Download Cyber Crimes and Hackers

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts
no text concepts found
Transcript
Cyber Crimes and Hackers
(Siber Suçlar ve Hackerler)
Computer & Network Security
Definition
The greatest threats to the security, privacy (mahremiyet), and reliability (güvenlik) of
computer networks and other related information systems in general are cyber crimes
committed by cyber criminals, but most importantly hackers.
Judging by the damage caused by past cyber criminal and hacker attacks to computer
networks in businesses, governments, and individuals, resulting in inconvenience (rahatsız
verici) and loss of productivity and credibility, one cannot fail to see that there is a growing
community demand to software and hardware companies to create more secure products
that can be used to identify threats and vulnerabilities, to fix problems, and to deliver
security solutions.
Computer & Network Security
Cyber Crimes -Siber Suçlar
A cyber crime is a crime like any other crime, except that in this case, the illegal act must
involve a connected computing system either as an object of a crime, an instrument used to
commit a crime, or a repository of evidence related to a crime.
A cyber crime as an act of unauthorized intervention (müdahele) into the working of the
telecommunication networks and/or the sanctioning (yaptırım) of an authorized access to
the resources of the computing elements in a network that leads to a threat to the system’s
infrastructure (alt yapı) or life or that causes significant property loss (önemli derecede
maddi kayıp).
Computer & Network Security
Cyber Crimes -Siber Suçlar
Both the International Convention of Cybercrimes and the European Convention on
Cybercrimes have outlined the list of these crimes to include the following:
• Yasalara aykırı bilgi erişimi
• Unlawful access to information
• Illegal interception of information
• Unlawful use of telecommunication equipment
• Forgery with use of computer measures
• Intrusions of the public switched and packet network
• Network integrity violations
• Privacy violations
• Industrial espionage
• Pirated computer software
• Fraud using a computing system
• Internet/e-mail abuse
• Using computers or computer technology to commit
murder, terrorism, pornography, and hacking
• Yasadışı bilgi kesme
• Telekomünikasyon ekipmanlarının yasadışı kullanımı
• Bilgisayar önlemleri kullanarak sahteciliği
• Kamusal anahtarlamalı ve paket ağın izinsiz girişleri
• Ağ bütünlüğü ihlalleri
• Gizlilik ihlalleri
• Endüstriyel casusluk
• Korsan bilgisayar yazılımı
• Bir bilgi işlem sistemi kullanarak sahtekarlık
• İnternet / e-posta kötüye kullanımı
• Bilgisayarları veya bilgisayar teknolojisini kullanarak cinayet,
terörizm, pornografi, ve hack
Computer & Network Security
Ways of Executing Cyber Crimes -Siber Suçları İşlenmeYolları
Penetration (Sızma-Nüfuz etme) :
A penetration cyber attack is;
• A successful unauthorized access to a protected system resource,
• A successful unauthorized access to an automated system,
• A successful act of bypassing the security mechanisms of a computing system.
However defined, a penetration cyber attack involves breaking into a computing system
and using known security vulnerabilities to gain access to any cyberspace resource.
Full penetration, therefore, allows an intruder to alter data files, change data, plant
viruses, or install damaging Trojan horse programs into the computing system
Computer & Network Security
Ways of Executing Cyber Crimes - Siber Suçları İşlenme Yolları
Distributed Denial of Service (DDoS)
A denial of service is an interruption of service resulting from system
unavailability or destruction. It prevents any part of a target system from
functioning as planned.
This includes any action that causes unauthorized destruction, modification,
or delay of service.
•
•
•
•
•
•
•
•
IP spoofing is forging of an IP packet address.
SYN flooding
Smurf attack
Buffer over flow is an attack
Ping of death
Land.c attack
Teardrop.c attack
Sequence number sniffing
Computer & Network Security
Cyber Criminals –Siber Suçlular
Insiders: For a long time, system attacks were limited to in-house employee generated
attacks to systems and theft of company property. In fact, disgruntled insiders are a major
source of computer crimes because they do not need a great deal of knowledge about the
victim computer system
Hackers: Hackers are actually computer enthusiasts who know a lot about computers and
computer networks and use this knowledge with a criminal intent. For example, such
criminal groups with hacking abilities have broken into credit card companies to steal
thousands of credit card numbers
Disgruntled ex-employees: Many studies have shown that disgruntled ex-employees
also pose a serious threat to organizations as sources of cyber crimes targeting their former
employers for a number of employee–employer issues that led to the separation.
Economic espionage spies: The growth of cyberspace and e-commerce and the forces of
globalization have created a new source of crime syndicates, the organized economic spies
that plow the Internet looking for company secrets.
Computer & Network Security
Cyber Criminals –Siber Suçlular
Crackers: A cracker is one who breaks security on a system. Crackers are hardcore hackers characterized more
as professional security breakers and thieves.
Hacktivists : Hacktivism is a marriage between pure hacking and activism. Hacktivists are conscious (bilinçli)
hackers with a cause.
Cyberterrorists : Based on motives, cyberterrorists can be divided into two categories: the terrorists and
information warfare planners.
• Terrorist: who are terrorists have many motives, ranging from political, economic, and religious to
personal. Most often, the techniques of their terror are through intimidation (gözdağı), coercion (zorlama),
or actual destruction of the target.
• Information Warfare Planners. This involves war planners to threaten attacking a target by disrupting the
target’s essential services by electronically controlling and manipulating information across computer
networks or destroying the information infrastructure.
Computer & Network Security
Computer & Network Security
References:
Kizza, Joseph Migga, Guide to Computer Network Security, Springer,2014