Ethics of Hacking and Cracking

The Impact of Unethical Hacking

Computer cracking
● Term for illegally hacking into a computer system without the permission of the system's owner.
Despite the motivations of computer crackers
● Cracking a system is a crime

Hacker Communities
Two ways commonly used to categorize hackers
● White Hat good hackers vs. Black Hat bad hackers
● Based loosely on psychological profiling

Hat Categories (Motivations and Goals)

White Hat Hackers
● Learning new things, protecting the network in their charge from Intrusion or damage,
maintaining status quo, Work with official sanction from official organizations.

Grey Hat Hackers

● Fame, credit for solving challenging network puzzles. More interested in damage than pillage.
Hacktivists who deface Web sites and networks of target "evil-doers" (e.g., corporations Involved
in fur trade, tobacco sales, abortion) are part of this group.
Black Hat Hackers
● Cash payments, Injury to others. May steal trade secrets, credit card numbers, customer lists,
employee lists. They want whatever information they can find that will generate a profit. They
work with unofficial sanction from official and unofficial organizations.

Hacker Motivation
● Curiosity
● Love of puzzles
● Desire for recognition or fame
● Revenge
● Financial gain
● Patriotism or politics

Ethical Hacking

Ethical Issues of Hacking

Professional hackers have a responsibility to society
● Their activities should help to build and improve upon existing technology
● They should use their skills and interests as opportunities to learn and to teach
Ethical hacker
● A security professional who applies his or her hacking skills for defensive purposes

Who Needs to be Secured

● Protection of data provided to organizations or stored on personal computers is a high priority
● Some crackers break into systems to utilize what they consider wasted computer energy
● Using bandwidth without permission may seem harmless
❖ But it is a crime, in addition to being unethical
● Many hackers find it tempting to copy, download, and use proprietary software and other
copyrighted works
MALWARES AND SOCIAL ENGINEERING

Attacks Using Malwares

Malicious software (malware)

● Enters a computer system without the owner’s knowledge or consent

● Uses a threat vector to deliver a malicious “payload” that performs a harmful function one it is
invoked

Malware

● general term that refers to a wide variety of damaging or annoying software

Types of Malwares

• Viruses

• Worms

• Trojans

Viruses

Computer virus – malicious computer code that reproduces itself on the same computer

Program virus – infects an executable program file

Macro – a series of instructions that can be grouped together as a single command

● Common data file virus is a macro virus that is written in a script known as macro
● Viruses cannot automatically spread to another computer—relies on user action to spread
● Viruses are attached to files
● Viruses are spread by transferring infected files

Worms

● Malicious program that uses a computer network to replicate

● Sends copies itself to other network devices
● Worms may:
○ Consume resources or
○ Leave behind a payload to harm infected systems
○ Examples:
○ Deleting computer files
○ Allowing remote control of a computer by an attacker

Trojans/Trojan horse

● Executable program that does something other than advertised

● Contain hidden code that launches an attack
● Sometimes made to appear as data file
● Example:
○ User downloads “free calendar program”
○ Program scans system for credit card numbers and password
○ Transmits information to attacker through network
Malware collects data

● Different types of malware are designed to collect important data from user’s computer and make
it available at the attacker
● This type of malware includes:
○ Spyware
○ Adware
○ Ransomware

Spyware

● Software that gathers information without user content

● Uses the computer’s resources for the purposes of collecting and distributing personal or sensitive
information

Keylogger

● Captures and stores each keystroke that a user types on the computer’s keyboard
● Attacker searches the captured text for any useful information such as passwords, credit catd
numbers, o personal information
● A keylogger can be a small hardware device or a software program
● As a hardware device, it is inserted between the computer keyboard connection and USB port
● Software keyloggers are programs installed on the computer that silently capture information
● An advantage of software keyloggers is that they do not require physical access to the user’s
computer
● Often installed as a trojan or virus, can send captured information back to the attacker via internet

Adware

● Program that delivers adversising content in manner unexpected and unwanted by user
● Typically displays advertising banners and pop-up ads
● May open new browser windows randomly
● Adware can also perform tracking of online activities
● Information is gathered by adware and solt to advertisers

Ransomware

● Prevents user’s device from properly operating until a fee is paid

● Highly profitable
● Nearly 3% of those users who have been infected pay the ransom without questions, generating
almost 5 million dollars annually
● A variation of ransomware displays a fictitious warning that there is a problem and users must
purchase additional software online to fix the problem

Malware Delete Data

● Logic Bomb
○ Computer code that lies dormant until it is triggered by a specific logical event
○ Difficult to detect before it is triggered
○ Often embedded in large computer programs that are not routinely scanned

Malware Modify System Security

● Backdoor
○ Gives access to a computer, program, or service that circumvents normal security to give
program access
 ○ When installed on a computer, they allow the attacker to return at a later time and bypass
security settings

Malware Launch Attack

● Zombie
○ Infected computer that is under the remote control of an attacker
○ Groups of zombie computers are gathered into a logical computer network called botnet
under that control of the attacker (bot herder)
○ Infected zombie computers wait for instructions through a command and control (C&C)
structure from bot herders
○ A common C&C mechanism used today is HTTP, which is more difficult to detect and
block

Social Engineering attacks

● Means of gathering information for an attack by relying on the weakness of individuals

● Can involve psychological approaches as well as physical procedures

Psychological Approaches

● Goal is to persuade the victim to provide information or take action

● Attackers use a variety of techniques to gain trust without moving quickly
● Attackers will ask for only small amounts of information
● The request needs to be believable
● Will use slightly flattery or flirtation to “soften up” victim
● Attackers “pushes the envelope” to get information
● Attacker may smile and ask for help

Impersonation

● Attacker pretends to be someone else

● Help desk support technician
● Repairperson
● Manager
● Trusted third party
● Fellow employee
● Attacker will often impersonate a person with authority because victims generally resist saying
‘”no” to anyone in power

Phishing

● Sending an email claiming to be from legitimate source

● Tries to trick user into giving private information

Many phishing attacks have these common features:

• Deceptive web links

• Logos

• Urgent request
Variations of phishing attacks

Pharming

- Automatically redirects user to a fraudulent website

Spear phishing

- Email messages target specific users

Whaling

- Going after the big fish

- Targeting wealthy individuals

Vishing (voice phishing)

- Attacker calls victim with recorded bank message with callback number

- Victim calls attacker’s number and enters private information

Spam

- Unsolicited email

- Primary vehicles for distribution of malware

- Sending spam is a lucrative business

• Cost spammers very little to send millions of spam messages

- Filter look for specific words and block the email

Image spam

- Uses graphical images of text in order to circumvent text-based filters

- Often contains nonsense text so it appears legitimate

Typo Squatting/URL hijacking

- Redirecting a user to a fictitious website based on a misspelling of the URL

- Attackers purchase the domain names of sites that are spelled similarly to actual sites

- Many may contain a survey that promises a chance to win prizes or will be filled with ads

Physical Procedure

Dumpster diving

- Digging through trash to find information that can be useful in an attack

Tailgating

- Following behind an authorized individual through an access door

 - An employee could conspire with an unauthorized person to allow him to walk in with him
(piggybacking)

- Watching an authorized user enter a security code on a keypad is known as shoulder surfing

RA 8792 Ecommerce Act of 2000

➢ An act providing for the recognition and use of electronic commercial and non-commercial
transactions and documents, penalties for unlawful use thereof and for other purposes.
➢ Signed by President Joseph E. Estrada (June 14, 2000)
● ILOVEYOU virus (Love Letter)
- computer worm created by Onel de Guzman
- estimated US$5.5 billion in damage (Asia, Europe, and United States)
- cases were filed against him, but it was dismissed as there was no law penalizing the act at the
time (May 2000) in the Philippines (nullum crimen, sine lege )

E-Commerce Primary Objective of the Act of 2000 RA8792:

I. To provide a secure legal framework and environment for e-commerce
II. To protect the integrity of electronic documents and electronic signatures
III. To build and ensure the trust and reliance of the public on electronic transactions

Sphere of Application
This Act shall apply to:
- any kind of data message and electronic document use in commercial and non-commercial activities
- domestic and international dealings, transactions, contracts, exchanges and storage of information

RA 8792 Salient Provisions:

● Sec. 6. Legal Recognition of Data Messages Information shall not be denied legal effect, validity
or enforceability solely on the grounds that it is in the data message
● Sec. 7. Legal Recognition of Electronic Documents
Electronic documents shall have the legal effect, validity or enforceability as any other document or legal
writing.
Electronic Documents / Electronic Data Messages perform the same function as paper documents.
● Sec. 8. Legal Recognition of Electronic Signatures
An electronic signature on the electronic document shall be equivalent to the signature of a person on a
written document.
Violations and Penalties:
● Sec. 33a – Hacking or cracking
Hacking or cracking which refers to unauthorized access into or interference in a computer
system/server or information and communication system; or any access in order to corrupt, alter, steal, or
destroy using a computer or other similar information
and communication devices, without the knowledge and consent of the owner of the computer or
information and communications system, including the introduction of computer viruses and the like,
resulting in the corruption, destruction, alteration, theft or loss of electronic data messages or electronic
document shall be punished by a minimum fine of one hundred thousand pesos (P100,000.00) and a
maximum commensurate to the damage incurred and a mandatory imprisonment of six (6)
months to three (3) years.
● Sec. 33b – Piracy
Piracy or the unauthorized copying, reproduction, dissemination, distribution, importation, use, removal,
alteration, substitution, modification, storage, uploading, downloading, communication, making available
to the public, or broadcasting of protected material, electronic signature or copyrighted works including
legally protected sound recordings or phonograms or information material on protected works, through
the use of telecommunication networks, such as, but not limited to, the internet, in a manner that infringes
intellectual property rights shall be punished by a minimum fine of one hundred thousand pesos
(P100,000.00) and a maximum commensurate to the damage incurred and a mandatory imprisonment of
six (6) months to three (3) years;
Hacking vs. Cracking
Hacking is the act of illegally accessing the computer without the consent or approval of the owner
Cracking is a higher form of hacking in which the unauthorized access culminates with the process of
defeating the security system for the purpose of acquiring money or
information and/or availing of free services.
Law and Technology
Law and Technology
Where the law requires integrity and reliability of the electronic document
➔ Technology provides hash code generation.
➔ Technology provides encryption and decryption solutions.
• Where the law requires that an electronic document can be authenticated
➔ Technology provides digital signing
Act of 2000 Cyber Crimes Convictions/Cases
• 2005
JJ Maria Giner (first Filipino convicted of computer crime) - hacked and defaced the Philippine
government portal “gov.ph”
• 2006
Jeffric Carlos Abiera (second person convicted for violation of the E-Commerce Law) - used the Sitel
Phil. Corp. system to illegally secure credit card information from sister firm Sistel USA.
• 2008
Ritchie Bagnotan – hacked the Davao Light and Power Company’s contractor billing computer system
• Was charged for 18 counts of computer
hacking.
Network Intrusion Case Website Defacement - JJ Maria Giner Case
• April 28, 2004 – Complaint from The Journal Group and Mr. Wilson Chua regarding the Denial of
Service (DOS) attack and website defacement of www.gov.ph and www.journal.com.ph webpages.
• May 1, 2004 – Mr. Wilson Chua submitted the
intrusion logs to ATCCD-CCU.
❖ Start of Investigation
• ATCCD- CCU conducted analysis on the intrusion log files submitted by Mr. Chua.
Log files from the IDS indicate that there are series of scan attempts for vulnerability exploits.
❖ Found IP Address of the attacker
❖ Found diagram of network intrusion
 ❖ Issued Subpoena to internet service providers
❖ Issued Subpoena to IT Officer UP Visayas
❖ UP Visayas Linux On-site investigation
❖ The examiner was able to discover hacking tools installed and saved on Giner’s Computer.
❖ Result of the Investigation
• Mr. Reniel Cambel, Systems and Network
Admin of U.P Visayas revealed that the source of the intrusion attack came from the
Information and Publications Office (IPO) on the computer being used by a certain Mr. JJ Maria Glomo
Giner.
❖ Judgment
Guilty
Date and Location: Sept 28, 2005 at Manila
Sentence: 1 – 2 years of imprisonment and a fine of P100,000.00
First Filipino Convicted Hacker - JJ Maria G. Giner

Computer Virus

- Type of malware that attaches itself to other programs.

- Infects computers discreetly

- Designed to destroy files/gain control of devices

Computer viruses spread through:

• Emails

• Downloads

• Messaging Services

• Old Software

• Malvertising

Computer Virus Do:

• Hijack your system’s code & resources causing performance issues on all devices

• Slow/lagging performance

• Corrupted/deleted files

• Annoying pop ups/adware

• Program failure & OS crashes

• Constantly spamming HDD

• Malfunctioning apps/files

• All devices can get infected