddyScript-Kiddy UndergraduateUndergraduate ExpertExpert SpecialistSpecialist Vandal Thief Spy Trespasser SOURCE:SOURCE: Microsoft and AccentureMicrosoft and Accenture via Divinci Groupvia Divinci Group Author Motives Knowledge Level 9 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Taxonomy of Hackers • Novice – Least experienced, focused on mischief • Student – Bright, bored and looking for something other than homework • Tourist – Hack out of sense of adventure, need to test themselves • Crasher – Destructive who intentionally damaged IS systems • Thief - Rarest of Hackers – profited from their activities – and most professional Landreth, 1985 10 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Type of Hackers • White Hats – Good guys, ethical hackers • Black Hats – Bad guys, malicious hackers • Gray Hats – Good or bad hacker; depends on the situation DRAFT - Lesson 1 11
Introduction to Computer Security and Information Assurance Hacker Tendencies • Invests significant amounts of time on study of documentation, giving special attention to border cases of standards • Insists on understanding and implementing the underlying API – often confirming documentation claims • Second guesses implementer’s logic • Insists on tools for examining the full state of system across interface layers and for modifying these states bypassing the standard development API. 12 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Why these tendencies? Bratus, 2008 Economics of Insecure Hardware/Software 13 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Developers under pressure to ‘make it work’ Developers ‘trained’ away from exploring underlying APIs Developers directed to ignore specific problems as the responsibility of others Developers must comply with lack of tools to explore outside their system Forces cutting of corners Forces lack of understanding of their choices Forces developer’s lack of concern for a valid solution Why these tendencies? Economics of Insecure Hardware/Software OPPORTUNITY!!!! 14 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Phases of Ethical Hacking DRAFT - Lesson 3 15
Introduction to Computer Security and Information Assurance Basic Hacker Methodology 16 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Information Gathering/ Fingerprinting • Gathering information about targeted network addressing scheme prior to launch of attack – IP addressing – Domain Names – Network Protocols – Activated Services 17 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Scanning/Probing • Using Automated tools to scan a system for computers advertising application services • Look for potential targets with possible vulnerabilities • Look for targets running specific operating systems. 18 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Gaining Access • Target Specific Vulnerabilities: – Operating System – Network Devices – Software Applications • Malicious Code – Delivered via E-mail • Social Engineering 19 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Elevating Privilege • Why Elevate privileges? – Access User Account – Access Super User – Install Backdoors • Password Crackers! 20 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Exploiting • Use victim to launch attacks against others • Stealing sensitive information • Crash systems • Web Server Defacements 21 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Installing Back Doors • Add user accounts that look ‘normal’ • Open ports – Allow access to system services or provide command shell access • Cover tracks to prevent detection • Move malicious code to program – Trojan.exe -> notepad 22 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Chinese Hacker Methodology 23 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance And So… • Need to know how different hackers operate and what their motives are • Need to learn how to attack so can defend well • Need to mitigate vulnerabilities • Need to stay one step ahead of the attack to reduce damages • Best case scenario: – let people in who should be in – keep everyone else out!! 24 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Cyberwar Stories 25 DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance GhostNet • 10-month cyber-espionage investigation – 1,295 computers in 103 countries belonging to international institutions spied on – Sensitive documents stolen and ability to completely controlled infected computers – Used root kits, keyloggers, backdoors and social engineering – Operation began in 2004 – Evidence that China behind it 26DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance DRAFT - Lesson 3 27
Introduction to Computer Security and Information Assurance Dalai Lama • One target the Office of His Holiness the Dalai Lama (OHHDL) – Sensitive documents stolen – Malicious emails sent to Tibet- affiliated organizations – Investigation into GhostNet began when OHHDL suspected malware and contacted the Munk Center for International Studies 28DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Unique Aspects • In addition to stealing documents, GhostNet had other capabilities – Reportedly turn on webcams and audio recording functions of an infected computer – Essentially, turn infected computer into a large “bug” for spying on office • Used a “control panel” reachable by a standard web browser to manipulate the computers it had infected 29DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance So how did they detect it? • Researcher at Munk Center noticed odd string of 22 characters embedded in files created by malicious software • Googled it • Led him to web site in China • Commanded system to infect system in their lab and watched commands 30DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance And, of course China Denies Any Role in 'GhostNet' Computer Hacking Beijing 31 March 2009 Beijing officials deny any involvement in the electronic spy ring dubbed "GhostNet," which has infiltrated more than 1,000 computers around the world and has been linked to computers in China. Foreign Ministry spokesman Qin Gang rejected allegations of a link between the Chinese government and a vast computer spying network. He said in Beijing on Tuesday that the accusation comes from people outside China who, "are bent on fabricating lies of so- called Chinese computer spies." 31DRAFT - Lesson 3
More Cyber Stories: Understanding the Hacker
Introduction to Computer Security and Information Assurance Lesson Summary Key Points • Hacking is illegal (most of the time) – Understand the laws – Port Scanning can be considered illegal • Post 9/11 can be act of terrorism 34DRAFT - Lesson 3
Introduction to Computer Security and Information Assurance Questions? Draft 35

Recommended

Firewalls
FirewallsFirewalls
Firewalls
Ram Dutt Shukla
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
Computer system organization
Computer system organizationComputer system organization
Computer system organization
Syed Zaid Irshad
 
Stuxnet worm
Stuxnet wormStuxnet worm
Stuxnet worm
sommerville-videos
 
Chapter 7 Presentation
Chapter 7 PresentationChapter 7 Presentation
Chapter 7 Presentation
Amy McMullin
 
What is a computer virus
What is a computer virusWhat is a computer virus
What is a computer virus
Kriti kohli
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Hiren Selani
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentation
Sandeep Joshi
 

Recommended

Firewalls
FirewallsFirewalls
Firewalls
Ram Dutt Shukla
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
Computer system organization
Computer system organizationComputer system organization
Computer system organization
Syed Zaid Irshad
 
Stuxnet worm
Stuxnet wormStuxnet worm
Stuxnet worm
sommerville-videos
 
Chapter 7 Presentation
Chapter 7 PresentationChapter 7 Presentation
Chapter 7 Presentation
Amy McMullin
 
What is a computer virus
What is a computer virusWhat is a computer virus
What is a computer virus
Kriti kohli
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
Hiren Selani
 
Android malware presentation
Android malware presentationAndroid malware presentation
Android malware presentation
Sandeep Joshi
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
Madhusudhan G
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Computer security
Computer securityComputer security
Computer security
OZ Assignment help
 
Operating system security
Operating system securityOperating system security
Operating system security
Sarmad Makhdoom
 
Ransomware: una guía de aproximación para el empresario
Ransomware: una guía de aproximación para el empresarioRansomware: una guía de aproximación para el empresario
Ransomware: una guía de aproximación para el empresario
Alfredo Vela Zancada
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security
RaviPrashant5
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Android Malware Detection Mechanisms
Android Malware Detection MechanismsAndroid Malware Detection Mechanisms
Android Malware Detection Mechanisms
Talha Kabakus
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
Dinesh O Bareja
 
Web security
Web securityWeb security
Web security
Jatin Grover
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
G Prachi
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
Arzath Areeff
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
GulnurAzat
 
Chapter 3 Presentation
Chapter 3 PresentationChapter 3 Presentation
Chapter 3 Presentation
Amy McMullin
 
Network Security
Network SecurityNetwork Security
Network Security
forpalmigho
 
Hacking
HackingHacking
Hacking
Sitwat Rao
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPoint
Amy McMullin
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
afaque jaya
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
Tejesh Dhaypule
 
How to hack the web
How to hack the webHow to hack the web
How to hack the web
Amy McMullin
 
A+ Chapter 3 Review
A+ Chapter 3 ReviewA+ Chapter 3 Review
A+ Chapter 3 Review
Amy McMullin
 

More Related Content

What's hot

Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
Madhusudhan G
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Computer security
Computer securityComputer security
Computer security
OZ Assignment help
 
Operating system security
Operating system securityOperating system security
Operating system security
Sarmad Makhdoom
 
Ransomware: una guía de aproximación para el empresario
Ransomware: una guía de aproximación para el empresarioRansomware: una guía de aproximación para el empresario
Ransomware: una guía de aproximación para el empresario
Alfredo Vela Zancada
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security
RaviPrashant5
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Android Malware Detection Mechanisms
Android Malware Detection MechanismsAndroid Malware Detection Mechanisms
Android Malware Detection Mechanisms
Talha Kabakus
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
Dinesh O Bareja
 
Web security
Web securityWeb security
Web security
Jatin Grover
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
G Prachi
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
Arzath Areeff
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
GulnurAzat
 
Chapter 3 Presentation
Chapter 3 PresentationChapter 3 Presentation
Chapter 3 Presentation
Amy McMullin
 
Network Security
Network SecurityNetwork Security
Network Security
forpalmigho
 
Hacking
HackingHacking
Hacking
Sitwat Rao
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPoint
Amy McMullin
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
afaque jaya
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
Tejesh Dhaypule
 

What's hot (20)

Cia security model
Cia security modelCia security model
Cia security model
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Computer security
Computer securityComputer security
Computer security
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Ransomware: una guía de aproximación para el empresario
Ransomware: una guía de aproximación para el empresarioRansomware: una guía de aproximación para el empresario
Ransomware: una guía de aproximación para el empresario
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Android Malware Detection Mechanisms
Android Malware Detection MechanismsAndroid Malware Detection Mechanisms
Android Malware Detection Mechanisms
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
 
Web security
Web securityWeb security
Web security
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer security
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Chapter 3 Presentation
Chapter 3 PresentationChapter 3 Presentation
Chapter 3 Presentation
 
Network Security
Network SecurityNetwork Security
Network Security
 
Hacking
HackingHacking
Hacking
 
Chapter 9 PowerPoint
Chapter 9 PowerPointChapter 9 PowerPoint
Chapter 9 PowerPoint
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM
 

Viewers also liked

How to hack the web
How to hack the webHow to hack the web
How to hack the web
Amy McMullin
 
A+ Chapter 3 Review
A+ Chapter 3 ReviewA+ Chapter 3 Review
A+ Chapter 3 Review
Amy McMullin
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
Amy McMullin
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 Presentation
Amy McMullin
 
Chapter 15 Presentation
Chapter 15 PresentationChapter 15 Presentation
Chapter 15 Presentation
Amy McMullin
 
Chapter 8 Presentaion
Chapter 8 PresentaionChapter 8 Presentaion
Chapter 8 Presentaion
Amy McMullin
 
Chapter 12 Presentation
Chapter 12 PresentationChapter 12 Presentation
Chapter 12 Presentation
Amy McMullin
 
Chapter 1 Presentation
Chapter 1 PresentationChapter 1 Presentation
Chapter 1 Presentation
Amy McMullin
 
Chapter 2 Presentation
Chapter 2 PresentationChapter 2 Presentation
Chapter 2 Presentation
Amy McMullin
 
9781305094352 ppt ch08
9781305094352 ppt ch089781305094352 ppt ch08
9781305094352 ppt ch08
Amy McMullin
 
A+ Chapter 4 Review
A+ Chapter 4 ReviewA+ Chapter 4 Review
A+ Chapter 4 Review
Amy McMullin
 
Chapter 6 Presentation
Chapter 6 PresentationChapter 6 Presentation
Chapter 6 Presentation
Amy McMullin
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 Review
Amy McMullin
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 Presentation
Amy McMullin
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
Amy McMullin
 
The dream of a cyberpunk future seminar presentation
The dream of a cyberpunk future seminar presentationThe dream of a cyberpunk future seminar presentation
The dream of a cyberpunk future seminar presentation
tae-i
 
The hacking mentality
The hacking mentalityThe hacking mentality
The hacking mentality
Tausance Vlad
 
Hackers & hacktivism
Hackers & hacktivismHackers & hacktivism
Hackers & hacktivism
Bilal Ali
 
Computer Security Test
Computer Security TestComputer Security Test
Computer Security Test
khant14
 
Ch01
Ch01Ch01
Ch01
Alitta Aisyawati
 

Viewers also liked (20)

How to hack the web
How to hack the webHow to hack the web
How to hack the web
 
A+ Chapter 3 Review
A+ Chapter 3 ReviewA+ Chapter 3 Review
A+ Chapter 3 Review
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 Presentation
 
Chapter 15 Presentation
Chapter 15 PresentationChapter 15 Presentation
Chapter 15 Presentation
 
Chapter 8 Presentaion
Chapter 8 PresentaionChapter 8 Presentaion
Chapter 8 Presentaion
 
Chapter 12 Presentation
Chapter 12 PresentationChapter 12 Presentation
Chapter 12 Presentation
 
Chapter 1 Presentation
Chapter 1 PresentationChapter 1 Presentation
Chapter 1 Presentation
 
Chapter 2 Presentation
Chapter 2 PresentationChapter 2 Presentation
Chapter 2 Presentation
 
9781305094352 ppt ch08
9781305094352 ppt ch089781305094352 ppt ch08
9781305094352 ppt ch08
 
A+ Chapter 4 Review
A+ Chapter 4 ReviewA+ Chapter 4 Review
A+ Chapter 4 Review
 
Chapter 6 Presentation
Chapter 6 PresentationChapter 6 Presentation
Chapter 6 Presentation
 
A+ Chapter 5 Review
A+ Chapter 5 ReviewA+ Chapter 5 Review
A+ Chapter 5 Review
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 Presentation
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
The dream of a cyberpunk future seminar presentation
The dream of a cyberpunk future seminar presentationThe dream of a cyberpunk future seminar presentation
The dream of a cyberpunk future seminar presentation
 
The hacking mentality
The hacking mentalityThe hacking mentality
The hacking mentality
 
Hackers & hacktivism
Hackers & hacktivismHackers & hacktivism
Hackers & hacktivism
 
Computer Security Test
Computer Security TestComputer Security Test
Computer Security Test
 
Ch01
Ch01Ch01
Ch01
 

Similar to hacker culture

Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Network security
Network securityNetwork security
Network security
mena kaheel
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
samprada123
 
Unit 03 Computer and Internet Crime [5 hrs] v1.2.pdf
Unit 03 Computer and Internet Crime [5 hrs] v1.2.pdfUnit 03 Computer and Internet Crime [5 hrs] v1.2.pdf
Unit 03 Computer and Internet Crime [5 hrs] v1.2.pdf
SujanTimalsina5
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
Suleiman55
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Mohammad Affan
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
International Journal of Engineering Inventions www.ijeijournal.com
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
JoselitoJMebolos
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
International Journal of Engineering Inventions www.ijeijournal.com
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
Sachithra Gayan
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking report
Akhilesh Patel
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
IRJET Journal
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
chakrekevin
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
BryCunal
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
MLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
MLG College of Learning, Inc
 

Similar to hacker culture (20)

Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Network security
Network securityNetwork security
Network security
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Unit 03 Computer and Internet Crime [5 hrs] v1.2.pdf
Unit 03 Computer and Internet Crime [5 hrs] v1.2.pdfUnit 03 Computer and Internet Crime [5 hrs] v1.2.pdf
Unit 03 Computer and Internet Crime [5 hrs] v1.2.pdf
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking report
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 

Recently uploaded

Assessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptxAssessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptx
Kavitha Krishnan
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Types of Herbal Cosmetics its standardization.
Types of Herbal Cosmetics its standardization.Types of Herbal Cosmetics its standardization.
Types of Herbal Cosmetics its standardization.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Top five deadliest dog breeds in America
Top five deadliest dog breeds in AmericaTop five deadliest dog breeds in America
Top five deadliest dog breeds in America
Bisnar Chase Personal Injury Attorneys
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
heathfieldcps1
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 
PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.
Dr. Shivangi Singh Parihar
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
NgcHiNguyn25
 
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptxC1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
mulvey2
 
S1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptxS1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptx
tarandeep35
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
Celine George
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
eBook.com.bd (প্রয়োজনীয় বাংলা বই)
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
WaniBasim
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
taiba qazi
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
David Douglas School District
 

Recently uploaded (20)

Assessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptxAssessment and Planning in Educational technology.pptx
Assessment and Planning in Educational technology.pptx
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Types of Herbal Cosmetics its standardization.
Types of Herbal Cosmetics its standardization.Types of Herbal Cosmetics its standardization.
Types of Herbal Cosmetics its standardization.
 
Top five deadliest dog breeds in America
Top five deadliest dog breeds in AmericaTop five deadliest dog breeds in America
Top five deadliest dog breeds in America
 
The basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptxThe basics of sentences session 6pptx.pptx
The basics of sentences session 6pptx.pptx
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 
PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.
 
Life upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for studentLife upper-Intermediate B2 Workbook for student
Life upper-Intermediate B2 Workbook for student
 
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptxC1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
 
S1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptxS1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptx
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
 
DRUGS AND ITS classification slide share
DRUGS AND ITS classification slide shareDRUGS AND ITS classification slide share
DRUGS AND ITS classification slide share
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
 

hacker culture

  • 1. Introduction to Computer Security and Information Assurance Cyber Security Pilot Course Summer 2011 Draft 1Lesson 3
  • 2. Introduction to Computer Security and Information Assurance Lesson 3: Hacker Culture Cyber Security 1 Pilot Summer 2011 DRAFT - Lesson 3
  • 3. Draft Lesson 1 © 3 Copyright Notice This work is a derivative of the original High School Cyber Curriculum by The MITRE Corporation (© 2011 The MITRE Corporation) used under a Creative Commons Attribution 3.0 Unported License. Information about the original work and its creative commons license may be available at The MITRE Corporation (POC: Dr. Robert Cherinka, rdc@mitre.org, or MITRE's Technology Transfer Office, 703-983-6043). For more information on creative commons licenses, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA. This work is copyright of the Career Technical Education Foundation, Inc. Information and/or permissions regarding the use of this material may addressed to Mr. Paul Wahnish, President, Career Technical Education Foundation, Inc. (Paul.Wahnish@CareerTechEdFoundation.org, (407) 491-0903).
  • 4. Introduction to Computer Security and Information Assurance Lesson Objectives • Understand Hacking • Recognize the mentality of the Hacker • Recognize common hacker methodologies • Learn about some example cyber war stories 4DRAFT - Lesson 3
  • 5. Introduction to Computer Security and Information Assurance Why Study “The Hacker”? “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” -Sun Tzu “On the Art of War” 5 DRAFT - Lesson 3
  • 6. Introduction to Computer Security and Information AssuranceWhy Study “The Hacker”? 2008 FBI/CSI Cyber Crime Survey Companies Experiencing Computer Security Incidents 6 DRAFT - Lesson 3
  • 7. Introduction to Computer Security and Information Assurance 20 Year Trend password guessing self-replicating code password cracking exploiting known vulnerabilities disabling audits back doors hijacking sessions sniffer / sweepers stealth diagnostics packet forging / spoofing GUI Hacking Tools Average Intruder 1980 1985 1990 1995 RelativeTechnicalComplexity Source: GAO Report to Congress, 1996 via Divinci Group 7 DRAFT - Lesson 3
  • 8. Introduction to Computer Security and Information Assurance And a bit more recently Windows Remote Control Stacheldraht Trinoo Melissa PrettyPark ? DDoS Insertion Tools Hacking Tools Kiddie Scripter RelativeTechnicalComplexity 1998 1999 2000 2001 8 DRAFT - Lesson 3
  • 9. Introduction to Computer Security and Information AssuranceWho are they? NationalNational InterestInterest PersonalPersonal GainGain PersonalPersonal FameFame CuriosityCuriosity Script-KiddyScript-Kiddy UndergraduateUndergraduate ExpertExpert SpecialistSpecialist Vandal Thief Spy Trespasser SOURCE:SOURCE: Microsoft and AccentureMicrosoft and Accenture via Divinci Groupvia Divinci Group Author Motives Knowledge Level 9 DRAFT - Lesson 3
  • 10. Introduction to Computer Security and Information Assurance Taxonomy of Hackers • Novice – Least experienced, focused on mischief • Student – Bright, bored and looking for something other than homework • Tourist – Hack out of sense of adventure, need to test themselves • Crasher – Destructive who intentionally damaged IS systems • Thief - Rarest of Hackers – profited from their activities – and most professional Landreth, 1985 10 DRAFT - Lesson 3
  • 11. Introduction to Computer Security and Information Assurance Type of Hackers • White Hats – Good guys, ethical hackers • Black Hats – Bad guys, malicious hackers • Gray Hats – Good or bad hacker; depends on the situation DRAFT - Lesson 1 11
  • 12. Introduction to Computer Security and Information Assurance Hacker Tendencies • Invests significant amounts of time on study of documentation, giving special attention to border cases of standards • Insists on understanding and implementing the underlying API – often confirming documentation claims • Second guesses implementer’s logic • Insists on tools for examining the full state of system across interface layers and for modifying these states bypassing the standard development API. 12 DRAFT - Lesson 3
  • 13. Introduction to Computer Security and Information Assurance Why these tendencies? Bratus, 2008 Economics of Insecure Hardware/Software 13 DRAFT - Lesson 3
  • 14. Introduction to Computer Security and Information Assurance Developers under pressure to ‘make it work’ Developers ‘trained’ away from exploring underlying APIs Developers directed to ignore specific problems as the responsibility of others Developers must comply with lack of tools to explore outside their system Forces cutting of corners Forces lack of understanding of their choices Forces developer’s lack of concern for a valid solution Why these tendencies? Economics of Insecure Hardware/Software OPPORTUNITY!!!! 14 DRAFT - Lesson 3
  • 15. Introduction to Computer Security and Information Assurance Phases of Ethical Hacking DRAFT - Lesson 3 15
  • 16. Introduction to Computer Security and Information Assurance Basic Hacker Methodology 16 DRAFT - Lesson 3
  • 17. Introduction to Computer Security and Information Assurance Information Gathering/ Fingerprinting • Gathering information about targeted network addressing scheme prior to launch of attack – IP addressing – Domain Names – Network Protocols – Activated Services 17 DRAFT - Lesson 3
  • 18. Introduction to Computer Security and Information Assurance Scanning/Probing • Using Automated tools to scan a system for computers advertising application services • Look for potential targets with possible vulnerabilities • Look for targets running specific operating systems. 18 DRAFT - Lesson 3
  • 19. Introduction to Computer Security and Information Assurance Gaining Access • Target Specific Vulnerabilities: – Operating System – Network Devices – Software Applications • Malicious Code – Delivered via E-mail • Social Engineering 19 DRAFT - Lesson 3
  • 20. Introduction to Computer Security and Information Assurance Elevating Privilege • Why Elevate privileges? – Access User Account – Access Super User – Install Backdoors • Password Crackers! 20 DRAFT - Lesson 3
  • 21. Introduction to Computer Security and Information Assurance Exploiting • Use victim to launch attacks against others • Stealing sensitive information • Crash systems • Web Server Defacements 21 DRAFT - Lesson 3
  • 22. Introduction to Computer Security and Information Assurance Installing Back Doors • Add user accounts that look ‘normal’ • Open ports – Allow access to system services or provide command shell access • Cover tracks to prevent detection • Move malicious code to program – Trojan.exe -> notepad 22 DRAFT - Lesson 3
  • 23. Introduction to Computer Security and Information Assurance Chinese Hacker Methodology 23 DRAFT - Lesson 3
  • 24. Introduction to Computer Security and Information Assurance And So… • Need to know how different hackers operate and what their motives are • Need to learn how to attack so can defend well • Need to mitigate vulnerabilities • Need to stay one step ahead of the attack to reduce damages • Best case scenario: – let people in who should be in – keep everyone else out!! 24 DRAFT - Lesson 3
  • 25. Introduction to Computer Security and Information Assurance Cyberwar Stories 25 DRAFT - Lesson 3
  • 26. Introduction to Computer Security and Information Assurance GhostNet • 10-month cyber-espionage investigation – 1,295 computers in 103 countries belonging to international institutions spied on – Sensitive documents stolen and ability to completely controlled infected computers – Used root kits, keyloggers, backdoors and social engineering – Operation began in 2004 – Evidence that China behind it 26DRAFT - Lesson 3
  • 27. Introduction to Computer Security and Information Assurance DRAFT - Lesson 3 27
  • 28. Introduction to Computer Security and Information Assurance Dalai Lama • One target the Office of His Holiness the Dalai Lama (OHHDL) – Sensitive documents stolen – Malicious emails sent to Tibet- affiliated organizations – Investigation into GhostNet began when OHHDL suspected malware and contacted the Munk Center for International Studies 28DRAFT - Lesson 3
  • 29. Introduction to Computer Security and Information Assurance Unique Aspects • In addition to stealing documents, GhostNet had other capabilities – Reportedly turn on webcams and audio recording functions of an infected computer – Essentially, turn infected computer into a large “bug” for spying on office • Used a “control panel” reachable by a standard web browser to manipulate the computers it had infected 29DRAFT - Lesson 3
  • 30. Introduction to Computer Security and Information Assurance So how did they detect it? • Researcher at Munk Center noticed odd string of 22 characters embedded in files created by malicious software • Googled it • Led him to web site in China • Commanded system to infect system in their lab and watched commands 30DRAFT - Lesson 3
  • 31. Introduction to Computer Security and Information Assurance And, of course China Denies Any Role in 'GhostNet' Computer Hacking Beijing 31 March 2009 Beijing officials deny any involvement in the electronic spy ring dubbed "GhostNet," which has infiltrated more than 1,000 computers around the world and has been linked to computers in China. Foreign Ministry spokesman Qin Gang rejected allegations of a link between the Chinese government and a vast computer spying network. He said in Beijing on Tuesday that the accusation comes from people outside China who, "are bent on fabricating lies of so- called Chinese computer spies." 31DRAFT - Lesson 3
  • 33.
  • 34. Introduction to Computer Security and Information Assurance Lesson Summary Key Points • Hacking is illegal (most of the time) – Understand the laws – Port Scanning can be considered illegal • Post 9/11 can be act of terrorism 34DRAFT - Lesson 3
  • 35. Introduction to Computer Security and Information Assurance Questions? Draft 35

Editor's Notes

  1. Remember that statistics can be affected by non-truthful answers. Companies lie cause no one wants to look like their vulnerable. May contribute to the :don’t know” increase.
  2. Expert is only curious if a tool or exploit will work. Not interested in malicious activity.
  3. Point one : border cases open to interpretation
  4. Money drives the cycle. Want to spend the least money while getting the best profits. (Increase net).
  5. GhostNet (simplified Chinese: 幽灵网; traditional Chinese: 幽靈網; pinyin: YōuLíngWǎng) is the name given by researchers at the Information Warfare Monitor to a large-scale cyber spying[1][2] operation discovered in March 2009. The operation is likely associated with an Advanced Persistent Threat. Its command and control infrastructure is based mainly in the People's Republic of China and has infiltrated high-value political, economic and media locations[3] in 103 countries. Computer systems belonging to embassies, foreign ministries and other government offices, and the Dalai Lama's Tibetan exile centers in India, London and New York City were compromised. Although the activity is mostly based in China, there is no conclusive evidence that the Chinese government is involved in its operation.[4]
  6. The Georgia–Russia crisis is a current and ongoing international crisis between Georgia and Russia that escalated in 2008, when both countries accused each other of military buildup near the separatist regions Abkhazia and South Ossetia. On March 6, 2008 Russia announced that it would no longer participate in the Commonwealth of Independent States economic sanctions imposed on Abkhazia in 1996. Increasing tensions led to the outbreak of the 2008 South Ossetia war. After the war, a number of incidents have occurred in both conflict zones, and tensions between the belligerents remain high. The crisis has been linked to the push for Georgia to receive a NATO Membership Action Plan and, indirectly, the unilateral declaration of independence by Kosovo.