Computer Forensics and Cyber Crime Overview

Questions and Answers

Which act is also known as the Hacking Statute?

Computer Fraud and Abuse Act of 1986 (correct)

Information Security Act

Cybercrime Prevention Act

Digital Privacy Act

The Computer Fraud and Abuse Act of 1986 was originally effective in prosecuting cybercrime.

False

Name one famous individual involved in successful prosecutions under the Computer Fraud and Abuse Act.

Kevin Mitnick

The Computer Fraud and Abuse Act was expanded to apply to computers used in __________.

commerce and communication

Match the following individuals with their associated cybercrime:

Kevin Mitnick = Theft of programs from Digital Equipment Corporation Shadowhawk = Breaking into U.S. Missile Command Robert Morris = Inventor of the Morris Worm Alfred Smith = No associated crime mentioned

The expansions to the Computer Fraud and Abuse Act focused on which type of intrusions?

Intentional intrusions

Title 15 of the supplemental federal criminal law relates to copyright infringement.

False

What was one major flaw of the original Computer Fraud and Abuse Act?

It was too vague.

What main areas did the National Information Infrastructure Act of 1996 (NIIPA) aim to address?

Loopholes in computer-specific statutes

The Child Pornography Protection Act (CPPA) of 1996 included protections for virtual images of children.

True

Name one type of offense that NIIPA expanded to include.

Hacking and malicious programming

The _______________ Act of 1984 was supplanted by the Child Protection & Obscenity Act in 1988.

Child Protection

Match the legislation to its associated focus:

National Information Infrastructure Act of 1996 = Loopholes in computer-related offenses Child Protection Act (1984) = Piecemeal child pornography legislation Child Pornography Protection Act (1996) = Virtual images of children Protection of Children against Sexual Exploitation Act (1977) = Early efforts against child pornography

Which of the following was NOT an area expanded upon by the NIIPA?

Breaches of privacy in social media

The Supreme Court ruled that child pornography is protected under the First Amendment.

False

What was the significant outcome of Ashcroft v. Free Speech Coalition concerning the CPPA?

The law was struck down.

What does the PROTECT Act prohibit regarding pretrial release?

Pretrial release for persons charged with child pornography

The PROTECT Act ended the statutes of limitation on child abduction and abuse cases.

True

What mandatory penalty does the PROTECT Act impose on repeat child sex offenders?

Mandatory life penalty

The PROTECT Act provides for electronic ____________ in cases of child abuse or kidnapping.

eavesdropping

Match the following provisions of the PROTECT Act with their descriptions:

Mandatory life penalty = For repeat child sex offenders National AMBER Alert Coordinator = Appointment for coordinated responses No waiting periods = In missing persons cases for 18-21-year-olds Sentencing enhancement = For possession and distribution of child pornography

Which of the following is NOT a provision of the PROTECT Act?

Mandatory counseling for offenders

The PROTECT Act authorizes fines and imprisonment for U.S. citizens engaging in illicit sexual conduct abroad.

True

What is the application of the Miller standard of obscenity in the Act?

To drawings, sculptures, and pictures depicting minors in obscene situations.

What is unlawful under the Identity Theft and Assumption Deterrence Act of 1998?

Using identifying information without lawful authority

The Identity Theft and Assumption Deterrence Act of 1998 only applies to financial information.

False

What organization was designated as the repository for consumer complaints under ITADA?

Federal Trade Commission (FTC)

The Identity Theft and Assumption Deterrence Act of 1998 includes personal information such as a person's __________ number.

Social Security

Which of the following is NOT considered identifying information under ITADA?

Favorite color

Victims of identity theft can claim restitution for lost time from work.

True

Identify one type of unique biometric data mentioned in the ITADA.

Fingerprint

Match the following types of identifying information with their descriptions:

Social Security number = A personal identifier assigned by the government Driver’s license number = Identification issued by a state authority Passport number = Identification used for international travel Telecommunication identifying information = Data related to communication devices

What year was the Identity Theft Penalty Enhancement Act enacted?

2004

The Health Insurance Portability & Accountability Act allows healthcare organizations to disclose Social Security numbers freely.

False

What is the main purpose of the President’s Working Group on Unlawful Conduct on the Internet?

To evaluate existing federal laws and the need for new technologies and education tools to minimize risks of Internet crime.

The _____ Privacy Protection Act prohibits the use of Social Security numbers from motor vehicle records in unauthorized situations.

Drivers

Match the statute with its main consequence:

Identity Theft Penalty Enhancement Act = Mandatory sentences for aggravated identity theft Identity Theft Enforcement and Restitution Act = Expanded consequences for identity theft Drivers Privacy Protection Act = Prohibits unauthorized use of personal information Health Insurance Portability & Accountability Act = Restricts disclosure of health information

What is one of the main goals of collaboration among business, government, and advocacy organizations regarding Internet crime?

To evaluate the sufficiency of existing federal laws

The regulation of Internet criminal activity is treated differently compared to traditional criminal law.

False

What type of training and cooperation is recognized as a necessary approach for investigating Internet crimes?

Enhanced training and interagency cooperation.

What was the primary purpose of the National Infrastructure Protection Center (NIPC) established under Presidential Decision Directive 63?

To discuss potential threats with local leaders, corporate executives, and law enforcement

The Innocent Images initiative was designed to prevent adults from engaging in interstate travel to meet minors.

False

What software suite includes tools like Carnivore and Packetier for packet sniffing?

Dragonware

The method of analyzing large data sets using statistical models and algorithms is known as ______.

data mining

Match the following data mining projects to their descriptions:

TIA = Terrorism Information Awareness Program CAPPS II = Computer-Assisted Passenger Prescreening System MATRIX = Multi-State Anti-Terrorism Information Exchange Pilot Project ATS = Automated Targeting System

Which tool was specifically mentioned as a key logger used in the Cyber Knight project?

Magic Lantern

Data mining can only classify new patterns but cannot predict future activities.

False

Name one example of a data mining initiative used to identify potential terrorists.

Terrorism Information Awareness Program (TIA)

Study Notes

Computer Forensics and Cyber Crime

• This presentation covers avenues for prosecution and government efforts related to computer crime.
• Learning objectives include understanding traditional laws applied to computer crime, recent federal legislation on online behavior, investigative tools used by the government, and data mining programs.
• The presentation also addresses international attempts to address computer crime.

Introduction

• Law enforcement faces challenges such as smaller agencies with fewer resources, leading to reliance on state and federal agencies.
• Historically, there's been apathy towards nonviolent crime.
• Legislative action on computer crime has moved slowly.

Traditional Statutes

• Primary federal law enforcement provisions related to cybercrime fall under Title 18.
• Examples of crimes covered under Title 18 include fraud, embezzlement, terrorism, espionage, child seduction and exploitation, stalking, kidnapping, forgery, extortion, RICO offenses, access device fraud, and illegal wiretapping.
• Supplemental federal criminal law relating to cybercrime includes Title 15 (credit card fraud and software piracy) and Title 17 (copyright infringement).

The Evolution of Computer-Specific Statutes

• The Computer Fraud and Abuse Act (CFAA) of 1986 initially focused narrowly on unauthorized computer access.
• The act has been expanded to cover computers used in commerce and communication, and now applies to all financial records and intentional intrusions.
• The act was criticized as ineffective, and its initial version was too vague and emphasized access to financial information and government computers.
• Subsequent prosecutions under the CFAA included Kevin Mitnick (program theft), Shadowhawk (breaking into the U.S. Missile Command), and Robert Morris (inventor of the Morris Worm).
• The National Information Infrastructure Act (NIIPA) of 1996 addressed loopholes in the CFAA, broadening the scope to include instances of accidental intrusions and offenses where computer data is not the primary target.
• NIIPA also covered the use of computers in all circumstances and non-commercial settings.
• The act further extended to include transmitting classified government information, obtaining information from financial institutions, private sector computers, and the U.S. government affecting government.

Evolving Child Pornography Statutes

• Efforts at banning child pornography include piecemeal legislation (like the Protection of Children against Sexual Exploitation Act of 1977) plus Supreme Court rulings.
• Cases such as New York v. Ferber (1982) determined that child pornography is not protected by free speech under the First Amendment.
• Later legislation included the Child Protection Act (1984), later supplanted by the Child Protection & Obscenity Act (1988), and the Child Pornography Protection Act (CPPA) of 1996.
• The CPPA covered virtual images, but the Supreme Court's decision in Ashcroft v Free Speech Coalition (2002) deemed it overly broad.
• The PROTECT Act introduced measures like a mandatory life penalty for repeat child sex offenders, criminal history checks for volunteers, and electronic eavesdropping for cases involving child abuse or kidnapping.

Identity Theft and Financial Privacy Statutes

• The Identity Theft and Assumption Deterrence Act (ITADA) of 1998 criminalizes possessing identifying information without authority.
• Identifying information includes social security numbers, dates of birth, driver's licenses, alien registration numbers, passports, and employer/taxpayer identification numbers.
• Unique biometric data (like fingerprints, voice prints, retinas, and irises) and electronic codes are also covered.
• The law also provides restitution, attorney fees, compensation for lost wages, and credit denial penalties.
• The Financial Modernization Act of 1999 introduced the Financial Privacy Rule, which mandated privacy disclosure practices, the Safeguards Rule, requiring security measures in protecting financial data, and addressed pretexting (obtaining personal info under false pretenses).
• The Fair and Accurate Credit Transactions Act (FACTA) of 2003 mandated free credit reports, fraud alerts, truncated credit/debit numbers to deter "dumpster diving", truncated social security numbers, enhanced victim support procedures, and provisions to investigate changes in address for credit cards/accounts.
• Further extensions addressed card issuers investigations, blocking fraudulent info, and consumer reporting requirements.
• Debt collectors are now legally obliged to disclose identity theft and provide info on how to resolve debt issues.
• The Identity Theft Penalty Enhancement Act (2004) mandated sentences for aggravated identity theft, and the Identity Theft Enforcement and Restitution Act (2008) further expanded consequences for such theft.

Additional Efforts to Protect Personal Information

• The Drivers' Privacy Protection Act restricts the use of social security information in motor vehicle records.
• The Health Insurance Portability and Accountability Act (HIPAA) restricts healthcare organizations from releasing social security numbers and health info.

Federally Funded Initiatives and Collaborations

• The President's Working Group on Unlawful Conduct on the Internet involved business, government, and non-profits to evaluate existing laws, technology-specific legislation, and educational resources to minimize the risks of cybercrime.
• Several approaches resulted, including similar regulations to those used in traditional criminal law, recognition of special needs, and cooperation with law enforcement.
• Presidential Decision Directive 63 (PDD 63) and the 'Innocent Images' initiative aimed to bring together law enforcement and private businesses to discuss threats and investigate child abuse.

Law Enforcement Operations and Tools in the United States

• Law enforcement uses tools such as packet sniffers (like Carnivore, Packeteer, and Coolminer), which reconstruct internet communication.
• Key loggers such as the Magic Lantern help record keystrokes and mouse clicks.
• Data mining employs statistical models, algorithms, and artificial intelligence to analyze large datasets to identify patterns like those involved in terrorism (e.g. Terrorism Information Awareness Program, Computer-Assisted Passenger Prescreening System (CAPPS II), Multi-State Anti-Terrorism Information Exchange Pilot Project (MATRIx), Automated Targeting System(ATS), and Terrorist Surveillance Program).

Collaborations and Professional Associations

• Interagency task forces, cyber science laboratories like the one based at the New York Electronic Crimes Task Force, and professional associations (like the High Tech Computer Investigators Association) were created for knowledge sharing and training.

International Efforts

• International collaborations (e.g. OECD, Council of Europe, Interpol) aim to harmonize criminal laws and cooperate for combating computer-related crimes like the alteration of computer data, computer espionage and unauthorized computer use.
• The UN Convention against Transnational Organized Crime (UNCATOC) identified specific cybercrimes needing global attention.
• The Virtual Global Task Force (VGT) combined high-tech security forces from several countries to address child exploitation.
• The Association of Southeast Asian Nations (ASEAN) have shown an interest in training, criminal legislation, and collaboration internationally.

Conclusions

• Recognition of computer-related problems is rapidly increasing, but there's still much needed work.
• Existing laws are used for handling computer-related crime, pending the formation of legislation specific to technology.
• International cooperation is improving, but sovereignty issues hinder progress.

Description

Explore the complexities of computer forensics and cyber crime through this presentation. Learn about traditional laws, recent legislation, and investigative tools used by authorities, as well as the challenges faced in prosecuting cyber crimes. This quiz will enhance your understanding of how laws apply in the digital age.