I. Match these common techniques for illegal obtaining information with the definitions.
1. Dumpster diving a) impersonating a trusted organization in an
electronic communication
2. Shoulder surfing b) penetration into databases of organizations that
store large amounts of personal information
3. Trojan horses c) stealing mail or rummaging through rubbish
4. Phishing d) stealing personal information in computer
databases
5. Infiltration e) eavesdropping on public transactions to obtain
personal data
II. Anti-phishing measures. Put a tick into the appropriate cell in the table.
|
Social responses |
Technical responses |
Legal responses |
1. To install anti-phishing software. |
|
|
|
2. To contact the company that is the subject of the e-mail to check that e-mail is legitimate. |
|
|
|
3. To teach law-enforcement officials how to combat various cyber crimes, including phishing. |
|
|
|
4. To use challenge questions which ask the user for information that should be known only to the user and the bank. |
|
|
|
5. To train users to deal with phishing attempts. |
|
|
|
6. To introduce anti-phishing laws. |
|
|
|
7. To install spam filters to reduce the number of phishing-related e-mails that users receive. |
|
|
|
8. To type in a trusted web address for the company’s website into the address bar of their browser, to bypass the link in the suspected phishing method. |
|
|
|
III. A little bit of statistics. Consumer-based identity theft is one of the most widespread crimes in the USA. From year to year the total number of victims is decreasing, but the total value of identity theft is increasing. The 2003 survey from the Identity Theft Resource Center found that:
15% of victims find out about the ID theft through proactive action taken by a business.
73% of victims indicated the crime involved stealing a credit card.
600 hours is the average time spent by victims resolving their problems.
1. Should businesses take regular and more effective proactive actions to protect the employees and customers?
2. Can the ID theft victim unawareness entail serious consequences for the victim? If yes, what exactly?
3. Does ID theft have any emotional impact on the victim?
4. Can you give any examples of ID theft?
IV. Complete the sentences below with the appropriate word.
Precautions against identity theft
1. Don’t ….. personal information unless you know who you are dealing with.
a) take out b) give out c) make out
2. Never ….. links in unsolicited e-mails.
a) hold on b) log on c) click on
3. Use firewalls and anti-virus software ….. your home computer.
a) to save b) to protect c) to guard
4. Don’t use … password like you birth date or the number of driver’s license.
a) obvious b) sophisticated c) alphabetical
5. Limit the amount of ….. information you publish on the web.
a) secure b) personal c) important
6. When shopping online, make sure the company uses an ….. page to take payment details.
a) encrypted b) coded c) protected
Jigsaw activities.
Work in pairs. Student A read the information about Kevin Poulsen. Student B read the information about Gary McKinnon. Ask each other the questions and complete the chart given below the text.
Kevin Poulsen
Kevin Lee Poulsen (far right) with his contemporaries Kevin Mitnick and Adrian Lamo (circa 2001) Kevin Poulsen (in the past Dark Dante) (born 1965 in California, USA) is a former black hat hacker. He is currently a senior editor at Wired News. Poulsen began his notorious career in the 1980s as a cracker. He worked for SRI International by day, and hacked at night. His hacks made him one of America’s best-known cyber-criminals. Today he remains famous for his 1990s hack of the phone system in Los Angeles. This enabled him to become the 102nd caller in radio-phone and win a Porsche 944. When the FBI started pursuing Poulsen, he went underground as a fugitive. He was finally arrested in April 1991. Poulsen pleaded guilty to seven counts of mail, wire and computer fraud, money laundering, and obstruction of justice, and was sentenced to 51 months in prison and ordered to pay $56,000 in restitution. He also pleaded guilty to breaking into computers and obtaining information on undercover businesses run by the FBI. Poulsen enjoyed brief celebrity in the tech world upon his release from federal prison, and was the subject of the book “Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen”, a work which Poulsen himself has decried. After his release from prison he started to work as a journalist and sought to distance from his criminal past. Poulsen served in a number of journalistic capacities at California-based security research firm SecurityFocus, where he began writing security and hacking news in early 2000. SecurityFocus News became a well-known name in the tech news world during Poulsen's tenure with the company and was acquired by Symantec. Poulsen left SecurityFocus in 2005 to freelance and pursue independent writing projects. He became a senior editor for Wired News in June 2005, which hosts his recent blog, 27BStroke6.
|
Gary McKinnon
Gary McKinnon (Solo) (born in Glasgow in 1966) is a British hacker who is considered to perpetrate the "biggest military computer hack of all time." The unemployed computer systems administrator is accused of hacking into 97 military computers of the networks owned by NASA, the US Army, US Navy, Department of Defense and the US Air Force, and also one belonging to the Pentagon in 2001 and 2002. The US claims the costs of tracking and correcting the problems he allegedly caused were around 700,000 USD. The charge that he perpetrated "the biggest military hack of all time" is disputed by McKinnon who characterizes himself as a "bumbling computer nerd". McKinnon got his first computer when he was 14 years old, and has been a hobbyist ever since. He left school at 17, and became a hairdresser. But, in the early 1990s, some friends convinced him to get a qualification in computers. After completing a course, he started doing contract work in the computing field. McKinnon claims that on many occasions he noticed other hackers unlawfully accessing the same systems and suggests that his activities were not unique. McKinnon was originally tracked down and arrested under the Computer Misuse Act by the UK National Hi-Tech Crime Unit (NHTCU) in 2002, and later that year was also indicted by the United States government. He remained at liberty although subject to bail conditions including a requirement to sign in at his local police station every evening, and to remain at his home address at night. In addition he was banned from using a computer with access to the internet. If he is extradited to the U.S. and charged, McKinnon faces up to 70 years in jail and has expressed fears that he could be sent to Guantanamo Bay.
|
1. What is the name and alias of the hacker you have just read about?
2. When and where was he born?
3. Does he have a university education? A degree in computing?
4. What was his occupation before the arrest?
5. When did he gain notoriety for his illegal deeds?
6. What was he accused of?
7. What was the damage caused by his criminal activity?
8. Was he imprisoned? What sentence was passed upon him?
9. Do you consider his crime to be a real threat to national safety?
10. What is your attitude to him? Do you feel sympathy/respect for him?
11. If you met him what would you ask him?
12. What is his present activity?
|
Age |
Country |
Alias |
Occupation |
Indictment |
Sentence |
Present Activity |
Kevin Poulsen |
|
|
|
|
|
|
|
Gary McKinnon |
|
|
|
|
|
|
|