Digital Transformation in the PLM domain - distrib.pdf
Hacking And Its Prevention
1. HACKING & IT’S PREVENTION PUNE POLICE Workshop on Cyber Crime (March 19 – 20, 2009) March 20, 2009
2. Introduction Dinesh Bareja CISA, CISM, ITIL, BS: 7799 (Imp & LA) Email: [email_address] Information Security professional, having more than 11 years of experience in technology in commercial, operational, functional and project management roles on multiple large and small projects in global and domestic markets. Experienced in establishing ISMS (Information Security Management System), planning and implementation of large scale CobiT® implementation, ISO: 27001, ERM, BCP/DR, BIA, Asset Management, Incident Mgt, Governance and Compliance, VA/PT, AppSec etc He is also member of ISACA, OCEG, iTSMF and co-founder of Indian Honeynet Project and Open Security Alliance. You can find him on Linked In as the owner of the India – Information Security Community group.
3.
4. The hacker / cracker has TIME ANONYMITY INTELLIGENCE (hopefully not) TOOLS AND INFORMATION MALICIOUS INTENT Hack Hacker Hacking Hack: // to write computer programs for enjoyment //to gain access to a computer illegally — hack it Hacker: // an expert at programming and solving problems with a computer // a person who illegally gains access to and sometimes tampers with information in a computer system Crack Cracker Crack: // to puzzle out and expose, solve, or reveal the mystery of <crack a code> //to break into <crack a safe> Cracker: // Hacker // braggart; boaster.
5.
6.
7.
8. Profiling …. the color of your hat ! White Hat Also known as friendly hackers are always using their knowledge for good reasons Black Hat Also known as crackers these are the ones to watch out for, they send and make viruses, destroy data, and deface websites along with other illegal activity and break into peoples machines. This type of hacker has a bad reputation. Grey Hat … Are borderline white/black hats. They sometimes prank unsuspecting users and cause general mayhem. While they think this kind of activity is harmless, they may face long periods of jail time if they ever get found out. Not to forget the hatless….. - Script Kiddies - The Hobbyist - Insider - Countries
9.
10. Are these Black or White ? Kevin Poulsen : “Dark Dante” recognized for his hack of LA radio's KIIS-FM phone lines. Authorities began to pursue him after he hacked into a federal investigation database and during this pursuit, he further drew the ire of the FBI by hacking into federal computers for wiretap information. He served a sentence of five years and since serving time, he has worked as a journalist. As senior editor for Wired News his most prominent article details his work on identifying 744 sex offenders with MySpace profiles. Tsutomu Shimomura : son of Osamu Shimomura, winner of the 2008 Nobel Prize in Chemistry. He was hacked by Kevin Mitnick. Following this personal attack, he helped the FBI capture him by out-hacking Mitnick and had his own dark side These were the Black Hats Robert Tappan Morris : now a tenured professor at the MIT Computer Science and Artificial Intelligence Laboratory. He principally researches computer network architectures including distributed hash tables such as Chord and wireless mesh networks such as Roofnet. Kevin Mitnick : now a productive member of society after five years in jail, about 8 months of it in solitary confinement. Now he is a computer security consultant, author and speaker Adrian Lamo: was breaking into NY Times, Microsoft, Yahoo etc …. currently working as an award-winning journalist and public speaker.
39. www.opensecurityalliance.org Join OSA and leverage your knowledge and expertise to provide guidance and direction to community. Help in removing the FUD and misinformation and contribute to practical and usable studies and research that is India centric. This document is created by Open Security Alliance and is released in the public domain under Creative Commons License (Attribution-Noncommercial 2.5 India) http://creativecommons.org/licenses/by-nc-sa/2.5/in/. Sponsored by Secure Matrix India Pvt Ltd. Title:Hacking and it’s Prevention Version: 1.0 / March 20, 2009