Ransomware Research Paper Example | Topics and Well Written Essays - 750 words

Ransomware - Research Paper Example The way the ransomware attacks a computer system is similar to the way a computer worm operates. This means that a ransomware uses the route of downloaded data and it may even enter a computer system through a network that is vulnerable against such attacks and is not properly secured. Ransomware developers use payload to password protect personal files of a user, encrypt data that is textual in nature or minimize the users communication with his/her personal computer by displaying notices that the system has been used for illegal purposes, it even overrides files in the windows registry area such as the file of explorer.exe or restrict the user from being able to use the system until the user has not repaired the entire system. The system of coercing the computer user through display of messages is regarded as scareware. The first ever created ransomware was created by Joseph Popp who named his ransomware as PC Cyborg Trojan (Emm, 2008, p.15). In this ransomware the developer had developed a payload that used to state that the license of a particular software has been expired and the ransomware even used to password protect the softwares on the hardrive and use to coerce the user into paying an amount of $189 to the developer if the user wanted to reuse the software or unlock the encrypted system. Josephy was caught by the criminal justice system and he was recognized as mentally unfit, Josephy gave his earned money to help in funding AIDS related research. During the season of 2010, ten people were arrested by the local authorities of Russia for developing a ransomware named as WinLock (Celtnet, 2012). This ransomware was indulged in the act of displaying images that were pornographic in nature and used to coerce the users into sending a premium rate text message which was priced at $10 in order if the users wanted to unlock their computer systems through a code. The developers of this ransomware earned more than $16 million; this ransomware did not use the technique of encrypting files and computer systems. During the year of 2012 a huge ransomware named as Reveton which was even recognized with the nick name of Police Trojan started spreading in US. This ransomware displayed a message on the user’s pc stating that the law enforcement organizations have detected illegal activities conducted on the computer system. For example: viewing and downloading of softwares that are pirated in nature and downloading of pornographic material. The playload used by this ransomware required users to reimburse the authorities by utilizing a voucher from an unknown cash service that was prepaid in nature. To increase the fear of the law enforcement agency, the developers used to display the IP address used by the user and the ransomware even showed the users that the intelligence agenc ies are recording their activities. During the month of August 2012, the developers of Reveton attacked US computer system and the message displayed by the playload stated that the user has to compensate for their illegal activities by paying a total of $200 to the FBI through MoneyPack card (PERLROTH, 2012). Defense Several methods have been identified by security software developers and other software develope

Types of Personality Essay Example for Free

Types of Personality Essay According to the test, my personality type is ENFJ (Extraverted Intuitive Feeling Judging). For extraverted my percentage was 56, for Intuitive 38 percent, feeling was 50 percent and judging was 67. This numbers describe me as moderately expressed extravert, moderately expressed intuitive, moderately expressed feeling, and distinctively expressed judging. I believe this test is partially right. I’m easily sympathized for others. I don’t feel I judge a lot, so I think this part is not too accurate, unless I’m unaware of this personality. The extrovert part, I also believe this part is inaccurate because at times, I follow my instincts, but at others I rely on logic. My energy is primarily directed towards school and family. Those are the two most important things around me. Besides that, I like having fun with friends an going out, but that’s not occasional. My decisions are made based on environmental factors and cognitive factors. I think that depending on your beliefs and what is going on around you the decision changes. So depending on my surrounding and cultural background, my decision varies. (Pg 458) The ways I process information is by understanding the subject of something and not only try to memorize it but learn it. I do this a lot when studying for tests. Also when working with something, when I observe someone do something, I have to try it to learn it. I have one type of personal organization, long term plan. I plan my future, for example graduating from school and going to school of medicine. I don’t frequently organize my short term plans. They just happen as life goes on. I sometimes do, but it has to be something very important.

The Basics Of Trapdoor Hacking Information Technology Essay

The Basics Of Trapdoor Hacking Information Technology Essay For a programmer, trap doors make sense. If the programmer needs to modify the program sometime in the future, he can use the trap door instead of having to go through all of the normal, customer-directed protocols just to make the change. Trap doors should be closed or eliminated in the final version of the program after all testing is complete, but, intentionally or unintentionally, some are left in place. Other trap doors may be introduced by error and only later discovered by crackers who are roaming around, looking for a way into system programs and files. Typical trap doors use such system features as debugging tools, program exits that transfer control to privileged areas of memory, undocumented application calls and parameters, and many others. Trap doors make obvious sense to expert computer criminals as well, whether they are malicious programmers or crackers. Trap doors are an easy way to get into a system or to gain access to privileged information or to introduce viruses or other unauthorized programs into the system. Cases In 1993 and 1994, an unknown group of computer criminals repetitively broke into systems on the Internet using passwords captured by password sniffers. Once on the system, they exploited software flaws to gain privileged access. They installed modified login and network programs that allowed them reentry even if the original passwords were changed. In 1996, Philip Myers described the insertion and exploitation of back doors as subversion in his MSc thesis at the Naval Postgraduate School.   He pointed out that subversion, unlike penetration attacks, can begin at any phase of the system development life cycle, including design, implementation, distribution, installation and production. Donn B. Parker described interesting back-door cases in some papers (no longer available) from the 1990s.   For example, a programmer discovered a back door left in a FORTRAN compiler by the writers of the compiler. This section of code allowed execution to jump from a regular program file to code stored in a data file. The criminal used the back door to steal computer processing time from a service bureau so he could execute his own code at other users expense.   In another case, remote users from Detroit used back doors in the operating system of a Florida timesharing service to find passwords that allowed unauthorized and unpaid access to proprietary data and programs. Even the US government has attempted to insert back doors in code. In September 1997, Congress proposed legislation to ban domestic US encryption unless the algorithm included a back door allowing decryption on demand by law enforcement authorities moved famed Ron Rivest to satire.   The famed co-inventor of the Public Key Cryptosystem and founder of RSA Data Security Inc. pointed out that some people believe the Bible contains secret messages and codes, so the proposed law would ban the Bible. More recently, devices using the Palm operating system (PalmOS) were discovered to have no effective security despite the password function.   Apparently developer tools supplied by Palm allow a back-door conduit into the supposedly locked data. Dumpster Diving What is Dumpster Diving? Dumpster diving is a name given to a very simple type of security attack, which is scavenging through materials that have been thrown away, as shown below. This type of attack isnt illegal in any obvious way. If papers are thrown away, it means that nobody wants them, right? Dumpster diving also isnt unique only to computer facilities. All kinds of sensitive information ends up in the trash, and industrial spies through the years have used this method to get information about their competitors. http://oreilly.com/catalog/crime/chapter/f_02_01.gif Dumpster Diving in Process There is another type of computer-related trash that we might not consider. In the system itself are files that have been deleted, but that havent actually been erased from the system. Computers and users used only to save data, not destroying it, and sometimes some data is saved that shouldnt be saved. Electronic trashing is easy because of the way that systems typically delete data. Usually, deleting a file, a disk, or a tape doesnt actually delete data, but simply rewrites a header record. Using MS-DOS, for example, a file can be deleted via the DEL command, however, someone else can retrieve the contents of the file simply by running UNDELETE. System utilities are available that make it easy to retrieve files that may seem to be completely gone. Although there are methods for truly erasing files and magnetic media, most users who work on large systems do not take the time to erase disks and tapes when they are finished with them. They may discard old disks and tapes with data still on them. They simply write the new data over the old data already on the tape. Because the new data may not be the same length as the old, there may be sensitive data left for those skilled enough to find it. It is far safer to explicitly write over storage media and memory contents with random data and to degauss magnetic tapes. Cases One computer company in Texas that does business with a number of oil companies noticed that whenever a certain company asked them to mount a temporary storage (scratch) tape on the tape drive, the read-tape light would always come on before the write-tape light. The ingenious oil company was scavenging the tape for information that might have been put on it by competitors that used the tape before them. Trashing can have deadly consequences. When some old Department of Justice computers were sold off, they had on their disks information on the whereabouts of witnesses in the Federal Witness Protection Program. Although the data had been deleted, it had not been completely erased from the disk. The DOJ was able to get back some of the computers, but not all, and was forced to relocate the compromised families as a result. In 1991, spies posed as garbage collectors outside of a U.S. defense contractor executives home, dug through trash cans looking for information. One of the collectors was actually Frances consul general and claimed he was collecting fill for a hole in his yard. Upon investigation, the FBI determined that this operation was part of a French secret-searching mission, aimed at finding U.S. military or scientific information. Then in 1999, two key members of a group called the Phonemasters were convicted of theft and possession of unauthorized access devices and unauthorized access to a federal interest computer. This international group of cyber criminals had allegedly penetrated the computer systems of MCI, Sprint, ATT, Equifax and the National Crime Information Center. The Phonemasters skills had enabled them to download hundreds of calling card numbers and distribute them to organized crime groups around the world. Part of their method included dumpster diving and collecting old phone books and system manuals. These tools, combined with social engineering, led to the attacks on the mentioned systems. In 2000, in a widely publicized case, the CEO of Oracle, Larry Ellison, hired private investigators to dig through corporate dumpsters at Microsoft. This was an effort aimed at finding information about Microsofts possible development of grassroots organizations to support its side in an anti-trust lawsuit. One of the investigators unsuccessfully tried to pay off a member of the janitorial service in exchange for the garbage of one of these organizations. Ellison held that his actions were a civic duty, to uncover Microsofts secret funding of such groups, but his opponents assert that the incident was distasteful and scandalous. Microsoft complained that various organizations allied to it have been victimized by industrial espionage agents who attempted to steal documents from trash bins. The organizations include the Association for Competitive Technology in Washington, D.C., the Independent Institute in Oakland, California, and Citizens for a Sound Economy, another Washington D.C. based entity. Microsoft said, We have sort of always known that our competitors have been actively engaged in trying to define us, and sort of attack us. But these revelations are particularly concerning and really show the lengths to which theyre willing to go to attack Microsoft. Saying he was exercising a civic duty, Oracle chairman and founder Lawrence J. Ellison defended his company of suggestions that Oracles behavior was Nixonian when it hired private detectives to scrutinize organizations that supported Microsofts side in the antitrust suit brought against it by the government. The investigators went through trash from those organizations in attempts to find information that would show that the organizations were controlled by Microsoft. Ellison, who, like his nemesis Bill Gates at Microsoft, is a billionaire, said, All we did was to try to take information that was hidden and bring it into the light, and added: We will ship our garbage to Microsoft, and they can go through it. We believe in full disclosure. The only thing more disturbing than Oracles behavior is their ongoing attempt to justify these actions, Microsoft said in a statement. Mr. Ellison now appears to acknowledge that he was personally aware of and personally authorized the broad overall strategy of a covert operation against a variety of trade associations. During the year 2001, industrial espionage came to light concerning the shampoo market between fierce competitors Proctor Gamble and Unilever. Private Investigators hired by Proctor Gamble sifted through garbage bins outside of the Unilever corporation, succeeding in gathering viable information about market analysis, predictions and future products.[16] Upon legal action by Unilever, the two corporations settled out-of-court, because these actions broke Proctor Gambles internal policy on information gathering. Logic Bombs What is a Logic Bomb? Logic bombs are small programs or sections of a program triggered by some event such as a certain date or time, a certain percentage of disk space filled, the removal of a file, and so on. For example, a programmer could establish a logic bomb to delete critical sections of code if she is terminated from the company. Logic bombs are most commonly installed by insiders with access to the system. Logic bombs are a malicious programming code that is inserted into a network system or a single computer for the purpose of deleting data or creating other malicious acts on a specified date. A logic bomb works similar to a time bomb because it can be set to go off at a specific date. A logic bomb does not distribute malicious codes until the specified date is reached. How Logic Bombs Work Logic bombs are created by criminals who are well-versed in computer programming and are generally used to perform acts with malicious intent that threaten network security. The criminal acts include setting a virus to be released into a network system or PC at a specified date or other actions such as deleting or corrupting data and completely reformatting a computer hard drive. A logic bomb works through a code that is inserted into existing software on a network or in a computer where it will lie dormant until a specific event occurs such as a date or time or other command from the computer programmer. When the bomb finally releases the code it can delete files, send confidential information to unauthorized parties, wipe out databases, and disable a network for a period of days. Why a Logic Bomb is Used A logic bomb can be used by a disgruntled employee or other IT personnel that has the knowledge of how to program a logic bomb to threaten network security. Other than targeting a specific computer or network system, a logic bomb can also be used to demand money for software by creating a code that makes the software application into a trial version. After a specific period of time the user must pay a specified sum of money to continue to use the software. Logic bombs can also be used for blackmail and if the demand is not met, the logic bomb will detonate into a computer system or network to destroy data and perform other malicious acts that are included in the command codes. Logic bombs are fairly easy to create if you have a lot of knowledge in computer programming and they do not replicate like other malicious programs. For this reason, logic bombs are usually targeted to specific victims and will not spread to unintended victims. A logic bomb can be rather difficult to detect, however you can take security measures such as constantly monitoring the network system for any suspicious activity, using antivirus applications and other scanning programs that can detect any new activity in the data on a network system. The scanning systems should also monitor the entire network and the individual computers connected to the network. Cases A former system administrator for UBS PaineWebber, Roger Duronio, was charged in a New Jersey federal court on charges of sabotaging two-thirds of the companys computer systems. His alleged motive was to undermine the companys stock price and make a bunch of money in the process. He is alleged to have shorted over 30,000 shares of UBS stock prior to unleashing his attack which means the potential was there to make 30,000 times the amount by which the stock dropped when the media got wind of the attacks. In a recent stock manipulation case involving Emulex, shares fell 50 percent. Based on the trading range of UBS PaineWebber stock at the time of Duronios alleged attack, it is reasonable to say his profits could have exceeded half a million dollars. The flaw in Duronios alleged scheme was the obviously unexpected ability of UBS PaineWebber to prevent news of the attack getting out. This was quite a feat on the companys part because the logic bombs activated on about 1,000 of its nearly 1,500 computers and the malicious programs did actually delete files. Indeed, the company says attack cost it $3 million. In the end, the federal grand jury charged Duronio with one count of securities fraud and one count of violating the Computer Fraud and Abuse Act. Duronio was hit with up to 20 years in prison and fines of more than $1.25 million. In September 1990, Donald Burleson, a programmer at the Fort Worth-based insurance company, USPA, was fired for allegedly being quarrelsome and difficult to work with. Two days later, approximately 168,000 vital records erased themselves from the companys computers. Burleson was caught after investigators went back through several years worth of system files and found that, two years before he was fired, Burleson had planted a logic bomb that lay dormant until he triggered it on the day of his dismissal. Burleson became the first person in America to be convicted of harmful access to a computer. In early 2009, Timothy Allen Lloyd was sentenced to 41 months in prison for leaving behind malicious programs that deleted critical data from the servers of Omega Engineering, a high-tech measurement company that claimed the cost of the attack was $10 million. According to a report in the National Computer Security Association section on CompuServe, the Orlando Sentinel reported in January 1992 that a computer programmer was fined $5,000 for leaving a logic bomb at General Dynamics. His intention was to return after his program had erased critical data and get paid lots of money to fix the problem. In 1995, a disgruntled computer security officer at an insurance brokerage firm in Texas set up a complex series of Job Control Language (JCL) and RPG programs described later as trip wires and time bombs. For example, a routine data retrieval function was modified to cause the IBM System/38 midrange computer to power down. Another routine was programmed to erase random sections of main memory, change its own name, and reset itself to execute a month later.

Impact of transformational leadership on organizational learning Essay

Organizational Learning (OL) Literature reveals that OL improves the development by introducing new expertise, output or commercialism. Nonaka & Takuchi (1995) argued that learning is vital for product innovation which means that it is not limited to only acquisition and retention of knowledge but it is used to get the required outcomes. Knowledge oriented view of the organizations argue that knowledge and learning capacity influence the organizational performance and also direct the firm to achieve sustainable and continuous competitive advantage (Zhang, 2008). In last thirty years extensive research have been conducted on the OL and it has contributed a lot in the organizational development and change management, but still there is a little agreement on what is meant by the term OL and its nature. (Crossan, Lane & White, R.E, 1999; Huber, 1999 and Kim, 1993). The reason for this problem is that the OL has been studied by many disciplines and perspectives (Lopez, et al, 2006). According to (Argyris, 1995),† Learning occurs whenever errors are detected and corrected or when a match between intentions and consequences is produced for the first time.† (p.20). According to Huber (1991), when knowledge is acquired, information is spread, correctly analyzed, and recalled, organization learning eventually takes place. He further assumed that learning occurs in the organization if any of its unit acquires information useful to the organization. This is also supported by DeNisi & Griffin (2008) that â€Å"OL is the process by which the organization â€Å"learns† from past mistakes and adapts to its environment.† From these definitions, it is concluded that OL is a process whereby organization gets knowledge and removes the problem and adapts ... ...pply knowledge, then OL will be damaged, so organizations should have such compensation systems that motivate the employee to get, share, and apply knowledge in the organization (Wong, 2005). The findings of the study conducted by Dechawatanapaisal (2005) demonstrated that the pay for performance and recognition are the contributing factors in the organizational learning. Especially recognition that is easy to implement and does not require large investment, can increase the employee morale that support their learning. Khandekar & Sharma (2006) pointed out that improved reward system plays an important role in strengthening the learning capabilities of the organization which leads us to propose that the selective compensation and reward system that create a powerful motive for the employees to get, apply and share knowledge has a positive impact on OL.

Atkinsons Case

Case requirements Atkinson Atkinson have been trading as a department store on the Moor In Sheffield for over 50 years. Two of the directors are friends of your parents. They have asked you and a small group of your colleagues to cast an eye over the business and offer some Impartial advice as to its future direction. You were provided with the publicly available statements of the group, data from FAME Is also available on the Internet through literates.. Whilst passing through the Meadowland Centre you notice that there are some new units being developed.A number of businesses such as Deadbeats and Thornton have outlets In both Sheffield and Meadowland whilst others such as House of Fraser have moved out of the city centre altogether. You have contacted Meadowland Properties PL and have received a letter in return which sets out the availability and costs of leasing a new unit in the Meadowland Centre. You have also acquired information from Sheffield City Council containing demogra phic and other information http:†www. Creditworthiness. Co. UK/ http:†www. Sheffield. Gob. UK/your-city-council/Sheffield-facts-figuresYou are required to attend a meeting with the two directors to make a presentation (power point facilities are available) on your findings. Assessment weighting Learning outcomes Weighting % 1 . Identify subject skills and knowledge appropriate to problem this is reflected In outcome 2 2. Assess difficulties in clearly defining problem areas (Including analysis of position) 30 3. Apply and integrate previously acquired subject skills outcomes 2/4 4. Acquire, classify organist and evaluate Information In a suitable format for the application of decision making techniques 30 5.Communicate proposed course of action and answer questions 40 Meadowland Properties PL Sheffield Dear Sir Thank you for your recent enquiry concerning the leasing costs for the units to be completed at the Meadowland Centre in late 2008. To give you some idea of the s ize of the units, Deadbeats occupies a site of 125,000 square feet. Leases will run to the December 2032 and will be renewable at that date subject to negotiation. All rents will be increased annually in line with the change in the retail price index excluding mortgage payments. Size Annual rent Unit 1 125,000 square feet unit 2 60,000 square feetIEEE,OHO unit 3 40,000 square feet IEEE,OHO In addition to these rental costs, there is a service charge payable to ourselves. At the moment this is EH. 30 per square foot per annum for the first 25,000 square feet, half this rate for the next 25,000 square feet and a quarter of this rate for anything over 50,000 square feet. This charge covers all communal areas, supervision of car parking etc. Tenants are, of course, responsible for the payment of business rates. We thank you for your interest and look forward to hearing from you in the near future. Yours faithfully Alexander Goodyear (Customer Services Director)

Signs and Symptoms of HIV, Malaria, Creutzfeldt- Jacob disease, Herpes, Cholera, Hypothyroidism, Coronary Artery Disease (CAD) and Swine Flu

Signs and Symptoms of HIV, Malaria, Creutzfeldt- Jacob disease, Herpes, Cholera, Hypothyroidism, Coronary Artery Disease (CAD) and Swine Flu UnitDiseaseSigns and SymptomsHIVMany people who are HIV-positive do not experience any symptoms of HIV infection. Sometimes symptoms appear after a year of infection or even after a decade. Often people only begin to feel sick when they progress toward AIDS (Acquired Immunodeficiency Syndrome).But those who do have symptoms may experience:FeverChillsRashNight sweatsMuscle achesSore throatFatigueSwollen lymph nodesUlcers in the mouthIt is important to know that most people do not suffer symptoms so tests must be taken to know if you are HIV+MalariaThere are many symptoms for malaria that infect nearly 75% of children in tropical countries, these symptoms may include:feverheadachevomitingflu-like symptomsfollowed by internal bleedingkidney and liver failureCreutzfeldt- Jacob diseaseCJD is caused by an abnormal protein, called prion, which affects the nervous system.CJD is sometimes called the "great mimicker" because it causes symptoms that occur in many other neurological diseases.The se symptoms include:Behavioral and personality changesConfusion and memory problemsDepressionInsomniaLack of coordinationStrange physical sensationsVision problemsAs the disease advances, some may experience dementia and involuntary jerking movements called myoclonus.HerpesThe first signs of herpes are sometimes a tingling, itching and burning sensations at the site of infection. These "pre-outbreak" symptoms are often called prodrome. In genital herpes more symptoms are present, these symptoms include:painful red blisters that burst to leave open sores around your genitals, rectum, thighs and buttocksblisters and ulcers on the cervix (lower part of the womb) in womenvaginal discharge in womenpain when you pass urinea high temperature (fever) of 38Â °C (100.4Â °F) or overa general feeling of being unwell, with aches and painsflu like symptomsThese symptoms may...Coronary angiogram of a man