Computer Forensics Chapter 7

Questions and Answers

What does the Computer Fraud and Abuse Act of 1986 primarily focus on?

• Unauthorized access to physical property
• Theft of intellectual property
• Unauthorized access to a computer (correct)
• Identity theft

Which statute relates to credit card fraud and software piracy?

• Hacking Statute
• Title 17
• Computer Fraud and Abuse Act
• Title 15 (correct)

What was a significant flaw of the original Computer Fraud and Abuse Act?

• Considered too vague (correct)
• Only allowed prosecution for government computers
• Too specific to financial records
• Did not address hacking at all

What type of intrusions does the expanded Computer Fraud and Abuse Act apply to?

Intentional intrusions (A)

Who was involved in theft of programs valued at over $1 million from Digital Equipment Corporation?

Kevin Mitnick (D)

Which incident involved breaking into U.S. Missile Command?

Shadowhawk incident (D)

What did the Computer Fraud and Abuse Act evolve to encompass?

Computers used in commerce and communication (D)

Which famous hacker is known as the inventor of the Morris Worm?

Robert Morris (D)

What is now considered a crime under the Identity Theft and Assumption Deterrence Act of 1998?

Possessing another's identifying information without authority (C)

Which of the following is NOT classified as identifying information under the ITADA?

Tax benefits information (A)

What type of restitution can victims of identity theft seek under the ITADA?

Restitution for lost wages (A)

Which agency has been designated as the repository for consumer complaints regarding identity theft?

Federal Trade Commission (A)

Which of the following is an example of unique biometric data listed under the ITADA?

Fingerprint (B)

Under ITADA, what intent must be present for the unlawful use of identification to occur?

To commit or aid in unlawful activity (D)

Which of the following is included in the classification of telecommunication identifying information under ITADA?

Access device (D)

What aspect of identity theft does the ITADA specifically provide for to victims?

Attorney's fees (B)

What significant aspect did the National Information Infrastructure Act of 1996 address that was previously overlooked?

Accidental intrusion instances (A)

What type of criminal activity was expanded under the National Information Infrastructure Act of 1996?

Hacking and malicious programming (C)

Which Supreme Court ruling indicated that child pornography is not protected by free speech?

New York v. Ferber (D)

What year was the Child Protection Act enacted before being replaced by the Child Protection & Obscenity Act?

1977 (D)

Which act applied to virtual images of children, including altered images and cartoons?

Child Pornography Protection Act (C)

What was one of the activities included in the expanded scope of the National Information Infrastructure Act?

Transmitting classified government information (A)

Which act was the Child Protection Act supplanted by in 1988?

Child Protection & Obscenity Act (D)

What is a common type of offense related to hacking as addressed in the National Information Infrastructure Act?

Trafficking in passwords (D)

What does the Identity Theft Penalty Enhancement Act of 2004 primarily establish?

Criminal penalties for aggravated identity theft (D)

What does the Drivers Privacy Protection Act prohibit?

Unauthorized collection of Social Security numbers from vehicle records (D)

Which federal initiative focuses on examining existing laws related to Internet crime?

The President’s Working Group on Unlawful Conduct on the Internet (C)

What are the resulting approaches from the President’s Working Group on Unlawful Conduct on the Internet?

Regulation of Internet criminal activity similar to traditional law (B)

What is one restriction imposed by the Health Insurance Portability & Accountability Act regarding personal information?

Disclosure of Social Security numbers by health organizations (B)

What is a key focus of the President’s Working Group regarding educational efforts?

Providing empowerment tools to minimize risks (B)

Which aspect does the Identity Theft Enforcement and Restitution Act of 2008 address?

Expanded consequences for identity theft (D)

How does the government aim to support the private sector in combating cybercrime?

Through development of curricula related to cyber ethics (D)

What was the main concern that led to the creation of the Financial Action Task Force in 1989?

Addressing money laundering linked to terrorism (D)

What is one objective of the Virtual Global Task Force established in 2003?

Deter pedophiles and prevent online child exploitation (A)

Which of the following conventions was established specifically to address computer-related criminal offenses?

Council of Europe’s Cybercrime Conventions (D)

What challenge hinders international cooperation in combating cybercrime?

Legal jurisdiction conflicts (D)

What does UNCATOC stand for?

United Nations Convention against Transnational Organized Crime (C)

What has been recognized about the problems related to cybercrime in recent years?

Recognition of issues has increased exponentially (C)

Why is there a continued use of traditional statutes in addressing cybercrime?

Pending enactment of technology-specific legislation (D)

Which group made up the collaboration for the Virtual Global Task Force?

Australian High Tech Centre, UK’s Child Exploitation Centre, RCMP, U.S. Department of Homeland Security, and Interpol (D)

What was the main purpose of the Innocent Images initiative?

To investigate adults traveling to meet minors for illicit purposes (B)

Which software suite was designed to reconstruct the web-surfing trail of individuals under investigation?

Dragonware (A)

What is NOT a parameter used in data mining according to the content?

Real-time video surveillance (A)

Which program was used as an example of data mining to identify potential terrorists?

Automated Targeting System (ATS) (A)

What technology did the Cyber Knight project utilize to collect data from users?

Magic Lantern key logger (D)

What aspect does the packet sniffing software tackle?

Breaking down and reassembling internet communication (C)

The Terrorism Information Awareness Program (TIA) is an example of what?

Data mining for potential terrorist identification (B)

Which of the following best describes the goal of data mining in law enforcement?

To analyze large data sets for various patterns and predictions (D)

Flashcards

Computer Fraud and Abuse Act (CFAA) of 1986

A federal law that criminalizes unauthorized computer access and use.

Title 15

Federal law that covers credit card fraud and software piracy.

Title 17

Federal law dealing with copyright infringement.

Counterfeit Access Device & Computer Fraud & Abuse act of 1986

Earlier version of the CFAA, focusing on unauthorized computer access.

Kevin Mitnick

A notorious hacker, prosecuted under the CFAA for theft and manipulation.

Shadowhawk

A hacker prosecuted under the CFAA for unauthorized access, likely to U.S. Missile Command.

Robert Morris

A hacker who developed the Morris Worm and was prosecuted under the CFAA.

Ineffective version of CFAA

The initial version of the CFAA was considered too vague and focused too much on financial information and government computers.

Identity Theft and Assumption Deterrence Act (ITADA)

A 1998 law that makes possessing someone else's identifying information illegal, along with transferring/using it for illegal actions.

Personal Identifying Information

Data used to distinguish one person from another, both public and private.

ITADA offenses

Possessing or transferring another's identification for unlawful aims (federal/state/local crimes).

Types of identifying information

Includes name, Social Security number, date of birth, driver's license/ID, passports and more.

Biometric Data

Unique physical characteristics like fingerprints, voices, eye scans.

Electronic Identifiers

Unique numbers or codes linked to individuals (including electronic devices).

Restitution (In ITADA)

Compensation for losses due to identity theft.

FTC role (in ITADA)

Federal Trade Commission collects complaints and manages information on identity theft.

NIIPA (1996)

National Information Infrastructure Act of 1996; focused on cybercrime loopholes not addressed by the Computer Fraud and Abuse Act (CFAA).

Expanded CFAA coverage (1996 and Beyond)

Included transmitting classified info, gaining info from financial institutions/private sector computers/government, hurting government use of computers, fraud connected to these, hacking & malicious programming, password trafficking, and extortion.

Child Pornography Statutes

Laws targeting child pornography, often evolving through legislation and court rulings.

New York v. Ferber (1982)

Supreme Court ruling that child pornography is not protected by free speech.

Child Protection Act (1984)

Early legislation that prioritized child pornography regulations. Replaced with the Child Protection & Obscenity Act (1988).

Child Protection & Obscenity Act (1988)

Replaced the Child Protection Act (1984) to address child pornography; limitations to obscene material.

Child Pornography Protection Act (CPPA) (1996)

Covered virtual child pornography, including altered images/cartoons. Later struck down by the Supreme Court.

Ashcroft v. (1998)

Supreme Court case that struck down the Child Pornography Protection Act (CPPA).

Identity Theft Penalty Enhancement Act of 2004

This law increased penalties for identity theft, including mandatory sentences for aggravated cases.

Identity Theft Enforcement and Restitution Act of 2008

This law expanded the consequences for identity theft, strengthening its enforcement and addressing restitution for victims.

Drivers Privacy Protection Act

This law protects personal information from driver's licenses, preventing its unauthorized use.

Health Insurance Portability & Accountability Act (HIPAA)

HIPAA restricts health care organizations from disclosing sensitive information like Social Security numbers and health records.

President's Working Group on Unlawful Conduct on the Internet

This group brought together various stakeholders to evaluate the sufficiency of laws against online crime and explore new approaches.

Regulation of Internet Criminal Activity

This approach aims to apply existing criminal laws to internet crime in a similar manner to traditional crimes.

Special Needs and Challenges of Internet Crime

This refers to the unique difficulties in investigating and prosecuting online crime, requiring dedicated tools and training.

Cyber Ethics Curriculum Development

This aims to provide education on responsible online behavior, empowering individuals and the private sector to prevent cybercrime.

Council of Europe's Cybercrime Conventions

A set of international agreements from 1996 that define and address four categories of computer-related criminal offenses.

Financial Action Task Force (FATF)

An international organization formed in 1989 to combat money laundering and terrorist financing, focusing on law enforcement systems and international cooperation.

Virtual Global Task Force (VGT)

A collaboration of international organizations, including Interpol, that formed in 2003 to fight online child exploitation and pedophilia.

United Nations' Convention against Transnational Organized Crime (UNCATOC)

An international treaty, signed in 2000, to stop transnational organized crime, including cybercrime aspects.

ASEAN's (Association of Southeast Asian Nations) Role in Cybercrime

Countries in Southeast Asia work together on training, legislation, and collaboration to fight cybercrime.

Challenges to International Cybercrime Cooperation

The ongoing struggle in the global fight against cybercrime is hindered by competing national sovereignty interests and a lack of consistent technology-specific legislation.

Use of Traditional Statutes

The continued reliance on existing laws to address cybercrime, while technology-specific laws are being developed.

Increased Recognition of Cybercrime Problems

The understanding of cybercrime issues has grown significantly, but much work is still needed.

PDD 63

A presidential directive from 1998 that led to the creation of Infragard, a center for collaboration among local leaders, corporations, and law enforcement to address potential threats.

Infragard

A collaborative effort between federal, state, and local governments, corporate executives, and law enforcement to share information about potential threats to critical infrastructure.

Packet Sniffers

Software programs designed to capture and analyze data packets transmitted over a network, often used to reconstruct the web-surfing history of individuals under investigation.

Key Loggers

Software that records keystrokes and mouse clicks, potentially used to decipher encrypted files or monitor user activity.

Data Mining

A process for analyzing large data sets to find hidden patterns, trends, and relationships, often used to identify potential threats or anomalies.

Terrorism Information Awareness Program (TIA)

A government program using data mining techniques to identify potential terrorists by analyzing large datasets of travel information, financial transactions, and other relevant data.

Computer-Assisted Passenger Prescreening System (CAPPS II)

A system that uses data mining to assess the risk of passengers on flights, attempting to identify potential threats before they board.

Automated Targeting System (ATS)

A system that uses data mining to identify potential terrorists based on various data points, including travel patterns, financial transactions, and communication records.

Study Notes

Computer Forensics and Cyber Crime

• Chapter 7 discusses avenues for prosecution and government efforts.
• Learning objectives include knowledge of traditional statutes applicable to computer crime, federal legislation on online behavior, investigative tools, data mining programs, and international approaches to solving computer crime.

Introduction

• Law enforcement faces challenges like smaller agencies with fewer resources, reliance on state/federal agencies, historical apathy towards nonviolent crimes, and slow legislative action.

Traditional Statutes

• Primary federal provisions (Title 18) cover crimes like fraud, embezzlement, terrorism, child exploitation, stalking, kidnapping, forgery, extortion, RICO, access device fraud, and illegal wiretapping.
• Supplemental federal law (Titles 15 and 17) covers credit card fraud, software piracy, and copyright infringement, respectively.

The Evolution of Computer-Specific Statutes

• The Computer Fraud and Abuse Act of 1986 (CFAA) initially focused narrowly on unauthorized computer access. Later expansions applied it to computers used in commerce, communications, and financial records; specifically targeting intentional intrusions rather than accidental ones.
• Subsequent successful prosecutions involved notorious individuals like Kevin Mitnick, Shadowhawk, and Robert Morris.
• The National Information Infrastructure Act of 1996 (NIIPA) addressed loopholes in the CFAA, particularly accidental intrusions, computer-related offenses, and instances where computer data wasn't the primary target.
• Subsequent expansions to the CFAA included transmitting classified government information, accessing private sector computers, financial institutions, and U.S. government systems. Fraud related to various activities, hacking and programming, unintentional damages, and extortion are also covered.

Evolving Child Pornography Statutes

• Efforts to ban child pornography include piecemeal legislation, such as the Protection of Children Against Sexual Exploitation Act of 1977, and Supreme Court rulings.
• The Supreme Court has ruled in cases like New York v. Ferber (1982) that child pornography is not protected by free speech. Subsequent legislation like the Child Protection Act (1984) and Child Pornography Protection Act (1996) aimed to address increasing concerns.
• The PROTECT Act offers solutions for protecting children from exploitation, including mandatory life sentences for repeat offenders, criminal checks for volunteers, and electronic eavesdropping in cases of abuse.
• The PROTECT Act also prohibits pretrial release for certain offenders, ended statutes of limitations on child abduction/abuse, and established a National AMBER Alert Coordinator.
• The Miller standard of obscenity has been applied to various forms of child pornography, leading to sentencing enhancements.

Identity Theft and Financial Privacy Statutes

• The Identity Theft and Assumption Deterrence Act of 1998 (ITADA) criminalizes possessing another person's identifying information and knowingly transferring/using such information for unlawful purposes.
• Identifying information encompasses names, social security numbers, dates of birth, driver's licenses, alien registration, passports, and employer/taxpayer identification numbers.
• Unique biometric data (fingerprints, voice prints, iris scans) is also covered under this act
• Financial institutions were required to disclose privacy practices and provide "opt-out" options for disclosing personal information.
• The Financial Modernization Act of 1999 contains safeguarding rules that stipulate security measures for protecting such information.
• The Fair and Accurate Credit Transactions Act (FACTA) of 2003 introduces free credit reports, fraud alerts, and truncation of credit/debit information to combat dumpster diving, and social security numbers.
• FACTA also mandates investigation of address changes, blocking of fraudulent information, and requirements for consumer reporting agencies. Card issuers must also investigate new card requests due to address changes
• Debt collectors now must apprise third-party employers of potential identity theft-related debts.
• These statutes are intended to prevent and prosecute fraud, limit the comingling of medical and financial information, and require more protections for victims and to provide appropriate recourse.
• The Identity Theft Penalty Enhancement Act of 2004 established criminal penalties for aggravated identity theft, often including mandatory sentences. The Identity Theft Enforcement and Restitution Act of 2008 further expanded consequences for identity theft, including restitution.
• The Drivers Privacy Protection Act and the Health Insurance Portability & Accountability Act (HIPAA) restrict the use of personal information from motor vehicle records and the disclosure of social security numbers and health information.

Federally Funded Initiatives and Collaborations

• The President's Working Group investigated the sufficiency of existing laws, the need for new technologies, legal authorities to investigate and prosecute, and the efficacy of education in minimizing risks.
• Resulting approaches involve regulating internet criminal activity paralleling traditional law. Recognizing and addressing the special needs of investigators and agencies involved in investigations (interagency and international cooperation), developing cyber ethics curricula, and supporting private sector training.
• Presidential Decision Directive 63 (PDD 63) established the National Infrastructure Protection Center (NIPC) and Infragard to bring together various entities for threat discussions. A notable initiative, the Innocent Images initiative, focused on investigating and prosecuting interstate travel associated with illicit activities involving minors.

Law Enforcement Operations and Tools in the United States

• Technologies like packet sniffers (Carnivore, Packeteer, Coolminer) and key loggers (Magic Lantern) are utilized during investigations.
• Data mining, encompassing statistical modeling, algorithms, AI, uses large datasets to analyze associations, sequences, classify events, cluster previously unknown facts, and forecast future activities. The process is used to identify potential terrorists, including programs like TIA, Secure Flight, CAPPS II, MATRIX, and ATS.
• Collaboration within federal, state, or local task forces, as well as interagency partnerships like the Cyber Science Laboratory and groups like the High Tech Computer Investigators Association (HTCIA) promote knowledge sharing and training.

International Efforts

• OECD and the Council of Europe's Select Committee initiated efforts to harmonize laws for computer-related offenses. Recommendations were produced to make behaviors like data/program alteration, computer espionage, and unauthorized computer use, among others illegal.
• Mandatory offenses (e.g., computer fraud, forgery, computer sabotage) were suggested for all countries.
• Agencies like the Council of Europe and Interpol have taken steps to tackle transnational cybercrime. The Virtual Global Task Force and the United Nations' Convention against Transnational Organized Crime contribute further to the fight against cybercrime.
• The Association of Southeast Asian Nations (ASEAN) shows a shared interest in training, criminal legislation, and international collaboration to counter cybercrime.

Conclusions

• Recognition of cybercrime problems has substantially escalated, but significant work remains.
• Despite ongoing international cooperation, issues concerning national sovereignty pose challenges to ongoing efforts in cybercrime investigation/prosecution.
• Continued reliance on existing traditional statutes alongside updated legislation relevant to technology remains a key strategy for addressing this challenging issue.

Description

Explore the legal frameworks and governmental efforts in prosecuting cyber crime in Chapter 7 of Computer Forensics. This quiz covers traditional statutes relevant to computer crime, investigative tools, and the evolution of computer-specific laws. Assess your understanding of these critical issues facing law enforcement today.