Ransomware involves the kidnapping of an organization’s electronically stored assets. They are sealed with encryption devices that prevent the owner from accessing the data or assets. When the owner p

Ransomware involves the kidnapping of an organization’s electronically stored assets. They are sealed with encryption devices that prevent the owner from accessing the data or assets. When the owner p
13 CYBER CRIME Chapter 4 Objectives Explore the current state of Internet crimes Discuss emerging trends in Web-based crime Describe the six classifications of motive for computer intruders Become familiar with more computer terms and recent laws that aid the government in cracking down on computer criminals Gain knowledge of modern terrorists and their use of technology which is changing the face of terrorism Details I.Web-Based Criminal Activity: Introduction Originally “computer crime” referred to theft of computers or components Cyberage changed the focus to “theft of information” Combination of the computer and telecommunications has increased crime in cyberspace The Anonymity factor has expanded the number of offenders Internet gambling promoted by the Web increased across the country People who would never walk into an Adult book store view porn at home Individuals who would be afraid to commit a violent bank robbery would alter bank records or manipulate stock records People who were reluctant to take revenge through traditional avenues may feel comfortable posting embarrassing or compromising information on the Web Hackers have become a significant threat to achieve publicity Hacker group named “ Global Hell” suspected of hacking into Army, FBI and WH Impact of computer crime Financial losses Personal security (Identity theft) Industrial espionage International security Public safety Eco-terrorism Traditional competition among companies may have escalated to malicious destruction of data or theft by physical means The internet introduced interconnectivity of technical devices within corporations which increased the vulnerability of companies’ information assets Impact of a physical mail bomb (explosive device) was limited to the immediate physical area surrounding the packaging Impact of an e-mail bomb is potentially very broad and may include a dismantling of the company’s informational infrastructure Viruses ( 1960’s) first computer virus named, “the rabbit’: reduced productivity of computer systems by cloning themselves and occupying system resources Rabbits were local and could not spread across systems Caused by mistakes or pranks by system programmers Four Distinct Eras of Computer Viruses Classical Era (1960’s-1970’s); system anomalies; accidents; pranks by system administrators Floppy Era (1980’s-1990’s); infection of DOS machines spread by removable media; easy to detect, isolate and eliminate Macro Era (1990’s-2000’s); infect documents and templates, not programs; virus infects system when user opens the corrupted document (Microsoft-Macintosh); further spread by e-mails, networks and the Internet Melissa Virus (1999); infected 20% of US largest businesses; created by David Smith, advertised to contain password to Adult Web sites; propagated itself by sending virus to victim’s computer address files; Sentenced to 20 months in federal prison and $5,000 fine Internet Era ( 2000-present); used infected systems address book to spread infections CodeRed: scanned internet for vulnerable machines, then infected them Nimda: infected computers with corrupt e-mails that entered computer if user viewed MS Outlook through a preview window Denial of Service (DoS) Attacks Primary objective is to disable a system, not access Mail bombing: jam system server with voluminous e-mails Manipulation of phone switches Low level data transmission Directed at Amazon, eBay and Yahoo Distributed Denial of Service (DDoS) Attacks (1991); first DDoS attacks; use large batches of compromised computers, named Zombies or bots, to increase their impact on victims Most owners of Zombie computers were unaware that they were compromised Motivations range from boredom to theft to extortion Hacktivists have launched DDoS attacks against religious and financial organizations (2006) Organized crime family was threatened with DDoS attack of the org’s online gaming site. The org paid protection money (extortion) Spam: Abuse of electronic messaging systems to randomly or indiscriminately send unsolicited bulk messages Traditionally used by businesses to advertise Also used by porn sites Recent study disclosed significant loss of productivity by businesses caused by workers deleting spam from their computers at work; $22 billion Attacks increasing: spread viruses; malware, DDoS, identity theft, promote political extremism (2006) Can Spam Act used to convict Daniel Lin; three years, federal prison; $10,000 fine Distributed millions of e-mail messages with fraudulent header information through a variety of zombie computers advertising health care products Ransomeware Used most often to extort money from victims Malware program which encrypts or disables computer system until demands are met (extortion) Originally surfaced in 1989 then went low key until 2005 Greatest risk to cyber criminal is being identified when money is transferred Create e-shell companies to accept ransom money Use legitimate online merchant to receive money from victim for commission based referral service II. Theft of Information, Data Manipulation and Web Encroachment Two methods of obtaining confidential information- computer system intrusion & employees Employees are the most vulnerable component Criminals use deceptive practices through social engineering to gain access to company computers or telephone systems Criminals disguise themselves as vendors for security system or IT department Employees fail to protect their passwords due to laziness and lack of security awareness Criminals use shoulder surfing as a method to gain confidential information: watching over someone’s shoulder as they log on or input data into their computer Employees discard confidential information in common garbage receptacles instead of designated Confidential Bins or paper shredders Business and government entities do not set employee training as a high priority Trade Secrets and Copyrights Some criminals sell proprietary information to industry competitors for personal gain or national patriotism Gillette corporation employee was caught using company equipment to solicit bids for the design specs for Gillette’s Mach-3 razor French government ( Intelligence Service) used eavesdropping devices on French planes to obtain confidential information from an American company that was competing against a French company for business contracts Political Espionage Advanced technology has also increased the threats to the nation’s public infrastructure from communications to banking Theft of information is a significant threat Government entities have been criticized for not investing enough money to protect secrets technologically stored or created Recent audit of laptop computers for US State Department: did not have an accurate accounting for classified and unclassified laptop computers in bureaus covered in the audit 27 laptops were missing 35 were not available for inspection 57 had been disposed 215 laptops were inspected for encryption protection: 172 failed FBI estimates at least 120 foreign governments actively pursuing information in the US Traditional methods of stealing CPU’s, employee laptops and other devices are very common Employees failed to adequately safeguard the laptops in many cases III. Cyberterrorism: politically or religiously motivated attack against data compilations, computer programs, and/or information systems intended to disrupt and/or deny service or acquire information which disrupts the social, physical, or political infrastructure of a target Computers may be the target or be incidental to the activity i.e. the means of retrieving the information Attacks may be in the form of hackng, DDoS, viruses, worms Centers of Disease Control (CDC) Altering small portion of a formula for a vaccination Changing labeling instructions for biological contaminants Systematically removing years of priceless research or patients records Introduction of viruses or worms could wreak havoc on public health A virus destroyed over 40% of patient’s records in one US hospital Terrorist Organization Propaganda Dissemination International (Nation of Islam) and domestic (White Aryan Resistance) use virtual platforms to spread their messages Solicit funds and recruit new members Communicate with each other via e-mails using strong encryption protections Ramzi Yousef (WTC bombing conspirator had bombing plans in encrypted files on his laptop computer) Launching of DDoS and defacement of Web sites of foreign governments Chinese hackivists threatened to launch DoS attacks against American financial institutions and government sites following the crash of a US spy plane and Chinese fighter plane Neotraditional Crime Dissemination of Contraband Child Pornography: Many pedophiles and child porn peddlers meet on the electronic bulletin boards and chat rooms They are protected under the First Amendment because they have the same “common carrier” status as the telephone company and post office Example: NAMBLA (North American Man Boy Love Association) has a Web-site Motivations for child pornography possession Pedophilia or hebephilia: satisfies sexual fantasies or provide gratification for those individuals who are sexually interested in prepubescent children or adolescents Sexual miscreants: satisfies a new and different sexual stimuli Curiosity seekers: possession satisfies a peculiar curiosity Criminal opportunists: possession and subsequent distribution is designed for economic profit Profile of Offenders ( Office of Juvenile Justice and Delinquency Prevention & National Center for Missing and Exploited Children) White males older than 25 Majority (83%) had images of prepubescent children engaging in sex More than 20% depicted sexual violence toward the children 40% arrested for child porn were considered “dual offenders” (also sexually victimized children) 15% attempted to sexually victimize children by soliciting undercover police who posed online as minors Most of the child porn cases (60 %) originated from local and state agencies; balance by federal and international authorities Above statistics are based upon arrest records only so extent of online victimization of children via the Internet is difficult to determine On Line Victim Profile Children who express frustration with parental controls or appear naïve or vulnerable Children are confused about their sexuality Children who express feelings of being outsiders from their peer groups Children who enjoy unsupervised computer communications Many children actively seek association with adult suitors but many are lured into fictional relationships that encourage dangerous liaisons Online Pharmacies Convenient in terms of shopping and ordering Many operate illegally w/o licenses or dispense medicines in states where they are not licensed Some don’t require a valid prescription Some dispense medicine on demand w/o prescription “ Operation Cyber Chase” 2005 Illegal online pharmaceutical sales operation based in India Supplied drugs for 200 Web sites Sold $20 million worth of controlled substances w/o prescriptions global customers FBI and DEA arrested individuals from India, Canada and US Seized $7 million from banks and 7 million doses of drugs Online Gambling First online gambling casino launched (Internet Casinos, Inc.) Revenues for 2005 were $10 billion; projected to increase to $180 billion by 2015 Significant support from politicians, labor unions and community groups Lack of physicality makes online casinos accessible to any user with a computer, Iphone or IPAD Continuous operation makes them accessible 24/7 Accessibility to minors increase the consumer base as proper age verification is not attempted Increase in e-banking allows users to access funds w/o leaving their chair; psychological intangibility of e-cash encourages customers to overspend Risks to individuals and communities Addiction Bankruptcy Crime Fail to create jobs or other revenue Threatening and Harassing Communications Stalking: willful, malicious, and repeated following and/or harassing another person in an effort to inflict or cause fear of actual harm through words or deeds Offender profile: White males(18-35) Victim profile: Females or Children Categories of Motivation Obsessional Stalkers: re-establish relationship with unwilling partner and are considered to be the most dangerous Love Obsession Stalker: individuals have low self-esteem and target victim they hold in high regard Erotomaniacs: stalkers are delusional and believe victims are in love with them or had a previous relationship with them Vengeance or Terrorist Stalker: economic gain or revenge Cyberstalking: same definition as stalking but done by electronic means Activities may be threatening or may result in injury Sending barrage of threatening e-mails Cyberharassment Activities are threatening, harassing or injurious on their face Focuses on actual harm suffered including defacement of character Posting fictitious or slanderous information in a public forum Courts have been reluctant to establish electronic boundaries of the First Amendment and have narrowly interpreted cyberstalking and cyberharassment legislation Cyberbullying: Aggressive, intentional act carried out by a group or individual, using electronic forms of contact, repeatedly and over time against a victim who cannot easily defend themselves May be committed using e-mails, social networking sites, Web pages, blogs, chat rooms, or instant messaging Case example: 10/17/2006, Megan Meier, 13, committed suicide after receiving hateful e-mails and IM’s from an adult female (mother of former friend and classmate of Megan) posing as a teen-age boy. Suspect was indicted on several charges and found guilty on one misdemeanor violation of the “Computer Fraud and Abuse Act”, subsequently overturned Online Fraud: fraud is the intentional deception, misrepresentation, or falsehood made with the intention of receiving unwarranted compensation or gratification Internet has provided cybercriminals anonymity and accessibility to the global community of citizens and businesses Auction Fraud: common fraudulent activity on the Internet: 4 types Nondelivery: accepts payment for item, fails to deliver Misrepresentation: deceives bidder on condition of item Fee-stacking: adds hidden charges to the advertised price of an item (ship-handling) Shill bidding: seller drives up price of their own item by making bids on their own items Case Example: page 10 Online Credit Card Fraud Skimming: fraudsters install devices on card readers located in ATM’s, gas pumps, restaurants wherever magnetic strip credit card readers are employed. The information is transferred to another card for downloading Radio Frequency Identification (RFID): fraudsters use them to copy credit card information as they walk past individuals in street, subways, malls, concerts, etc. Information gleaned from the above techniques may be sold on carding sites where other criminals can purchase credit card dumps Securities Fraud Manipulating stock prices by posting false information on fraudulent Web sites and legitimate Web sites Page 104-105 for cases Insider Trading Individuals using chat rooms to provide others with material non-public information on companies Note case on page 105 e-Fencing: sale of stolen goods through tech means organized retail theft rings post stolen goods on online auction sites Fraudulent Instruments: Counterfeiting & Forgery Counterfeiting: act of creating a fraudulent document with criminal intent Forgery: act of falsifying a document with criminal intent Made easier with high-level graphics software and hardware advances Create fraudulent payroll checks and generate forged signatures for authentication Ancillary Crimes Money Laundering: enterprise or practice of engaging in deliberate financial transactions to conceal the identity, source, and/or destination of income. Three stages Placement: initial point of entry for illicit funds (open account) Layering: develop complex network of transactions to obscure source of illegal funds Integration: return funds to legitimate economy