Georgetown University

MGMT 550 Information Technology and Business Strategy

Security and Hacking

• issues
• public perceptions
• potential problems
• computer crimes
• hacking
• revising legislation
• Tapping
• Encryption
• The CLipper chip
• Viruses
• Worms
• The internet
• Readings

Issues

• crimes, misdemeanors and morality
• interception and detection
• hacking and cracking
• viruses and worms
• intellectual property rights

Public perceptions

• films and science fiction
  1. WarGames (1984)
  2. Johnny Mnemonic (1995)
• news reportage
• personal experience

Potential problems arise from:

• data recording
• data storage
• data correlation
• data access
• data flows
• data deletion

Computer crimes

• hacking (electronic breaking and entering)
• blackmail
• viruses
• worms

Hacking

• derived from obsessive programming
• also from Phone Phreaks (e.g., Cap'n Crunch)
• exploration of cyberspace (in part derived from William Gibson)
• not just computers but also telephone systems and PBXs
• obsessive nature is used as a plea in mitigation

Motivations

• national espionage
• military
• economic
• industrial espionage
• experimentation and learning
• personal gain
• revenge
• “fun”

• weaknesses in the system
• human error

Passwords and PINs

• far too obvious
• telephone numbers
• name of partner or pet
• date of birth
• not changed regularly
• written down under keyboard or programmed into special key
• told to friends

Computer Misuse Act (United Kingdom)

• need to fill a legal vacuum
• parallel legislation in many countries
• difficult to track technical developments
• difficult top produce "evidence" in the conventional sense
• difficult to convince judges and huries

Tapping

• telephone lines are very easy to tap
• satellite down-links are even easier
• equipment is simple and cheap to obtain
• very unlikely to be caught

Dept IIO [of the Stasi] was eavesdropping on the entire West Germany radio and telecommunications traffic around the clock.

Der Spiegel #34/92.

Electromagnetic emissions

• all wires emit electromagnetic energy (but not fibre optic cables)
• radio is (necessarily) broadcast
• emissions can be intercepted (to some extent these can be suppressed)
• it is exceedingly difficult to detect interception

Faraday cages

• a complete metal enclosure to achieve total elimination of electro-magnetic emissions
• shielded cables
• screening of monitors and processors with metal film
• removable hard discs (Bernoulli boxes) to be kept in safes overnight

Common protocols

• most forms of telecommunication use publicly known protocols:
• telephony
• facsimile
• mobile/cellular telephony
• the Internet
• anybody who can intercept can decode
• therefore a need to use encryption

Traceroute

Tracing route to target: 147.188.192.5

Hop:	IP Address:	Domain Name:	Round-Trip Time (ms)

   1	 193.62.25.33	 gw1.lamp.ac.uk	 	 	 55
   2	 193.62.25.66	 gw2.lamp.ac.uk	 		110
   3	 137.44.8.254	 ??? Swansea 			110
   4	 193.63.203.66	 smds-gw.bham.ja.net	 	165
   5	 147.188.128.87  acs-gw.bham.ac.uk	 	109
   6	 147.188.172.9	 ??? Birmingham			110
   7	 147.188.200.2	 cs-gw.cs.bham.ac.uk		110
   8	 147.188.192.5	 skippy.cs.bham.ac.uk		165
 Target www.cs.bham.ac.uk reached.

Hop:	IP Address:	Domain Name:			Round-Trip Time (ms)

   1	 193.62.25.33	gw1.lamp.ac.uk	 		  	 55
   2	 193.62.25.66	gw2.lamp.ac.uk	 			110
   3	 137.44.8.254	??? Swansea 				110
   4	 193.63.203.65	smds-gw.rl.ja.net	 		109
   5	 193.63.203.33	smds-gw.ulcc.ja.net	 	 	110
   6	 193.63.94.8	icm-lon-1.icp.net	 		220
   7	 192.157.65.113	icm-dc-1-S3/2-1984k.icp.net	 	1154
   8	 144.228.20.8	sl-dc-8-F0/0.sprintlink.net	 	220
   9	 144.228.10.42	sl-mae-e-H2/0-T3.sprintlink.net	 	220
  10	 192.41.177.181	cpe2.Washington.mci.net	 		220
  11	 204.70.57.9	??? Washington.mci.net			219
  12	 204.70.3.1	core-fddi-1.Washington.mci.net	 	220
  13	 204.70.1.14	core-hssi-3.Denver.mci.net	 	330
  14	 204.70.1.38	core-hssi-3.SanFrancisco.mci.net	329
  15	 204.70.2.162	border1-fddi0/0.SanFrancisco.mci.net 	439
  16	 204.70.32.6	cpe1-hssi-1.SanFrancisco.mci.net	329
  17	 192.31.48.200	SU-CM.BARRNET.NET			275
  18	 131.119.2.2	UCBO.BARRNET.NET			329
  19	 192.31.161.21	inr-666-dmz.Berkeley.EDU		384
  20	 128.32.1.2	inr-108-styx.Berkeley.EDU		330
  21	 128.32.155.104	inr-104.Berkeley.EDU			274
  22	 128.32.136.66	** ack.Berkeley.EDU **			275
 Target www.berkeley.edu reached.

Mobile telephony

• open channels
• Squidgygate tapes
• Charles saying goodbye to Camilla Parker-Bowles eleven times
• Groupe Special Mobile (GSM) and DCS-1800 are much more secure than the older system

Encryption

• specially sealed and tamper-proof equipment
• telephone handsets
• add-in cards for workstations
• unauthorised opening should trigger alarms or self-destruction mechanisms
• smartcards and PINs for identification
• part of a comprehensive policy

Effort to de-code

Encryption of telephone calls

• digital communications makes encryption easier
• conversations and faxes
• hand-set
• smart card reader
• user’s name
• PIN number

The Clipper chip

• proposal by US federal government
• a chip to encrypt data and voice in real time
• fear of encryption technology in the hands of criminals and subversives
• resistant to cracking
• 280 possibilities from the 80 bit key
• resistant to reverse engineering
• an alternative, PGP (Pretty Good Privacy) can be obtained by ftp from src.doc.ic.ac.uk
• the author is being prosecuted by US Authorities for illegal exportation of a munition

Professional concern

• overkill
• restraint on exports from USA
• should government have access to all your communications?

Viruses

Names:

• Cascade
• Italian
• Dark Avenger

Can cause a computer to:
• stall or reboot
• write data randomly across a disc
• write messages to the screen
• erase or corrupt files
• destroy the File Allocation Table, effectively erasing an entire floppy or hard disc.

Prevention

• regularly run anti-virus scanning software
• regularly update your anti-virus software
• beware of untried and untested diskettes, tapes and other media
• be cautious of unknown sources of software
• do not allow the copying of disks with games, etc
• scan all incoming discs

Protection of data

• back-up data regularly
• store back-up at another location
• label the back-up
• keep the back-up in a secure place

Human error

Worms

• the term is derived from science fiction
• built and tested at Xerox PARC
• can propagate very rapidly
• Internet incident of 2 November 1988

Wider issues

• protection of privacy
• link to other “rights”
• computer crime
• intellectual property rights

The Internet

• electronic anarchy
• electronic communities
• Internet Relay Chat (IRC)
• transfer of text and image files

Conclusions

• unavoidable
• real weaknesses are human nature
• both in the design and operation of systems
• and in the desire to break into and destroy systems
• nothing is ever completely secure
• appreciate the limits

Readings

Foucault, Michel (1975) "Surveillir et Punir; naissance de la prison" Gallimard, Paris. Lauinger: HV 8666.F68

Denning, dorothy (1982) "Cryptography and Data Security" Addison-Wesley, Reading, MA. Lauinger: DA76.9.A25 D46 1982.

Internet Resources

Newsgroups:
• comp.risks
• comp.security.announce
• comp.security.misc
• comp.security.announce
• comp.society.privacy
• comp.privacy
• comp.virus

World Wide Web URLs:
• Electronic Frontier Foundation
• Information Security and Privacy
• NIST Computer Security Clearinghouse
• Computer Virus FAQs
• Data Fellows - anti-viral products
• Data Protection Registrar (UK)

http://www.georgetown.edu/sutherland/mgmt550/security.html