Tutorial 4: Computer Security- Methods of Attack

Hello everyone, welcome to my final tutorial blog. This time I am going to talk about computer security and the ways to attack. Generally speaking there are 6 ways to attack a computer. I will talk about each method and the impact it can have on businesses and home users.           

The first way a computer can be attacked is called data tampering. Data tampering is often done by insiders who have legal access to the system but use this in an illegal way. It can mean entering false, fabricated or fraudulent data into the computer or changing or deleting existing data. Without any security mechanism in place it can be very difficult to find the people responsible for that.        
            The second method is programming attacks. This kind of attack uses programming techniques to directly or indirectly attack a computer. An example would be a buffer overflow, where the program overwrites existing memory. This increases the vulnerability of the whole system. It is however quite complicated compared to data tampering and programming skills as well as knowledge of the targeted system are required.

            A third method to attack a system is computer viruses. A virus is a computer program that has the ability to attach itself to other computer programs, thereby infecting them. Most often the users/ owners of the software or program are not aware of the infection. When the software is used, the virus spreads, causing damage to that program and/or others.
            A quite similar method of attack is called a worm. Compared to a virus a worm has the ability to spread itself. Whereby a virus has to wait that the program/ software is executed, the worm tries to find security problems in the system, like “no password protection of networks” to infect and spread. Most often worms use networks to spread or infect and they can even infect hand held devices and spread via instant messaging. 

   A fifth method is called a Zombied PC. A Zombied PC is a computer that is infected by a Trojan and therefore under the control of someone else than the owner. The spyware that controls the Zombied PC can be used to launch DoS attacks as well as to spread adware. I talked about a DoS attack in my last blog when I explained the necessity of a business continuity and recovery plan. People who attack computer systems in these ways are also called “Phishers” and they are a serious threat as they continuously change their tactics.         

The final method to attack a system is called a botnet. A botnet is a huge amount of hijacked PC that has been set up to forward traffic, including spam and viruses over the internet. Although all kinds of attacks have to be taken serious, I personally think that botnets are a worst thing. I experienced to be part of such a botnet. The result was that my PC was running really slow all the time and after a while I was not able to sent emails anymore. The reason was that my IP-address was on a black list, probably because the people who run the botnet used my computer to send SPAM etc. As a result I had to delete my whole system and I had to install everything new. Luckily I did a backup before my PC was infected and my most important data were saved. According to a BBC article, botnets are a big danger and are growing in number. The difficulty is in detecting the people behind as well the actual size of the botnet. That’s why it is often a long process to get the people but as Detective Burls put it in the BBC interview, “They are complex investigations they're very time consuming, they cross international boundaries but we are making progress, they're very satisfying when you get a suspect before a court".

Source: 

- http://www.freedigitalphotos.net/images/view_photog.php?photogid=659">Image: Salvatore Vuono / FreeDigitalPhotos.net

-http://www.freedigitalphotos.net/images/view_photog.php?photogid=1152">Image: jscreationzs / FreeDigitalPhotos.net

Secure email Project

The iPremier Service Company

The iPremier company is a company focusing on web-based commerce. It was founded in 1996 by two students and had grown to one of the top two market leaders in selling luxury goods at the web. The product prices range from a few hundred till a few thousands of dollars. This means, iPremiers customers were high-class and credit card limits were high as well. As a result, stolen information on credit cards would be a disaster.

The management culture at the company was very mixed. On the one hand there were young people who were with the company from the beginning. On the other hand there were more experienced older managers who joined the company in its growth phase. The culture was described at intense with governing values like “discipline, professionalism, commitment to delivering results, and partnership for achieving profits.

The core of the company was its technical system. As a web-based company one of the most important things they could deliver was customer service. This only works with a fast and reliable website that guarantees data security. iPremiers technical data structure was outsourced to Qdata, a company which was an early provider of hosting and collocation businesses, but which suffered enormously during the Internet bubble. Although iPremier had a long and good relationship with Qdata, it was clear that they were probably not the safest way to manage their data. Qdata missed advanced technology and many employees were leaving the company.

In January 2007, iPremier experienced a hacker attack on their website. The website was down for almost 2hours because of a DoS attack on the system of iPremier, which was managed by Qdata. This was the beginning of the chaos. The employee for resolving those problems at Qdata was in holiday. No one at iPremier knew whom else to contact. Another problem was that the security systems installed by Qdata were not appropriate and too easy to hack. So the management at iPremier was afraid of hackers stealing the credit card information of their customers, which would probably mean the end of iPremier. After many phone calls between iPremier managers, IT-Staff, Qdata executives etc., the hacker attack luckily ended by itself.

The major problem of iPremier was that they had no actual Business Continuity and Disaster Recovery Planning in place. Usually every company should have an updated and standardized procedure how to react in those situations.  Its purpose is to keep the business running after an attack and recover as soon as possible. Such plan is probably one of the most important documents in security management and every company should have it. It would have saved a lot of time and phone calls and maybe they could have got the hackers. Another big problem of iPremier was that they outsourced their technical management to Qdata. Although outsourcing in general is not a bad idea, each company has to ensure that the quality delivered by the other company meets its requirements. With Qdata this was not the case. For a high class selling web-site, security should be one of the main priorities. Qdata was not able to deliver this security, and as a consequence either Qdata has to change something or iPremier should change its provider.

Source:
http://harvardbusinessonline.hbsp.harvard.edu/relay.jhtml?name=itemdetail&id=609092