Order shopping_cart

Toll-free:

Toll-free:

Kingpin: How one Hacker Took Over the Billion-Dollar Cybercrime

Introduction

Computer crime or otherwise called cyber crime can be defined as a crime that benefits from security weaknesses in networking computers. A network or computer can be used to carry out a crime or be a target by cyber criminals (Hunton, 2010). Netcrime is another key term in computer crime which refers to making use of the internet to commit computer crimes. From a wider perspective, cyber crime is defined as the online offence committed against organizations or individuals with ill motives of either damaging the reputation of the targeted victim or mentally or physically harm the victim. Cybercrime does not only target organizations or individuals. Government departments in many countries have suffered great losses due to cyber crimes. Currently, issues of cyber crime are of the very high profile. Common threats posed by cyber crime include losing privacy and confidential information, child pornography, copyright infringement, cracking and negative child grooming (Guitton, 2012).

Review of the Book I Chose

The book "Kingpin: how one hacker took over the billion dollar cyber crime underground", is a fiction story written by Kevin Poulsen. The book focuses on the life of Max Butler who was born in 1973, in Idaho. At a tender age of 8 years, Max was a computer geek to an extent that he could handle computer tricks that a 15-year-old could not. When he reached high school, Max became a person who was good at hacking, cracking and other computer tricks. The school administration where he studied sent him to probation for several offences such as burglary and other computer crimes. At the age of 18 years, Max was sentenced to a 15-jail term for assaulting a girl (Poulsen, 2011).

After prison, Max embarked on his greatest "talent" where he was abundantly blessed. He demonstrated high skills in computer hacking where he could sneak into organization systems and take control of several activities in the system. As a result of his unique skills in information and communication technology, FBI hired him as a white hat cyber-informant. However, the bureau later sacked Max after allegations were brought against him that while serving as a white hat he had illegally accessed several government computer systems. This offence was worsened by the fact that most of the systems that Max had penetrated contained confidential information about the armed forces. Later, Max was brought before the federal court where he pleaded guilty to the trespass charges against him. In 2001, the federal court gave him a one-year jail term. While, in prison, Max met other computer crime stars who gave him further training. This gave Max more passion for computer crime and thus he was ready to surprise the world (Poulsen, 2011).

Once Max was released from prison, he worked so hard to demonstrate how talented and skilled he was at outwitting any security measures used on the internet. These skills enabled Max to break and dominate all types of cyber-security used by both individuals and organizations. Max was capable of hacking backs, business information systems via Wi-Fi, ripped off codes and information that had been stolen by other hackers, and several other computer crimes. In 2005, Max established a carders market and hackers' website, which sold and bought supermarket and hypermarkets for purloined data. Max's knowledge, expertise, and skills enabled him to access and steal the huge amount of credit cards information. Together with his allies, max installed the stolen information into unique fraudulent credit cards, which were able to accumulate a lot of money. Poulsen gives well-explained details of the logistics and techniques that Max and his team used. The business was so lucrative that max could earn as much as a thousand dollars daily (Poulsen, 2011).

Eventually, Max was no longer contented with being a mere thief yet he had enough skills that could give him a better catch. Therefore, he aspired to be a master and pioneer of future trends in cyber-crimes. The book "The art of war" inspired him to invade and totally do away with a rival hacker website. As a result, his Carders market received approximately 4500 new clients. This destruction made Max a star in his hacking career. This does not imply that Max was the only person who made away with cybercrime during this period. In fact, a very close competitor felt bad with the progress that Max had made. The competitor ratted out Max, and, as a result, he was arrested in 2007 (Poulsen, 2011).

Present and Future Trends in Cybercrime

The more technology grows, and network security is enhanced, the more computer criminals enhance their tricks in breaking the security. Currently, cyber crime encompasses a wide range of fraudulent activities. Generally, these activities can be classified into two broad categories namely: crimes that directly target computers and crimes that are facilitated by networking computers. Nevertheless, the latest trend has targeted networked computers. Common crimes that have specifically targeted networked computers and other devices include computer viruses, malware, and denial-of-service attacks (Hunton, 2010).

A computer virus is a computer program that has been programmed to replicate itself and infect several computers. Computer viruses are introduced to computers either through a network or portable computer accessories. Common accessories that transfer viruses include flash disks, memory cards, compact disks, compact tapes and other secondary memories. On the other hand, many computers are infected through the network (ScienceDaily. 2010). Virus programmers broadcast viruses on the internet using programs that appear genuine but are malicious in the background. Another malicious means of conducting computer crimes is called malware. Malware includes computer worms, computer viruses, Trojan horses, ransomware, spyware, rootkits, keyloggers, dishonest adware, and other malicious software. Malwares are malicious because they are used to disrupt the operation of a remote computer, gain unauthorized access, get sensitive information, or access private computers by online attackers. Malwares appear in several forms such as codes, active content, script or normal software. The denial-of-service attack is an attempt made to make computer and network resource unavailable to users by malicious programmers over a computer or network. Generally, these attempts are made to interrupt, distort, or suspend certain services from a host on the internet (Hunton, 2010).

Cyberstalking is the use of electronic devices or the internet to harass or stalk a person, an organization, or a group of individuals. This may include making use of factual statements, false accusation, making threats, monitoring, damage to data, identity theft, soliciting young people for sex, or collecting information that can be used to harass or blackmail an individual (Hunton, 2010). In this case, harassment refers to making a person having very sensitive information release it. Cyberstalking is not the same as offline stalking since it is carried out via networked computers or electronic devices. Identity theft is a way of stealing someone's unique identity in which an individual pretends to be another person. For instance, Peter assumes the identity of Mark and thus Peter pretends to be individual Mark. In this case, the victim (Mark) will badly suffer since he is held responsible for the wrongs that were done by Peter. Identity theft normally takes place when a fraudulent person illegally uses another individual's personal details such as an official name, credit card numbers, or identity number to commit fraud (Guitton, 2012).

Information warfare involves using information technology to pursue a competitive advantage over a competitor. Information warfare encompasses collecting tactical data or information, spreading propaganda, and assuring people that one's information is legal and valid, for purposes of manipulating or misinforming the public about the competitor. This will, in turn, undermine the quality of the competitor and thus will attract more customers. On the other hand, phishing is a malicious way of using electronic communication to try to access information such as an official name, user name, password, and other credit details through masquerading as the right or legal entity. Communications that are disguised to be from a trusted website, online payment system, auction sites, and IT administrators are used to deceive the public. Phishing emails mostly contain links to websites containing or infected with malware (Guitton, 2012).

Cybercrime is one of the emerging issues that are growing at an alarming rate. Many people have been lured by the lucrative opportunities offered by the poor security measures used over the internet. More and more individuals are currently busy exploiting the anonymity, speed, and convenience that the ever-growing information technology is offering (Guitton, 2012). Additionally, the global characteristic of the internet has given crime stars an ample time to commit any type of illegal or unauthorized activity anywhere in the world from their remote computers. Many countries have fallen victims of the virtual cyberspace, and as a result, many nations have decided to make use of domestic offline controls in a bid to evade crimes in the international cyberspace. Those who cannot avoid the risks posed by the international cyberspace have put measures in place to ensure that all online attacks are dealt with properly. As a result, many have secured their systems from attacks, but unfortunately, the security measures work for a very short time. Therefore, many people are concerned with learning future trends in cyber crimes in order to shield themselves from future attacks (Yar, 2011).

Recently, several international organizations have had a discussion over unifying cyber crime with organized criminals. If such a move is implemented, it will forbid several ill omens for a short-term future. Statistics indicate that most of the online attackers operate form Eastern Europe, Asia, and Russia, where online enforcement laws are scanty; there is very little hope of neutralizing and containing threats via traditional means. In case, genuine internet users get a solution that will completely deter online attacks, then the world will have to celebrate because it will be a great achievement. However, the repercussion of this achievement might cause too much harm to future generations (Hunton, 2010).

Studies have indicated that the more we try to curb future online attacks the more the attacks will be made complex. In the future, more sophisticated phishing attacks will be used. For instance, IT researchers expect that in future attackers will be using call centers to notify their "clients" ahead of time (Hunton, 2010). This will be followed by fraudulent emails that will be requesting personal details. Using this approach, the aggregate of personal data in many fraudulent data centers will certainly prove to be good targets to infiltrate. Additionally, attackers will be suing sophisticated data mining approaches to get gullible consumers. Alternatively, attackers will be using tailored phishing emails to target specific organizations or individuals based on their financial, medical, or personal history. Additionally, identity theft will move towards an automated direction. For instance, identity theft will make botnets vehicles not because they intend to establish service attacks but to act as giant platforms to search personal information such as social security numbers and credit card numbers. Those who will be controlling botnets will be receiving payments for using their database to run queries (Yar, 2011).

It is discouraging to note that currently, professional criminals are managing organizations such as money launder. With this degree of the shield, I am tempted to ask, where the technical or "professional" know-how will be derived from in order to conduct cyber crime (Yar, 2011). Unfortunately, the number of intelligent black-hats is growing with the university and college degrees spreading all over the world. Additionally, many of these black-hats are operating in nations where employment is not awarding sufficient pays, and chances of being caught are extremely slim. Studies have also indicated that nowadays it has become easier to be a hacker and inflict harm on genuine internet users than before (ScienceDaily. 2010). The internet has made repository knowledge available and given an avenue where any intelligent user is capable of getting skills on subverting information systems. Currently, the internet offers tutorials that explain complex issues such as conducting a buffer attack in a non-professional's language. With this kind of legal security breach, the attacker will have an opportunity of recruiting more attackers in the profession, and as a result, more loopholes on genuine information systems will be found out (Jainshankar, 2011).

Dealing with Cybercrime

Several measures have been put to counter threats made by online attacks in place. At basic levels, several programmers have developed antivirus programs which fight a virus that infected computers via the internet or portable computer devices. At advanced levels, several security measures against online attacks have been put in place. The latest used technical approaches are honeypots, firewalls, and access control lists.

The honeypot is the latest technology that has enormous capability to ensure the security against hackers on the internet. The honeypot is an online trap that has been programmed to detect, block, deflect, and in some other cases counteract efforts made by cyber criminals (Alata et al., 2001). Generally, a honeypot information system is made up of networked computers, database, and network sites. The honeypot is different from Intrusion Detection System or firewall because they are not programmed to solve specific network challenge (Honeynet Project, 2006). Instead, honey pot has very flexible tools that are designed in different sizes and shapes. They do a variety of tasks ranging from detecting malicious attacks in networks to detecting online fraud cases. This high-level flexibility gives honeypot its true power. Honeypots have broadly been classified into low and high interactive honeypots. Honeypots are classified as low-interaction because they are programmed to operate by emulating operating systems and services. Therefore, the activities of the attacker are limited to the honeypot emulation level. For instance, an FTP service that has been emulated to listen to port 21 may strictly emulate FTP login, or alternatively, support some other additional FTP codes (Jiang & Wang. 2000).

On the other hand, high interaction honeypots give very complex solution since they involve real application software as well as operating systems. High interaction honeypots do not emulate but give hackers or online attackers real taste. For instance, if a computer user needs a Linux honeypot that will run his or her FTP server, the user will be needed to build real Linux software that will run a real FTP server (Alata et al., 2001). This form of preventing fraud stars is advantageous in two ways. Firstly, the user is given an opportunity to capture the large and extensive amount of information. A computer user can fully learn the extent of their tricks ranging from rootkits to IRC sessions through giving real systems for online criminals to interact. Secondly, high interaction honeypots do not make assumptions on the possible way that attackers might behave. They give the open and interactive environment that records all activities. This gives room for honeypots to learn attackers' behavior that we otherwise could fail to know. There are several examples of both low and high interactive honeypots (Jiang & Wang. 2000).

On the other hand, a firewall can be either hardware or software component used to secure networked computers. Primarily, firewall manages both incoming and outgoing online traffic by critically analyzing data packets and establishing whether the data should be permitted to go through or not depending on established rules (Jainshankar, 2011). This implies that firewalls build bridges between computers and the internet or a local area network and the internet. It ensures that data communication on the network is safe. Many software developers ensure that the software they develop are equipped with firewalls, which protect remote computers form public networks. Additionally, network administrators install routers that are equipped with firewalls. Conversely, development in programming has ensured that firewalls can perform routing functions (Yar, 2011).

Additionally, several nations have legislated rules that govern cyber crime. For instance, the USA several legal statutes have defined every type of cyber crime and given detailed prosecution for each type of crime (Yar, 2011). These rules are not only used as countermeasures but also check cyber crime behavior. Some of the statues include the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, the Electronic Communications Privacy Act, the Stored Communications Act, the Identity Theft and Aggravated Identity Theft Act, the Identity Theft and Assumption Deterrence Act, Gramm-Leach-Bliley Act, Internet Spyware Prevention Act, Access Device fraud Statutes, Wire Fraud Statute, and communications Interference Statute (Jainshankar, 2011).

Relationship between the Literature Review and the Selected Novel

Both my literature review and Kevin Poulsen's fiction story have one common topic: cyber crime. In my literature review, I have given a general discussion on cyber crime, how it has affected genuine internet users and some regulations that have been put to counter the crime in place. In his fiction story, Poulsen has used Max as an example of several online attackers who have caused a lot of harm to people. For instance, Max used identity theft to get information on other people's credit cards. He used this information to program a sophisticated malicious system that has stolen a lot of money from innocent people.

Conclusion

In conclusion, computer crime is a global problem that needs quick solutions. Many genuine internet users have fallen victims of online attackers. As a result, people have leaked confidential information while others have loosed a lot of money to online attackers. Additionally, several information systems that acquired expensively have been rendered useless due to sophisticated online viruses. However, a lot of efforts have been made to fight cyber crimes. Several counter attack devices such firewalls and honeypots are currently being used by many information systems to prevent online attacks. These counterattacks have enabled many organizations evade losing crucial information to fraudulent attackers, and in other cases, organizations have avoided losing money to unknown people. Nevertheless, the more people adopt counterattack measures, the more the attackers come up with systems that are more complex. Therefore, there is a need to sustain research and come up with the latest systems that can prevent the latest attacks.