CHAPTER 18 Cyber Crime Clay Wilson CYBER CRIME is becoming ...
Cyber Crime
description
Transcript of Cyber Crime
![Page 1: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/1.jpg)
1
![Page 2: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/2.jpg)
2
![Page 3: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/3.jpg)
The term…
High tech crime (HTC), also known as technology-enabled crime, makes use of information and communications technologies to infringe criminal laws.
Online tools are those digital goods or services that can be obtained from the internet.
3
![Page 4: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/4.jpg)
Case Study- BPO Data Theft Bank Fraud in Pune – MPhasis Ltd MsourcEDefrauded US
Customers of Citi Bank The crime was
committed using "Unauthorized Access" to the "Electronic Account Space" of the customers.
4
![Page 5: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/5.jpg)
Case Study- Case of Extortion of Money Through Internet
• The complainant has received a threatening email demanding protection from unknown person.
• Police registered a case u/s. 384/506/511 IPC.
• The sender of the email used the email ID [email protected] & [email protected] and signed as Chengez Babar.
5
![Page 6: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/6.jpg)
Measures to be taken…1.avoid disclosing any information pertaining to oneself.2.avoid sending any photograph online particularly to strangers and
chat friends.3.use latest and up date anti virus software to guard against virus
attacks.4.keep back up volumes so that one may not suffer data loss in case
of virus contamination5.never send your credit card number to any site that is not secured.6.always keep a watch on the sites that your children are accessing.7.use a security programme that gives control over the cookies and
send information back to the site .8.web site owners should watch traffic and check any irregularity on
the site.9.use of firewalls may be beneficial.10. web servers running public sites must be physically separate
protected from internal corporate network.
6
![Page 7: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/7.jpg)
7
![Page 8: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/8.jpg)
Jeffrey Lee Parson Sven Jaschan Chen Ing-Hau Benny
8
![Page 9: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/9.jpg)
James Ancheta Andrew Schwarmkoff Jeremy Jaynes
SpamPhishingSpam
9
![Page 10: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/10.jpg)
SpamViruses/Worms
Industrial Espionage and
HackersWi-Fi High Jacking
10
![Page 11: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/11.jpg)
11
![Page 12: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/12.jpg)
SPAMSPAM – It’s an electronics junk and an
unsolicited, often commercial, message transmitted through the Internet as a mass mailing to a large number of recipients.
Spamming used to spread malicious payloads, phish, and pay using adware/malware, spyware
12
![Page 13: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/13.jpg)
13
![Page 14: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/14.jpg)
To address this problem, the U.S. Congress in 2003 passed legislation designed to curb spam. The law makes it illegal to send e-mail messages that use deceptive subject lines and false return addresses, providing fines and possible prison terms for violators.
The law requires all commercial e-mail messages, solicited or unsolicited, to include a valid postal address and an opt-out mechanism within the body of the text so that recipients can prevent future e-mail solicitations.
14
![Page 15: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/15.jpg)
VIRUSA self-duplicating computer program that
spreads from computer to computer, interfering with data and software.
Some viruses are mere annoyances, but others can do serious damage.
Viruses can delete or change files, steal important information, load and run unwanted applications, send documents via electronic mail (e-mail).
15
![Page 16: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/16.jpg)
16
![Page 17: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/17.jpg)
WORMSA program that propagates itself across
computers, usually by spawning copies of itself in each computer's memory.
A worm might duplicate itself in one computer so often that it causes the computer to crash.
Trojans:
Also known as a Trojan horse, this is Software that appears to perform or actually performs a desired task for a user while performing a harmful task without the user's knowledge or consent.
17
![Page 18: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/18.jpg)
INDUSRIAL ESPIONAGETHEFT OF TRADE SECRET
The secret removal, copying, or recording of confidential or valuable information in a company for use by a competitor.
18
![Page 19: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/19.jpg)
Stealing dataDeleting data for funTurning computers into
zombies To commit crimes Take down networks Distribute porn Harass someone
Ethical/white hat hackers exist too Help break into networks to
prevent crimes
19
![Page 20: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/20.jpg)
10
16
25
45
2000 2003 2005 2007
20
![Page 21: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/21.jpg)
Wi-Fi High Jacking60-70% wireless networks are wide open
Why are the Wi-Fi networks unprotected?Most people say “Our data is boring”But… criminals look for wireless networks to
commit their crimes And… the authorities will come knocking on
your door…..
21
![Page 22: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/22.jpg)
Wireless Fidelity (Wi-Fi)Using antennas to create “hot spots”Hotspots – Internet Access (sometimes free)
Newport Harbor - All the boats in Harbor have internet access
San Francisco Giants Stadium – Surf the web while catching a game
UMass (need to register, but it’s free)Cambridge, MAPhiladelphia, PA – just announced – entire city
by 2006
22
![Page 23: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/23.jpg)
CASE STUDY The Bank NSP CaseThe Bank NSP case is the one where a management trainee of the bank was engaged to be married. The couple exchanged many emails using the company computers. After sometime the two broke up and the girl created fraudulent email ids like “indianbar - associations” and sent emails to the boy’s foreign clients and to do this she used the banks computer. The boy’s company lost a large number of clients & took the bank to court. The bank was held liable for the emails sent using the bank’s system.
23
![Page 24: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/24.jpg)
1995, First documented attack on US Bank
Case Study “Citi-Bank”
Attacked Citi-Bank system and obtained userids and passwords
Setup accounts in Banks throughout the worldBank of America, Banco del Sud Argentina,
Bank Artha Graha IndonesiaTransferred $12 million to the various
accounts.
24
![Page 25: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/25.jpg)
FBI & Interpol Arrested them and in Feb 1997 sentenced to 3 years in prison and ordered to pay $240,000.00 to Citi-Bank.
Citi-Bank had been warned about lax security, but they ignored the warnings,
Citi-Bank now extremely security conscious.
25
![Page 26: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/26.jpg)
Types of Cyberattacks, by percentage (source- FBI)
Financial fraud: 11%
Sabotage of data/networks: 17%
Theft of proprietary information: 20%
System penetration from the outside: 25%
Denial of service: 27%
Unauthorized access by insiders: 71%
Employee abuse of internet privileges 79%
Viruses: 85% 26
![Page 27: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/27.jpg)
The proportion of cybercrime that can be directly or indirectly attributed to terrorists is difficult to determine. However, linkages do exist between terrorist groups and criminals that allow terror networks to expand inter-nationally through leveraging the computer resources, money laundering activities, or transit routes operated by criminals.
27
![Page 28: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/28.jpg)
The use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, denial-of-service attacks, or terroristic threats made via electronic communication.
28
![Page 29: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/29.jpg)
Cyberterrorism can have a serious large-scale influence on significant numbers of people. It can weaken countries' economy greatly, thereby stripping it of its resources and making it more vulnerable to military attack.
Cyberterror can also affect internet-based businesses. Like brick and mortar retailers and service providers, most websites that produce income (whether by advertising, monetary exchange for goods or paid services) could stand to lose money in the event of downtime created by cyber criminals.
As internet-businesses have increasing economic importance to countries, what is normally cybercrime becomes more political and therefore "terror" related.
29
![Page 30: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/30.jpg)
What is it?An autopsy of a computer or network to uncover digital evidence of a crimeEvidence must be preserved and hold up in a court of law
Growing field – Many becoming computer forensicsavvy
FBI, State and Local Police, IRS, Homeland SecurityDefense attorneys, judges and prosecutorsIndependent security agenciesWhite hat or Ethical HackersPrograms offered at major universities such as URI
30
![Page 31: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/31.jpg)
Smart Criminals don’t use their own computers
Floppy disksZip/Jazz disksTapesDigital camerasMemory sticksPrintersCDsPDAsGame boxesNetworksHard drives
31
![Page 32: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/32.jpg)
Use anti-virus software and firewalls - keep them up to date
Keep your operating system up to date with critical security updates and patches
Don't open emails or attachments from unknown sources
Use hard-to-guess passwords. Don’t use words found in a dictionary. Remember that password cracking tools exist
Back-up your computer data on disks or CDs often
32
![Page 33: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/33.jpg)
Don't share access to your computers with strangers
If you have a wi-fi network, password protect it
Disconnect from the Internet when not in use
Reevaluate your security on a regular basis
Make sure your employees and family members know this info too!
33
![Page 34: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/34.jpg)
INFRAGARD PROGRAM
34
![Page 35: Cyber Crime](https://reader037.fdocuments.us/reader037/viewer/2022110306/55545f97b4c905a5798b4879/html5/thumbnails/35.jpg)
35