Computer Forensics and Cyber Crime Overview

Questions and Answers

Which act is also known as the Hacking Statute?

• Computer Fraud and Abuse Act of 1986 (correct)
• Information Security Act
• Cybercrime Prevention Act
• Digital Privacy Act

The Computer Fraud and Abuse Act of 1986 was originally effective in prosecuting cybercrime.

False (B)

Name one famous individual involved in successful prosecutions under the Computer Fraud and Abuse Act.

Kevin Mitnick

The Computer Fraud and Abuse Act was expanded to apply to computers used in __________.

commerce and communication

Match the following individuals with their associated cybercrime:

Kevin Mitnick = Theft of programs from Digital Equipment Corporation Shadowhawk = Breaking into U.S. Missile Command Robert Morris = Inventor of the Morris Worm Alfred Smith = No associated crime mentioned

The expansions to the Computer Fraud and Abuse Act focused on which type of intrusions?

Intentional intrusions (D)

Title 15 of the supplemental federal criminal law relates to copyright infringement.

False (B)

What was one major flaw of the original Computer Fraud and Abuse Act?

It was too vague.

What main areas did the National Information Infrastructure Act of 1996 (NIIPA) aim to address?

Loopholes in computer-specific statutes (C)

The Child Pornography Protection Act (CPPA) of 1996 included protections for virtual images of children.

True (A)

Name one type of offense that NIIPA expanded to include.

Hacking and malicious programming

The _______________ Act of 1984 was supplanted by the Child Protection & Obscenity Act in 1988.

Child Protection

Match the legislation to its associated focus:

National Information Infrastructure Act of 1996 = Loopholes in computer-related offenses Child Protection Act (1984) = Piecemeal child pornography legislation Child Pornography Protection Act (1996) = Virtual images of children Protection of Children against Sexual Exploitation Act (1977) = Early efforts against child pornography

Which of the following was NOT an area expanded upon by the NIIPA?

Breaches of privacy in social media (A)

The Supreme Court ruled that child pornography is protected under the First Amendment.

False (B)

What was the significant outcome of Ashcroft v. Free Speech Coalition concerning the CPPA?

The law was struck down.

What does the PROTECT Act prohibit regarding pretrial release?

Pretrial release for persons charged with child pornography (B)

The PROTECT Act ended the statutes of limitation on child abduction and abuse cases.

True (A)

What mandatory penalty does the PROTECT Act impose on repeat child sex offenders?

Mandatory life penalty

The PROTECT Act provides for electronic ____________ in cases of child abuse or kidnapping.

eavesdropping

Match the following provisions of the PROTECT Act with their descriptions:

Mandatory life penalty = For repeat child sex offenders National AMBER Alert Coordinator = Appointment for coordinated responses No waiting periods = In missing persons cases for 18-21-year-olds Sentencing enhancement = For possession and distribution of child pornography

Which of the following is NOT a provision of the PROTECT Act?

Mandatory counseling for offenders (A)

The PROTECT Act authorizes fines and imprisonment for U.S. citizens engaging in illicit sexual conduct abroad.

True (A)

What is the application of the Miller standard of obscenity in the Act?

To drawings, sculptures, and pictures depicting minors in obscene situations.

What is unlawful under the Identity Theft and Assumption Deterrence Act of 1998?

Using identifying information without lawful authority (B)

The Identity Theft and Assumption Deterrence Act of 1998 only applies to financial information.

False (B)

What organization was designated as the repository for consumer complaints under ITADA?

Federal Trade Commission (FTC)

The Identity Theft and Assumption Deterrence Act of 1998 includes personal information such as a person's __________ number.

Social Security

Which of the following is NOT considered identifying information under ITADA?

Favorite color (D)

Victims of identity theft can claim restitution for lost time from work.

True (A)

Identify one type of unique biometric data mentioned in the ITADA.

Fingerprint

Match the following types of identifying information with their descriptions:

Social Security number = A personal identifier assigned by the government Driver’s license number = Identification issued by a state authority Passport number = Identification used for international travel Telecommunication identifying information = Data related to communication devices

What year was the Identity Theft Penalty Enhancement Act enacted?

2004 (D)

The Health Insurance Portability & Accountability Act allows healthcare organizations to disclose Social Security numbers freely.

False (B)

What is the main purpose of the President’s Working Group on Unlawful Conduct on the Internet?

To evaluate existing federal laws and the need for new technologies and education tools to minimize risks of Internet crime.

The _____ Privacy Protection Act prohibits the use of Social Security numbers from motor vehicle records in unauthorized situations.

Drivers

Match the statute with its main consequence:

Identity Theft Penalty Enhancement Act = Mandatory sentences for aggravated identity theft Identity Theft Enforcement and Restitution Act = Expanded consequences for identity theft Drivers Privacy Protection Act = Prohibits unauthorized use of personal information Health Insurance Portability & Accountability Act = Restricts disclosure of health information

What is one of the main goals of collaboration among business, government, and advocacy organizations regarding Internet crime?

To evaluate the sufficiency of existing federal laws (B)

The regulation of Internet criminal activity is treated differently compared to traditional criminal law.

False (B)

What type of training and cooperation is recognized as a necessary approach for investigating Internet crimes?

Enhanced training and interagency cooperation.

What was the primary purpose of the National Infrastructure Protection Center (NIPC) established under Presidential Decision Directive 63?

To discuss potential threats with local leaders, corporate executives, and law enforcement (B)

The Innocent Images initiative was designed to prevent adults from engaging in interstate travel to meet minors.

False (B)

What software suite includes tools like Carnivore and Packetier for packet sniffing?

Dragonware

The method of analyzing large data sets using statistical models and algorithms is known as ______.

data mining

Match the following data mining projects to their descriptions:

TIA = Terrorism Information Awareness Program CAPPS II = Computer-Assisted Passenger Prescreening System MATRIX = Multi-State Anti-Terrorism Information Exchange Pilot Project ATS = Automated Targeting System

Which tool was specifically mentioned as a key logger used in the Cyber Knight project?

Magic Lantern (D)

Data mining can only classify new patterns but cannot predict future activities.

False (B)

Name one example of a data mining initiative used to identify potential terrorists.

Terrorism Information Awareness Program (TIA)

Flashcards

Computer Fraud and Abuse Act (CFAA) of 1986

A U.S. law that criminalizes unauthorized access to computers. Initially focused on financial data and government systems, but later expanded to cover commercial and communication computers.

Original CFAA (1986)

The initial version of the Computer Fraud and Abuse Act, considered ineffective due to vagueness and overemphasis on access to financial and government data.

Expanded CFAA

The later version of the Computer Fraud and Abuse Act, broadened the law to cover breaches of commercial and communication computers, along with all financial records.

Kevin Mitnick

A significant figure in early computer crime cases involving the illegal theft of software and manipulation of communication service providers.

Shadowhawk

A cybercriminal who illegally accessed US Missile Command computers, highlighting the potential for a breach in military networks.

Robert Morris

A computer programmer known for creating the Morris Worm, a self-replicating computer virus.

Cybercrime

Criminal activity conducted using computers or the internet.

Computer Forensics

The use of scientific and investigative techniques to gather and analyze evidence from computer systems to support criminal investigations.

NIIPA (1996)

National Information Infrastructure Act of 1996. It focused on computer crimes not covered by existing laws, including accidental intrusions, offenses using computers, and offenses where the computer wasn't the main target.

Expanded Computer Crime Laws

Computer crime statutes evolved to include transmitting classified info, accessing financial or government data, and computer fraud involving computers or data.

Child Pornography Laws

Laws banning child pornography developed incrementally (like the Protection of Children Act, etc.) and faced legal challenges (like New York vs. Ferber 1982).

New York v. Ferber (1982)

Supreme Court ruling that child pornography is not protected by the First Amendment's free speech clause.

Child Protection Act (1984)

Earlier legislation on child pornography, later superseded by the Child Protection & Obscenity Act.

Child Protection & Obscenity Act (1988)

A revised child pornography law to include limited material. It replaced the Child Protection Act.

Child Pornography Protection Act (CPPA) (1996)

Legislation addressing virtual images of children, including altered images and cartoons. Later struck down by courts.

Ashcroft v....

Supreme Court case that ruled against the Child Pornography Protection Act.

PROTECT Act

A law that strengthened penalties and measures for child sex offenses.

Mandatory life penalty

A law stipulating that repeat child sex offenders must receive a life sentence.

Background checks

Criminal history checks for those involved with children, often in volunteer roles.

Electronic eavesdropping

Monitoring of electronic communications in cases of child abuse or kidnapping.

Pretrial release

Denial of freedom during legal proceedings for those accused under the PROTECT Act.

Statute of limitations

Time limit for prosecuting child abduction and abuse cases.

Computer-generated child porn

Prohibited creation of child pornography using technology.

Miller standard of obscenity

Applying obscenity definitions (e.g. Miller v. California) to pictures of minors in obscene situations.

ITADA (Identity Theft and Assumption Deterrence Act)

A federal law making it a crime to possess, transfer, or use someone else's identifying information with criminal intent.

Identifying information

Personal details like names, social security numbers, dates of birth, and driver's licenses used to identify individuals.

Biometric data

Unique physical characteristics like fingerprints, voice prints, and eye scans used for identification.

Electronic identification numbers

Unique codes used to identify people online and in electronic transactions, accounts.

Criminal intent (ITADA)

The purpose of using someone else's identity to commit an illegal act or violation of federal or state law.

Unlawful transfer

Moving someone else's identifying information without permission, with wrong intent or for illegal activity.

FTC (Federal Trade Commission)

The US federal agency that receives complaints about consumer identity theft and distributes information to agents.

Restitution

Compensation for losses (financial/legal) due to someone else's criminal act of identity theft.

Identity Theft Penalty Enhancement Act of 2004

This law increases penalties for aggravated identity theft, leading to mandatory sentences.

Identity Theft Enforcement and Restitution Act of 2008

This act expands the consequences of identity theft to include further penalties and restitution.

Drivers Privacy Protection Act

This law prohibits the use of personal information from driver records (like SSN) in situations not legally allowed.

Health Insurance Portability & Accountability Act (HIPAA)

HIPAA limits health care organizations from sharing Social Security numbers and sensitive personal health info.

President’s Working Group on Unlawful Conduct on the Internet

A group that gathered business, government, and civil liberty organizations to evaluate internet crime.

Sufficiency of existing internet crime laws

Assessment of whether current internet crime laws are strong enough.

Cyber crime investigation tools

Development of enhanced legal tools for investigating and prosecuting internet crimes.

Cyber ethics curricula development

Creation of educational programs on cyber ethics to prevent internet crimes.

PDD 63

Presidential Decision Directive 63, issued in 1998, led to the creation of the National Infrastructure Protection Center (NIPC) and its Infragard program, aimed at collaboration between local leaders, corporate executives, and law enforcement to address potential threats.

Infragard

A program started by the National Infrastructure Protection Center (NIPC) to foster collaboration between local leaders, corporate executives, and law enforcement to discuss and address potential threats to critical infrastructure.

Innocent Images Initiative

A law enforcement initiative designed to investigate adults' travel across state lines to meet minors for illicit purposes.

Packet Sniffers

Software tools used to intercept and analyze network communication data, breaking down information into packets for examination.

Key Loggers

Software tools used to record keystrokes and mouse clicks, potentially capturing passwords and sensitive information on a target computer.

Data Mining

Utilizing statistical models, algorithms, and AI to analyze large datasets, seeking patterns and relationships hidden within the data.

Data Mining Applications

Examples of data mining in law enforcement include programs like TIA, Secure Flight, CAPPS II, MATRIX, ATS, and Terrorist Surveillance Program, which aim to identify potential terrorists.

Terrorism Information Awareness Program (TIA)

A program that used data mining to identify potential terrorists, focusing on passenger screening and threat analysis.

Study Notes

Computer Forensics and Cyber Crime

• This presentation covers avenues for prosecution and government efforts related to computer crime.
• Learning objectives include understanding traditional laws applied to computer crime, recent federal legislation on online behavior, investigative tools used by the government, and data mining programs.
• The presentation also addresses international attempts to address computer crime.

Introduction

• Law enforcement faces challenges such as smaller agencies with fewer resources, leading to reliance on state and federal agencies.
• Historically, there's been apathy towards nonviolent crime.
• Legislative action on computer crime has moved slowly.

Traditional Statutes

• Primary federal law enforcement provisions related to cybercrime fall under Title 18.
• Examples of crimes covered under Title 18 include fraud, embezzlement, terrorism, espionage, child seduction and exploitation, stalking, kidnapping, forgery, extortion, RICO offenses, access device fraud, and illegal wiretapping.
• Supplemental federal criminal law relating to cybercrime includes Title 15 (credit card fraud and software piracy) and Title 17 (copyright infringement).

The Evolution of Computer-Specific Statutes

• The Computer Fraud and Abuse Act (CFAA) of 1986 initially focused narrowly on unauthorized computer access.
• The act has been expanded to cover computers used in commerce and communication, and now applies to all financial records and intentional intrusions.
• The act was criticized as ineffective, and its initial version was too vague and emphasized access to financial information and government computers.
• Subsequent prosecutions under the CFAA included Kevin Mitnick (program theft), Shadowhawk (breaking into the U.S. Missile Command), and Robert Morris (inventor of the Morris Worm).
• The National Information Infrastructure Act (NIIPA) of 1996 addressed loopholes in the CFAA, broadening the scope to include instances of accidental intrusions and offenses where computer data is not the primary target.
• NIIPA also covered the use of computers in all circumstances and non-commercial settings.
• The act further extended to include transmitting classified government information, obtaining information from financial institutions, private sector computers, and the U.S. government affecting government.

Evolving Child Pornography Statutes

• Efforts at banning child pornography include piecemeal legislation (like the Protection of Children against Sexual Exploitation Act of 1977) plus Supreme Court rulings.
• Cases such as New York v. Ferber (1982) determined that child pornography is not protected by free speech under the First Amendment.
• Later legislation included the Child Protection Act (1984), later supplanted by the Child Protection & Obscenity Act (1988), and the Child Pornography Protection Act (CPPA) of 1996.
• The CPPA covered virtual images, but the Supreme Court's decision in Ashcroft v Free Speech Coalition (2002) deemed it overly broad.
• The PROTECT Act introduced measures like a mandatory life penalty for repeat child sex offenders, criminal history checks for volunteers, and electronic eavesdropping for cases involving child abuse or kidnapping.

Identity Theft and Financial Privacy Statutes

• The Identity Theft and Assumption Deterrence Act (ITADA) of 1998 criminalizes possessing identifying information without authority.
• Identifying information includes social security numbers, dates of birth, driver's licenses, alien registration numbers, passports, and employer/taxpayer identification numbers.
• Unique biometric data (like fingerprints, voice prints, retinas, and irises) and electronic codes are also covered.
• The law also provides restitution, attorney fees, compensation for lost wages, and credit denial penalties.
• The Financial Modernization Act of 1999 introduced the Financial Privacy Rule, which mandated privacy disclosure practices, the Safeguards Rule, requiring security measures in protecting financial data, and addressed pretexting (obtaining personal info under false pretenses).
• The Fair and Accurate Credit Transactions Act (FACTA) of 2003 mandated free credit reports, fraud alerts, truncated credit/debit numbers to deter "dumpster diving", truncated social security numbers, enhanced victim support procedures, and provisions to investigate changes in address for credit cards/accounts.
• Further extensions addressed card issuers investigations, blocking fraudulent info, and consumer reporting requirements.
• Debt collectors are now legally obliged to disclose identity theft and provide info on how to resolve debt issues.
• The Identity Theft Penalty Enhancement Act (2004) mandated sentences for aggravated identity theft, and the Identity Theft Enforcement and Restitution Act (2008) further expanded consequences for such theft.

Additional Efforts to Protect Personal Information

• The Drivers' Privacy Protection Act restricts the use of social security information in motor vehicle records.
• The Health Insurance Portability and Accountability Act (HIPAA) restricts healthcare organizations from releasing social security numbers and health info.

Federally Funded Initiatives and Collaborations

• The President's Working Group on Unlawful Conduct on the Internet involved business, government, and non-profits to evaluate existing laws, technology-specific legislation, and educational resources to minimize the risks of cybercrime.
• Several approaches resulted, including similar regulations to those used in traditional criminal law, recognition of special needs, and cooperation with law enforcement.
• Presidential Decision Directive 63 (PDD 63) and the 'Innocent Images' initiative aimed to bring together law enforcement and private businesses to discuss threats and investigate child abuse.

Law Enforcement Operations and Tools in the United States

• Law enforcement uses tools such as packet sniffers (like Carnivore, Packeteer, and Coolminer), which reconstruct internet communication.
• Key loggers such as the Magic Lantern help record keystrokes and mouse clicks.
• Data mining employs statistical models, algorithms, and artificial intelligence to analyze large datasets to identify patterns like those involved in terrorism (e.g. Terrorism Information Awareness Program, Computer-Assisted Passenger Prescreening System (CAPPS II), Multi-State Anti-Terrorism Information Exchange Pilot Project (MATRIx), Automated Targeting System(ATS), and Terrorist Surveillance Program).

Collaborations and Professional Associations

• Interagency task forces, cyber science laboratories like the one based at the New York Electronic Crimes Task Force, and professional associations (like the High Tech Computer Investigators Association) were created for knowledge sharing and training.

International Efforts

• International collaborations (e.g. OECD, Council of Europe, Interpol) aim to harmonize criminal laws and cooperate for combating computer-related crimes like the alteration of computer data, computer espionage and unauthorized computer use.
• The UN Convention against Transnational Organized Crime (UNCATOC) identified specific cybercrimes needing global attention.
• The Virtual Global Task Force (VGT) combined high-tech security forces from several countries to address child exploitation.
• The Association of Southeast Asian Nations (ASEAN) have shown an interest in training, criminal legislation, and collaboration internationally.

Conclusions

• Recognition of computer-related problems is rapidly increasing, but there's still much needed work.
• Existing laws are used for handling computer-related crime, pending the formation of legislation specific to technology.
• International cooperation is improving, but sovereignty issues hinder progress.

Description

Explore the complexities of computer forensics and cyber crime through this presentation. Learn about traditional laws, recent legislation, and investigative tools used by authorities, as well as the challenges faced in prosecuting cyber crimes. This quiz will enhance your understanding of how laws apply in the digital age.