ICT role in 21st century education and its challenges
Masters Thesis on Ethical Hacking Sagar - MISCU
1.
Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Masters
Thesis
MS
in
Management
Information
Systems
Author
Sagar
.R.
Dhande
ID
-‐
2973641
C o v e n t r y
U n i v e r s i t y ,
U K
2. 2
Table
of
Contents
C HAPTER
1
....................................................................................................................................
10
1.0
Introduction
..........................................................................................................................
10
1.1
Information
Security
..................................................................................................................................
10
1.2
Information
and
Data
................................................................................................................................
10
1.3
Overview
of
Mumbai
and
Pune
.............................................................................................................
13
1.4
Problem
Statement
and
definition
.......................................................................................................
14
C HAPTER
2
....................................................................................................................................
16
2.0
Research
Question
and
Analysis
..........................................................................................
16
2.1
Research
Questions
and
Objectives
....................................................................................................
16
2.2
Primary
Data
.................................................................................................................................................
19
C HAPTER
3
....................................................................................................................................
20
3.0
Research
Theory
and
Framework
.......................................................................................
20
3.1
Research
Theories
......................................................................................................................................
20
3.2
Research
Framework
................................................................................................................................
23
3.2.1
Dependent
Variables
.........................................................................................................................
23
3.2.2
Factors
.....................................................................................................................................................
23
3.2.3
Proposed
Framework
.......................................................................................................................
24
C HAPTER
4
....................................................................................................................................
25
4.0
L ITERATURE
R EVIEW
...............................................................................................................
25
4.1
Current
Information
security
Crime
and
Scenario
.......................................................................
25
4.1.1
In-‐house
Threat
...................................................................................................................................
25
4.1.1.1
Wipro
Employee
Cheats
$4
million
....................................................................................
25
4.1.1.2
Bank
of
America
Employee
steals
customers’
data
.................................................
26
4.1.2
Nigerian
Lottery
Email
scam
.........................................................................................................
26
4.1.3
Social
Engineering
Issues
................................................................................................................
27
4.1.3.1
Social
networking
site
issue
..................................................................................................
27
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
3. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
3
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
4.1.3.2
UTI
Bank
Phishing
Issue
.........................................................................................................
28
4.1.4
Mass
defacement
of
websites
........................................................................................................
29
4.2
Security
awareness
among
Indians
.....................................................................................................
31
4.3
Emerging
Cyber
security
threats
..........................................................................................................
32
4.3.1
Hackers
...................................................................................................................................................
32
4.3.1.1
Types
of
hackers
.........................................................................................................................
32
4.3.1.1.1
Black
Hat
Hackers
.............................................................................................................
32
4.3.1.1.2
White
Hat
Hackers
............................................................................................................
32
4.3.2
Spyware/
Malware
.............................................................................................................................
32
4.3.3
Viruses
.....................................................................................................................................................
34
4.3.4
Social
Engineering/
Phishing
........................................................................................................
35
4.3.4
Bot
network
operator
.......................................................................................................................
35
4.3.5
Insider
threat
........................................................................................................................................
37
4.3.5
Key
logger
..............................................................................................................................................
37
4.4
Conclusion
for
Information
security
crime
and
scenario
..........................................................
38
4.5
General
security
tools
and
techniques
...............................................................................................
39
4.5.1
Antivirus
.................................................................................................................................................
39
4.5.1.1
Drawback
.......................................................................................................................................
39
4.5.1.2
Working
of
Antivirus
................................................................................................................
40
4.5.1.3
Virus
dictionary
approach
......................................................................................................
40
4.5.1.4
Suspicious
behavior
approach
.............................................................................................
40
4.5.1.5
Concerns:
.......................................................................................................................................
41
4.5.2
Firewall
...................................................................................................................................................
41
4.5.2.1
Limitations
....................................................................................................................................
42
4.5.2.3
Advantage
to
hacker
.................................................................................................................
43
4.5.3
Patches
....................................................................................................................................................
43
4.5.4
Anti-‐Spyware
Software
....................................................................................................................
44
4.5.5
Anti
Key
logger
....................................................................................................................................
44
4.5.5.1
Limitation
......................................................................................................................................
45
4.5.6
Biometrics
Tools
.................................................................................................................................
46
4.5.6.1
Working
of
biometrics
tools
..................................................................................................
47
4.5.6.2
Benefits
of
using
BTPs
..............................................................................................................
49
4.5.6.3.
Concerns
.......................................................................................................................................
49
4. 4
4.5.6.4
Limitation
......................................................................................................................................
49
4.5.7
Hardware
Encryption
.......................................................................................................................
50
4.5.7.1
Encryption
.....................................................................................................................................
50
4.5.7.1.1
Network
Encryption
.........................................................................................................
50
4.5.7.1.2
Disk
Encryptions
................................................................................................................
51
4.5.8
Hardware
Firewall
.............................................................................................................................
51
4.5.8.1
Limitation
......................................................................................................................................
52
4.5.9
Laws,
Rules
and
Policies
..................................................................................................................
53
4.5.9.1
Benefits
...........................................................................................................................................
53
4.5.9.2
Limitations
....................................................................................................................................
53
4.6
Penetrating
Firewall,
Antivirus,
Antispyware
................................................................................
54
4.7
Ethical
Hacking
.............................................................................................................................................
55
4.7.1
Hackers
...................................................................................................................................................
55
4.7.2
Ethical
hackers
.....................................................................................................................................
56
4.7.3
Ethical
Hacking
....................................................................................................................................
57
4.7.4
Why
Ethical
Hacking?
.......................................................................................................................
57
4.7.4.1
Evaluation
of
a
system’s
......................................................................................................
58
4.7.4.2
Types
of
attack
for
Ethical
Hacking
and
Hacking
....................................................
58
4.7.4.2.1
Non-‐technical
attacks
......................................................................................................
59
4.7.4.2.2
Network-‐infrastructure
attacks
..................................................................................
59
4.7.4.2.3
Operating-‐system
attacks
...................................................................................................
60
4.7.4.2.4.
Application
and
other
specialized
attacks
..................................................................
60
4.8
The
Ethical
Hacking
Process
..................................................................................................................
61
4.8.1
Formulating
your
plan
......................................................................................................................
61
4.8.2
Selecting
tools
......................................................................................................................................
62
4.8.3
Executing
the
plan
..............................................................................................................................
62
4.8.4
Evaluating
results
...............................................................................................................................
62
C HAPTER
5
....................................................................................................................................
63
5.0
Research
Methodology
.........................................................................................................
63
5.1
Introduction
...................................................................................................................................................
63
5.2
Purpose
of
Research
..................................................................................................................................
63
5.3
Research
philosophy
..................................................................................................................................
64
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
5. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
5
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
5.4
Research
Strategies
....................................................................................................................................
66
5.4.1
Research
Approaches
.......................................................................................................................
66
5.4.2
Time
Horizons
......................................................................................................................................
66
5.5
Data
Collection
Methods
..........................................................................................................................
67
5.5.1
Sampling
Design
..................................................................................................................................
67
5.5.1.1
Quota
sampling
...........................................................................................................................
67
5.5.1.2
Snowball
sampling
.....................................................................................................................
67
5.5.2
Sample
Frame
and
Sample
Size
....................................................................................................
67
5.5.2.1
Sample
size
formula:
.................................................................................................................
68
5.5.3
Target
Region
.......................................................................................................................................
68
5.5.4
Target
Industries
................................................................................................................................
68
5.3.5
Target
Sample
......................................................................................................................................
69
5.6
Data
Collection
.............................................................................................................................................
70
5.6.1
Secondary
Data
Collection
..............................................................................................................
70
5.6.2
Primary
Data
Collection
...................................................................................................................
70
6.0
Data
Analysis
.........................................................................................................................
71
6.1
Primary
Data
Questionnaire
...................................................................................................................
71
6.2
Analysis
approach
.......................................................................................................................................
72
6.4
Results
of
the
questionnaires
.................................................................................................................
73
6.4.1
Analysis
of
Section
A
.........................................................................................................................
73
6.4.1.1
Gender
.............................................................................................................................................
73
6.4.1.2
Respondent's
Designation
......................................................................................................
73
6.4.1.3
Industry
Type
..............................................................................................................................
74
6.4.2
Analysis
of
Section
B
.........................................................................................................................
75
6.4.2.1
Type
of
Information
stored
by
respondent
in
system
...............................................
75
6.4.2.2
Security
tools
used
by
respondents
...................................................................................
76
6.4.2.2.2
Hardware
security
tools
and
techniques
....................................................................
77
6.4.2.2.3
Security
rules,
law,
policies
and
access
control
.......................................................
78
6.4.3
Analysis
of
Section
C
..........................................................................................................................
79
6.4.3.1
Respondents
view
on
information
security
..................................................................
79
6.4.3.2
Respondents’
expectation
from
security
techniques
............................................
80
6.4.4
Analysis
of
Section
D
.........................................................................................................................
81
6.4.4.1
Attacked
for
unauthorized
access
to
the
system
..........................................................
81
6. 6
6.4.4.2
Breaking
system’s
password
.................................................................................................
81
6.4.4.2.1
Operating
system
attack
.................................................................................................
82
6.4.4.3
Getting
information
by
faking
target
.................................................................................
83
6.4.4.3.1Non-‐
technical
attack
........................................................................................................
83
6.4.4.4
Violating
companies/
individual
rules,
policies,
law
..................................................
84
6.4.4.4.1
Violating
(breaking)
laws,
rules
and
policies
attack
..........................................
85
6.4.4.5
Breaking
network
infrastructure
........................................................................................
86
6.4.4.5.1
Attacking
Network
infrastructure
..............................................................................
87
6.4.4.6
Action
taken
after
identifying
security
threat
(vulnerability)
................................
88
6.4.4.7
Respondent’s
acceptance
of
attacks
to
ensure
security
........................................
89
C HAPTER
7
....................................................................................................................................
90
7.0
Discussion
and
Conclusion
...................................................................................................
90
7.1
Discussion
and
Conclusion
on
section
A
...........................................................................................
90
7.2
Discussion
and
Conclusion
on
section
B
...........................................................................................
92
7.3
Discussion
and
Conclusion
on
section
C
...........................................................................................
94
7.4
Discussion
and
Conclusion
on
section
D
...........................................................................................
96
7.5
Limitations
of
Research
..........................................................................................................................
100
7.6
Future
Research
.........................................................................................................................................
100
7.7
Conclusion
....................................................................................................................................................
100
References
................................................................................................................................
102
Appendix
1.
Questionnaire
......................................................................................................
109
Appendix
2.
Gantt
chart
...........................................................................................................
117
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
7. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
7
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Table
of
Figures
Figure
1.
Data
and
Information
.........................................................................................................................
11
Figure
2.
Information
System
for
Information
...........................................................................................
11
Figure
3.
Rising
of
sophisticated
attacking
tool
with
time
....................................................................
15
Figure
4.
Proposed
Framework
.........................................................................................................................
24
Figure
5.
Fake
HDFC
bank
Webpage
...............................................................................................................
28
Figure
6.
Statistics
of
defaced
Indian
website
.............................................................................................
29
Figure
7.
Defacement
of
Indian
websites
......................................................................................................
30
Figure
8.
Statistics
of
security
awareness
in
world
..................................................................................
31
Figure
9.
Distributed
Denial
of
service
attack
.............................................................................................
36
Figure
10.
Key
Logger
Flow
–
Step
1
..............................................................................................................
37
Figure
11.
Key
Logger
Flow
–
Step
2
...............................................................................................................
38
Figure
12.
Software
Firewall
..............................................................................................................................
41
Figure
13.
Stage
2
of
BTP
process
....................................................................................................................
47
Figure
14.
Final
stage
of
BTP
process
.............................................................................................................
47
Figure
15.
IRIS
scanner
example
.....................................................................................................................
48
Figure
16.
Hardware
based
Encryption
.........................................................................................................
50
Figure
17.
Disk
Encryption
..................................................................................................................................
51
Figure
18.
Hardware
Firewall
............................................................................................................................
52
Figure
19.
Emerging
cyber
security
threats
can
bypass
traditional
security
controls
............
54
Figure
20.
The
Research
process
"Onion"
.....................................................................................................
64
8. 8
Abstract
Table
of
graphs
Graph
1:
Gender
.......................................................................................................................................................
73
Graph
2.
Respondent's
Designation
.................................................................................................................
73
Graph
3.
Industry
Type
.........................................................................................................................................
74
Graph
4.
Types
of
Information
stored.
...........................................................................................................
75
Graph
5.
Software
security
tools
important
and
usage
..........................................................................
76
Graph
6.
Hardware
security
tools
importance
and
usage
......................................................................
77
Graph
7.
Security
rules,
polices,
laws
and
permission
importance
and
usage
.............................
78
Graph
8.
Respondents
view
on
Information
Security
..............................................................................
79
Graph
9.
Respondents
Expectations
from
security
techniques
..........................................................
80
Graph
10.
Results
for
unauthorized
access
to
the
system
.....................................................................
81
Graph
11.
Breaking
system’s
password
.........................................................................................................
81
Graph
12.
Response
for
Operating
system
attack
.....................................................................................
82
Graph
13.
Getting
information
by
faking
targets
.......................................................................................
83
Graph
14.
Response
for
Non-‐Technical
attack
...........................................................................................
83
Graph
15.
Violating
companies/
individual
rules,
policies,
law
..........................................................
84
Graph
16.
Response
for
violating
rules/
polices/
laws.
..........................................................................
85
Graph
17.
Breaking
Network
infrastructure
...............................................................................................
86
Graph
18.
Response
for
attacking
network
infrastructure
..................................................................
87
Graph
19.
Response
on
action
taken
after
identifying
security
threat
............................................
88
Graph
20.
Response
on
acceptance
of
attacks
to
ensure
security
......................................................
89
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
9. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
9
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Abstract
T
erm information security is frequently used to describe the risks of
guarding information that is in a digital format. This digital information is
typically manipulated by processor, transmitted over a network (such as
internet, intranet) and usually stored in computers, server, database, disks etc.
Today Information Systems plays valuable role in corporate and personal world,
companies and individuals practicing different techniques (using software and
hardware’s) to secure data and information. Tremendous security threats like
virus, bots, denial of service attack, telecom fraud, unauthorized access, and
phishing etc., are rising at rate more than 25% – 30% than previous year.
Research conducted by McAfee Security journal, 2008 states, social engineering
(Phishing attacks), spam are increasing; and always upgrading with new methods
to obtain personal and confidential information from users. Whereas the old
techniques and scripts (virus programs) are decreasing or under control (as they
are constantly under view) new techniques and methods are targeting information
and are successful in drafting the threats graph high against security. These
emerging and upgrading threats are required to be treated with new advanced
countermeasures; one of them is Ethical Hacking. Antiviruses, anti spyware’s,
hardware security ‘tool and rules’, laws are already used and are not sufficient to
tackle current problem. New advanced Ethical hacking approach includes Ethical
hacker who practices hacker’s techniques and strategies to identify vulnerability
(security holes) by attacking the system in the same way as hacker could have
done (intentionally ethical) and if found any security holes or vulnerabilities then
Ethical Hackers finds the way to fix and cover it.
10. 10
Chapter
1
CHAPTER 1
1.0 Introduction
1.1 Information Security
Information security is the process or ‘combination of techniques’ to protect
information. It ensures protection to availability, privacy and integrity of
information. Nowadays businesses and individuals are solely rely on the
information stored in database, memory; transferred through network. Information
can be anything personal staff details, client lists, bank account details (credit
card details), username and password, mails; software source code, media,
personal documents, marketing and sales information in fact anything that is
storable in system and valuable for user, business or system. Information is high
priority for any business, which holds the power to wobble the business in such
competitive era. (FIPS PUB, 2004)
1.2 Information and Data
Raw data is processed by System to generate or produce the desired (required,
meaningful) output called information.
Data is raw material for data processing. It relates to fact, event and transactions.
Information is data that has been processed and filtered in such a way as to be
meaningful to the person who receives it. It is anything that is communicated and
valuable for any business or individual. (Maeve Maddox, 2008)
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
11. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
11
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Figure 1. Data and Information
Source: Created by author
To understand the significance of information, it is essential to highligh the value
an Information. Information is something that can be found in any piece of data
that is required by individual or company. Even the credit card details, username
and password, personal media (photos, videos, files); from business perspective
companies marketing plan, strategic decission, financial details, client details,
source code, etc. which is very imporant for any business can be cosidered as
information.
Below diagram helps to undestand how data is being processed into infomation
Figure 2. Information System for Information
Source: created by author
12. 12
1.0
Introduction
For a company some tools such as Market Intelligence system, financial tools,
marketing models, market research system, etc takes data as an input.
Where data can be target segment for a product or company, technology
(available and required technology for any project or company), Economical
condition of country, company or target segment(varies to requirement),
competitor, channels (available and required for business) .
Above system process the data (as said in earlier paragraph) to produce strategic
decision for business; this strategic information could be business plan for next 5
years or product launching strategy which is very crucial for any business,
similarly marketing plan for the product or company, financial report of the
company which is very crucial for any business.
Effective information security systems incorporate a range of policies, security
products, technologies and procedures. Software applications, which provide
firewall information security and virus scanners are not enough on their own to
protect information. A set of procedures and systems needs to be applied to
effectively deter access to information.
There are people who make a living from hacking or breaking through information
security systems. They use their technological skills to break into computer
systems and access private information. A hacker with the right hardware can
bypass firewalls, which are designed to prevent access to a computer’s network.
This could result in the loss of vital information, or a virus could be planted and
erase all information. A computer hacker can gain access to a network if a firewall
is shut down for only a minute.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
13. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
13
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
1.3 Overview of Mumbai and Pune
The research being carried on two Indian metro cities Mumbai and Pune, it’s
significant to throw limelight on needs, challenges, culture and situation of cities.
(Mumbai Space, nd)
The seven islands that came to constitute Mumbai (formerly known as Bombay
total 437.71 sq. km) is the capital of Maharashtra state, with second largest
populated city in the world after Shanghai (china). In 2009; Mumbai was named
an Alpha world city (Diserio.com, nd). City is commercial, financial and
entertainment capital of India; Sea port city (India's largest and busiest) has one
of the world’s largest harbor. According to the recent survey, Mumbai is the fifth
most expensive city in the world and contributes highest GDP than any other city
in India. (Mumbai Space, nd)
Pune offers plentiful talent, technology and tolerance the few key attributes that
needs to make a global city. Known for its international quality education, city is
equipped with well known institutes and universities. By delivering successful
commonwealth youth games in 2008, city set mark for international market which
also had a great positive impact on the hotel, infrastructure and tourism industry.
After Bangalore, Pune (India’s II tier city) is set for another largest IT hub in India.
Infosys an Nasdaq listed Indian IT company delivers growing center in Pune.
TCS, Wipro, Larsen & Toubro InfoTech, AccelTreesoftware, Advent software,
Dynamicslogistics are just some of the known software players that have taken to
the city. Apart from software development, the city is carving a name for BPO;
Accenture Services, Wipro and Quexstsolutions operate out of this city with more
than 100 software companies, the city provides class animation and gaming
industry to the globe. (Articles base, July 2009)
Cyber crime cell located in Mumbai, states; ‘hacking, child pornography, cyber
stalking, denial of service attack, virus dissemination, software piracy, IRC Crime,
credit card fraud, net extortion, phishing, internet fraud’ are the most serious
14. 14
1.0
Introduction
issues that has been tackled in the metros and rest of India.(CCIC, 2005)
High graph of Cybercrime in Mumbai, Pune and Bangalore, Mumbai has
managed to set up Control of Cyber Crimes unit. To cope with this situation
Mumbai Cyber Lab is a unique initiative of police-public collaboration for training
the police officers of Mumbai police in investigation of cyber crime. Mumbai
Police and NASSCOM jointly operate Mumbai Cyber Lab. (Mumbai online, 2010)
1.4 Problem Statement and definition
Increased in sophisticated attacking tools (includes GUI hacking tools, viruses,
spywares, hackers etc.) and required knowledge of attacker is decreasing, is a
challenge for today’s (and forthcoming) data and information security, refer below
diagram (Clampa M, 2010). Data stored, transferred and accesses via
computers, networks, servers, digital components are being under constant
attack and poses threats. Users both personal and corporate world are assuring
information and data is secured by using software (Antivirus, Anti-spyware, Anti-
spam), hardware (Hardware lock, Hardware encryption), firewalls (Software and
hardware firewall) (Peter J, 2005), but the question is, are they enough to achieve
security goals? If yes, than how successfully they are? If they are successful, and
are in use, then why digital world using these techniques and methods are not
fully secured? Or is there a need to have any other security mechanism? These
questions are enough to have a view of overall security problem.
Lots of efforts being taken to secure the viable information, yet people
often found at least one news about data hacked, digital fraud and information
stolen or similar news every day in newspaper column.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
15. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
15
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Figure 3. Rising of sophisticated attacking tool with time
(Source: Ciampa M, 2010)
This diagram states, since 1990 new treats are rising with more sophisticated
attacking tool (providing with graphical user interface which helps anybody to use
these tools without programming or systems knowledge) and hence required
knowledge attack the system in reducing. This is major concern that gave
potential rise to new technology, methods, and techniques to counter such
attacker’s efforts.
16. 16
Chapter
2
CHAPTER 2
2.0 Research Question and Analysis
This chapter focuses on research questions and objectives of the research.
Based on the research questions and objectives secondary data is collected
(Literature review) and primary data (questionnaire) are drafted and data
collected; in order to answer the research questions and objectives. Basically
objectives are giving a direction to the research based on which a conclusion is
obtained to support the research. Each research question and objective is
satisfied by the research, by collecting relevant data, analysing and concluding to
achieve the objective.
2.1 Research Questions and Objectives
1. Why current security methods are not enough to tackle security?
Objectives are
n To understand the limitations of current security techniques.
This objective helps to highlights limitation and capabilities of current
security techniques practiced such as software, hardware’s, laws etc.
this will help to understand what is lacking in the current practiced
techniques and where new advanced security techniques are required
to focus and work on.
n To explore different techniques and methods used to enhance
security.
This objective will help to enlist different methods, tools, techniques
used by different organization to ensure security. The objective behind
focusing here is to understand the different or same approaches taken
by different organizations and individuals for the same concern
‘security’.
n To understand the expectations of information security those are
not currently satisfied.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
17. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
17
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
This objective would help to enlighten the expectation of information
security. Expectations could be use of sophisticated dynamic security
control and techniques that could monitor the system all the time, while
trying different approaches to uncover vulnerabilities in system.
Innovative techniques using high end technology is playing key role in breaking
and securing security. Hackers smart enough to find easy to very complex way to
seek inside the platform. This section will highlight the innovative sides of
hackers, winning side of destructive tools and the limitations of securing tools and
technique.
Questionnaires will be used to understand the expectation from information
security. Secondary research to support the objective to understand the
limitations of current security techniques and to explore different techniques used
to enhance security.
2. How important is identifying appropriate countermeasure for security
threat?
Objectives are
n To understand importance and urgency of information security.
All the time discussing about Information security, but is it really
important to secure data and information? What kind of information is
valuable for organizations? The objective is to collect different view
about information, from different organization in different sectors that
which and what kinds of data are they concerned to secure. Why and
How important is it to secure?
n To understand the need of having effective countermeasure for
security threats.
This objective is slightly related and answerable from previous
objective. Here it is known that information is viable and there is need
to effective information security technique. Objective helps to
understand that why there is need of effective and advanced security
enhancing techniques.
Information can be seen in many forms, from credit card information, for
companies’ applications source codes to documentation and for individual family
pictures to passwords and other related information. All have its importance at
18. 18
2.0
Research
Question
and
Analysis
different hierarchy from person to person. This will enlighten about having
effective and efficient countermeasure.
Questionnaires will be use to understand the need of having effective
countermeasure for security threats.
3. What role ethical hacker plays in enhancing security and how it
contributes?
Objectives are
n To understand the role and need of ethical hacker.
This objective is basically divided in two parts role and need. Role
states the key part the Ethical hacker played or playing in the system
and need states even if organization has other current security
techniques still they are approaching for Ethical hacking, what they are
expecting from Ethical hackers, what is it that made organizations to
approach Ethical hacker? What ethical hacker can provide them?
n To explore the ethical hacking process and steps followed by ethical
hacker.
This objective will give an idea of Ethical hackers work, like the process
of ethical hacking, what kind departments, people and resources
available or involved? The policies, rules and regulation, laws that has
to be considered by Ethical hacker, sometime company has to give
extra access to the system to ethical hacker to test it, at the same time
it is essential for company to make sure that ethical hacker do not
misuse the system, this makes Ethical hacker to sign several papers
including policies, laws etc. this all together forms a process and this
objective will also help to see the similarities in the process among
different organizations. And the way ethical hacker achieves his goal by
satisfying the entire prerequisite (signing documents) also ensure that
system is secured.
n To understand the effectiveness of ethical hacking over other
measures.
This objective checks whether ethical hacking is successful process or
not? If successfully then how successful it is as compared to other
security measure? This measurement is denoted in percentage, each
factor versus ethical hacking. Objective helps to understand whether
ethical hacking practice is meeting up to user’s expectation.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
19. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
19
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Secondary research (thorough literature review) will be done to understand role
and need of ethical hacker and exploring ethical hacking process
Other objective is to understand advanced security practices.
This objective deeply explains different types of information security practiced to
ensure security and that are not satisfied by general security tools and
techniques. Objectives focus mainly for new security enhancement technique that
can be added with current general security practices.
2.2 Primary Data
Primary data regarding research questions and objectives collected from IT
organization, banking IT (security) department, Business process outsourcing,
Educational industry applying various data collection techniques and methods,
this collected data will we used to answer the research question. Pune
(Educational hub) and Mumbai (financial capital) both being IT hub, authors main
target population is the IT Managers, Security officer, Ethical hacker, Network/
System administrator along with individual such as students, teachers and other
non professional tech savvy who has better understanding and enough
knowledge on security threats and its counter measures.
20. 20
Chapter
3
CHAPTER 3
3.0 Research Theory and Framework
Research supports Game Theory and Integrated Systems Theory are discussed
below
3.1 Research Theories
Theory Characteristics Source
Game Theory Security Validation Papadopoulou and
Greoriades, 2009
Game Theory Intrusion Detection Systems Otrok, Zhu, Yahyaoui,
Bhattacharya, 2009
Integrated Systems Theory In early days author proposed Hong, Chi, Chao,
consist of new theory called integrated Tang, 2003
systems theory for
information security
management.
Security Policy Theory
Risk Management Theory
Control and Auditing Theory
Management Systems Theory
Contingency Theory
Intrusion Detection Systems - It helps to detect the attack at runtime, post-attack
or pre-attack. An ethical hacker who manages to detect the security threat from
hacker or other attackers molds themselves to intrusion detection system. (Fadia
2007) therefore author believes the ethical hacking supports intrusion detection
system, which again follows game theory. Game theory support for research is
explained below.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
21. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
21
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Security Validation - Ethical hacker needs to think strategically; what hacker is
trying to do or what hacker could do? How can he do? And so on, according to
this ethical hacker has to make his/her moves, this move may or may not be
simultaneous or sequential to hacker, i.e, ethical hacker and hacker may or may
not be attacking and defending simultaneously, an ethical hacker may be trying to
find vulnerabilities in the system, thinking different possible ways from hackers
point of view.
Papadopoulou and Greoriades (2009), says security recently gained tremendous
attention in information systems. Despite the importance there is no appropriate
method followed for the security. Traditionally, limited systems like computers,
electronic devise and machines that were depended on such networks, Security
requirements specification needs a practical approach. Today, Networks'
infrastructure is constantly under attack by hackers and malicious software that
aim to break into computers and steal valuable information. To combat and
countermeasure those threats, network designers need complex security
validation algorithms and techniques that will assure the minimum level of
security for their future networks. Author supports game-theoretic approach to
security requirements validation.
Theory proposed by Otrok H, Zhu B, Yahyaoui H and Bhattacharya P (2009)
states, A game theory is a model for Intrusion Detection Systems. Intrusion can
be compared with hacker and alarm is raised in case of attack. Various soft-
wares, firewalls and techniques can be followed to encounter such intrusions
would help to provide necessary countermeasures and strategies to implement
on security.
In 2003 Hong, Chi, Chao, Tang says, till now there is no specific information
security management theory. As a result they combined 5 theories Security
Policy theory, Risk Management theory, Control and Auditing theory,
Management Systems theory, Contingency theory to develop Integrated
Information systems theory for information security management. The purpose,
22. 22
3.0
Research
Theory
and
Framework
importance and the characteristics of each theory in integrated information
systems theory for information security management by Hong, Chi, Chao, Tang,
2003 are given below
Theory Description
Security Establishment of information security policy should include five
Policy theory procedures, which are:
1. to assess and persuade top management;
2. to analyze information security requirements:
3. to form and draft a policy;
4. to implement the policy; and
5. to maintain this policy.
Theory also covers comprehensive
E-audit; e-risk management policy; computer security policy; cyber
insurance policy; e-mail policy; Internet policy; and Software policy.
Risk Risk management theory suggests that through organizational risk
Management analysis and evaluation, the threats and vulnerabilities regarding
theory information security could be estimated and assessed. The
evaluation results could be used for planning information security
requirements and risk control measures.
Risk management is a process of establishing and maintaining
information security within an organization. The crux of risk
management is risk assessment; namely, through information
security risk assessment, an organization could take appropriate
measures to protect information cost effectively. Reid and Floyd
2001 cited by Hong, Chi, Chao, Tang, 2003 proposed a “risk
analysis flow chart”, and considered that an organization should
assess the threats and vulnerabilities of its information assets.
Control and Control and auditing theory suggests that organizations should
Auditing establish information security control systems; and after being
theory implemented, auditing procedures should be conducted to measure
the control performance.
It includes organizational security, personal security, physical and
environmental security, communication and operational security,
systems development and maintenance security.
Management Based on the organizational requirement s and security strategies,
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
23. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
23
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
Systems Sherwood, 1996 cited by Hong, Chi, Chao, Tang, 2003 proposed
theory information security architecture SALSA (Sherwood Associated
Limited Security Architecture) which includes: business
requirements, major security strategies,
Security services, security mechanism and security products and
technologies.
Contingency Information security management is a part of contingency
theory management that is meant for the prevention, detection and
reaction to the threats, vulnerabilities and impacts inside and
outside of an organization or system.
No predefined past framework is supported by the research. Author has
developed framework based on the variables and factors suggested by Ciampa
M, 2010 and Sans, 2010.
3.2 Research Framework
3.2.1 Dependent Variables
Enhancing Information Security
3.2.2 Factors
(Source: Ciampa M, 2010)
Software’s Hardware’s Rules, policy, Ethical Hacker
laws
Anti-Virus Forensic tools Parental/ access (Proposed by
(source: Sans, 2010) control author)
Anti-Spyware Hardware Lock
Anti-Adware Hardware Firewall
Software Firewall Anti Keylogger
Encryption/Decryption Hardware encryption
Operating systems Bio Metrics tools
(Source: Patrick Love,
2007)
Patches
24. 24
3.0
Research
Theory
and
Framework
3.2.3 Proposed Framework
Figure 4. Proposed Framework
Here dependent variable ‘enhancing information security’ has fours factors
software’s, hardware’s, ‘policies, rules and laws’, Ethical Hacker. These factors
together affect the behavior of Enhancing information securities behavior.
Factors are tools, software’s, hardware’s techniques and methods that are used
(single or in combination) to Enhance security. Idea behind research is
investigating on Ethical hacker factor, Ciampa M (2010) states Software’s
(including antivirus, software firewall etc.), hardware (including forensic tools,
hardware lock etc.), ‘Rules, polices, and laws’ are different approaches for
security here parental / access control can be a non - technical technique, while
author’s concerns is to consider Ethical hacker as another technique. Ethical
hacker is considered as a factor which can affect the behavior of ‘Enhancing
information security’ (Dependent variable). Here Ethical hacking done by ethical
hacker contains many approaches, Ethical hacker uses many techniques (those
techniques are later explained in next chapter) to protect the information or
system.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
25. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
25
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
CHAPTER 4
4.0 LITERATURE REVIEW
4.1 Current Information security Crime and Scenario
This section will highlight on current security and cybercrime scenario in India.
Below discussion will help to understand the importance of security, and major
threats and security scenario in India; especially in Mumbai and Pune.
Indian companies more worried about cyber-attacks than terrorism. (Cheek M,
2010)
According to research conducted by Symantec, Indian companies lost an
average of 5.8 million rupees in January 2010, and 66% has experienced cyber-
attacks in 2009.
Symantec India managing director Vishal Dhupar said, “Security has become a
main concern to Indian enterprises as cyber-attacks are posing a greater threat
than terrorism, natural disasters and conventional crimes”.
Total 80% budget has been increased for forensic and penetration testing
implementation strategies.
4.1.1 In-house Threat
Rather than keeping eye and worrying about External threats, it may happen
someone very close to you steal the most valuable thing available to you. In-
house threat is the most readable topic in newspaper. Indian Banking and IT
companies had frequent bad experiences with in-house threat to information
security.
4.1.1.1 Wipro Employee Cheats $4 million
Indian IT giant experienced largest rip-off, chartered account of the company
successfully cleaned $4mn from its financial books (i.e. an information source)
26. 26
4.0
Literature
review
in year 2010 Sources added following this incident Technology Giant has
tightened its information security. (DC Correspondent, 2010)
4.1.1.2 Bank of America Employee steals customers’ data
Employees fund guilty for stealing customers sensitive data and sell it to
third party to create fake credit card with required information. This
employee secretly steals customers information having account balance
more than $1,00,000 and produce credit card.(Cheek M, 2010)
4.1.2 Nigerian Lottery Email scam
India is catching up lottery email scan with lightning speed. Internet Users
receiving mail on behalf of esteemed organizations (actually fake email id created
in the name esteemed organization) declaring them as a winner for million
dollars. Hackers try everything to win victims trust by specifying mail domain id
that is matching to organizations name or banks name. Users are requested to fill
the form attached with the documents (this may be infected with virus) that
supposed to collect user’s information about bank account number, swift code,
bank address as those things are required to transfer money to users account.
Looking at artistic form and genuine responder, users fill the form and send it to
the hacker. Here hackers pass this catch fish to its network, which make a note of
mail id for further money stealing techniques (as it is known the user is not
knowledgeable in this regard or less technically assure about security). Hackers
confirm the report after verifying users form and request to the select one of the
three options to claim the lottery amount.
1. To collect it by person
Un-viable option as it not possible for user to visit declared, as it could be risky to
visit there without any security. Hacker can turn into gangster to cleanup
everything from claimer.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
27. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
27
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
2. To open an account in required country, as they money will get transferred to
this account and from where user can further transfer amount to their respective
account in their country. Here as the claimer is not aware of the rules and
procedure of opening account in other country (Opening account in other than
home country is not that easy, as it requires all residential documents, passport,
income source, income statement, etc.). These two options shifts hope towards
third and final option.
3. To send account opening charges to the lottery person, so that they can open
account on behalf of claimer. This is the real trap that is being laid by hacker to
catch in the safe hand. Some emotional touch and feelings are showing
conversation to the claimer so that they win the trust and provide them required
amount to open account. In` this even claimers often found negotiating the
account opening charges and on this the deal may get closed stating that half of
the account opening charge will be paid by claimer and remaining by agent. And
similarly wining prize will be distributed between both parties.
Once the claimer transfers the amount to agent to open account, and received by
agent all the communication is sealed; leaving claimer to complaint police.
For example, hackers often found sending emails from hdfconlinebank.com but
the genuine domain is hdfcbank.com.
4.1.3 Social Engineering Issues
4.1.3.1 Social networking site issue
The biggest challenge and threat to today’s security is social engineering.
Youngster’s queuing up hit the social networking server is increasing blindly, and
number of malwares and viral scripts are targeting at the matching frequency.
Users often found that their account is hacked and hackers misused personal
information to defame the image or to make the profile work in weird way.
28. 28
4.0
Literature
review
4.1.3.2 UTI Bank Phishing Issue
Phishing an part of social engineering issues is found commonly in day to day
life.
Ahmadabad based UTI bank (now Axis bank), one of the largest financial
institution of India was serious target for phishing. URL of fake version of UTI
banks homepage was circulated on the email users. This webpage asks for
the login and password and rest all the things including logo, text are kept as
same as original bank site. Incase user enters username and password
thinking its genuine website, hackers get a view of details on the receiving
side (Phisher’s database). (Cyber crime, 2007) (Screen shot of fake website is
attached below)
Fake HDFC banks webpage (below snapshot created by author).
Figure 5. Fake HDFC bank Webpage
Source: Created by author
Same things were happening on phone banking, users receives calls from hacker
claiming to be calling from bank for verification (as required by Indian
government) and ask person details like address, fathers name, card no. Etc.
here user providing all the details get trap in the fraud. (Cyber crime, 2007)
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
29. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
29
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
4.1.4 Mass defacement of websites
Over 1900 Indian websites were defaced in the first three months of year 2010
(Srikanth RP, 2010). Mass defacement GUI tool that’s provides the whole server
architectural view of web server. Suppose a website name www.sagar-info.com is
to be defaced, hacker has created below tool which shows all the directories,
permissions (chmod – change mode in image), linking, robots text file and other
administrative features of the site that can be changed. These tools can be used
for mass defacement of websites. (Armstrong Tim, 2010)
Figure 6. Statistics of defaced Indian website
(Srikanth RP, 2010)
Above graph shows, 1263 websites with .in (India) domain was hacked (defaced)
in the first three months of January 2010 followed by 587 websites with .com
(commercial) domain.
30. 30
4.0
Literature
review
Figure 7. Defacement of Indian websites
(Armstrong Tim, 2010)
According to Dr. Muthukumaran B (2008), Home Personal Computer users in
India are the most frequently targeted sector of its 37.7 million Internet users.
More than 86% of all attacks, mostly via 'bots' were aimed with Mumbai and
Delhi’s PC users.
The major cyber crimes are DDOS Attack (Distributed Denial Of Service
Attack), website defacement, viruses, Trojan and worms, social engineering (refer
below diagram), phishing, spam etc.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
31. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
31
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
4.2 Security awareness among Indians
According to the survey conducted by Norton, Norton Online Report 2009 states
few people are protecting themselves online, but leaving themselves vulnerable
46% by visiting un-trusted Websites, 55% by not backing up data, 66% by not
changing passwords frequently and 33 % by giving out personal information on
internet.
67% adults in India are least likely to install any security software
Figure 8. Statistics of security awareness in world
The biggest difference in security awareness occurs in INDIA and Brazil.
33% Indian do not use security software, and 52% Indian has unsafe passwords.
32. 32
4.0
Literature
review
4.3 Emerging Cyber security threats
According to Government Accountability Office (2005), Sources of emerging
cyber security threats
4.3.1 Hackers
Based on the purpose and intention of hacking, hackers are mainly divided
into to categories Black hat and White hat hackers.
4.3.1.1 Types of hackers
4.3.1.1.1 Black Hat Hackers - Hackers break into the networks for thrill of
the challenge or for bragging right in hacker’s community. (Government
Accountability Office, 2005)Hackers also write hacking tools, including the
viruses, malware, scripts that perform various functions according to
algorithm. Hackers break into the systems and cover track record. They
even make it look some other third person has hacked the system.
(Ciampa M, 2010 pg no 17)
4.3.1.1.2 White Hat Hackers– The Ethical Hackers stands with security to
cope with intruder, social engineering, viruses, threats and vulnerability so
called in network, infrastructure and individually (Syed S, 2006).
These are good hackers who practices hacking on the system with the
permission of systems owner; in order to find the security flaws by applying
various hacking techniques and if found any, they cover the security hole.
This helps the owner to identify systems week point from where the Black
hat hacker could have penetrated. Although for being good for the owner,
Ethical hacker gets paid for the work. (Syed S, 2006).
4.3.2 Spyware/ Malware
Spyware is a general term used to describe program that violates a user’s
personal security. (Microsoft, 2010)
Programs that displays pop on the screen, collects personal information, or
changes the configuration without users concern is spyware. Spyware programs
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
33. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
33
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
are designed in a way that it is difficult to remove. Even if uninstalled from the
system, you might find that the program reappears as soon as you restart your
computer. (Microsoft, 2010)
The Anti-spyware alliance defines spyware as “tracking software that is deployed
without adequate notice, consent, or user control”.
According to Ciampa Mark, 2010 Spyware can
• Spyware implemented in ways that damage a users control over the
system.
• Uses the system resources, including another programs installed in the
system.
• Collecting and distributing personal and sensitive information over the
network.
• Material changes that affect the user experience, privacy, or system
security.
Two spyware characteristics make users more worried are
Spyware creators are motivated by profit: Spyware coder’s goal is to generate
income by acquiring personal information and use it personally by gaining access
over the banking account or by selling the information to users corporate
competitor. This motivation makes spyware more intrusive than any other
malware and comparatively difficult to detect and remove once infected. (Ciampa
M, 2010, Pg no 113-114)
Harmful Spyware are difficult to identify: This not necessary that all the
software’s that keeps track on users, decontrols and blocks the users are
spywares. With the proper notice, consent, and control, some of these same
behaving programs and technologies can provide benefits. For example, parental
control and user monitoring tools can help parents keep track of the online
34. 34
4.0
Literature
review
activities of their children while surfing, and remote login to sneak into children’s
machine or even to operate office machine from home.
Genuine software’s sometimes open pop up and redirects to company’s license
page. While virus creator, creates program on installing it directs browser page to
genuine looking site and starts downloading malware. Such scenarios make it
difficult for user to identify legitimate software’s in system. (Ciampa M, 2010, Pg
no 113-114)
Usually spyware gets into the system through instant messaging, various P2P
(peer to peer) programs, online gaming, many porn/crack sites, ad-based
banners where users are lured to install free full software’s and more. (Shetty S,
2005)
Malware is a general term used to refer to a wide variety of malicious programs. It
includes threats such as viruses, worms. Trojan horses, Spyware and any other
malicious programs. (Ciampa M, 2010. Pg no 26)
4.3.3 Viruses
Computer virus is a malicious set of instructions (that replicates itself) that need
carrier in order to survive. Carrier can be of two types, via Document or Program,
i.e. viruses can be attached to any of these carrier and transmit to users system,
whereas viruses starts its execution when this document is opened or program is
executed. Most viruses are harmful can cause system to crash, delete files,
download and installing un-trusted infected malicious code, degrading security
settings, and infect other files. (Ciampa M, 2010, Pg no 41)
“It is estimated that there are over eight million computer viruses in existence.”
(Ciampa M, 2010, Pg no 41)
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
35. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
35
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
4.3.4 Social Engineering/ Phishing (Microsoft SE, 2010)
Social engineering is a way for where attacker tries to gain access over the
system. Basic purpose of social engineering is secretly installing spyware or to
trick user into handing over their login details, sensitive financial or personal
information.
Phishing is the most common part of social engineering. Phishing scams include
fraudulent Web sites or e-mail messages that fool the user into divulging personal
information. (Microsoft SE, 2010)
For social engineering attack example refer section 4.1.3
4.3.4 Bot network operator
Bot network operators are hackers, instead of breaking into systems for challenge
or bragging right, they take over multiple systems to enable them to coordinate
attacks and distribute malware, spam and phishing scams, the services of this
network are sometime made available on underground markets (e.g., purchasing
a denial –of-service attack, servers to spam or phishing scam, etc.) (Government
Accountability Office, 2005)
Bot networks in which attacker remotely take control of machine without users
concern is increasing at alarming rate. Machines infected with bots code behave
anomalously and download malicious code, which may contain Trojan, or even
sends email to others (this emails may be sent for illegal purpose, as life
threatening, or abusing email to someone to whom we even don’t know).
Machines that are not in users control are referred to zombie machine. Attackers
often target bunch for machine to operate like zombie and then to scan for
vulnerable system and attack the Server/system. By using backdoor method
which bypass the authentication layer (antivirus) and hits target; backers resides
as known and required application in the system (this creates an impression that
attacking machine is the source but the victims not aware of the real attacker. (Dr.
Muthukumaran B, 2008)
36. 36
4.0
Literature
review
Frequently news flash with some websites servers down cause of attack, one of
the best possible reasons could be denial of service attack. Attacker’s targets
bunch of machine to operate them as zombie and then it operate the entire
zombie machine at once to target the server in order to reduce the performance
or to crash it. DOS attack is often very difficult to trace to know who the real
attacker is. Attacker does not attack the target server from their own machine but
uses zombies to attack. (Dr. Muthukumaran B, 2008)
Example of DDOS
Figure 9. Distributed Denial of service attack
(Source: Kome D, 2010)
Here spoofed SYN generator is attacker who operates zombie machine (TCP
server) by synchronizing them with targets source IP address (internet protocol
address) and attacks target/victim networks through these zombie machines.
Approximately $ 120 million worth of mobiles phone are being lost or stolen every
year, where users find it difficult to protect their details stored in phone, contacts
and other vital information that can misused by stranger. Almost 69% of
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
37. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
37
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
information stealing case is observed in current and ex-employees and 31% by
hackers. India has to go a long way in protecting the vital information. (Dr. B.
Muthukumaran, 2008)
4.3.5 Insider threat
The disgruntled organization insider is a principal source of computer crimes.
Insiders may not need a great deal of knowledge about computer intrusions
because their knowledge of a target system often allows them to gain unrestricted
access to cause damage to the system or to steal system data. The insider threat
also includes outsourcing vendors. Employees who accidentally introduce
malware into systems also fall into this category. (Government Accountability
Office, 2005)
For insiders threat attack refer section 4.1.1
4.3.5 Key logger
Key logger is a program that records each key pressed (i.e., whatever user types
on their keyboard is recorded) and this stream of keystroke can be used by
hacker to obtained users confidential data along with login details, pins, credit
card information etc. generally backdoor Trojans comes bundled with key
logger.(Kaspersky lab, nd).
Key logger can be installed via secondary disk (flash drive, floppy, local network)
or via internet bundled with any document, program or other malware. Key logger
can also be considered as spyware, but as key loggers only function is to record
all key strokes, its scope is far more less than spyware and can be considered as
a part of spyware.
Figure 10. Key Logger Flow – Step 1
38. 38
4.0
Literature
review
Figure 11. Key Logger Flow – Step 2
(Source:Kaspersky lab, nd)
4.4 Conclusion for Information security crime and scenario
India being one of the fastest developing nations, its security awareness among
individuals is very less. Above security attacks and techniques clears that
attackers (hackers) are getting innovative and static security measure won’t work
anymore. High quality dynamic attacks like social networking, phishing that are
handled by hacker himself which need to be tackled in the same way.
Sagar
.R.
Dhande
Coventry
ID.
2973641(INTI
–
I09005084)
May
2009
Session
39. Threats
to
Information
Security
are
rising.
Is
“Ethical
Hacking
another
technique
39
to
enhance
information
security?”
Research
based
on
Mumbai
and
Pune,
India.
4.5 General security tools and techniques
Looking the current cyber situation in India (mentioned in section 4.1) and as
stated by Government Accountability Office (2005), Sources of emerging cyber
security threats mentioned section 4.1 and section 4.3 requires standard
countermeasures. According to Ciampa Mark, 2010 some of the most important
information security counter measures are as specified below in three categories.
Note: Ciampa Mark has given much more security measure under software’s,
hardware’s, but author being focused on Ethical Hacking; has considered most
relevant and important countermeasures that are required to eliminate today’s
security threats.
Software’s Hardware’s Rules, policies, laws
Anti-Virus Bio Metrics tools Parental/ access
(Source: Patrick Love, 2007) control
Anti-Spyware Hardware Encryption
Software Firewall Hardware Firewall
Patches
Anti Key logger
Information security attempts to safeguard these characteristics of information.
4.5.1 Antivirus (Ciampa M, 2010)
Program scans digital Medias like computers, servers, systems for infection as
well as to monitor computer activity and examine media for documents, files,
email attachments that might contain a virus. In case a virus is detected further
action can be taken whether to quarantine, delete or heal the infected file
4.5.1.1 Drawback