An Introduction to Hacking and Crimeware
eBook - ePub

An Introduction to Hacking and Crimeware

A Pocket Guide

  1. 53 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

An Introduction to Hacking and Crimeware

A Pocket Guide

About this book

Defend your business, protect your livelihood, safeguard your future.

  • How safe are you online?
  • Is your information protected?
  • What risks are you taking with your data?
  • How do you protect yourself from cybercrime?

Cybercrime is on the rise, and it is becoming easier and easier for criminals to steal your personal information. Toolkits to create viruses, spyware, and other forms of malware are now readily available to anyone wishing to defraud and do damage, and you could be leaving yourself open to attack.

It is estimated that standard computer-based defence systems catch only 25% of malware attacks. Do you know the risks you're running online? Are you protected? An Introduction to Hacking and Crimeware answers your concerns and provides a foundation-level overview of the dark world of cybercrime.

Know your enemy

An Introduction to Hacking and Crimeware is a comprehensive pocket guide to more serious online threats. Knowledge of these threats will help you understand how to ensure that your computer systems are protected and make sure that your business is safe, enabling you to focus on your core activities without fear of attack.

Fight back

In this pocket guide, the author:

  • identifies terms and defines exactly what crimeware is, both intentional and unintentional
  • gives specific, up-to-date examples to help you identify the risks so that you can protect your business
  • explores the increasing use of commercial off-the-shelf (COTS) hacking tools, exposing the enemy's tactics
  • gives practical suggestions of active defence, so you can fight back
  • provides a valuable list of up-to-date, authoritative sources of information, so you can stay abreast of new developments and safeguard your business.

"Everyone who uses the internet should read and use this handbook!"
Helena Keeley, CEO, Compsim

Ensure your online safety: buy An Introduction to Hacking and Crimeware now.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access An Introduction to Hacking and Crimeware by Victoria Loewengart in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

CHAPTER 1: BACKGROUND

The software that is used to disrupt, steal, or manipulate is often referred to as malware, crimeware, or hackware. In this pocket guide these terms will be used interchangeably.
In recent years there has been an influx of commercially available “attack toolkits” to help wannabe hackers create and propagate their own malware without much technical knowledge of computer programming. The underground environment promotes entrepreneurship and allows buyers to subscribe to attack services or buy attack toolkits in bulk, using online shopping carts and paying via Western Union and PayPal.6
Attack toolkits are usually bundles of software libraries that can be used to put together an attack application. The pre-written code in these toolkits exploits new vulnerabilities found in commercial software (aka “Zero Day” vulnerabilities), as well as provides various tools to customize and automate attacks on networked computers, such as command-and-control (C&C) stealth server administration tools.7 Attack kits are used to enable the theft of financial information and intellectual property information using bots,8 as well as to convert compromised computers into a network of bots (aka botnet) in order to conduct additional attacks. These kits are advertised and sold on online underground forums that trade stolen information and services.9 The real strength of botnets lies in their ability to generate massive amounts of Internet traffic against specific targets. This is known as a distributed denial of service (DDoS) attack. Some well-known examples of DDoS attacks are Russian attacks against Estonia and Georgia, effectively shutting down all aspects of online life in these countries.10 Of course, these attacks did not happen by themselves, but were allegedly initiated by Russian hacktivists.
Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. The individual who performs an act of hacktivism is said to be a hacktivist.
A hacktivist uses the same tools and techniques as a hacker but does so in order to disrupt services and bring attention to a political or social cause.11
The danger of commercially available malware kits is that anyone can purchase them. What used to be the domain of the technically savvy is now open to anyone with an agenda to cause harm. Hacktivists can grow in numbers exponentially, because now they have the tools.
Creating malware, such as bots, is inexpensive and relatively easy. The business of buying and selling malware follows a well-established commercial model. Botnets are valued based on the structure of the botnet, past use/abuse of the botnet, location of the botnet’s victims, and robustness of a malware agent.12 The sellers go as far as to guarantee damage, “or your money back.”13 YouTube even has tutorials on how to create the malware, deliver the bot agents, manage the C&C, and turn the stolen data into real money.14
Intentionally malicious software programs are not the only software that can be used for malicious purposes. Many mainstream, publicly available software applications can be utilized to steal or manipulate important data, and since everything these days is about cutting costs and implementing the least expensive solution, even military organizations can fall victim to clever use of the COTS software.
For example, in order to cut costs military satellite communications (SATCOM) adopted commercial satellites, and these assets are not protected from network and radio frequency (RF) attacks by adversaries using open-source and publicly available resources.15 Both digital and analog signals can be captured, manipulated, and/or transmitted using open-source programs downloaded by hobbyists, or provided by equipment vendors and hacker websites complete with documentation and other resources.16
6 “Malware becoming increasingly commercialised, says CoreTrace.” InfoSecurity. February 2, 2011. www.infosecurity-magazine.com/view/15623/malware-becoming-increasingly-commercialised-says-coretrace/ (accessed May 10, 2011).
7 “Report on Attack Toolkits and Malicious Websites.” Symantec. www.symantec.com/about/news/resources/press_kits/det ail.jsp?pkid=attackkits&om_ext_cid=biz_socmed_twitte r_facebook_marketwire_linkedin_2011Jan_worldwide_a ttacktoolkits (accessed May 27, 2011).
8 “A bot worm is a self-replicating malware program that resides in current memory (RAM), turns infected computers into zombies (or bots) and transmits itself to other computers.” From: SearchSecurity. http://searchsecurity.techtarget.com/definition/bot-worm (accessed 30 November 2011).
9 “Report on Attack Toolkits and Malicious Websites.” Symantec. www.symantec.com/about/news/resources/press_kits/det ail.jsp?pkid=attackkits&om_ext_cid=biz_socmed_twitte r_facebook_marketwire_linkedin_2011Jan_worldwide_a ttacktoolkits (accessed May 27, 2011) and “Malware becoming increasingly commercialised, says CoreTrace.” InfoSecurity. February 2, 2011. www.infosecurity-magazine.com/view/15623/malware-becoming-increasingly-commercialised-says-coretrace/ (accessed May 10, 2011).
10 Carr, Jeffrey. Inside Cyber Warfare: Mapping the Cyber Under world. O'Reilly Media, 2009. p.18.
11 SearchSecurity. http://searchsecurity.techtarget.com/definition/hacktivis m) (accessed May 27, 2011).
12 Ollmann, Gunter. “How Criminals Build Botnets for Profit.” Central Ohio InfoSec Summit, Columbus, OH. 2011.
13 Ibid.
14 Ibid.
15 Rohret, David, and Jonathan Holston. “Exploitation of Blue Team SATCOM and MILSAT Assets for Red Team Covert Exploitation and Back-Channel Communications.” Proceedings of the International Conference on Information Warfare & Security. 2010. 288–298. International Security & Counter-Terrorism Reference Center™, EBSCOhost® (accessed May 14, 2011).
16 Ibid.

CHAPTER 2: CRIMEWARE PRODUCTS

This chapter describes different varieties, and the evolution of, commercially available crimeware: from toolkits to exploit vulnerabili...

Table of contents

  1. Cover
  2. Title
  3. Copyright
  4. Preface
  5. About The Author
  6. Acknowledgements
  7. Contents
  8. Introduction
  9. Chapter 1: Background
  10. Chapter 2: Crimeware Products
  11. Chapter 3: Unintentional Crimeware
  12. Chapter 4: The Present and The Future
  13. Chapter 5: Fighting Back
  14. Conclusion
  15. Authoritative Sources Of Information
  16. Bibliography
  17. ITG Resources