Download Title of Subject

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Malware wikipedia , lookup

Cyberattack wikipedia , lookup

Hacker wikipedia , lookup

Computer security wikipedia , lookup

Social engineering (security) wikipedia , lookup

Computer and network surveillance wikipedia , lookup

International cybercrime wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Cybercrime wikipedia , lookup

Transcript
Cybercrime
What is it, what does
it cost, & how is it
regulated?
What is Cybercrime?


Uses Computer & Internet to get between
organizations/people & their money
Estimates of 69% of all Internet activity
involves criminal intent
 Low Risk
 Low Cost
 Online Communities sharing tips & tools
http://www.businessedge.ca/article.efm/newsID/t0118.cfm
Costs of Cybercrime


Estimates of FBI value
damages to US at $400
billion in 2004
Virus attacks still the
source of the greatest
financial loss – 32% of
all cybercrime losses
reported
http://www.businessweek.com/print/magazine
Net Fraud




Users give up resources to online criminal
Typically, the result of greed or unwariness
on victim’s part
Include bank fraud, online auctions, sales
of goods purchased with stolen resources
“Phishing” - fraudulent emails appear to
come from a familiar service provider
wanting sensitive personal information
Unauthorized Access

4 Traditional Methods of Access
 Modem Attack – Unauthorized
Modems Installed
 Software Bugs – Port Scanning
 Trusted Server – Zone Transfer
(periodic updates) /IP Spoofing
 Social Engineering – Deceive
Employee
Denial of Service


Explicit attempt by attackers to prevent
legitimate users of a service from using
that service
3 Modes of Attack
 Consumption of scarce, limited, or nonrenewable resources
 Destruction or alteration of
configuration information
 Physical destruction or alteration of
network components
Virus Attacks
A program that runs on
your computer system
without your permission
3 Purposes for Virus Infection
Using your computer’s resources or
information
Destroying your files
Disclosing files to others who aren't
otherwise allowed to see them

http://www.cert.org/nav/index_main.html
Additional Cybercriminal Acts




Spoofing – Misappropriation of
another’s identity
Bot (Computer Robot) Usage for
searching without authorization
Chaffing – Sending hidden
messages across the internet
Steganography – Hidden files
inside digital photos or .wav
files
International Law





Currently no International Laws in place
governing the world’s information
technology
3 Options proposed by the United Nations
seminar
Self-regulating Market
Market guided by National Authorities
International Regime Regulation
http://www.un.org/esa/socdev/enable/disinet1.htm
Federal Regulation
Federal
Statute
Title of Code
Focus of Statute
Loss Criteria
18 U.S.C.
1029
Fraud and Related Activity
in Connection With Access
Devices
Prevent use of counterfeit access devices to get account
numbers, mobile ID, card, or PIN to steal funds or make fund
transfers
The theft must be for $1,000 or
more during any one-year period.
The loss includes the cost of
responding to an offense, doing a
damage assessment, restoring the
system, revenue losses, cost
incurred, or other damages because
of an interruption of service
18 U.S.C.
1030
Fraud and Related Activity
in Connection With
Computers
Under the statute a “protected computer” is any PC attached
to the Internet that is used to access files at financial
institutions, the U.S. government, or a PC used in interstate
commerce. A criminal act against a “protected computer” is
the sending of code that causes damage, trafficking in
passwords, threatening with the intent to commit extortion
and/or accessing files without authorization or without proper
authorization.
Slight variation with the criminal
activity, but is generally considered
to be at $5,000 per year. The law
also allows victims to bring civil
actions against a perpetrator.
18 U.S.C.
2701
Unlawful Access to Stored
Communications
Unauthorized access to an electronic communication service
and the alternation of stored files.
None listed
Source: Journal of Forensic Accounting ©R.T. Edwards, Inc.
State Statutes




Each state has enacted some legislation regarding
computer related crime
Most states added to existing property offense or
criminal statutes.
Legislation not limited to the cybercrime covered in
this presentation
Some additional crimes covered: cyber-stalking,
crimes against children, spam
Knowledge, Skills, Abilities






Build an Internet audit trail
Collect “usable” courtroom electronic
evidence
Trace an unauthorized system user
Ability to recommend or review security
policies
Current computer fraud techniques in use
Ability to place valuation on incurred
losses
More KSAs




Understanding of information collectable
from various computer logs
Technical familiarity with the Internet, web
servers, firewalls, attack methodology,
security procedures & penetration testing
Organizational & legal protocols for incident
handling
Established relationship with law
enforcement
Additional Resources
Invesigating and Prosecuting Network Intrusions,
Smith, John
http://www.sgrm.com/art-4.htm
Forensic Computing: A look at evidence
And how to handle it, McCrone, John
http://www.sgrm.com/art10.htm
Computer Crime, Justice, Law and Society
http://www.infosyssec.net/infosyssec/security/compcrim1.htm
Computer Crime Research Center
http://www.crime-research.org/latestnews/
Free Data Recovery Tools
http://www.freebyte.com/filediskutils/#datarecovery