Pre-cyber threats

- [Instructor] In the early days of computing, the security threats faced by businesses reflected traditional pre-IT fraud. One traditional method of fraud is to have non-existence employees on the payroll with pay being drawn and put into someone else's account. In January, 2012, a woman in Hawaii was indicted for allegedly attempting to embezzle money from the security guarding firm for which she worked by registering and taking the pay for two fictional employees. The scam would net her more than $200,000. A second method is known as salami fraud, so named because it resembles shaving a thin slice of meat. In this case, what's shaved is the fractions taken off in a rounding calculation, or changing transactions by taking a few cents from them. If the business deals in millions of transactions, then this can become a significant fraud. A third form of fraud is payment for non-existent goods. This can happen when one person has the ability to raise a purchase order, receipt goods, and issue checks. A similar problem occurs for individuals when an online seller receives money in advance for non-existent goods, or has the auctions rigged by entering false bids to inflate prices. As the use of computer systems grew, so did the threats. More sophisticated forms of fraud emerged, taking advantage, in many cases, of the weakening controls in the IT environment. The early days of computing brought with them youngsters enthralled by the challenge of using a computer and a modem to break into other computers. And so began the age of the teen hacker. This was mostly individual challenge and peer recognition, although there were some early instances of what we now know as cyber espionage and cyber crime. The classic hacker of the 1990s was Kevin Mitnick, otherwise known as Condor. After a decade of hacking for no other reason than to demonstrate how good he was, Mitnick was finally caught and sentenced to three years jail time. The full story, book and film, is described on the "Takedown" website. As the use of the web grew and information websites and business web portals became more common, we saw bored teenagers defacing websites and leaving I-got-you messages. Website defacements were also targeted as part of politically-motivated attacks and used to communicate a political message in what's known as hacktivism. As dependence upon IT systems grew, another security threat to emerge was the denial-of-service attack, in which a remote attacker can compromise IT systems through exploiting vulnerabilities or through overwhelming their ability to handle the size of information flows. As the internet grew, adversaries were able to take control of large numbers of computers, known as a botnet, and focus them on a single target, substantially amplifying the impact of the denial of service. This is known as a distributed denial of service, or DDoS. A global example of a denial of service occurred in February, 2014 when an unknown attacker launched a rolling wave of distributed denial-of-service attacks on a variety of targets, country by country, around the world. The scale of the attack was enormous. The attack used a special feature of the network time protocol to amplify the data. By the time the packet had reached the target, it had been amplified 50 times, making this the equivalent of about 250,000 individual denial-of-service attacks. One of the businesses targeted in this campaign was attacked by 4,278 individual IP addresses from over 80 countries, delivering a continuous stream of over 1 million packets per minute for about an hour. The graphic shows the timeline of data arriving from the internet to this company.