Speaking Cyber With Reference to Security Theories
Added on 2022-08-22
25 Pages4562 Words16 Views
Theoretical Computer SciencePhilosophyPolitical Science
|
|
|
Running head: COMPUTER SCIENCE 1
Computer science
Student’s Name
Institutional Affiliation
Computer science
Student’s Name
Institutional Affiliation
COMPUTER SCIENCE 2
Exercise 1: Speaking Cyber
With reference to security theories every crime requires three key components which are a
victim, motive and offender, when they merge together a crime is committed .The famous story
of the Hacking Team being a victim of hacking by an anonymous ethical hacker called Phineas
Fisher who claims to have spent about 100 hours to bring down the Hacking Team.
The Hacking Team was a private intelligence contractor that at most times offer hacking and
spying services on subjects that were seen to be potential threats to the governments. Phineas
Fisher is well-known and influential hacktivist who is said to have been motivated by the need to
protect human rights from infringement by their governments through Hacking Team services
therefore he decided to hack this multi-million-dollar company in order to expose the ill-doings
with the government. This hacktivist has been applauded by several security experts as a unique
hacking talent that is rare to find since he was able to do backdoor firmware development,
reverse engineering and understand networks/routing.
Phineas Fisher chose to use 0-day attack in one of the company’s devices with which he said it
was an easier way and unsusceptible to the Hacking Team (I & I, 2016). Furthermore, he says
that he did numerous tests on some backdoor firmware that he created and put into the embedded
device through a virtual machine on the internet so as make sure that no unusual behavior could
be caused to their system hence create suspicion.
He got through the validation easily due to the existence of an unstable Mongo DB which is a
NoSQL database. He was able to download the Hacking Team backups and lucky was he when
he got the files of the admin credentials making him a domain system in the victim’s system thus
a successful hacktivist attempt. Phineas Fisher strongly encouraged hacker to join ethical
Exercise 1: Speaking Cyber
With reference to security theories every crime requires three key components which are a
victim, motive and offender, when they merge together a crime is committed .The famous story
of the Hacking Team being a victim of hacking by an anonymous ethical hacker called Phineas
Fisher who claims to have spent about 100 hours to bring down the Hacking Team.
The Hacking Team was a private intelligence contractor that at most times offer hacking and
spying services on subjects that were seen to be potential threats to the governments. Phineas
Fisher is well-known and influential hacktivist who is said to have been motivated by the need to
protect human rights from infringement by their governments through Hacking Team services
therefore he decided to hack this multi-million-dollar company in order to expose the ill-doings
with the government. This hacktivist has been applauded by several security experts as a unique
hacking talent that is rare to find since he was able to do backdoor firmware development,
reverse engineering and understand networks/routing.
Phineas Fisher chose to use 0-day attack in one of the company’s devices with which he said it
was an easier way and unsusceptible to the Hacking Team (I & I, 2016). Furthermore, he says
that he did numerous tests on some backdoor firmware that he created and put into the embedded
device through a virtual machine on the internet so as make sure that no unusual behavior could
be caused to their system hence create suspicion.
He got through the validation easily due to the existence of an unstable Mongo DB which is a
NoSQL database. He was able to download the Hacking Team backups and lucky was he when
he got the files of the admin credentials making him a domain system in the victim’s system thus
a successful hacktivist attempt. Phineas Fisher strongly encouraged hacker to join ethical
COMPUTER SCIENCE 3
hacking to protect the vulnerable rather than enjoy consultation fees from the large companies
which deserve to be hacked.
Zero-Day: This is a known risk on computer systems to vendors or owners of the system
responsible for its resolution, occurs mostly in software and when not addressed it can be
exploited. Phineas Fisher(attacker) chose to exploit this security hole in order to gain root access.
Ethical hacking is the act of looking for weaknesses and holes of a computer and information
systems with an aim of mitigating the potholes. Ethical hackers are the security professionals
who do ethical hacking and Phinease Fisher claimed to be an ethical hacker.
Backdoor Firmware: This is a type of firmware by which advanced users can use to bypass
normal security measures and gain high level access on information systems, network system or
an application.
Attack Simulation: This a penetration testing technique which provides all necessary conditions
for cyber attack to occur with an aim of identifying the security vulnerabilities and mitigating
them.
Spear phishing attack: This is a mail based electronic computer attack that at most times is
aimed at a specific individual or company in order to steal information. However, this can be
used to install some malware into the victim’s machine which may cause creation of back doors
accessible by an attack.
Hacktivist: This a hacker who’s motive of hacking is protecting the human rights within the
society from government or other oppressors.
hacking to protect the vulnerable rather than enjoy consultation fees from the large companies
which deserve to be hacked.
Zero-Day: This is a known risk on computer systems to vendors or owners of the system
responsible for its resolution, occurs mostly in software and when not addressed it can be
exploited. Phineas Fisher(attacker) chose to exploit this security hole in order to gain root access.
Ethical hacking is the act of looking for weaknesses and holes of a computer and information
systems with an aim of mitigating the potholes. Ethical hackers are the security professionals
who do ethical hacking and Phinease Fisher claimed to be an ethical hacker.
Backdoor Firmware: This is a type of firmware by which advanced users can use to bypass
normal security measures and gain high level access on information systems, network system or
an application.
Attack Simulation: This a penetration testing technique which provides all necessary conditions
for cyber attack to occur with an aim of identifying the security vulnerabilities and mitigating
them.
Spear phishing attack: This is a mail based electronic computer attack that at most times is
aimed at a specific individual or company in order to steal information. However, this can be
used to install some malware into the victim’s machine which may cause creation of back doors
accessible by an attack.
Hacktivist: This a hacker who’s motive of hacking is protecting the human rights within the
society from government or other oppressors.
COMPUTER SCIENCE 4
Exercise 2: Auditing
A.
Windows registry its feature in Microsoft windows which holds the user preference,
machine information and software settings. This feature is made available for all the
operating systems offered by Microsoft. This feature keeps logs of activities that occur
within the operating system and uses keys to track and log changes into its database
(Kirda, 2006). For example, when I install VLC player, a corresponding registry key with
application settings of how it works, its directory and its edition are recoded in the
registry database. This feature has its detrimental effect when a lot junk or corrupted
files accumulate which might cause problems like: reduced performance of computer
system like application programs taking long to launch, system crashes, frequent freezing
and taking long to start.Hence,undertaking a registry cleanup regularly is advised which
can be done using a registry cleanup software.
Exercise 2: Auditing
A.
Windows registry its feature in Microsoft windows which holds the user preference,
machine information and software settings. This feature is made available for all the
operating systems offered by Microsoft. This feature keeps logs of activities that occur
within the operating system and uses keys to track and log changes into its database
(Kirda, 2006). For example, when I install VLC player, a corresponding registry key with
application settings of how it works, its directory and its edition are recoded in the
registry database. This feature has its detrimental effect when a lot junk or corrupted
files accumulate which might cause problems like: reduced performance of computer
system like application programs taking long to launch, system crashes, frequent freezing
and taking long to start.Hence,undertaking a registry cleanup regularly is advised which
can be done using a registry cleanup software.
COMPUTER SCIENCE 5
Windows registry
i)Installation of the RegShot by running the Regshot-x8-Unicode as an administrator.
II). The systems’ registry before uninstalling VLC application indicates:
Keys:284272
Values:494848
Windows registry
i)Installation of the RegShot by running the Regshot-x8-Unicode as an administrator.
II). The systems’ registry before uninstalling VLC application indicates:
Keys:284272
Values:494848
COMPUTER SCIENCE 6
III). This is the second snapshot of the registry after uninstalling VLC from the machine.
Keys:29644
Values:76160
III). This is the second snapshot of the registry after uninstalling VLC from the machine.
Keys:29644
Values:76160
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Legal and Evidentiary Aspects of Digital Forensicslg...
|10
|2340
|185
Ethical Hacking and Penetration Testinglg...
|3
|426
|384
Ethical Hacking: Introduction, Pen Testing Approach, Results and Findingslg...
|7
|1139
|93