Rohas Nagpal Asian School of Cyber Laws - Department of ...

More documents

Recommendations

Info

Asian School of Cyber Laws 1.18 Web Jacking Just as conventional hijacking of an airplane is done by using force, similarly web jacking means forcefully taking over control of a website. The motive is usually the same as hijacking – ransom. The perpetrators have either a monetary or political purpose which they try to satiate by holding the owners of the website to ransom. This occurs when someone forcefully takes control of a website (by cracking the password and later changing it). The actual owner of the website does not have any more control over what appears on that website. How does web jacking take place? The administrator of any website has a password and a username that only he (or someone authorized by him) may use to upload files from his computer on the web server (simply put, a server is a powerful computer) where his website is hosted. Ideally, this password remains secret with the administrator. If a hacker gets hold of this username and password, then he can pretend to be the administrator. Computers don’t recognize people – only usernames and passwords. The web server will grant control of the website to whoever enters the correct password and username combination. There are many ways in which a hacker may get to know a password, the most common being password cracking wherein a “cracking software” is used to guess a password. Password cracking attacks are most commonly of two types. The first one is known as the dictionary attack. In this type of attack the software will attempt all the words contained in a predefined dictionary of words. - 26 - © 2008 Rohas Nagpal. All rights reserved.
Asian School of Cyber Laws For example, it may try Rahim, Rahul, Rakesh, Ram, Reema, Reena … in a predefined dictionary of Indian names. These types of dictionaries are readily available on the Internet. The other form of password cracking is by using ‘brute force’. In this kind of attack the software tries to guess the password by trying out all possible combinations of numbers, symbols, letters till the correct password is found. For example, it may try out password combinations like abc123, acbd5679, sdj#%^, weuf*(-)*. Some software, available for password cracking using the brute force technique, can check a huge number of password combinations per second. When compared with a dictionary attack, a brute force attack takes more time, but it is definitely more successful. Illustration In an incident reported in the USA, the owner of a hobby website for children received an e-mail informing her that a group of hackers had gained control over her website. They demanded a ransom of 1 million dollars from her. The owner, a schoolteacher, did not take the threat seriously. She felt that it was just a scare tactic and ignored the e-mail. It was three days later that she came to know, following many telephone calls from all over the country, that the hackers had web jacked her website. Subsequently, they had altered a portion of the © 2008 Rohas Nagpal. All rights reserved. - 27 -
Page 1 and 2: Evolution of Cyber Crimes Rohas Nag
Page 3 and 4: Asian School of Cyber Laws 1. EVOLU
Page 5 and 6: Asian School of Cyber Laws 1.1 Fina
Page 7 and 8: Asian School of Cyber Laws 1.2 Cybe
Page 9 and 10: Asian School of Cyber Laws 1.4 Onli
Page 11 and 12: Asian School of Cyber Laws 1.6 Emai
Page 13 and 14: Asian School of Cyber Laws 1.8 Cybe
Page 15 and 16: Asian School of Cyber Laws committe
Page 17 and 18: Asian School of Cyber Laws deraz la
Page 19 and 20: Asian School of Cyber Laws 1.12 Dat
Page 21 and 22: Asian School of Cyber Laws Illustra
Page 23 and 24: Asian School of Cyber Laws 1.15 Vir
Page 25 and 26: Asian School of Cyber Laws Between
Page 27: Asian School of Cyber Laws 1.17 Int
Page 31 and 32: Asian School of Cyber Laws 1.19 Ema
Page 33 and 34: Asian School of Cyber Laws The busi
Page 35 and 36: Asian School of Cyber Laws They dem
Page 39 and 40: Asian School of Cyber Laws It is be
Page 43: Head Office 6th Floor, Pride Senate

Rohas Nagpal Asian School of Cyber Laws - Department of ...

Create successful ePaper yourself

Delete template?

Save as template?