Lajeen BLOG
  • Home
  • Download
  • Social
  • Features
    • Lifestyle
    • Sports Group
      • Category 1
      • Category 2
      • Category 3
      • Category 4
      • Category 5
    • Sub Menu 3
    • Sub Menu 4
  • Contact Us

 The reason why I chose Kevin Mitnick to write about in my case study is that, his radical change from the past to the present is engrossing. To illustrate, his past was a dark past full of trials and has a list of accusations. However, now Kevin is a confided in a security consultant to the Fortune 500 and governments around the world. Furthermore, as the CEO of Mitnick Security Consulting, Kevin, and The Global Ghost Team™ currently keep a 100% effective history in their capacity to infiltrate the security of any system they're paid to hack, utilizing a blend of technical exploits and social engineering. Not only that but also in his job as Chief Hacking Officer of KnowBe4 he supports and helps produce the world's #1 security awareness preparing and stage to prepare representatives to all the more likely deal with the pressing IT security issues of social engineering, skewer phishing and ransomware attacks (mitnicksecurity,2020).


Kevin Mitnick is a master of social engineering, he claims that he dominated affecting individuals and gave himself the title of Social Engineer. He asserts he had a characteristic inclination for it: his dad's side of the family was in the business for years, and the art of influence and persuasion was in their blood. Combined with his natural inclination for deceiving people, he was bound to turn into a productive social engineer. He found this normal tendency at a youthful age during his bus ticket trick. And later, he practised the skill by using deception, specific language, and manipulation to get what he wanted(KOSTIC,2020). As a result of having this experience, he wrote a book about social engineering that titled The Art of Human Hacking. It is a fascinating and engrossing book on an important topic. Kevin Mitnick takes the peruser on a fabulous excursion of the numerous parts of social engineering. Since social engineering is such a people-oriented topic, an enormous piece of the book is dedicated to sociological and psychological subjects. This is an important area, as far too many technology books focus on the hardware and software elements, completely ignoring the people element (Battah,2010). The social engineer can then use that gap to their advantage. That is all what the author intended to identify in his book.


 (Battah,2010)





Kevin Mitnick had many relationships with other hackers like Adrian Lamo and Kevin Lee Poulsen. They all have a long and peculiar history together. They all were convicted of felonies relating to computer hacking:  Poulsen in 1994 (when he was sentenced to 3 1/2 years in prison, ironically because a friend turned government informant on him, and Lamo in 2004 for hacking into The New York Times. At the point when the U.S. Government was researching Lamo in 2003, they summoned news organizations for any reports reflecting discussions with Lamo as well as with Poulsen and Mitnick. That's because Lamo typically sought media publicity after his hacking adventures, and almost always used Poulsen to provide that publicity (GREENWALD,2010). 

Notwithstanding being sentenced for genuine hacking lawful offences, Poulsen was permitted by the U.S. Government to turn into a columnist covering the hacking scene for Security Focus News. Back in 2002, Information Week portrayed the bizarre Lamo-Poulsen relationship thusly: "To broadcast his work, [Lamo] frequently tapped ex-programmer turned-columnist Kevin Poulsen as his go-between: Poulsen contacts the hacked organization, makes it aware of the break-in, offers Lamo's collaboration, at that point reports the hack on the SecurityFocus Online Web website, where he's a news manager.  When Lamo hacked into the NYT, it was Poulsen who advised the paper's chiefs for Lamo's benefit, and afterwards expounded on it a while later. Poulsen disclosed to me that the above picture was taken at a lunch both of them had along with sentenced programmer Kevin Mitnick back in 2001 as he was his advisor (GREENWALD,2010). 


(GOODIN,2012)




References: 

MITNICKSECURITY (2020) Who is Kevin Mitnick?. [Online] MITNICKSECURITY. Available from: About Kevin Mitnick | Mitnick Security[Accessed 31/05/21].

KOSTIC, M (2020) The story of Kevin Mitnick - The most famous hacker in the world. [Online] CRIMINAL. Available from: The story of Kevin Mitnick - The most famous hacker in the world | Criminal (vocal.media)[Accessed 31/05/21].

BATTAH, K (2010) Book Review: Social Engineering The Art Of Human Hacking. [Online] BLUEKAIZEN. Available from: Book Review: Social Engineering The Art of Human Hacking | BlueKaizen[Accessed 02/06/21].

GOODIN, D (2012) Turncoat hackers: a brief history of snitching in high-tech dragnets. [Online] ARSTECHNICA. Available from: Turncoat hackers: a brief history of snitching in high-tech dragnets | Ars Technica [Accessed 04/06/21].

GREENWALD, G (2010) The strange and consequential case of Bradley Manning, Adrian Lamo and WikiLeaks. [Online] SALON. Available from: The strange and consequential case of Bradley Manning, Adrian Lamo and WikiLeaks | Salon.com [Accessed 04/06/21].

 Kevin was the most elusive PC hacker expert ever. His acclaimed 'electronic joyride' made him into the FBI's most wanted name for hacking into in excess of 40 significant enterprises, just for the challenge of it (mitnicksecurity,2020). His beginnings were from childhood when his parents divorced, he has spent all his time alone duo to his mother working long shifts as a waitress. Consequently, the absence of his mother role led him to have sufficient freedom to explore the whole of Los Angeles. Thus, that was the turning point for him, portending his future in hacking. He managed to figure out how to "bust" the bus stop's security system, and get his fries free of charge, anyplace in LA. His first genuine hacking experience happened during his high school years. Therefore, he and some colleagues got familiar with "telephone phreaking," and immediately figured out how to get any data telephone organizations had on their clients. It didn't take him long to get assimilated in everything identified with phones and become as capable as some other phone organization worker(KOSTIC,2020).

(HAHN, 2015)


At age 16, Kevin Mitnick accessed the organization of DEC (Digital Equipment Corporation). This DEC system was utilized for the advancement of an early operating system that was utilized for 16-bit minicomputers. Kevin Mitnick duplicated the entirety of the files from the system yet didn't do anything noxious with the information. All things considered, Kevin Mitnick was charged and condemned to 1 year in jail in 1988. After he escaped jail, he was on a supervised release program for three years(Jones,2019). On February 15, 1995, the FBI at long last found Kevin to his home in Raleigh, North Carolina. He was captured and accused of government offences identified with PC hacking, including wire fraud, which he had led for 2 and a half years. The police discovered numerous cloned cell phones and false ID with him (thefamouspeople,2020). Mitnick, at that point, 31, who had been breaking into correspondences organizations and misleading free calls since he was a young person during the 1980s, gone through five years in jail, and a year for isolation(CHUANG,2018). 


(DUNN, 2015)









References:


JONES, F (2019) Kevin Mitnick – The Most Infamous Hacker of All Time. [Online] CYBEREXPERTS. Available from: Kevin Mitnick - The Most Infamous Hacker of All Time - CyberExperts.com [Accessed 30/05/21].

 KOSTIC, M (2020) The story of Kevin Mitnick - The most famous hacker in the world. [Online] CRIMINAL. Available from: The story of Kevin Mitnick - The most famous hacker in the world | Criminal (vocal.media) [Accessed 30/05/21].

MITNICKSECURITY (2020) Who is Kevin Mitnick?. [Online] MITNICKSECURITY. Available from: About Kevin Mitnick | Mitnick Security [Accessed 30/05/21].

THEFAMOUSPEOPLE (2020) Kevin Mitnick Biography. [Online] THEFAMOUSPEOPLE. Available from: Kevin Mitnick Biography – Facts, Childhood, Achievements (thefamouspeople.com) [Accessed 30/05/21].

HAHN, J (2015) The Stories Behind 15 of the Most Dangerous Hackers Ever. [Online] COMPLEX. Available from: The Stories Behind 15 of the Most Dangerous Hackers Ever | Complex [Accessed 30/05/21].

DUNN, M (2015) Once the world’s most wanted hacker, Kevin Mitnick now helps companies combat attacks. [Online] NEWS. Available from: Kevin Mitnick: FBI’s most wanted hacker on social engineering (news.com.au) [Accessed 30/05/21].

CHUANG, T (2018) Kevin Mitnick was the FBI’s most wanted hacker in the ’90s. He was hiding in plain sight in Denver. [Online] DENVERPOST. Available from: Kevin Mitnick was the FBI’s most wanted hacker in the ’90s. He was hiding in plain sight in Denver. – The Denver Post [Accessed 30/05/21].


The art of hacking has been in development for many years. The heyday of hacking was before the Internet even existed. However, who is the most dangerous hacker of all time, and whose name could not be forgotten by the history? Kevin Mitnick is described as cyberspace's most wanted. He was the most elusive computer break-in artist in history, as well as one of the FBI's most wanted hacker in the 90s(Jones,2019). Perhaps some of you have not heard about him. Nevertheless, the paradigm shift of his situation recently made him into fame. This case study will discuss his followed experience in cyber attacks and his life between the past and the present. 




(Kostic, 2020)




References:

KOSTIC, M (2020) The story of Kevin Mitnick - The most famous hacker in the world.[Online] CRIMINAL. Available from: The story of Kevin Mitnick - The most famous hacker in the world | Criminal (vocal.media) [Accessed 28/05/21].


JONES, F (2019) Kevin Mitnick – The Most Infamous Hacker of All Time. [Online] CYBEREXPERTS. Available from: Kevin Mitnick - The Most Infamous Hacker of All Time - CyberExperts.com [Accessed 28/05/21].

 

(Author's work)




The diagram indicates how DDoS attacks occur. It starts with building the botnet by utilization a vulnerability in a system, called the DDoS master to infect it with malware. Subsequently, the DDoS master will start spreading the malware, and in this phase, other vulnerable devices will be infected to make them join the botnet. Then, the infected devices will spread the malware. However, the number of devices in a botnet can be extremely high. Once the attacker intends to launch the attack toward the victim, the number of attack traffic from the botnet will be known (ruggedtooling,2018).








Reference:


RUGGEDTOOLING(2018) What are DDoS attacks?. [Online] RUGGEDTOOLING. Available from: What are DDoS attacks? - Rugged Tooling  [Accessed 28/05/21].

 

(Author's Work)


The displayed diagram illustrates the process of spreading malware. Firstly, malware arrives on your system via several methods, such as USB drives, malicious attachments, malicious websites and download rogue software program(MINHAS,2021). Then when the click or installation occurs, the malicious code executes actions that the user doesn't anticipate or intend, which leads to the spreading of malware in your system(Nationwide, 2018). Therefore, there are subtle and blatant signs that will tell you if it has entered your PC(Spamlaws,2019). For example, you start seeing an excessive number of pop-up ads. In addition, your PC's operating system slows down significantly. As well as you will receive a many of spam in your email. Furthermore, your computer completely crashes and you are unable to access your antivirus program to remove the malware (Spamlaws,2019).






References:

SPAMLAWS (2019) How Malware Works. [Online] SPAMLAWS. Available from: What Is Malware and How Does It Work? (spamlaws.com) [Accessed 27/05/21].


MINHAS, S (2021) What Is Malware and How Does It Work?. [Online] MAKEUSEOF. Available from:What Is Malware and How Does It Work? (makeuseof.com) [Accessed 27/05/21].


NATIONWIDE (2018) Understanding, recognizing and preventing malware. [Online] NATIONWIDE. Available from: What is Malware and How Does it Work – Nationwide [Accessed 27/05/21].

 What is Malware Analysis process?

Malware analysis is the way toward understanding the conduct and purpose of a suspicious file or URL, The output of the analysis helps in the identification and moderation of the possible danger (Baker,2020). 




What are the types of Malware Analysis?

• Static Analysis: you need a solid comprehension of programming and x86 assembly language concept. During the static analysis process, you don't need to execute the malware. For the most part, the source code of malware samples isn't readily available. You need to do dismantling and decompiling first, and after effectively performing figuring out you can investigate the low-level assembly code. Most malware analyses play out a static analysis at a previous stage in the malware analysis process since it is more secure than dynamic analysis. The challenge in static analysis is the intricacy of present-day malware, where a portion of the malware carries out anti-debugging systems to forestall malware analysts from analysing the bits of code (packtpub,2020).

• Dynamic Analysis: (behaviour analysis) is a process in malware analysis that plays out an execution of the malware itself and notices the malware movement. It likewise notices the progressions that happen when the malware is being executed. Infecting a system with malware from the wild can be extremely risky.  Malware infection on your system can cause damage to your system such as file deletion, change in registry, file modification, stealing confidential data/information, etc. When performing malware analysis, you need a protected environment and the network should not connect to production networks (packtpub,2020).






What are the benefits of Malware Analysis?

• Pragmatically triage incidents by level of severity (Baker,2020). 

• Reveal hidden indicators of compromise (IOCs) that ought to be impeded (Baker,2020). 

• Improve the efficacy of IOC alarms and notices (Baker,2020). 

• Advance setting when threat hunting (Baker,2020). 




Why Malware Analysis is important?

In case you're a vigilant Windows user, you sometimes may see a document with a weird or dubious name that you'd prefer to explore. Or in case you're an ethical hacker or are on the incident response team of an organization you might be entrusted with investigating files to decide if they're legitimate or malicious. In any case, you need an approach to have the option to separate great code and software from malicious varieties (Mukherjee,2020).





What are the four stages of Malware Analysis? 

At the point when you learn how to read and understand code, you do so gradually. Malware analysis is a lot of something very similar.  It’s a process that you approach through a series of formulated steps that become progressively perplexing the further you go. There are four phases to malware analysis, regularly outlined using a pyramid diagram that expands in intricacy as you go further into the cycle. For ease, we'll separate every one of the four phases of malware analysis from the beginning (Mukherjee,2020).

(Mukherjee,2020)






What is the process of Malware Analysis?

The shown diagram below is demonstrated the process of Malware Analysis:



(Kara,2019)








References:

PACKTPUB (2020) Malware analysis methodologies. [Online] PACKTPUB. Available from: Malware analysis methodologies - Cuckoo Malware Analysis (packtpub.com) [Accessed 26/05/21].

MUKHERJEE, L (2020) Intro to Malware Analysis: What It Is & How It Works. [Online] INFOSECINSIGHTS. Available from: Intro to Malware Analysis: What It Is & How It Works | InfoSec Insights (sectigostore.com) [Accessed 26/05/21].

BAKER, K (2020) Malware analysis. [Online] CRODSTRIKE. Available from: Malware Analysis Explained | Steps & Examples | CrowdStrike [Accessed 26/05/21].

KARA, I (2019) A basic malware analysis method. [Online] RESEARCHGATE. Available from: CyberFraud.pdf [Accessed 26/05/21].




 In this post, I will analyse the rest of the survey questions, which are related to my project theme (Cyber Threats). 





In the first question, having been asked if they have been exposed to cyber threats before or not. The result is shown above more than half of them answered NO, which means a satisfying result. However, some of them doubt that with around 20% share. Then, the percentage of those who have been faced cyber attacks represents almost 12% which considered a negligible proportion.






The next question allocated for those who answered YES in the previous question. I asked them to mention the attacks and the reasonable answers are delimited in the red rectangles in the above image.






Then, the following question indicates if individuals are aware of cyber threats risks or not. Impressively, more than half of them believe that 'cyber threats pose a significant risk to us'. Therefore, most of them are aware of its hazards.






The bar chart above demonstrates if individuals believe that fraudsters are targeting financial targets. Thus, more than half of them agree with that 'who chose 4 and 5' (31.7% + 24.4% = 56.1%) which also corresponds with my research essay.








In this question, I intended to see the consciousness of checking the security of the website. As it is shown, the percentage of those who said YES outweighs the rest options with  43.9%. While who do not care about the security or maybe do not know about its importance (who chose NO) took around 30%. Lastly, around the quarter of the participants were do not know if check the security or not.








As you can see here, the result demonstrates more than half of the participants use antivirus on their computers. However, around 27% of them surely does not use it and almost 15% are not sure.










The result of this question was percussive, as around the quarter are using a weak and easy password, due to it is the easiest way to protect your device from cyber attacks. Nevertheless, there are some aware people who use complex passwords and they took almost 60%.







To know if the participant encountered phishing attempts I asked the above question and the result emphasis that the exposure rate to phishing attempt is high approximately with 40% of the participants. The rest of them were not sure or have not received anonymous emails. 








The last question shows how people trust the safety of social media. Foruentally, the highest percentage for those who chose they DO NOT think it is safe, while there are some of people who trust social media and that took around 30%. 




In conclusion, it was obvious that the majority of the participants are conscious of the riskiness of cyber threats. Despite a notable number of them are not aware and vigilant of protecting their devices by using antivirus or complex password and etc...

After waiting for responses, I have received 41 responses to my questionnaire. In this post, I will analyse the result of the demographic questions precisely. 







 The pie chart above illustrates the age group of the participants in my survey. It is obvious that the majority of the participants were youth, who are between 18 - 25 with almost 70%. Then approximately 12 % of 25-30 age group. lastly, above 30 has taken around 10 %.











As you can see, the pie chart demonstrates the gender percentage. Overwhelmingly, females have taken the highest rate with approximately 80%. While men presented 17%.












The last demographic question shows participants countries. It could be seen the Middle East taking the largest proportion with 80 %. Subsequently, Aisa has taken around 10 % of the participants.





In conclusion, I have found the majority of the participants in my survey were between 18-25, as well as females outnumber men and most of them were from Middle East countries.

 There are many ways to create a survey. However, Google Drive Forms is recommended due to the ease of use and absorption of a large number of questions. 


 

Firstly, I added an image that is related to my project theme ( Cyber Threats ) as shown in the above picture 'look at number 1 . In addition, I write the title of the survey 'look at number 2' and a describtion that metioned the purpose of the survey and who has done it and emphasised that the participation in this survey is voluntary 'look at number 3'.








 I started with demographic questions, it is essential to give me some details about individuals to analyse the response accurately. You can see the questions below:



















For the next section, I worked on the questions related to my research







The first question in the research part is looking forward to identifying the percentage of individuals who have been exposed to cyber threats. And just below the question, there is an optional question to write the attack kind.











The next questions used a linear scale method to answer the questions. The first one as displayed above, aims to identify how much individuals are aware of cyber threats risks. The purpose of the second one is to see if they agreed with my research essay I have done, which stated that ' the main purpose of cyber attacks is financial aims'. 





Then the rest of the survey is about measuring individuals protection methods, such as using a complex password, using antivirus software, check the security of the website and so on. 





Then, the questionnaire publication phase:

In order to guarantee an accurate result, I tried to publish my survey in several ways to reach a variety of opinions and answers of individuals. Therefore, I sent the link of the survey via WhatsApp to the group of DMUIC computing, as well as to my acquaintance.




SURVEY LINK:  https://forms.gle/NTjKGB5RdjRYgWn56

 In order to promote the credibility of the research, using a questionnaire could be an assistant method. Here are the questions I have created about my major theme ( Cyber Threats).


1-    

         1-  What is your age group? 

sd        * 13>

           * 13 – 18

           * 18 – 25

           * 25-30

            * 30<

      


        2- What is your gender?

            * Male

            * Female

            * Prefer not to say



      3- Where are you from?

          * North America

          *South America

          *Europe

Pr       *Middle East

           *Asia

           *Other



      4- Have you been exposed to cyber threats before?

             *Yes

             *No

             *Maybe

              *I do not know 



      5-  (If your answer was yes) What was the attack?

         .............................



      6- To what extent do you think cyber threats pose a significant risk to us?

               1            2             3            4             5



      7- To what extent do you think the major purpose of cyber threats is a financial one?

               1              2             3              4            5



       8- Do you check the website security before visiting?

                    * Yes

                    *  No

                    * Sometimes

                     * Not sure



        9- What kind of password do you usually create?

                       *Complex and unique

                       *Weak and easy 

                        *Not sure

 ?

                   

         10 - Have you received anonymous e-mails?

                   *Yes 

                   *No 

                   *Not sure


         11-Do you think social media preserves privacy and considered as a reliable source?

                    *Yes

                     *No

                     *Not sure



         12 - Do you use antivirus software on your computer/ laptop?

                    *Yes

                     *No

                     *Not sure


Newer Posts Older Posts Home

ABOUT ME



I could look back at my life and get a good story out of it. It's a picture of somebody trying to figure things out.

POPULAR POSTS

Contact Form

Name

Email *

Message *

Lajeen BLOG
Powered by Blogger.


CYBER SECURITY




Report Abuse

  • Home
  • Features
  • _post format
  • _error page
  • Beauty
  • Fashion
  • Lifestyle
  • Contact
  • Buy now

Search This Blog

Blog Archive

  • June 2021 (8)
  • May 2021 (10)
  • April 2021 (12)
  • Home
  • Features
  • _DropDown
  • __DropDown 1
  • __DropDown 2
  • __DropDown 3
  • _ShortCodes
  • _SiteMap
  • _Error Page
  • Learn Blogging
  • Documentation
  • Video Documentation
  • Download This Template
  • Download This Template

Footer Menu Widget

  • Home
  • About
  • Contact Us

Social Plugin

Workspace

Instagram


Contact




About Me

Lajeen saleh
View my complete profile
  • Home
  • About
  • Contact

Slider

5/random/slider

A Team Of Awesome People

We are a creative web design agency who makes beautiful websites for thousands of peoples.

Advertisement

Main Ad

Subscribe Us

Popular Posts

  • Academic Paper Summary - World of Cyber Security and Cybercrime
  • Kevin Mitnick - Method

Designed by OddThemes | Distributed By Gooyaabi Template