Malaysian Computer Emergency Response Team

MyCERT Statistic

Reported Incidents based on General Incident Classification Statistics 2012

Help Centre

Reporting Channels

Definitions of Incidents

Cyber999 - Service Level Agreement

Resources

Technical Notes Nationals CERTs Tools

Theft

When we are talking about theft, we are not only expressing it in terms of stealing physical objects such as computers, modems, keyboards, chips, electronic devices etc, but broadly, it can also be defined as loss of data or files from your own workstation or worst, your server, either by remote or local tamperings, or by vandals.

Below are some examples of theft.

Data modifications:
The user accesses a file on a local or network drive, and modifies, deletes and overwrites it with new data. Sometimes, this is used to modify system settings or browser security settings.
Password theft:
The user steals a network or an Internet user name and password from the local machine or server. A third party can then used the password to access protected resources.
File theft:
The user steals a file from the local or network and sends it to an outside user via the open Internet connection. The user has root access to any file that the victim has right to.

There are two ways that can promote theft, one is called remote accessing and the other, known as vandals.

When a potential hacker has to acquire the userid and password of the targeted host to intrude the respective system, it is called remote accessing. The unauthorized information can be gained either by repeated attempts using security tools available via Internet, or by exploiting published vulnerabilities or bugs. Often, this is one of the initial steps which leads to compromising a system.

To protect it from these unauthorized accesses, system administrator's must always be aware of the latest bugs or security holes in network or operating system software. It is of utmost importance to have a routine check on the log files so that any further tamperings on the system could be avoided.

Unlike remote accessing, vandals, (sometimes referred to as "hostile applets") are more malicious where it can execute automatically when a user views a web page, receives pushed contents, or opens an email messages, ie, the victims will not even aware that they are running the program. It can take in the form of hostile Java, ActiveX, JavaScript, VBScript, html (including boobytrapped shortcuts), plug-ins, helper applications and pushed executables. Other than the three examples of theft mentioned above, vandals can also cause loss or denial of service within the local computer system. For example, they can flood the system with data so that it runs out of memory, or they can slow down internet connections.

The best way to protect yourself against a hostile applet is to know who you are downloading a Web page from or who has sent you an HTML page as an e-mail attachment.

Back