طرق الاختراق وآليته واهم هجمات الاختراق الدوليه وامثله على الجيوش الالكترونيه لكل بلد و كذلك معلومات عن مركز أمن المعلومات و ايضا أهم الشهادات لامن المعلومات
16. اإلجرامية المجموعات على أمثله
• Anton Gelonkin / Internet fraud group
• Avalanche / Phishing
• DarkMarket / Stolen stuff
• Legion of Doom / Hacking
• Leo Kuvayev / Spam
• Masters of Deception / Hacking
• Russian Business Network / Child pornography,
phishing, spam, and malware
• ShadowCrew / Forum
• The Silk Road / Drugs and stolen stuff
Computer crime, or Cyber crime, refers to
any crime that involves a computer and a
network.
Fraud • Obscene or offensive content •
Harassment • Threats • Drug trafficking •
Cyber terrorism • Cyber warfare
17. اإللكترونيين المناضلين على أمثلة
• WikiLeaks / Government Secrets
• Anonymous / Anti-cyber-surveillanc, Anti-cyber-
censorship, Internet activism, Internet trolling,
Internet vigilantism
• Hacktivismo
• UGNazi (Kawai Hitler)
• Milw0rm
• NullCrew
Hacktivism is the use of computers and
computer networks to promote political
ends, chiefly free speech, human rights,
and information ethics.
Website defacements • URL redirections
• DoS • information theft
18. اإللكتروني التجسس على أمثله
According to a report from the computer security firm Mandiant
Unit 61398 of the Chine's People's Liberation Army (PLA),
this unit is also known by “Advanced Persistent Threat 1”
(APT1) and “Byzantine Candor”
Cyber espionage is the act of obtaining
secrets without the permission of the
holder of the information for personal,
economic, political or military advantage.
Hacking • Cracking protection
19. الصين هجمات على أمثلة
In 2009 China apparently stole the plans for the
most advanced U.S. fighter jet, the F-35
Hacked Google, Intel, Adobe, and RSA’s
SecureID authentication technology — with
which it then targeted Lockheed Martin,
Northrop Grumman, and L-3 Communications
Department of Homeland Security (DHS)
reported in 2013 that 23 gas pipeline companies
were hacked
China allegedly stole the blueprints for the
Australian Security Intelligence Organization’s
new $631 million building
20. روسيا هجمات على أمثلة
In 2007 Mass cyber attacks against Estonian
government, banks, corporate websites for
moving a Soviet-era statue (The Bronze Soldier
of Tallinn)
The Second (1997–2001) During this conflict
Russia used the cyberspace to engage in
Information Operations to control and shape
public perception
The Russia-Georgia War (2008) Russia lunched
highly coordinated cyber campaign against
Georgian government websites as well as other
strategically valuable sites, including the US and
British embassies
In 2008, Russia was the suspect of an attack on
the US Central Command (CENTCOM), delivered
through an infected USB drive
21. إيران هجمات على أمثلة
The “Cutting Sword of Justice” used the
“Shamoon” to wipe clean 30k of Aramco’s PCs
In 2012 a group called Izz ad-Din al-Qassam
launched “Operation Ababil,” a series of DDoS
attacks against many U.S. financial institutions
In 2010, the “Iranian Cyber Army” disrupted
Twitter and the Chinese search engine Baidu,
redirecting users to Iranian political messages
In 2011, Iranian attackers compromised a Dutch
digital certificate authority, after which it issued
more than 500 fraudulent certificates for major
companies and government agencies
24. مراجع و كتب
Underground Culture الخفي العالم(السفلي)
• Approaching Zero: The Extraordinary Underworld of Hackers, Phreakers, Virus Writers, and
Keyboard Criminals by Paul Mungo and Bryan Clough
• At Large: The Strange Case of the World's Biggest Internet Invasion by David Freedman and Charles
Mann
• The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll
• Cyberpunk: Outlaws and Hackers on the Computer Frontier by Katie Hafner and John Markhoff
• The Cyberthief and the Samurai by Jeff Goodell
• The Fugitive Game: Online with Kevin Mitnick by Jonathan Littman
• The Hacker Crackdown: Law And Disorder On The Electronic Frontier by Bruce Sterling
• Hackers: Heroes of the Computer Revolution - 25th Anniversary Edition by Steven Levy
• Masters of Deception: The Gang That Ruled Cyberspace by Michele Slatalla and Joshua Quittner
• Out of the Inner Circle: The True Story of a Computer Intruder Capable of Cracking the Nation's Most
Secure Computer Systems (Tempus) by Bill Landreth
• Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw - By
the Man Who Did It by John Markhoff and Tsutomu Shimomura
• The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen by Jonathan Littman
• Where Wizards Stay Up Late: The Origins Of The Internet by Katie Hafner
A weekly podcast for security
latest security issues, hosted by
Steve Gibson and Leo Laporte
31. المفاهيم بعضالخاطئة
Compliance means security
Security is too expensive
Basic security is enough
No body is thinking about hacking us or We
survived without security
I will deal with it when it happens
Security is an IT department issue
الحماية تحقيق يقتضي اإللتزام تحقيق
ًاجد عالية المعلومات أمن تكلفت
المعل أمن بتحقيق جديران الفيروسات مضاد و الناري الجدارومات
ي أحد يوجد ال كذلك و ًاسابق نحتاجه لم ألننا إليه نحتاج الهم
الختراقنا
حدوثها وقت المشكلة مع نتعامل سوف
المعلومات تقنية إدارة عاتق على يقع المعلومات أمن
Security is too complicated ًاجد معقد المعلومات أمن
<inset tool here> and all your problems will be
solved
أمن زيادة يعني الشبكة في األمنية الحلول و األدوات زيادة
المعلومات
Anton Gelonkin (born c. 1964) was a Russian bank chairman who disappeared during the 1995 collapse of the Moscow City Bank[1] and later convicted of running an international organised internet based fraud in 2006
Avalanche (commonly known as the Avalanche Gang) is a criminal syndicate involved in phishing attacks. In 2010, the Anti-Phishing Working Group (APWG) reported that Avalanche had been responsible for two-thirds of all phishing attacks in the second half of 2009, describing it as "one of the most sophisticated and damaging on the Internet" and "the world's most prolific phishing gang".[1] The name "Avalanche" also refers to the network of websites and systems which the gang uses to carry out its attacks.
DarkMarket was an English-speaking internet cybercrime forum created by Renukanth Subramaniam in London that was shut down in 2008 after FBI agent J. Keith Mularski infiltrated it using the alias Master Splyntr, leading to more than 60 arrests worldwide.[1] Subramaniam, who used the alias JiLsi, admitted conspiracy to defraud and was sentenced to nearly five years in prison in February 2010.[2] The website allowed buyers and sellers of stolen identities and credit card data to meet and conduct criminal enterprise in an entrepreneurial, peer-reviewed environment.[3] It had 2,500 users at its peak.[4]
The Legion of Doom (LOD) was a hacker group active from the 1980s to the late 1990s and early 2000. Their name appears to be a reference to the antagonists of Challenge of the Superfriends. LOD was founded by the hacker Lex Luthor, after a rift with his previous group the Knights of Shadow.
Leonid Aleksandrovitch Kuvayev, (born 13 May 1972), who usually goes by the name of Leo, is a Russian/American spammer[1] believed to be the ringleader of one of the world's biggest spam gangs. In 2005, he and six business partners were fined $37 million as a result of a lawsuit brought by the Massachusetts attorney general.[2] It was found that they were responsible for millions of unsolicited e-mails per day. According to Spamhaus he could be the "Pharmamaster" spammer who performed a denial-of-service attack (DDoS) against the BlueSecurity company. Kuvayev is also behind countless phishing and mule recruiting sites hosted on botnets.
Masters of Deception (MOD) was a New York-based group of hackers, most widely known in media for their exploits of telephone company infrastructure and later prosecution, as well as being the subject of the book Masters of Deception: The Gang That Ruled Cyberspace by Josh Quittner.
The Russian Business Network (commonly abbreviated as RBN) is a multi-faceted cybercrime organization, specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet.[1][2][3] The RBN, which is notorious for its hosting of illegal and dubious businesses, originated as an Internet service provider for child pornography, phishing, spam, and malware distribution physically based in St. Petersburg, Russia. By 2007, it developed partner and affiliate marketing techniques in many countries to provide a method for organized crime to target victims internationally.[4]
ShadowCrew was a cybercrime message board (forum) that operated under the domain name ShadowCrew.com between August 2002 - October 2004.[1]
Silk Road was an online black market. It was operated as a Tor hidden service, such that online users are able to browse it anonymously and securely without potential traffic monitoring. The website launched in February 2011; development had begun six months prior.[6][7] Long held as part of the deep Web,[8] Silk Road is an underground website,[9] sometimes called the "Amazon.com of illegal drugs"[10] or the "eBay for drugs."[11]
2009, China apparently stole the plans for the most advanced U.S. fighter jet, the F-35 (Gorman, S., Cole, A. & Dreazen, Y. (21 Apr 2009) “Computer Spies Breach Fighter-Jet Project,” The Wall Street Journal)
hacked Google, Intel, Adobe, and RSA’s SecureID authentication technology — with which it then targeted Lockheed Martin, Northrop Grumman, and L-3 Communications (Gross, M.J. (1 Sep 2011) “Enter the Cyber-dragon,” Vanity Fair)
Morgan Stanley, the U.S. Chamber of Commerce, and numerous banks have been hacked (Gorman, S. (21 Dec 2011) “China Hackers Hit U.S. Chamber,” Wall Street Journal ; and Ibid)
The New York Times, Wall Street Journal, Washington Post, and more have been targeted by advanced, persistent cyber attacks emanating from China (Perlroth, N. (1 Feb 2013) “Washington Post Joins List of News Media Hacked by the Chinese,” and “Wall Street Journal Announces That It, Too, Was Hacked by the Chinese,” The New York Times)
Department of Homeland Security (DHS) reported in 2013 that 23 gas pipeline companies were hacked (Clayton, M. (27 Feb 2013) “Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage,” The Christian Science Monitor)
In 2006, Chinese cybercriminals targeted the UK House of Commons (Warren, P. (18 Jan 2006) “Smash and grab, the hi-tech way,” The Guardian)
China allegedly stole the blueprints for the Australian Security Intelligence Organization’s new $631 million building (“Report: Plans for Australia spy HQ hacked by China,” (28 May 2013) Associated Press)
In 2007, Russia was the prime suspect in cyber attacks against Estonia for moving a Soviet-era statue (The Bronze Soldier of Tallinn), attacks such as Distributed denial of service (DDoS) attacks on government, banks, corporate websites; website defacement (Geers K. (2008) “Cyberspace and the Changing Nature of Warfare,” Hakin9 E-Book, 19(3) No. 6; SC Magazine (27 AUG 08) 1-12)
The Second Russian-Chechen War (1997–2001) During this conflict Russia used the cyberspace to engage in Information Operations to control and shape public perception (Inside Cyber Warfare: Mapping the Cyber Underworld: Jeffrey Carr)
The Russia-Georgia War (2008) Russia lunched highly coordinated cyber campaign against Georgian government websites as well as other strategically valuable sites, including the US and British embassies (Inside Cyber Warfare: Mapping the Cyber Underworld: Jeffrey Carr)
in 2008, Russia was suspected in what U.S. Deputy Secretary of Defense William Lynn called the “most significant breach of U.S. military computers ever”—an attack on Central Command (CENTCOM), delivered through an infected USB drive (Lynn, W.J. (2010) “Defending a New Domain: The Pentagon’s Cyberstrategy,” Foreign Affairs 89(5) 97-108)
In 2012, Russian security firm Kaspersky Lab announced the discovery of “Red October,” a cyber attack campaign that spied on millions of citizens around the world, but chiefly within the former Soviet Union. Targets included embassies, research firms, military bases, energy providers, nuclear agencies, and critical infrastructure (Lee, D. (14 Jan 2013) “’Red October’” cyber-attack found by Russian researchers,” BBC News)
In 2013, researchers found malware on millions of Android devices in Russia and in Russian-speaking countries (Jackson Higgins, K. (3 Aug 2013) “Anatomy of a Russian Cybercrime Ecosystem Targeting Android,” Dark Reading)
In 2012, Iran appears to have chosen the first option. A hacker group called the “Cutting Sword of Justice” used the “Shamoon” virus to attack the Saudi Arabian national oil company Aramco, deleting data on three-quarters of Aramco’s corporate PCs (including documents, spreadsheets, e-mails, and files) and replacing them with an image of a burning American flag. (Perlroth, N. (23 Oct 2012) “In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back,” The New York Times)
In 2012 a group called Izz ad-Din al-Qassam launched “Operation Ababil,” a series of DDoS attacks against many U.S. financial institutions including the New York Stock Exchange (Walker, D. (8 Mar 2013) “Hacktivists plan to resume DDoS campaign against U.S. banks,” SC Magazine)
In 2010, the “Iranian Cyber Army” disrupted Twitter and the Chinese search engine Baidu, redirecting users to Iranian political messages (Wai-yin Kwok, V. (13 Jan 2010) “Baidu Hijacked By Cyber Army,” Forbes)
In 2011, Iranian attackers compromised a Dutch digital certificate authority, after which it issued more than 500 fraudulent certificates for major companies and government agencies (Charette, R. (9 Sep 2011) “DigiNotar Certificate Authority Breach Crashes e-Government in the Netherlands,” IEEE Spectrum)
SEA has hacked Al-Jazeera, Anonymous, Associated Press (AP), BBC, Daily Telegraph, Financial Times, Guardian, Human Rights Watch, National Public Radio, The New York Times, Twitter,
2011, University of California Los Angeles website defaced
2011, Harvard University website defaced
2012, SEA took down LinkedIn
2013 SEA hijacked the Associated Press Twitter account and falsely claimed the White House had been bombed and President Barack Obama injured
2014, SEA hacked the DNS of Facebook
14 February 2014, SEA hacked the Forbes website