Art of Intrusion The art of intrusion by Kevin Mitnick gives the readers an insight of the different levels and

stages of planning a hacker goes through before attacking. About the author

The real deal of intrusion In my opinion with the rapid industrialization and advancement in technology, over the past few decades- information can never be safe. Everytime new computer security software is released, there is a hacker somewhere in the World, trying to break the firewall and manipulate information.Every time [some software engineer] says, Nobody will go to the trouble of doing that, theres some kid in Finland who will go to the trouble" (Alex Mayfield). Hackers know their craft too well to deploy their plan for hacking using a variety of styles. Hacking can be done through phones, modems, coding programs, serial numbers, emails, and anything that we can possibly think of. There goes a strategic planning of following, careful observation on the person being attacked before the foul play. Miscreants are continuing to find new and creative waysto exploit network, system, and even human vulnerabilitiesto steal information or do damage. The challenge is thatwe need to block their exploits 100 percent of the time ifwe are to protect our networks and information. They canbe right once; we have to be right all of the time. We needto be ever-vigilant in our efforts to protect our assets,information, and ourselves online.(John N. Stewart, vice president and chief security officer, Cisco)

Effect on countries and organizations Security is the most essential feature to protect data for every organization. Unfortunately, this has become a potential threat in all the countries. The Government and companies are always on a watch out for any harmful attacks. The Information Technology department is always dodging and doing their best to save data from these malicious attacks. The following graph shows the most attacked countries in the World. The U.S.A, U.K, and South Africa have been the top three countries for seventeen consecutive months.(http://www.rsa.com/solutions/consumer_authentication/intelreport/11363_Online_Fraud _report_0311.pdf)

Governments role in curbing the cybercrime: http://www.justice.gov/criminal/cybercrime/2B1.1Full.htm There are currently 45 countries that have already implemented the cyber crime law and enforcement. The penalty, probation, or the serving term in the prison is decided basing on the level of cyber crime. The crime is also measured in terms of the information that has been misused or manipulated. The punishments also vary depending on the organization attacked, the number of people attacked, trafficking of the number of unauthorized devices. The United Stated of America has strict and sturdy laws for cyber crime. The hacker might have to end up paying a penalty ranging from $5000 to $ 1,000,000,000 while serving a prison time from a starting range of 6 months to life time. The author of this book The Art of Intrusion, Kevin Mitnick served a five year term in the prison for all the hacking he had done during the mid 90s. In my opinion, the cyber crime laws have definitely helped the Government (of which ever country that is deploying these laws to fight cyber crime) control the crime to a certain extent possible.These laws are very fair as they have different ranges of punishments depending on the damage done.However, this control is not 100% and there is always a set of hackers who keep fishing new techniques to hack. Laws regarding the cybercrime : Absolute softwares, 2010 March 30tharieanna This bill would impact international tradewith countries that fail to properly address cybercrime within their boundaries by imposing funding restrictions. Its definitely a bill that perhaps could strong-arm the international community into addressing the issue.The International Cybercrime Reporting and Cooperation Act was put together to enhance Americas cooperationwith other countries to combat cybercrime and keep America

safe. It is very difficult to control the cost of cybercrime that is initiated from either within the country or from outside the country. This law will help control cybercrimes throughout the World, making it easier and simpler for everyone. Effects on businesstrustwave spider lab reports The theft of information from any company could possibly cause drastic damage. The security breach in a company is directly proportional to its financial loss and waste of valuable time. This is indeed an alarming threat to all organizations.The IT technicians will have to re order the networks and connections caused by this damage, in turn resulting in double work.

Most of the companies now are outsourcing their operations all over the World indicating that the data is spread throughout making it easier for the hacker to attack the information. In this way, I think the companies are more vulnerable to hackers. Give an example of Lynn It department (Check with supervisor).

Target Casinos Gambling is a huge industry. There are thousands of people trying their luck in the business everyday. Casinos are one of the top targets for a shrewd hacker. The casinos however, over the last few years have tightened their security and are now considerable less prone to being attacked. The casinos now have two levels of security measures on their slot machines. Firstly, it is the floor staff that is extremely vigilant on their players. Secondly, the software developers of the coded machines are keeping a track on every move of the player (through technology). This way, it is a little difficult for the hacker to break the double standard and hack to win millions of dollars unlike how easy it was for the four friends in the book to hank and make money. All the casinos now use the RFID technology for tokes. RFID is the Radio frequency identification technology that uses the radio waves for communication between the user and the token attached. This was there is less possibility of any kind of security breach in the casinos. Most of the casinos use the face recognition technology that captures the picture of the player and keeps a log of every move. Interestingly, the hackers never seem to give up their trails for hacking casinos. Richard Marcus, a retired casino hacker says technology cant beat us in an interview on CNet news. I think more than the technology, the loop hole should be blamed on the programmer who unknowingly makes a flaw in his code. Anyone who has good programming skills can catch the flaw and use it to their advantage. http://news.cnet.com/Technology-cant-beat-us,-casino-cheat-says/2100-7348_3-5933358.html

Phones and modems not safe!

Todays cell phones are mini computers. We can browse the web, chat, email, facetime, save documents; use the GPS on the PDAs. All this is done through cloud computing, meaning that the data we store is jumping through different towers before it comes back to us when needed. The number of towers it touches, the more it is prone to being attacked. I was an Iphone user and recently moved to the Blackberry. From my personal experience, we can very much avoid hacking of our phones. All we have to do is to make sure that the service provider does not have access to any personal information while using the GPS and also by not syncing the important information that might be saved in the cloud computing. These are the simple steps to avoid hacking. Modems and cables are not as safe as we assume them to be. Hackers have the knack to unlock the modem to get unauthorized access to companies/individuals. Most of the companies buy locked modems to ensure any security breach but once the modem is bridged, there is no stopping of information leak out.

Financial Institutions Banks are one of the major targets for hackers.The number of attacks on the national banks in the U.S.A keeps increasing by the day. Hackers use new social engineering techniques to get the customers information through ATMs or email accounts. The RSA online fraud report shows a 2% increase of attacks on national banks.

On April 4, 2011JP Morgan Chase bank had a security breach. All their customers email addresses were hacked by an unauthorized person. The bank immediately notified all customers and warned them against any malicious mail from an unknown sender. I would suggest that everyone must watch out for their surroundings while using the ATM for money transactions. Also using the online banking account in public places through wireless network can send in the pass codesand secured information to the wrong hands. Emails are prone to being attacked anywhere irrespective of the network used. Kate Hanni, the founder and executive director of flyerrights.org realized that all her AOL emails containing important information of the organization were being re-directed to an unknown location. She later sued the Delta airlines for hacking her emails. She claims that the airlines did this in order to sabotage flyerrights.org efforts to pass a federal legislation to help stranded fliers.Unfortunately, in cases like this, there is very little the user can do to secure their data. In my opinion, such foul play on an organizations part is very unfair and they should curb practicing such methods.

The graph from TrustWaveSpiderLabs report till February, 2011 shows the different segments in which the hackers attack an email account. It shows four ways used to get access into the users account. If the user is not cautious enough, there is a good probability of the account being hacked. Neither do I read emails from unknown senders nor open an un-trusted website.