Virus- a software program that replicates on computer systems by incorporating itself onto shared programs. The most common form of a virus is an e-mail strain/ a chain e-mail. (NetLingo 2011)
Worm- reproducing program that runs independently and runs across network connections, similar to a virus. (Virusall 2011)
Trojan- a program that can be distributed or embedded. Trojans can access passwords and other personal information and automatically distribute the data to others. (Virusall 2011)
DDos-(Distributed) Denial of Service. An attack to keep authorized users of a website or web service from using it, or limiting the ability to use it. (Webbmedia 2011)
Brute-force password attack- attack by means of trying every possible character combination as a password. (LastBit 2011)
Phishing- an e-mail scam where a "company" is looking for personal and financial information that is eventually used for identity theft. (NetLingo 2011)
Port scanning- scans TCP/UDP ports and sees which port can be probed for further weakness. (Javvin 2011)
Spoofing- forges the IP address of a machine that is attacking a server on the internet. Commonly in the form of e-mails and similar to phishing, it tricks the user into releasing sensitive information. (NetLingo 2011)
Ransomware- a form of internet extortion that consists of user downloading software. When downloaded, encrypts the contents of your hardware so you are unable to read it. The person responsible for the software then charges payment to decrypt the data that they planted. (NetLingo 2011)
Social Engineering attacks- attack where human social skills are used to obtain information about an organization or its computer system. By asking questions, the attacker is able to piece together enough information to infiltrate the organization's network. (US-CERT-2011)
Hacktivism- a word combined with "hack" and "activism". It is described as the use of computers and computer networks to promote political ends. (Wikipedia 2011)
Defacing web pages- attack on a website that changes the visual appearance or content of the website. (Wikipedia 2011)
Web sit-ins- hackers attempt to send an excess of traffic to a webpage so that it is overwhelmed and users are unable to access. A variation of Dos. (Wikipedia 2011)
E-mail bombing- hackers send numerous e-mails with large file attachments to the victim's e-mail address in an attempt to overwhelm the victim or overflow the inbox. (Wikipedia 2011)
Questions
Anonymous is a group formed by individual anonymous hackers and activists that have come together under one name. Although their actions are illegal, they are a non-violent group. Anonymous started off as a "prankster" group but has turned into an international movement. (Ryan 2011)
LulzSec is also a hacker group. LulzSec is similar to Anonymous in that both of their objectives is to exploit organizations that have done a "social injustice" and fight for the free access of information, and that some more talented hacker members of Anonymous left to join this group. They differ because Anonymous seems to be hacking websites when they feel there is a social injustice being done, but LulzSec hacks websites "just for laughs".(NCCIC 2011)
Anonymous and LulzSec use the Internet Chat Relay (IRC), a type of online chatroom, to communicate with each other. Message boards and forums are also a common place for them to discuss politics, activism, and technology. (Ryan 2011)
A "script kiddie" is a person that looks for technology weaknesses over the internet to get access to a computer system, but it is usually found by someone else first. They usually do not know what they are exploiting, and they are technologically sophisticated. They use the knowledge of the known vulnerability to scan the internet and randomly find a victim that has the vulnerability. (NetLingo 2011)
Timeline
- On January 3, 2011, Anonymous hacked Tunisian government websites using DDos exploit after Tunisian government blocked the WikiLeaks cables.
- On June 9, 2011, Turkey's government website was attacked by means of DDos because Anonymous did not agree with it's censorship standards.
- On June 13, 2011, the Spanish police website is under attack by DDos; Anonymous claims it was because of three arrests made in Spain in association with the hacker collective.
- On July 7, 2011, the FBI's contractor ManTech and e-mails from the Department of Homeland Security were leaked online through DDos attack as apart of it;s AntiSec operation.
- On August 22, 2011, Vanguard Defense Industries has 1 GB of of personal information of company employees leaked by DDos attack. Anonymous says it was because they have a "sinister alliance with law enforcement". (Paoli 2011)
I do believe that hacktivists have the power to change the world for the positive, and I also believe that they run the risk of limiting internet freedom. In helping Arab countries such as Tunisia, Egypt, and Algeria, I believe that Anonymous is helping the world expand with technology, and helping oppressed countries gain independence. Although these are monumental landmarks in the technical and real world, I fear that governments grow increasingly frustrated with Anonymous. I feel as though as long as Anonymous keeps leaking confidential information as well as WikiLeaks, governments in all countries (even the United States) will eventually begin to limit internet freedom. Once it starts, our freedom of the internet may disappear altogether.
Works Cited
NCCIC. "“Anonymous” and Associated Hacker Groups Continue to be Successful Using Rudimentary Exploits to Attack Public Aand Private Organizations." National Cybersecurity and Communications Integration Center Bulletin. Web. 22 Nov. 2011. http://www.rawstory.com/rs/wp-content/uploads/2011/08/NCCIC-Anonymous.pdf.
Ryan, Yasmin. "Anonymous and the Arab Uprisings - Middle East - Al Jazeera English." AJE - Al Jazeera English. Web. 22 Nov. 2011. http://www.aljazeera.com/news/middleeast/2011/05/201151917634659824.html.
NetLingo The Internet Dictionary. Web. 22 Nov. 2011. http://www.netlingo.com/.
Virus or Hoax? Web. 22 Nov. 2011. http://www.virusall.com/index.php.
Paoli, Chris. "UPDATED: Anonymous/LulzSec Hack Timeline." Redmondmag.com. Web. 22 Nov. 2011. http://redmondmag.com/articles/2011/06/27/timeline-of-anonymous-lulzsec-hacks.aspx.
"DDos Attacks Explained." Webbmedia Group. Web. 22 Nov. 2011.
"Port Scan Attack." Javvin Network Management and Security. Web. 22 Nov. 2011. http://www.javvin.com/networksecurity/PortScanAttack.html.
"US-CERT Cyber Security Tip ST04-014 -- Avoiding Social Engineering and Phishing Attacks." US-CERT: United States Computer Emergency Readiness Team. Web. 22 Nov. 2011. http://www.us-cert.gov/cas/tips/ST04-014.html.
Password Recovery Software. Advanced Office Password Recovery and Security Tools by LastBit.com. Web. 22 Nov. 2011. http://lastbit.com/.
Wikipedia. Web. 22 Nov. 2011. http://www.wikipedia.org/.
