Computer Forensics and Cyber Crime PDF

Computer Forensics and Cyber Crime CHAPTER 4 Contemporary Computer Crime Computer Forensics and Cyber Crime, 3rd...

Computer Forensics and Cyber Crime CHAPTER 4 Contemporary Computer Crime Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Web-Based Criminal Activity Computer crime can involve more than Internet-based activities:  Financial losses  Threats to personal security (i.e., identity theft)  Industrial espionage  Threats to international security  Threats to public safety Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Web-Based Criminal Activity Online crime, however, can include:  Interference with lawful use of computers, such as eco-terrorism, DOS attacks, use of malware (e.g., viruses, worms) malware, cyber vandalism, cyber terrorism, spam, etc.  Theft of information and copyright infringement, such as industrial espionage, ID theft, and ID fraud. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Web-Based Criminal Activity Dissemination of contraband or offensive materials, such as pornography, child pornography, online gaming, and treasonous or racist material Threatening communications, such as extortion, cyber stalking, cyber harassment, and cyber bullying Fraud, such as auction fraud, credit card fraud, theft of services, and stock manipulation Ancillary crimes, such as money laundering and conspiracy Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Malware: Viruses Viruses, their design, and dissemination, have gone through different phases:  Classical Era (1960s–1970s): Involved pranks or were accidentally distributed  Floppy Era (1980s–1990s): Targeted DOS machines; primarily distributed via floppy disks  Macro Era (1990s–2000s): Infected documents and templates, rather than programs  Internet Era (2000–present): More sophisticated, seeking out vulnerable systems Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Malware: Worms, DoS, and Botnets Worms seem primarily used to set up a large-scale DoS attack. DoS (Denial of Service) and DDOS (Distributed Denial of Service) Attacks  Attempt to overwhelm servers, such as through mail-bombing. Botnets and Zombie Armies  Using zombies, compromised computers linked to Internet as an army (or botnet), for theft, extortion, or DDOS attack, for example. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Malware: Spam Spam  Abuse of electronic messaging systems, taking up resources, across multiple platforms Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Malware: Ransomware Ransomware and the Kidnapping of Information  Malware program that makes digital resources inoperable or inaccessible in extortive scheme  Critical factors can include level of user's education (less educated, more vulnerable), sophistication of product (not amenable to common software remedies) Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Theft of Information, Data Manipulation, and Web Encroachment Traditional methods of proprietary information theft can occur due to:  Insiders, on the job or through maintenance back doors  Social engineering, including shoulder surfing and dumpster diving  Theft of equipment  Malware Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Theft of Information, Data Manipulation, and Web Encroachment Trade Secrets and Copyrights – Concerns:  These forms of intellectual property have value independent of whatever owner produces, such as a razor company designing a new shaving system.  Theft can come from disgruntled employees, competitors, and government entities. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Theft of Information, Data Manipulation, and Web Encroachment Political Espionage – Seriousness:  FBI estimates that over 120 foreign governments have intelligence operations targeting the U.S.  For example, Israeli intelligence secretly monitored Presidential communications. SEARCH (2000). The Investigation of Computer Crime. The National Consortium for Justice Information and Statistics: Sacramento, CA. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Cyber Terrorism A deliberate, politically or religiously motivated attack against data compilations, computer programs, and/or information systems which is intended to disrupt and/or deny service or acquire information which disrupts the social, physical, or political infrastructure of a target. Typical array of methods, like viruses and worms, against U.S. government Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Dissemination of Contraband or Offensive Materials Child Pornography  Difficult to define, but generally refers to any visual depiction of a lascivious exhibition of the genitals or pubic area or sexually explicit conduct of a minor  Difficult to prosecute, as this raises First Amendment issues about freedom of speech Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Child Pornography  Illegal in all states, prohibited by Federal law Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Child Enticement/Exploitation  Law enforcement has had great success with sting operations or “honeypots” by using the same strategy as predators, of pretending to be a child and arranging for a meeting. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Online Pharmacies  Used to make legitimate and illegitimate purchases (e.g. anabolic steroids, amphetamines, and painkillers) privately and conveniently Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Online Gambling  Ease of access, including minors  Open all day  e-Banking makes it easier to play  Might generate billions in profit  Internet Gambling Prohibition & Enforcement Act of 2006 makes it illegal, but is difficult to enforce due to lack of public, international cooperation. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Threatening and harassing communications: Cyberstalking and Harassment  Stalking: Willful, malicious, and repeated following and/or harassing another person in an effort to inflict or cause fear of actual harm through words or deeds committed via electronic means  Cyberstalking: Done via electronic communication  Cyberharassment: Focuses on actual harm suffered, including defacement of character Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Cyberbullying: An aggressive, intentional act carried out by a group or individual, using electronic forms of contact, repeatedly and over time against a victim who cannot easily defend him or herself  Illegal only in some states, not under Federal law Smith et al., 2008: 376. Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Online Fraud  Intentional deception, misrepresentation, or falsehood made with the intention of receiving unwarranted compensation or gratification  Cuts across gender, social class, and race  Comes in a broad array of forms Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Internet auction fraud can come in the form of:  Nondelivery of goods  Misrepresentation as to condition of an item  Addition of hidden charges (fee-stacking)  Shill bidding (where seller submits bids to drive up price of item) Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Online Credit Card Fraud: Besides traditional fraud, can include:  Skimming (installing devices at ATMs, for example, to steal info from cards)  RFID (taking info from "wave and pay" device, like toll highway transmitters) Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Web-Cramming/ISP Jacking  Web-Cramming: The unauthorized charging of consumers via monthly telecommunication fees  ISP Jacking: Disconnecting individual users from their selected Internet service providers and redirecting them to illegitimate servers to generate long distance charges for those using dial-up Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Fraud via Data Manipulation  Data Diddling: Any method of fraud via data manipulation (usually involves redirecting or rerouting data representing monies or economic exchanges)  Salami technique: Stealing fraction of a cent from millions of accounts, so as to go undetected  IP Spoofing: Manipulation of data packets between computers to mimic a third party and falsely gain access to funds Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime Securities Fraud and Stock Manipulation  Having instant access to stock values and statistics, encouraging day-trading, buying stock with little or no actual knowledge of the company  Vulnerable to dissemination of false information, used to trick individuals to purchase stock at inflated prices  Insider trading: Individuals with access to confidential information unavailable to public use it to make stock purchases/sales, for personal gain Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Neo-Traditional Crime e-Fencing: Sale of stolen goods through technological means Fraudulent Instruments: Including counterfeiting and forgery through technological means Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Ancillary Crimes Money Laundering  An enterprise or practice of engaging in deliberate financial transactions to conceal the identity, source, and/or destination of income  Usually a critical element for organized crime to function Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Ancillary Crimes Process of Money Laundering  Placement (point of entry of illicit funds)  Layering (using networks to obscure origins of funds)  Integration (return of funds to legitimate economy) Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Ancillary Crimes Combating Money Laundering  Finding  Frozing (accounts)  Forfeiture (of funds) This can be accomplished by:  Holding Internet service providers accountable for failure to maintain adequate records  Making financial institutions responsible for inadequate security  Enforcing “Know Your Customers” regulations Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved Conclusions Technology both enhances & threatens modern society. Computer crime is increasing for a variety of reasons:  Computers are equivalent to storage warehouses  Increasing connectivity & interdependence of infrastructures  Technical expertise is decreasingly important  Increasing number of threat groups with sophisticated methodologies & advance technology  Government apathy Computer Forensics and Cyber Crime, 3rd ed. Copyright © 2013 by Pearson Education, Inc. Marjie T. Britz All Rights Reserved

Computer Forensics and Cyber Crime PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue