Yusran Adhitya Kurniawan’s Blog

COMPUTER AND NETWORK SECURITY

by on Mar.23, 2010, under Information Technology

Network SecurityBy the 1990s computer-assisted crime had become a major element of white-collar crime. Like corporate crime, computer crime often goes unrecorded. Computer crime is faceless and bloodless, and the financial gain can be huge. A common computer crime involves tampering with accounting and banking records, especially through electronic funds transfers. These electronic funds transfers, or wire transfers, are cash management systems that allow the customer electronic access to an account, automatic teller machines, and internal banking procedures, including on-line teller terminals and computerized check processing.
Computers and their technology (printers, modems, computer bulletin boards, e-mail) are used for credit card fraud, counterfeiting, bank embezzlement, theft of secret documents, vandalism, and other illegal activities. Experts place the annual value of computer crime at anywhere from $550 million to $5 billion a year. Even the larger figure may be underestimated, because many victims try to hide the crime. Few companies want to admit their computer security has been breached and their confidential files or accounts are vulnerable. No centralized databank exists for computer crime statistics. Computer crimes are often counted under other categories such as fraud and embezzlement.
The first state computer crime law took effect in Florida in 1978. An Arizona law took effect two months later. Other states soon followed, and by 2000, Vermont was the only state without a specific computer crime provision.

Read More Here:

The Computer Security Institute in San Francisco, California, conducted “The 2003 Computer Crime and Security Survey” with the participation of the FBI's San Francisco Computer Intrusion Squad. The study found that of 530 computer security practitioners from major U.S. corporations, government agencies, financial and medical institutions, and universities, some 56 percent had detected computer security breaches within the last 12 months. Three-quarters of respondents stated that their institution had suffered financial losses due to computer breaches. Financial losses of $201 million were reported by nearly half of the respondents due to breaches in their computer security.
According to the survey, the most serious financial losses resulted from the theft of proprietary information, with respondents reporting total losses of over $70 million. Denial of service, resulting in a total loss of $65 million, was the next most expensive security breach. Still, despite these significant financial losses, only 30 percent of respondents reported the computer intrusions to law enforcement. In part, this low level of reporting of computer crime to law enforcement may have to do with an unwillingness to reveal the proprietary nature of the information breached.

As we already know, Computer in our life is not being tersier needed by some of the people that in daily activities use computer, because of that Computer need a system that can secure it from many of the dangerous thing, such as : Virus, Error System, Fraud, Breach and,etc. Here we want to explain about one of the problem in Computer, That is When computer security has been breached. So, what should we do?

The case about computer security has been breached is serious problem that must we concern it more, it has happened in PGX’s company where this place is secure place to protect and save private data, in 2007 last year it happened, so the customers that has save their data in that company has been stolen or breached by Cracker. They felt sock when known that their data has lost. it happened by students in California’s university of USA, that all their data suddenly disappear when they known. so in the first time the students has save their data in the bank, it contains of Student’s nuber, bank account, security number, deposit and the other private data. after that bank send it to the PGX’s company as place to save private data in the secure condition, but what will happen if suddenly the data in the PGX’s company has been breached. So, it is big responsibility of that firms. so what the firm should inform to the customer when the computer security has been breached.

In order to make balance condition both customer and firms, the way is the firms should not inform it to the customer,because if the customer known about it of course they will run out from that firms.it is better for customer not to know about this condition in temporary time, because the firm is big company that can solve this problem with many of the ways. Firms has intelligent team that contain of many professional programmers and cooperate with aparature security of country it self. They have proffesionality to handle about the computer/network connection problem that is when the computer has been breached.

Cooperation that owned between firms and aparature security of country will make easier to catch the criminal (Hacker/cracker), because aparature security here is an intelligent people, FBI, Secret Service, and Interpol. It is enough to turn back the condition in the first time where the data that has been breached and lost for a while time, after there is reaction from the firm to turn back the data tgen customer will feel safe because they don’t lost their data. This situation can be handle because There are professional people that have many experiences about computer security and they also make a system that can detect a hacker/cracker. It is called Honey Pot.

The condition that will grow from that way is making advantages between both of firms and customer. Finally Customer will get their data again and Firms will not loose their customer and make good reputation for that firms in the customer point of view.

Some of the statistics about computer/information security
Computer security that has been berached in every country in this world,especially in develop country that this incident is increasing dramatically every year, according to Survey Information Week (USA), 1271 system or network manager, Only 22% that realize the security of system information as the important component.from that data we can conlude that Realization about security problem still low, because of that the hacker growing fastly in this time.to prevent it we must consider about this incident that if it happened will bring disadvantages for us. with that condition needed help from many of sectors,especially in management side, so that How to tempt the management to do investation in the security side? It is need the justification to do investation of security infrastructure.

(Lack of Security Awarenes)
The obstacles that can influence us hard to solve it because it grows from our self, we don’t think about security, what is the impact, what will happen after that. We just focuss to direct use the media without prepare preventation that would be happened.
For example :
Management poit of view : “ the most important that we connect first, the security can be later”.
“Now there is no problem, right?”
Practitioner point of view : ” It is easy, we can borrow the password from administrator”.
From that short dialogue, it can show us how big the lack of security awareness in our daily activities.

The real number of Computer/network security is hard to show accurately, it is because business problem and Negative publicity.
According to data that we got is :
1. 1996. FBI National Computer Crime Squad, The crime of computer that have been detect is less than 15%, and only 10% from that number have reported.
2. 1996. American Bar Association: from 1000 companies, 48% has been get computer fraud in the last 5 years.
3. 1996. In england, NCC Information Security Breaches Survey:
The crime of computer increases 200% from 1995 to 1996.
4. 1997. FBI: The assembly’s case that relation with computer crime increase
950% from 1996 to 1997, and it had been convicted
In the assembly increase 88%.
5. 1988. Sendmail (UNIX) exploited by R.T. Morris then break down the Internet. It have predicted about the loss until $100 million.
Morris fine $10.000. this id the first worm.
6. 10 Maret 1997. A hacker from Massachusetts success
To turn off the system of telekomunication an local airport (Worcester,
Mass.) after that turn off the communication in the tower control and dive away the aeroplane that will be land.
7. 7 Februari 2000 s/d 9 Februari 2000. Distributed Denial of Service
(Ddos) attack toYahoo, eBay, CNN, Amazon, ZDNet, ETrade.
Predicted because the uses of Trinoo, TFN.
8. The amount of vulnerabilities in information system that had reported
to Bugtraq increase four times (quadruple) during in 1998
to 2000. From 20 reports per month become 80 reports.
9. 1999. Common Vulnerabilities and Exposure cve.mitre.org
Publicate more than 1000 the weekness of system. CVE contain from 20 security entities.
10. 2000. Ernst & Young survey shows that 66% responden
Realize that security & privacy inhibit
The development of e-commerce
11. 2001. Virus SirCam send files from harddisk’s victim . the privacy file will be spread out easily. Worm Code Red heat the system IIS
Then do the port scanning and creep into system IIS
That it have found.

THE INCREASE CRIMES OF COMPUTER SECURITY.

There is obstacles in the law enforcement to follow the develop of telecommunication and computer’s world.it is because of many factors,that is :
1. Cyberlaw still raw
2. Awareness level still low
3. Technical capability still low too.
Besides that the increase of complexity system (technic & business) be one of the serious obstacles that must we concern more,because :
1. The programme be higher. Megabytes,Gigabytes
2. There is changes in business ways : Partners,alliance,inhouse development,outsource,…………
3. The potential of Security hole is big.

Hacker,Cracker, and security professional

Hacker is a person who enjoys learning the detail of computer systems and how to stretched their capabilitiesas opposed to most nusesrs of computer, who prefer to learn only the minimum amount necessary or One who programs enthusiastically or who enjoys programming rather than theorizing about programming (Guy.L Stelee, at al. the hacker’s Dictionary)

Cracker is a hacker that destroy the system computer own by the others and loss for that people.

Story about Hacker
1. Kevin Mitnick
2. Mudge
3. Kevin Poulsen
4. Cyberpunk’s book, Web Lopht.

Kevin Mitnick
• He Often creeps to the phone system and be Someone that looked for by FBI.
• Much Told in “Takedown” T.SHIMOMURA’s book and “the fugitive : online with Kevin Mitnick” (J.Littman)

http://www.takedown.com

• There is the movie that tell about Kevin Mitnick.
• Now,He is consultant security,especially in social engineering.
• Launch the book “The Art of Decption” that tell about social engineering.

An Evening with Berferd

• An Evening with Berferd : in which a cracker is lured,endured, and studied (B.Cheswick)
• A cracker has been monitored by a system that can detect the cracker (Honey Pot).
• Cracker come through Bug sendmail that exploite tom the other programs.

Conclusion : If a Hacker obtains a login on a machine,there is a good chance he can become root sooner or later.

Honey Pot
• A system that make to invite and monitor cracker.
• Contains of many software (server), Imaginely is alive server that offer a services.
• Many of Honey Pot combine be a Honeynet.

Suggestions
1. Do not destroy the system of others.
2. If you have Detect as Cracker,your name will be dirty,and you will not get respect and attention from others.It can make you hard to looking for the jobs and you will distrust by the other people.
3. It is better for you to be Proffesional Securitybecause there is many jobs vacancy.

Ending
The knowledges about hacker and cracker can make us know about the problem in Computer security.

:, ,

64 Comments for this entry

3 Trackbacks / Pingbacks for this entry

  • COMPUTER AND NETWORK SECURITY – Yusran Adhitya Kurniawan's Blog | Legal News - Your Source for Legal News and Advice

    more here: COMPUTER AND NETWORK SECURITY – Yusran Adhitya Kurniawan's Blog Share and

  • COMPUTER AND NETWORK SECURITY – Yusran Adhitya Kurniawan's Blog | Network Security

    See more here: COMPUTER AND NETWORK SECURITY – Yusran Adhitya Kurniawan's Blog

  • Best BluRay Disc

    COMPUTER AND NETWORK SECURITY – Yusran Adhitya Kurniawan's Blog

Leave a Reply

Before you post, please prove you are sentient.

What is the outer covering of a tree?

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!