Hacking Attempts: How to Protect Against Hacking 1

Hacking Attempts: How to Protect Against Hacking Jessica Grimm University of North Carolina at Charlotte

Spring 2014

Hacking Attempts: How to Protect Against Hacking 2 Background Information Hacking is increasing because of the amount of people in the world using Internet. It is easy to use someone elses information when shopping online because there is no face to face contact. Throughout this paper, we will explore the significant increase of hacking attempts and modes of protection against hacking. Using a combination of primary interviews and case studies involving hacking we will discuss ways of responsibilities using technology to prevent farther highjack of personal information. Terms: Cyber jihad: Kloet, J. (2002), is a group of Muslim hackers who hacked the Indonesian police web site to force them to let the rebellious Muslim leader free. Cyber war: is the use of computers to disrupt the activities of an enemy country. Code Red Worm: Kloet, J. (2002), this was a virus that attacked computers running Microsofts IIS web server in 2001. Lion Worm: Kloet, J. (2002), this was a virus made by a Chinese cracker named Lion; he says that he created the worm to show Chinese anger towards Japan. Ethical hackers: Smith, B., Yurcik, W., & Doss, D. (2001), according to this article an ethical hackers is someone who hacks the computer network to test and evaluate its security, instead of malicious or criminal intent. Cyber-terrorism: Lewis, J. A. (2002), hacking computer networks to endure fear into society. Love Bug virus: Lewis, J. A. (2002), was a worm that attacked millions of Windows personal computers in 2000. It also cost billions of dollars. Firewall: is software or hardware based security system that controls the incoming and outgoing network traffic.
Comment [Biag3]: Include your position in the figured world. Comment [Biag1]: Indent the paragraph. Needs to be in paragraph form. Comment [Biag2]: More detail.

Hacking Attempts: How to Protect Against Hacking 3 RFID: Venkataramani, G., & Gopalan, S. (2007, April), radio frequency identification, it is a technology that uses electronic tags to relay identification information to electronic readers by using radio waves. Generation Y: Freestone, O., & Mitchell, V. (2004), in this article Generation Y means the youngest group of people in the population. Phone Line Hacked A power company in Baltimore, Constellation Energy Group Inc., is tried to be hacked into hundreds of times each day. The chief risk officer for the company, John Collins, says that they have no idea who is trying to hack their system, but they know someone is trying to hack it. Even though, the hackers have not caused any damage to the nations power grid, the company is very concerned with their efforts. Power companies are worried that one of the hackers could be a terrorist. If a terrorist were to hack into the company they could cause a blackout or damage power plants, which could lead into an outage. Patrick H. Wood III, chairman of Federal Energy Regulatory Commission, has told companies that they need to focus more on security. They are taking the proper steps an ensuring that their systems are protected. Although, there are many attacks on the cyber networks across the industries in the U.S., the biggest fear for the government is the threat to the countrys power supply. Some of the problems that company security has are viruses and worms. During the Fast and the Furious series, Dom needed someone who can hack into security systems, safes, and phone lines. Tej is the man to count on. In Fast 5, Tej hacks into a safe that has millions of dollars. Also, Santos and Leo help Tej hack into the police station by cutting the wires and installing a device so they can see the live feed. In Fast 6, Tej saves Mias life by hacking into the phone line before Shaw was able to call his team and tell them to kill her.
Comment [Biag4]: Include in-text citation.

Hacking Attempts: How to Protect Against Hacking 4 Companies Hacked My interview with William and Lisa Grimm talked about the Target credit card scam during Christmas time. They were none too happy about that because William was laid off at the time and they were low on money. William went to the bank to cancel their credit cards and their banker told him if they did not get a call from Target they would be 95% in the clear. Lisa would check their bank account every day to make sure there were no changes. Recently, when they checked their bank account was negative. Someone took Lisas credit card information and spent $190 on GoDaddy.com and the very last time she used that card was at Target during Christmas. When they called GoDaddy to tell them that they did not buy anything from them and the call rep said that they knew it was a fraud. The money was refunded right away. They said they are having a hard time coping because they are borrowing money from family members to keep stable until William starts his new job. According to Schneier, computer security is failing regularly. CEOs of businesses want the security on their network to be improved. When you increase security it will also increase the spending. Auditors want firewalls because without them they would fail an audit and be accused of not following proper guidelines. In Schneiers paper he has a three step program that will help motivate the business. State Government Hacked When interviewing William Grimm about his Social Security Number getting hacked, he told me exactly the reason why it happened. He worked in the state of South Carolina for a couple months and because of that he had to file taxes for South Carolina. A few months later, he was watching the local news and a news story shared that the department of South Carolinas IRS had been hacked. Since that happened, he was able to get 12 months of free credit
Comment [Biag6]: Elaborate on the three step program. Give more detail. Comment [Biag5]: Clear content. Especially after defining the terms.

Hacking Attempts: How to Protect Against Hacking 5 monitoring. Knowing he had his social security number hacked is very scary. He will have to watch his credit record very closely and most likely for the rest of his life. He told me that he is worried someone will open credit cards and his credit score will decrease. Lewiss paper Assessing the Risks of Cyber Terrorism, Cyber War and other Cyber Threats talks about cyber terrorism and how it affects the computer network. Lewis compares the theories of cyber-warfare and air power. Even though, the costs of cyber-attacks are cheaper than physical attacks, they are less effective. He says that if the cyber-attack does not cause harm then there is no need for immediate risk for national security. Lewis cited a post from The Washington Post and it states that U.S. analysts believe that by disabling or taking command of the floodgates in a dam, for example, or of substations handling 300,000 volts of electric power, an intruder could use virtual tools to destroy real-world lives and property. Cyber-terrorist needed to attack numerous targets for a long period of time for it to be considered terror. He states that The Love Bug virus cost computer users worldwide between $3 billion to $15 billion. Internet Hacked In the article, Ethical Hacking, C.C. Palmer talks about the two definitions for hacker in the computer industry. When the media saw a numerous amount of damaged computers they made it into news. They would use the word hacker rather than using the proper term computer criminal. Network security is becoming a major concern for business and governments because the Internet is increasing rapidly. An ethical hacker is someone who would act like a criminal hacker, but would not damage anything on the computer. To be an ethical hacker you have to be trustworthy and responsible. When evaluating the security they ask themselves three questions. After they answer the questions, they make an agreement between their client and themselves and this protects them from any lawsuits.

Hacking Attempts: How to Protect Against Hacking 6 Anyone who is good with computers can be a hacker. The word hacker has so many definitions. Smith and Doss explain in their article Ethical Hacking: The Security Justification, what an ethical hacker is and why they are able to get away with a crime. Ethical hackers use their knowledge to improve security. Just like in the article Ethical Hacking, they ask themselves a series of three questions. They believe that people are being hypocrites because they are paying the ethical hackers to do a crime, while they are putting the unethical hackers in prison. In this article, Generation Y Attitudes towards E-ethics and Internet-related Misbehaviours, Freestone and Mitchell talk about the cost of hacking and viruses on computers. Annually, the cost is about $4 billion and the number of people affected is 700,000 in the U.S. alone. They did an experiment with 12 groups. Each group consisted of 6 students ranging from ages 18 to 21. They asked the groups a couple of questions. The results should that five dimensions emerged: illegal activities, questionable activities, hacking related activities, human internet trade, and downloading material. This study acknowledged 24 unethical activities, despite the fact that these activities are costly to the businesses and society, most of them are not seen as wrong. China and Indonesian The article, Digitisation and its Asian discontents: the Internet, politics, and hacking in China and Indonesia, talks about how the Chinese and Indonesian governments feel about the Internet. Hackers sometimes challenge the government. Wenas is one of the major hacker in Indonesia. Hacking is nothing new to the Indonesians. In May 2001, a group of Muslim hackers, Cyber jihad, hacked the police web site to force them to let a militant Muslim leader free. Chinese government has banned some of the U.S. websites. Americans think that the Code
Comment [Biag7]: Elaborate on the questions they ask. Give more detail.

Hacking Attempts: How to Protect Against Hacking 7 Red Worm and Lion Worm were caused by the Chinese. All over the Asian countries cyberwar is happening. A hacker from China was arrested for replacing the content of the government wed sites with pornography. Indonesia was banned from e-Bay because of a hacker manipulating sellers. Credit Card Hacked In this article, Mobile phone based RFID architecture for secure electronic Payments using RFID credit cards, it starts off by saying if someone steals a credit card they can use it to buy an online purchase and they would never know who the true owners of the credit card are. In this article, Venkataramani and Gopalan both agree that RFID credit cards will be used in the future. RFID (radio-frequency identification) is defenseless to security breaches. Their major goal is to improve the security of electronic payments. They give real life scenarios. For example, Jack forgot his credit card when he purchased something at a store. Someone picked up his card and used it to purchase expensive items. Jack did not even know his credit card was missing until he got a credit card statement. The use of online shopping has increased because of the rapid growth of the Internet. They use different scenarios to motivate business/individuals. Entering the Conversation I believe computer security should be increased no matter what the cost is. Businesses are worried that they will spend too much money and the security will not work. After researching different types of hacking attempts, I see how easy it is to hack into the security system because the companies do not have proper software or hardware to protect against that. Venkataramani and Gopalan have a very valid point when they talked about how online shopping is increasing. They believe that RFID should be used on credit cards because it will help the companies become aware of fraud. I agree with them because RFID would give identification information

Hacking Attempts: How to Protect Against Hacking 8 when someone would try to use the credit card. Regardless of the cost, I believe it would be beneficial to businesses and the government if they increase the network security. A main reason why it would be beneficial is because businesses and the government have a lot of important information from people and if they do not protect that information properly there can be serious consequences. Another reason why it would be beneficial is because it would make it harder for a terrorist to cause harm to the country or business. For example, my dad works for a nuclear power plant and he told me that a nuclear power plant needs a very secure security system because if a terrorist attacks the security system it could cause a widespread blackout or a nuclear power plant can be damaged and lead into an outage. A way businesses and the government can test this theory would be having an ethical hacker try to hack into the computer that is fully protected and try to hack into another computer that is not fully protected. The ethical hacker would not know which computer is fully protected and which one is not fully protected. So What? With the national security having tons of information, they need to research ways to protect against hackers. Businesses hire people to make sure that their business is safe from hackers. Improving the security on the national security system will help businesses and the government from being hacked. It also protects individuals from credit card theft, social security theft, and identity theft. Some people think it is a problem when we allow ethical hackers hack into the computers because we consider it a crime when a normal human being hacks into a computer because they are trying to steal from individuals. Hacking causes billions of dollars in damages for a company or the government. To solve that problem companies and the government need to stop worrying about the cost of security and worry about the billions of
Comment [Biag10]: Add to, so it says ethical hackers to hack. Comment [Biag9]: Like the idea of increasing the security on businesses and government. Comment [Biag8]: Great example.

Hacking Attempts: How to Protect Against Hacking 9 dollars in damages that they have to pay for now. In the long run, the cost of security is cheaper than the cost of the damages.

Hacking Attempts: How to Protect Against Hacking 10 Works Cited Blum, J., & Friday, M. (2005). Hackers Target US Power Grid. Washington Post, 11, E01. Freestone, O., & Mitchell, V. (2004). Generation Y attitudes towards e-ethics and internetrelated misbehaviours. Journal of Business Ethics, 54(2), 121-128. Grimm, J. Fast and the Furious observation [Document]. Retrieved from http://moodle2.uncc.edu/course/view.php?id=37598 Grimm, W., & Grimm, L. (2014, February 20). Interview by J Grimm []. Credit card information hacked. Grimm, W. (2014, February 20). Interview by J Grimm []. Social security number hacked. Kloet, J. (2002). Digitisation and its Asian discontents: the Internet, politics and hacking in China and Indonesia. First Monday, 7(9). Lewis, J. A. (2002). Assessing the risks of cyber terrorism, cyber war and other cyber threats. Center for Strategic & International Studies Palmer, C. C. (2001). Ethical hacking. IBM Systems Journal, 40(3), 769-780. Schneier, B. (2004). Hacking the business climate for network security. Computer, 37(4), 87-89. Smith, B., Yurcik, W., & Doss, D. (2001). Ethical hacking: the security justification. Venkataramani, G., & Gopalan, S. (2007, April). Mobile phone based RFID architecture for secure electronic Payments using RFID credit cards. In Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on (pp. 610-620). IEEE.