Intro about the motive of hacking.docx

8/13/2019 Intro about the motive of hacking.docx

http://slidepdf.com/reader/full/intro-about-the-motive-of-hackingdocx 1/8

(lights off in front of the room, Maxine is standing at the back, where she picks up an envelope on

the computer/desk nearest the door. She opens it and looks at its contents, and pulls out an ID.)

MAXINE: (on cellphone) Understood, Sir. We guarantee everything will go smoothly. Leave this to us.

Yes, I understand what’s at stake. Nothing will go wrong…for us. (ends phone call, calls Keembe.) I’ll

launch a Distributed Denial of Service attack on Azacar Company tonight, so they can’t informLinopod they haven’t authorized this transaction. Has Giah uploaded the Trojan horse into our IRC

networks?

KEEMBE: (should be sitting down somewhere with the class) The program has been downloaded by

over one thousand computers through their IRC clients, Max. Our zombies are ready. Giah has an

appointment set for tomorrow evening with Linopod Corporation’s vice president. She’ll be going as

Azacar’s CEO. Can you secure fake IDs for her?

MAXINE: Can I? Of course I can. Just make sure everything goes well on your end, and get the

handprint of their Vice President. I’ve already IP spoofed Azacar and placed an order with Linopod,

actually. [lights off]

[SCENE 2 – lights on in front; Giah enters in front, and Beth stands up to greet her. Giah is wearing

latex gloves. Beso beso]

Beth: And you would be the CEO of Azacar? Wow, such a young CEO for such a successful company!

I’m Beth, Vice President for Public Relations of Linopod Company. Chill, our CEO, apologizes for not

being able to make it today. She’s been out of the country, and she won’t be back until next week.

Giah: Thank you, Miss Beth, but I’ll have you know I’m impressed with your company’s work on IT

security as well. We are very excited to be able to enter this deal with your company, and finally be

able to set up a direct private communications link between our companies, as your ‘trading

partner’. Shall I sign the contract? We can have a photo op after.

Beth: (flattered) Definitely! A value-added network (VAN) wouldn’t suffice for major clients such as

you. Here’s the contract and here (gives one of our classmates a camera), take a picture of us!

Giah: Wait! I want a picture with us shaking hands.

[pose, picture.]

Beth: Oh, I know! How about we have a celebratory dinner? I’ll go ahead and have the car prepared.

Do you want Japanese? Native? What kind of food?

Giah: Anything will do, Miss Beth!

Beth: Oh, call me Beth. We can’t have dinner together calling each other “Miss”. (walks away) Don’t

take too long, okay?

Giah: All right. I’ll just keep my things. (turns around and presses earpiece) Keembe? Giah here. The

contract terms have been decided on. The EDI process should be underway soon, and her handprint

plus a picture has been secured.

Keembe: Good. Now it’s up to Max.

[lights off, Giah exits. SCENE 3 opens at the back.]

MAXINE: (on cellphone) Yes, I know it’s been a week, and the transactions are ongoing, but we can’t – I can’t just – urgh. I know and am working on it. But even so, we only have limited access. I’ve



already bypassed the firewall. Just be patient. Fine! You know what, I’ll launch a DoS attack on

Linopod Corp’s system as well, if that’s what you want. You mean a Smurf attack? Yeah, yeah. I’ll do

that. That IS a kind of denial of service attack, you know, along with the distributed denial of service

attack and SYN Flood attack. What? Fine. I’ll hurry. (ends call) This is so not going to end well, but the

customer is always right.

(goes to computer and starts typing)

MAXINE: AAAAAAAAND now it’s closed. For a company with high network security level, they didn’t

even try to catch the culprit red-handed using deep packet inspection. Great. I knew this would

happen. Now I can’t get in. I need an inside identity…hmmm… Oh I know! I’ll use HIS account to

enter, since this is all his fault.

(Types again, but a few minutes later max’s cellphone rings and she answers)

MAXINE: Yes? Keembe!

KEEMBE: Max, what are you doing? He just called me, and he’s furious because you used his accountto access the system while it was under a quarantine. Is this true?

MAXINE: Yes, I did.

KEEMBE: Max! What the. Why would you do that? Do you know how dangerous this is? He could get

caught, and that was not part of the deal. Our reputation as criminal consultants would be

destroyed! You need to fix this. Delete the system audit log, now.

MAXINE: What? But Keembe, that’s kind of really obvious, and I needed an inside account.

KEEMBE: Now, Max. Delete it.

MAXINE: Fine. It was useless anyway. Their mainframe is too tight. I can’t get into their operating

system. We need to have software inside the company.

KEEMBE: You mean a virus?

MAXINE: Yes. I could write the program for it, but there’s no way they’ll let me plug in there.

KEEMBE: I’ll talk to the customer. Just write the program, and I’ll take care of the rest.

[LIGHTS OFF, SWITCH TO FRONT, WITH JUSTICE AND JOHONEY AND A FEW OTHER TEAMMATES

SEATED]

JUSTICE: *looking stressed, typing a lot on Sir’s computer+ Who would do this…How…?

JOHONEY: What’s wrong, Just? You look stressed.

JUSTICE: Someone just launched a Smurf Attack on our system. I guess I should be glad they didn’t

use a DDoS instead, but still…

JOHONEY: …What does that mean?

JUSTICE: *sighs+ A smurf attack is an attack wherein the perpetrator’s computer IP spoofs us and

sends a ping message packet to an intermediary, so that the intermediary sends a lot of echo

responses to us and crashes our system.

JOHONEY: Oooh! I know! That’s a denial of service attack, isn’t it? So this means our website is

down?



JUSTICE: Yes. [Goes back to typing]

JOHONEY: …What about a DDoS? Why the extra D?

JUSTICE: [mutters]

JOHONEY: What?

JUSTICE: I SAID Distributed Denial of Service.

JOHONEY: Oh. So lots of websites crash, not just us?

JUSTICE: [Facepalms] No, it means the perpetrator uses a lot of computers to crash our website. It

causes more damage cause it comes from more computers than a SYN Flood or a smurf attack.

JOHONEY: …SYN Flood?

JUSTICE: [annoyed now] A SYN Flood attack transmits hundreds of SYN packets to the targeted

receiver, but he never responds with an ACK to complete the connection, so the receiver keeps

requesting for acknowledgment until it times out. Don’t you have something else to do? I’m busy.

JOHONEY: *sad+ I was just curious about…Never mind. I’ll go away, then.

TEAMMATE 1: [sees Johoney sad] You want to know what a Smurf attack is?

JOHONEY: [Happy] Yes, please! Will you tell me? Thank you so much.

TEAMMATE 1: A Smurf Attack is when the perpetrator of a smurf attack uses a program to create a

ping message packet that IP Spoofs the victim’s computer to an intermediary, and so the

intermediaries, which are a bunch of computers, all send an echo response to the victim’s computer

and overwhelms it.

JOHONEY: But what about our firewall? Isn’t that a system that enforces access control between two

networks? Won’t that stop the attackers?

TEAMMATE 1: Well, all we have is a network-level firewall, which is efficient but it’s kind of low

security. It has a screening router that examines the source and destination addresses attached to

the incoming message packets and accepts or denies requests based on filtering rules programmed

into it. Actually, it’s a firewall that offers less security but more convenience. We could have had an

application-level firewall, buuuut Mr. Tiu, our chief operating officer, rejected the idea because

although it provided a higher level of network security, it adds a lot of overhead to connectivity. We

could have run security apps called proxies to perform user authentication for some tasks, plus

gotten some sweet auditing tools and transmission logs for unauthorized activity.

TEAMMATE 2: Yeah, and he wouldn’t let us invest in an intrusion prevention system that employs

DPI to stop DDoS attacks either, because he said it was a waste of time or something. It’s not – deep

packet inspections would inspect the entire content of the message packet, not just the header

portion.

JOHONEY: *Sighs+ I don’t really know a lot about these things…Why don’t I ever know them? *is sad

and leaves the room]



TEAMMATE 1: She’s kind of hard on herself.

TEAMMATE 2: Well, she has to meet big expectations. Word is they’re planning to promote her to

Justice’s role when he gets promoted. Justice was, after all, the one who suggested message

sequence numbering, which is why we now add a sequence number in each message so no one can

delete or change the order of the messages we receive.

TEAMMATE 1: Oh yeah, wasn’t he the one who suggested that thing where we have a log of the user

ID, time of access, and terminal location from where the access originated?

TEAMMATE 2: Oh, you mean the message transaction log? Yeah, that’s also him.

TEAMMATE 1: But you know, Johoney isn’t so bad. She was the one who suggested multilevel

password control, where different functions need different passwords. It’s saved the company a lot

of money, cause many employees can share the same computer now without mixing functions.

JUSTICE: Hey, back to work. I just realized we also lost our system audit trail and our event

log…someone is really out to get us. Maybe I should have pushed for keystroke monitoring insteadof just event logging. That way, we could have records of both the user’s keystrokes and the

system’s responses instead of just the key activities of the system. Not that it matters, if they’d

deleted it. [Slams hand on table] What in the world are we up against? How did they even get in our

system? I should’ve implemented a one-time password system, so we can have new algorithm-

generated passwords every minute instead of just reusing the same password over and over again.

TEAMMATE 1: Sir, could it be a line error that deleted our data?

JUSTICE: No, Johoney made sure all electric motors, atmospheric conditions, faulty wiring, defective

components, or noise spills from other communications channel don’t cause any line errors. I’m sure

it’s not that.

TEAMMATE 1: At least it doesn’t seem like the attacker is making much progress either?

JUSTICE: But we’re in a deadlock – a draw. That’s no good either. We can’t go on like this; our

customers need to access our website…

[LIGHTS OUT, SCENE ENDS, STARTS AT THE BACK WITH ONLY JOHONEY AT FIRST]

JOHONEY: I’m so useless…I couldn’t even understand what was going on there. What am I going to

do? All I can really help with at this point is those of network topologies – the communication lines,

hardware components, software…*SIGH+ But network risks? Not my thing.

MATTHEW: *enters room, swinging USB around a finger+ Who do I….Oh, Johoney! What are youdoing? Why so blue?

JOHONEY: [Surprised] Mr. Tiu! What are you doing here? Oh my gosh, I’m so haggard-looking, not

professional and neat at all! I’m so sorry. Also, what do you mean blue? Are my clothes not white?

Did I accidentally choose something blue?

MATTHEW: No, I mean why so sad?

JOHONEY: Oh…Oh, it’s nothing, sir.

MATTHEW: Come on, you can tell me.





BETH: Oh honey, don’t be sad! She’ll be back tonight, so I’m sure she’ll fix everything. Wait here, I

know how to make you feel better! I’ll get you a bar of chocolate!

JOHONEY: Oh, that’s a great idea Miss! I love chocolate!

BETH: [running outside] Should I get Toblerone? Or Cadbury? Maybe just Snickers? I think Snickers! I

love Snickers!

JOHONEY: [looks at door until Beth is gone, then quickly sits down and plugs in the USB] Okay, here!

Now this will work…

MAXINE: [sitting down at back+ I don’t really need the DoS attack anymore, so I’m just going to… fix

it.

JOHONEY: OMG! Eveerything is okay again! I did it! I did it! I’m amazing! I can’t wait to tell Justice,

he’ll be so proud of me!

[EXIT, Then enter Justice and Co, with Johoney and Beth and Matthew]

BETH: Let’s have a toast to Johoney tonight! For saving our systems, without even breaking a sweat.

Tell us, Johoney, how did you do it?

JOHONEY: *looks at Matthew+ Well, it wasn’t just me. Actually it was mostly –

MATTHEW: Don’t be humble! Accept credit where it’s due!

JOHONEY: [Surprised] Really – Sir? Weren’t you the one who -?

JUSTICE: I’m really proud of you, you know. I always knew you had it in you. Could you tell me how

you did it? That was a really impressive hacker you just beat.

JOHONEY: Well, I didn’t really -

MATTHEW: We’ll have a celebratory dinner tonight –

[Suddenly, all lights turn off. People gasp, and the lights turn back on. Justice runs to the computer

and starts clicking and typing like crazy. If possible, we can project that thing Jamaica talked about

where the circles break and stuff? ]

JUSTICE: What in the world – Everything! All our defences, they’re compromised. What happened -

[realizes something] Johoney, tell me exactly what you did to fix the system. Now.

JOHONEY: What, I didn’t – I saved everything – I didn’t do this!

JUSTICE: NOW, Johoney! There’s no time. The hacker has just breached another level.

JOHONEY: Well, I just plugged in this USB into Miss Beth’s computer –

JUSTICE: You did what? Oh no! Whose USB was it?

JOHONEY: It was –

MATTHEW: What have you done? [points accusingly at Beth] You, you let her access your account?

When you know your account has privileged access? Do you know what abuse of that kind of access

does to a system?

BETH: I didn’t - Johoney, while I was out getting chocolate, did you…? *hurt+



JOHONEY: Miss, I didn’t…I was only trying to help… *looks as if she’s about to cry+

JUSTICE: That USB must have had a malicious program…Now the attacker has total access to our

files! What do we do?!

MATTHEW: Beth, if Chill hears about this…

BETH: It’s not my fault, it’s Johoney’s!

MATTHEW: But it was your responsibility! When I tell the president –

CHILL: *Enters+ When you tell me what? What’s going on? I leave the company for a few days and

now you’re in trouble?

<<<<<<ikaw lay insert synopsis from start until niabot te chill jaece.. O.o mao ni iya iingon>>>>>>>

In the first place, there is no one sweep solution against an expert hacker. Johoney, you should have

been more skeptical because a USB drive with contents you don’t even know is clearly suspicious.

What’s the status?

JUSTICE: Ma’am, the hacker has breached all but our last two levels, ____ and ____. It’s only a

matter of minutes until our mainframe server goes down, or worse, goes to the hands of that filthy

hacker.

CHILL: I understand. We don’t have a choice, then. (adto sa office nit te chill..turns on the computer)

Activate Almadel. (screen turns black the system appears. Hopefully we’re not too late. This virus

will set up another security control: a dual-homed firewall, with 256-bit advance encryption

standard keys.

As te Chill’s virus is countering Max’s virus, te Chill talks about security.

CHILL: Our operating system is the core of our company’s operations, as it runs in our mainframe

server, it integrates all our processes. We need to let the operating system do its job. As the OS

protects itself from users, protects users from themselves, protects users from each other, protect

itself from its own, and protects itself from its environment, WE have to protect it.

Now, I get that the hacker has found a back door because of the USB. Even our most secure log-on

procedures and access tokens were bypassed. We need to tighten our access privileges, both at

physical and logical level.

Beth, do not let others get inside our offices without supervision, and DON’T let anyone plug

anything, or touch our computers. Review our employee records to check our people who may havepossibly worked together with the hacker to jeopardize our information system.

Justice, there should be some system log records left in our server. Check for the TCP/IP and IP

addresses associated within the timeframe of the attack, we might catch our hacker. Also, after

Almadel has finished cleaning our system, implement a one-time password via PIN. But keep

Johoney suggestion of multilevel passwords.

Do you have pen and paper? Because you really have to write this.

a. All of us should provide passwords before we can access sensitive data.

b. Make sure our passwords are not sloppy nor weak.



c. Check our encryption keys at irregular intervals because they might be compromised,

rendering our password encryption useless.

d. Have someone review and modify our log-on and lockout procedures. Someone may have

made too many mistakes in logging on.

Johoney, fix our system logs, and this time, provide a high level of security so that it won’t be easilyerased. Also, we are going to send a distress signal to the ____, our trusted security team. Conduct

echo check, parity check and prevent unauthorized sniffers from intercepting our message.

I will send a digitally signed document with RSA encryption, so make sure it gets across ____

uncompromised.

Matthew, you and I are gonna have a talk.

Documents

Intro about the motive of hacking.docx