Defacing and cyber-terrorism attacks and protection policies

In the prior post I’ve mentioned about two strategies of attacking which have been used in Cyber war between Palestinians and Israelis. They are Defacing Attacks and cyber-terrorism attacks. In this post I would like to explain about them in detail, also I intend to explain some real examples in the world which happened by using this types of Cyber terrorism attacking.

1. Defacing attack:

Defacing attacks occur when hackers break into a Web-site’s files and alter them by posting obscenities or generally changing the content of the site that is viewed on the World Wide Web.

Some of the most notable examples of this type of attack are:

1. the Anti-Defamation League site, defacement of the Hizbollah Web-site by Israelis at the beginning of the conflict.

2. The Iranian Ministry of Agriculture site

3. the Web-site of Iranian President Mohammed Khatami

4. the site of the U.S. high-tech firm Lucent Technologies because of their heavy business dealings in Israel

2. Cyber-terrorism:

As I mentioned before in prior posts this type of attacks includes the stealing, corruption, or alteration of information contained on a particular site.

Examples in real world:

1. A mild example is the incident in which key files were erased from the Knesset’s Web-site because it involved the destruction of information contained there, although it did not cause very serious impacts

2. Threats by pro-Palestinian hackers, if carried out, to attack major e-commerce sites in the U.S. in response to Israeli hacker attacks, may fit within this category

3. The attack perpetrated against AIPAC by Dr. Nuker (a member of a group called the Pakistan Hackerz Club) comes even closer because, in addition to defacement, 3,500 email addresses were stolen, anti-Israeli messages were sent to these addresses, and 700 credit card numbers were stolen and subsequently posted on Dr. Nuker’s Web-site.

Policy Response:

There have been interesting policy responses in a result of these attacks.

on the part of some international actors, a policy response could be of a more offensive nature.

Another kind of policy which might be used is that governments around the world are training hacker soldiers for the purposes of harassing opponents, espionage, and attacks on vital infrastructures. So the hackers can find the bugs and inform the governments in order to solve the problem, so by this strategy they use hackers to solve the problems rather than using them just for attacking.

Another way of protection is Identify most critical information and host it in the safest possible manner. Not every database or server needs the ultimate level of security. Evaluate the consequences of a breach on a system-by-system basis. Consider outsourcing your most critical systems to a trusted third-party secure hosting company. When considering this option look at network security, physical security and policy security. All three components should be the best of breed to ensure ultimate protection.

A real case in Middle East for Cyber terrorism

In the previous posts I’ve explained the main issues in cyber terrorism and two real cases which happened in the Cyber space.

As we know recently the discussion of cyber-terrorism has focused on events in the Middle East, where the Oslo Peace Process has broken down and violence has resumed between Palestinians and Israelis.

A new dimension to this recent Intifada (the term “Cyber-Intifada” fits more closely with the terminology being used to describe the physical conflict between Palestinians and Israelis of which this cyber-conflict is a direct outgrowth.) has been the use of Internet by both sides in the furtherance of their goals. Some have called this the “first full-scale war in cyberspace, and “the first example of a cyber-war between people fighting on the ground.

Proclamations indicate that recent events in the Middle East have further fuelled pre-existing concerns by large and small countries alike that new information technology (IT), especially Internet, poses a dangerous new security threat.

Therefore, one should do several things to accurately evaluate such claims by:

1) Examining how in fact Internet has been used in the recent Intifada.

2) Understanding the different types of threats that may emerge from cyberspace.

3) Comparing the Cyber-Intifada to these different threats.

The cyber terrorism will be broken up into several categories:

1. the different types of attacks that have been used will be outlined

2. the reaction from policymakers to the attacks

For the first issue the different types of attacks have been used such as Defacing Attacks and cyber-terrorism attacks.

These types of attacks consist of different phases which can be used in order to steal and alter the nature of the information which exist on the specific Web sites.

Minor attacks come in the form of "data diddling", where information in the computer is changed. This may involve changing medical or financial records or stealing of passwords. Hackers may even prevent users who should have access from gaining access to the machine. Ethical issues in this case include things like invasion of privacy and ownership conflicts.

Prevention Policies:

Two strategies can be used in order to prevent attacks in real cases:

1. Build Strong Firewalls: A good firewall system can protect networks from many of the above vulnerabilities - even when the other best practices are not followed. Firewalls now exist for personal or single-system use as well as the traditional network appliance. These personal firewalls provide a great deal of protection for mobile users or users who do not operate their systems behind an adequate corporate firewall system.

2. Enact and enforce strong policy: Staff members with access to or control over critical information should undergo rigorous background checks and should comply with strong security policy. Verifying users via strong authentication practices and making sure that all activity is logged are keys to prevention and accurate forensics in the event of an attack.

Even though these strategies cannot supply us 100% accuracy in order to prevent from any attacks but they are the ways which can help users and organizations protect themselves from undesirable attacks.

In next posts I’ll describe the different kind of attacks in detail which are used in real cases as mentioned between Palestinians and Israelis.

Forms of Cyber Terrorism

Forms of Cyber Terrorism

Social networking over the Internet has boomed in recent years because it allows networks of like-minded individuals to collaborate and connect, regardless of their respective geographies or physical location. Cyber terrorism as mentioned is a very serious issue and it covers vide range of attacks.

Some of the major tools of cyber crime may be- Botnets, Estonia, 2007, Malicious Code Hosted on Websites, Cyber Espionage etc.
It is pertinent to mark here that there are other forms which could be covered under the heading of Cyber Crime & simultaneously is also an important tools for terrorist activities. Here I’m going to discuss these criminal activities one by one:

Attacks via Internet:
Unauthorized access & Hacking:
one of the criminal activities is unauthorized access that would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network

Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction.

Trojan Attack:
Trojan is a program that acts like something useful but do the things that are quiet damping. The programs of this kind are called as Trojans.
Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly) runs the server on its machine, the attacker will then use the Client to connect to the Server and start using the trojan.

Virus and Worm attack:
A program that has capability to infect other programs and make copies of itself and spread into other programs is called virus.
Programs that multiply like viruses but spread from computer to computer are called as worms.

E-mail related crimes:
1. Email spoofing:
Email spoofing refers to email that appears to have been originated from one source when it was actually sent from another source.

2. Email Spamming
Email "spamming" refers to sending email to thousands and thousands of users - similar to a chain letter.

Sending malicious codes through email
E-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a link of website which on visiting downloads malicious code.

After investigation about different types of Cyber terrorism which may occur for anybody or organization I would like to mention some case studies to show this definitions and theories in real life.

As you know one of the most popular forms of Cyber terrorism is to threaten a large bank. The terrorists hack into the system and then leave an encrypted message for senior directors, which threaten the bank. What adds to the difficulty to catch the criminals is that the criminals may be in another country. A second difficulty is that most banks would rather pay the money than have the public know how vulnerable they are.

Here I show you some examples of cyber terrorism in its many forms:

Case 1:

Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a group, known as the Chaos Computer Club, was discovered in 1997. They had created an Active X Control for the Internet that can trick the Quicken accounting program into removing money from a user's bank account. This could easily be used to steal money from users all over the world that have the Quicken software installed on their computer. This type of file is only one of thousands of types of viruses that can do everything from simply annoy users, to disable large networks, which can have disastrous, even life and death, results.

This Active X program can be sent via e-mail to victim. As i mentioned above this can be classified under e-mail Crimes which may happen to any organization. So the employees of organization or even any client should be aware of receiving undesirable e-mails. In case of receiving e-mail form unknown sender. Below I’ll mentioned some solutions in order to avoid from being violated.

Case 2:

Terrorism can also come in the form of disinformation. Terrorists can many times say what they please without fear of reprisal from authorities or of accountability for what they say. In a recent incident, the rumor that a group of people were stealing people's kidneys for sale was spread via the Internet. The rumor panicked thousands of people. This is an ethical issue similar to screaming 'Fire' in a crowded theater. In case like this, the number of people affected is unlimited. Thousands of people were scared by this and could have suffered emotionally.

As you can see the ethical and behavioural issues may act as Cyber terrorism like the rumor which happened in the second case.

How to prepare ourselves to prevent form Cyber Terrorism?

Here I mention two ways of prevention from cyber terrorism attacks:

1. Beware of Mail Attachments

This is one of the most common methods of causing damage. Many email applications today allow for the execution of code in email attachments. Many 'worms' have been released in this manner over the past few years, with effects ranging from relatively harmless propagation of the worm to massive file damage. Users should disable features of their mail application that allow for indiscriminate execution of active code attachments and use a reliable virus scanner that understands email attachments.

2. Engage Anti-Virus Software

This software has the ability to scan files on a local computer and, in some cases, to monitor inbound and outbound traffic from applications such as email attachments. This software requires constant updating in order to be effective, and the best applications will automatically download updated virus definition files at predetermined intervals.