Technology and Cybercrime 2014

Summary

This presentation provides an overview of technology and cybercrime, covering topics like cybercrime, digital forensics, and the different types of cyberattacks.

Full Transcript

Technology and Cybercrime Cybercrime and Digital Forensics Chapter 1 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 1 A Computer Dependent world People use the computers everyday for everyday functions Internet connection everywhere using laptops, tablets, smartphones, video game systems © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 2 Cellular technology Cellular technology is widely used for a number of transactions. Cell phones are by far the most popular device among American adults, especially for adults under the age of 65. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 3 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 4 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 5 Device ownership © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 6 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 7 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 8 The Digital Divide Computers and mobile devices are now ubiquitous. The availability of computer-mediated communications (CMC), like e-mail, text, Facebook, etc. has changed the world. This is a recent innovation, causing a generational divide. Digital Natives: people brought up in a digital world Digital Immigrants: people born before the adoption of the internet and have adapted to the new digital world. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 9 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 10 Technology as a Landscape for Crime There are three key ways that technology may be subverted or misused by criminals: 1. technology as a communications medium 2. computer as a target of or means to engage in crime 3. technology as an incidental device to a crime. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 11 Technology as Communications Medium CMCs make it easy for offenders to connect with one another. High degree of anonymity eg. Pay as you go cards Prostitutes and customers connect via e-mail or text. Hackers connect via forums and IRC. Faceless, anonymous nature of the Internet allows people to talk freely about their actions will little risk of harm. The ability to connect in on-line environments has enabled the formation of virtual subcultures. Subcultures are groups which have their own values, norms, and traditions that set them apart from and/or in opposition to the dominant culture.(eg. Sports, gardening, fashion etc) © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 12 Subcultures formation Subcultures can be formed online and offline. However online subcultures are easier to be formed, since: there is no social rejection, no fear of reprisal and no fear of detection We will see how online subcultures can facilitate crime and deviance in virtual and real-world environments. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 13 Technology as a Target Devices we use are connected to the internet – these carry significant amount of personal data © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 14 Wearable devices and personal data © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 15 Personal Data in the Cloud © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 16 Technology as a Target The computers and mobile devices we use every day can be targeted by offenders to cause harm to information or people. Computer hackers attempt to gain access to systems they do not own. Password guessing. Web defacement: spread a message and cause harm at the same time – replacing the HTML code with a message image Malicious software can harm computers and personal information. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 17 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 18 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 19 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 20 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 21 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 22 Defining Computer Misuse There are several key terms to define abuse and misuse of technology. Cyberdeviance is behaviors that may not be illegal but go against local norms or values.(like texting or surfing on the net from your smartphone while in class!) Cybercrimes occur when legal statutes are violated a perpetrator uses special knowledge of cyberspace to commit a crime. Computer crime occurs when a perpetrator uses special knowledge of computer technology. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 23 Defining Cyberterror Cyberterror involves the use of digital technology or CMCs to cause harm and force social change based on ideological or political beliefs. Motives can be political in nature and aim to hurt or kill innocent people and also spread the fear Cybercrime Cyberdeviance Cyberterrorism © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 24 Criminal justice Due to the borderless nature of the Internet, local laws cannot be applied Something which is illegal in one country, can be legal in another Anyway due to the connectivity anyone can access illegal material from other countries around the globe. Less risk of detection online – easy concealing of the identity of the offender; routing requests through proxy servers © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 25 Proxy servers and anonymity © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 26 Cybercrime importance points Motive of the attacker Scope of harm caused Cybercrime is attractive since offenders can target thousands of victims at the same time e.g. spam emails © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 27 Why Is Cybercrime Attractive? There are several reasons why individuals may choose to engage in cybercrimes relative to real world offenses. Individuals can easily gain access to technology and Internet access in virtually any corner of the globe. Prices of the instrument of crime (laptop, desktop) Cybercrimes can be performed regardless of any technical skill. Offenders can target millions of victims at once. The risk of detection is greatly reduced. Law enforcement agencies have trouble prosecuting these crimes, especially in transnational cases. Many victims may not report their experiences. (either because they do not recognize being hacked, or because they are embarrassed, shamed, or afraid of the consequences) © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 28 Targeting millions of victims at once Nigerian spam email © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 29 Low risk of detection Offenders can conceal their identity Fake email accounts sending threatening or harassing emails Proxy servers acting as an intermediary between the computer and the server and thus hide computer’s location © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 30 Technology as Evidence The devices we use produce digital evidence of our activities: information that is either stored or transferred in binary form photos, chat logs, e-mails, browser histories, etc. Digital evidence can be used to support criminal investigations of virtually any offense, on- or offline. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 31 Law Enforcement and Cybercrime Since cybercrime is so attractive to offenders, law enforcement has difficulty investigating these offenses. There are multiple levels of law enforcement which handle cases based on their jurisdictional responsibilities. Local law enforcement. State/Provincial police. Federal/National Police Forces. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 32 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 33 Typologies of cybercrime David Wall created four typologies: 1. Cyber-trespass 2. Cyber-deception and theft 3. Cyber-porn and obscenity 4. Cyber-violence All four categories reference the wide range of deviance, criminal and terrorist behaviours that emerged utilizing technology. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 34 © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 35 Phishing attacks Top 3 attacked organizations 2014 % of phishing links Organization 1 Google 10.34% 2 Facebook 10.21% 3 Yahoo! 6.36% © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 36 Piracy statistics © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 37 Cyber-dependent crimes © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 38 Wall’s Typology of Cybercrime 1. Cyber-trespass Individuals cross boundaries of computer systems into areas where ownership has already been established. (eg. Café Wi-Fi) Hackers, crackers, phreakers. 2. Cyber-Deception/Theft Criminal acquisitions that can occur on-line. Pirates, fraudsters, and hackers. Phishing messages (eg. Bank online sites) Digital piracy (eg. Software copying, digital media, copyright breach) © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 39 Wall’s Typology of Cybercrime 3. Cyberporn/Obscenity Sexually expressive content online Pedophiles, pornographers. Not always criminal/ depending on country local law. Sexual services. 4. Cyber-violence Violence against individuals or groups on-line. Emotional harm, embarrassment or shame, even physical harm through suicidal ideation – cyber bullying Cyberstalking: a crime in which the attacker harasses a victim using electronic communication, such as e-mail or instant messaging (IM), or messages posted to a Web site or a discussion group. A cyberstalker relies upon the anonymity afforded by the Internet to allow them to stalk their victim without being detected Cyberhate. Tech-talk. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 40 Distinguishing Online banking fraud between types Fake antivirus ‘Stranded traveler’ scams cybercrimes ‘Fake escrow’ scams ‘Genuine’ cybercrimes Advanced fee fraud Infringing pharmaceuticals Copyright-infringing software Copyright-infringing music and video Online payment card fraud ‘Transitional’ In-person payment card fraud cybercrimes PABX fraud Industrial cyber-espionage and extortion Welfare fraud Traditional crime Tax and tax filing fraud becoming ‘cyber’ ‘Genuine’ cybercrime © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 of 41 How does cybercrime differ from traditional crime? 1. Scale – a single attack can make little money and be unsuccessful most of the time, yet still be hugely profitable if it is replicated easily for almost no cost 2. Global address ability – pool of available targets remains practically infinite 3. Distributed control – stakeholders have competing interests and limited visibility across networks, which hampers ability to defend against attacks 4. International nature – makes law enforcement more difficult © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 42 Hacker group Anonymous Engaged in a variety of Distributed denial of service attacks (DDoS): attacks against governments, recording industry, and private businesses. A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. A distributed denial-of-service (DDoS) is where the attack source is more than one–and often thousands of-unique IP addresses. It is analogous to a group of people crowding the entry door or gate to a shop or business, and not letting legitimate parties enter into the shop or business, disrupting normal operations. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 43 Core concepts Data Integrity: Data integrity is the maintenance of, and the assurance of the accuracy and consistency of, data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data. Authentication: the process or action of verifying the identity of a user or process. Database authentication: Database authentication is the process or act of confirming that a user who is attempting to log in to a database is authorized to do so, and is only accorded the rights to perform activities that he or she has been authorized to do. Data security: Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. Data securityalso protects data from corruption. © Thomas J. Holt, Adam M. Bossler, and Kathryn C. Seigfried-Spellar 2014 45