Yes, I agree with the proposed statement "The years 1999-2001 were banner years for hackers". Computer hackers are people who gain remote access (typically unauthorized and unapproved) to files stored in another computer, or even to the operating system of the computer. They attack either to cause damage, steal our information, use our PC as a spam machine, or for Denial of Service (DOS) attacks on other computers.
[1] In the year 1999, When Microsoft's Windows 98 released Software security emerged as a mainstream which became a banner year of security and hacking. As a result of various bugs found in windows and other commercial software products, various advisories and patches were released. A host of security software vendors released various anti-hacking products for home computers.[2]Norwegian group Masters of Reverse Engineering cracked a key to decoding DVD copy protection which in result creates a DVD decoder program for distribution on the web, a move that spurs a flurry of lawsuits from the entertainment industry.
[1] In the year 2000 May, AMA Computer College student created a ILOVEYOU worm for his thesis in Philippines, which is also known as VBS/Loveletter and LoveBug worm, written in VBScript infected millions of computers worldwide within few hours of release. It was one of the most damaging worms ever found.[2] In a three day period, Hackers also brought down the most leading websites like yahoo.com,amazon.com,ebay.com,buy.com and cnn.com using "Denial of Service attack" that overloaded the site servers with an inordinate number of data requests. In the same year more than 55000 credit card numbers were stolen from creditcards.com which processes credit transactions for online companies. About 25000 of them were posted online when an extortion payment was not made.
[1] In the year 2001, Microsoft became the prominent victim of a new type of hack that attacked the domain name server. In these denial-of-service attacks, the DNS paths which take users to Microsoft's Web sites are corrupted.[2] In the same year Gary Mckinnon from Glasgow of Scotland deleted critical files from Operating systems which shutdown 2000 computers of the US Army's Military district of Washington for 24 hours. It also deleted US Navy weapon logs, rendering a naval base's network of 300 computers inoperable after September 11 terrorist attacks. In the same year LA port reported that hackers attacked a computer system that controlled California's power grid for 17 days which resulted in the power crysis.[3] On May 8th of same year a self-propagating piece of malware was created which is known as The Sadmind worm exploited vulnerabilities in both Sun Microsystems' Solaris and Microsoft's Internet Information Services. The worm defaced web servers with a message against the United States government and the anti-Chinese cracking group PoizonBox.
2. (20 pts) In the white paper it is said, "What was once the pastime of a computer geek on an ego trip has become an estimated $100 billion worldwide cash cow for professional criminals." The figure, '$100 billion', however was not supported by any cited reference. Conduct a literature search (whether on line or using resources in the UHCL library) to confirm that figure. Clearly indicate the sources of your data.
In the early days of computing, it used to be that viruses were the biggest security risk you would encounter. Virus infections ranged from annoying to destructive, depending on what it was. In recent years, viruses have been replaced by malware programs like fake virus scanners and keyloggers that are designed to trick users into giving up their financial information or just steal it from the user. These malware programs take over the computer and let some hacker on the other end use that infected machine to send spam and more. The larger the company or organization, the more potential there is for damage.
[4] Cybercrime thrives were caused because of social media opportunities, but not of ingenuity and lawlessness. Koobface which is an anagram of Facebook succeeds by mimicking normal social networking behaviour. It is just like a digital amoeba which lives parasitically on our sharing habits. It leverages the most successful of all age-old criminal techniques like our readiness to extend trust with our eagerness to click on links where we have become conditioned into a world of intense social interaction. We just click on website addresses and documents like mice clicking on pellet dispensers. And this conditioned tendency that Koobface exploits with precision. A recent study by Bell Canada suggests that $100-billion of revenue transiting Canada's telecommunications infrastructure is at risk. [5]Spam is the root of all evil, Warner estimates that the volume of spam worldwide has increased to hit $100 billion worldwide. [6] As per the BBC,The fastest growing sector of global organized crime is Cyber crime - Internet banking and Credit card fraud, which is increasing at a rate of about 40% per year. Cyber crime's turnover has been growing rapidly ever since whose value stand at $100 billion figure annually. [7]According to CNN, The growing sophistication of malware attacks mirrors the growing threat and cash generated by online crime. In the United States, the FBI reported a 33 percent increase in Internet crime in 2008.
Thus the pastime of a computer geek on an ego trip has become an estimated $100 billion worldwide cash cow for the professional criminals.
3. (20 pts) A major drawback of the white paper is its lack of cited references, meaning that facts and statements are not supported by valid source(s) of information. Information related to proper citing can be found at http://sce.uhcl.edu/yang/citing.htm. Carefully read the white paper and identify at least three statements in the paper where proper citing should have been done. For the sake of comparison, check out this paper, which deals with similar issues as the white paper (but with proper citing)?
Author refers "60 million URLs for in-depth processing the verification system", but failed to cite the reference of the value mentioned.
Author mentions "$7 billion a year being spent on anti-virus and other security software", but failed to cite the reference of the value mentioned.
Author mentions "90% of Internet access points of corporate networks are inadequately protected", but fails to cite the reference.
Author mentions "The detection capability of the antivirus engine is lacking with an average detection rate of 70% of the best engine", but fails to cite the reference.
