HACKINGDeath or Glory

VSB 2006-008December 6, 2011

DiAmante AstilleroShannon BonaJohn LoCasioMarcelo Mazzocato

What is a Hacker?

A person who enjoys exploring the details of programmable systems and how to stretch

their capabilities, as opposed to most users, who prefer to learn only the

minimum necessary.

High Tech Super Spy?or

Tech Savvy Anti-Social Teen?

Into the Mind of a Cyber Hacker

ATTITUDE•Thrill•“Moral Obligation”•Boredom•Freedom

SKILLS•Programming•Write HTMLs•Use and run a Unix

PERSONAL PREFERENCES•Science Fiction•Meditation•Martial Arts

Recognition in the Hacking Community

•Writing open-source software

•Testing and debugging open-source software

•Keeping the infrastructure working

THE HACKER’S SYMBOLTHE GLIDER from John Conway’s Game of Life

GOOD vs EVILin the Cyber Realm

Hacker

Cracker

AKA “WHITE HAT”• Builds• Helpful

AKA “BLACK HAT”• Destroys• Malicious

A Deeper Exploration

A Brief History of Hacking

1932- Polish Cryptologist Broke the Enigma Machine

-Enabled the allies to read substantial amounts of Morse Code -Dwight D. Eisenhower considered this hack “decisive” in the Allied victory in WWII

Marian Rejewski

Henryk Zygalski Jerzy Rozycki

1971- John T. Draper (Captain Crunch) hacks AT&T’s long distance calling system

John T. Draper (Captain Crunch)

Used the toy whistle found in Cap n’ Crunch cereal to generate a 2600 hertz signal allowing him to make free long distance calls

1983 - the group KILOBAUD is formed

Neal Patrick of The 414’s

First Hacker group publically acknowledged Kick started the creation of various groups

The 414’sLegion of DoomMasters of Deception

1986- Congress passes the Computer Fraud and Abuse Act

Lloyd Blankenship

The late 80’s were plagued with many worms

Arrest of Lloyd Blankenship aka “The Mentor”

Author of The Hacker Manifesto

1998- Split between Free and Open Source Software

Free Software vs. Open Source

-The Freedom to……run the program for any purpose…study how it works, and change it to do what you want…redistribute copies for your neighbor…redistribute copies including your changes to your neighbor

-The Freedom to……redistribute copies for your neighbors …make changes

-Also includes source codes

-Includes licenses protecting the integrity of the code’s author

June 2002- The Bush Administration files a bill to create The Department of Homeland Security

Responsible for protecting the nations critical IT infrastructure

Within the Last Year…

2011 April 17th: PlayStation network is hacked The Hacker Groups, Lulz Security and LulzRaft are formed

September: Bangladesh hacker “Tiger-M@te” infiltrates 700,000 websites in one shot

October 26th: Sesame street channel on YouTube was hacked for 22 minutes

November 1st: Palestinian territory phone and internet networks are hacked

CYBER CRIMEthrough

the Decades

CLAIM TO FAME: KIIS-FM Radio Station Contest

The 80’sKevin Poulsen“Dark Dante”

MOTIVE: Fun and Curiosity Criminal Exploits and Espionage

TARGETS: Radio Station, High Profile Government Systems

EARLY LIFE: Consultant at the Pentagon

White Hat by Day… Black Hat by Night

CRIMES: -Win A Porsche by Friday Contest

-Wiretapped Celebrities-Cracked Military Computer Discovered FBI

investigation of former Philippines President Fernidad Marcos

Penalty: -4 year sentence -$56,000 restitution -Restricted from computer for 3 years

Further Thoughts…Is it worth it? More Likely than not, Poulsen wasn’t going to use the information he extracted from the FBI. Is personal satisfaction worth 4 years of one’s life?

The 90’sJonathan James“c0mrade”

CLAIM TO FAME: 1st Juvenile sent to prison for hacking

MOTIVE: Sense of Power

“Well, it's power at your fingertips. You can control all these computers from the government, from the military, from large corporations. And if you know what you're doing, you can travel through the internet at your will, with no restrictions. That's power; it's a power trip”

TARGET: -US Department of Defense-School Systems-NASA

“I certainly learned that there's a serious lack of computer security. If there's a will, there's a way, and if a computer enthusiast such as myself was determined to get into anywhere, be it the Pentagon or Microsoft, it's been demonstrated that it's possible and they will do it. And there's next to nothing they can do about it, because there's people with skill out there, and they'll get what they want.”

Implications: -US Security Breach -NASA forced to shut down computers $40,000 in damages

CRIMES: -$1.7 million stolen from NASA -Series of intrusions to school systems -Created a backdoor in DTRA

Accessed sensitive emails, usernames and passwords

PENALTY: 6 months in Juvenile Detention

FURTHERTHOUGHTS…

In a Post 9/11 world, would James receive the same sentencing?

THE 2000’sAlbert GonzalezTARGETS:-ATMS -Credit Card holders

IMPLICATIONS: Millions of victims globally

PENALTY: Serving time until 2025

Claim to Fame: Received longest sentence for cyber crime

The Dual Life of Albert Gonzalez

2000 20112003 2006 2009

Early 2000’s – Moderator on shadowcrew.com

2003 - Caught “Cashing Out” & Had Millions of Credit Card Data

To Avoid Prosecution, asked to become an informant

2004 – Installed Operation Firewall: Took Down “Shadow Crew”

Meanwhile Obtained over 40 million Credit Card Data

2007 – Ceased to be an Informant 2008 – Arrested after being Under Surveillance

2011 – Sentenced to Two Concurrent 20 year terms

“As a leader? Unparalleled. Unparalleled in his ability to coordinate contacts and continents and expertise. Unparalleled in that he didn’t just get a hack done — he got a hack done, he got the exfiltration of the data done, he got the laundering of

the funds done. He was a five-tool player.” –Seth Kosto, Assistant U.S. Attorney (New Jersey)

FurtherThoughts…Gonzalez not only betrayed the FBI who gave him a job instead of jail time, but also the Black Hat Community. However, hackers such as Jonathan James still were willing to collaborate with him. What are your thoughts on the relationships in the Black Hat Community?

Where are they now?

Kevin Poulsen“Dark Dante”

Senior Editor of Wired Magazine

Jonathan James“c0mrade”

Committed Suicide in 2008

Albert Gonzalez

MY PERSONAL EXPERIENCES

An Inner Look at the Authorities’ Responses“Tagging a damage amount or number of machines

compromised to a single virus (let alone a single person) is very difficult. Data can be transmitted

across the globe in a matter of seconds, and computers are infected with malware just as quickly.

As a result, accurately counting the number of machines infected by a particular worm is impossible

and can only be estimated.” -Nicholas Newman, National White Collar Crime Center

LOCAL CASES• BANK / ATM FRAUD• FICTIOUS EMPLOYEE• HOTEL / REWARDS

HACKER TRIVIAOther Notable Names…

FRED COHEN 1st Virus

ROBERT T MORRIS 1st Worm(Internet Virus)

SHAWN FANNING

Open Source CodeDefinition

Open source software is software whose source code is published and made available to the public, enabling anyone to copy, modify and redistribute the source code

Problems with Open Source Code

Attempts to Stop “Black Hat” Hacking

Problem with stopping hacking

Reputational TechnologySymantec

Firewalls Company Security Policies

The Future of Hacking Mobile Device Hacking

Apple vs. Android Bio-hacking Advanced Malware Combined Technology Hacking

What direction do you see hacking going in the future? Think about both the “Black Hat” and “White Hat” Communities.

ANY FURTHER QUESTIONS?

Thank you for your time!

We hope you enjoyed our presentation!

WORKS CITED