Cyber Security Versus Digital

Forensics

Presentation for the E-Commerce Network’s Cyber

Security Seminar at University of Massachusetts

Dartmouth

Suzanne Mello Stark, PhDMarch 30, 2012

Cyber Security Facts

•In 2006, 8.3 million Americans were victims of Identity Theft•In first ½ of 2009, 40,000 cyber attacks were launched against the Department of Defense (Pentagon Costs: $100 million)•So far this year, cyber criminals have stolen $100 million from US banks•There are more than 3 million indications of malicious activity per year in civilian networks•It is estimated that 1/3 or more of this activity originates outside the US

March 30, 2012 (Langevin, 2012)

Stuxnet• First Computer Worm to

Cross into the Physical World

• Doesn’t want to be detected

• Affected Countries (so far) according to Symantec:

• Iran (over 50%)• Indonesia (~18%)• India (~8%)• Azerbaijan (~2%)• United States

(~1%)• Pakistan (~1%)• Others (~9.2%)• Son of Stuxnet?

March 30, 2012

(CBS News, 2012)

The Great Cyber Heist

• Alberto Gonzalez, 14 years old hacker

• Caught by police detective at an ATM machine “cashing out”

• Part of a large hacker network called Shadowcrew

• Stolen over 180 million payment card accounts

• OfficeMax, TJ Max, Marshalls, BJs Wholesale Club, Target, Barnes and Noble, etc

• Used a technique called “SQL Injection” to fool databases into giving information

• Then created fake cards to take money from ATM machines all over the world

March 30, 2012

(Verdini, 2010)

WikiLeaks

• Founder - Julian Assange

• Australian Internet Activist

• Bring Important News to the Public

• Free Speech• Whistleblower/

Journalist not jailed

• Released Significant Documents

• Afghanistan War• Corruption in

Kenya• Baghdad Airstrike• US State Dept.

Cables

March 30, 2012

(CBS News, 2012) (Worthington, 2011)(Grier, 2010)

Anonymous

• Hactivist Group• Launch Distributed

Denial of Service Attacks against companies/entities that violate their ethical principles

• Freedom of the Internet• Retaliated against

companies that dropped WikiLeaks

• Many are being arrested around the world

• Low Orbit Ion Cannon (botnet) – the application to join the group. Your computer becomes part of the DDOS attacks.

March 30, 2012

(Neal, 2012)

Cyberextortion

Internet Criminal Gangs asking for Protection Money

Will launch DDoS attack if you don’t pay up

Ransomware

March 30, 2012 (Koerner, 2008) (Ratliff, 2005)

Internet Tax Fraud

•IRS allows tax refunds to be filed on line and refunds downloaded to a debit card•Tax Fraud is out of Control!

•Steal your SS#•Make up info•Get Refund before you!

•Tax Filing has been put online for convenience

•Was the IRS ready?

March 30, 2012(Zamost & Kaye, 2012)

Are We Ready for E-voting?

• Computer Scientists say NO!

• But the world IS putting voting online regardless of the security threats

• IPad voting in Oregon

March 30, 2012

(CBS News, 2011), (Kar, 2011)

Digital Forensics – Who did it?

The application of forensic science techniques to the

discovery, collection and analysis of

digital evidence.

March 30, 2012

Who Uses Digital Evidence?

Criminal law enforcementCriminal defense attorneys

Corporate lawCivil lawOrganization Information Technology (IT) personnelE.g. American Power Conversion

E.g. URIHomeland securityMilitary

March 30, 2012

What Digital Evidence Can Be Found?

Files listed in standard directory search

Hidden files Deleted filesEmailDeleted emailCertain Instant Messaging

PasswordsLogs

Windows RegistryWindows Meta FilesLogin IDsEncrypted FilesIntentionally embedded (steganographic) files

Web sites visitedSearches performedCookiesNetwork tracesOwners of serversTIME

March 30, 2012

Cyber Security Caucus

Congressman Jim Langevin (D-RI), cofounder of the Congressional Cyber Security Caucus, introduced a bill to strengthen cyber security and prevent attacks.

Southern New England will Play a Big Role

March 30, 2012

(Langevin, 2012)

March 30, 2012

Works Cited

CBS News. (2012, March 4). Stuxnet: Computer worm opens new era of warfare. (G. Messick, Producer) Retrieved March 28, 2012, from 60 Minutes: http://www.cbsnews.com/video/watch/?id=7400904nCBS News. (2011, November 8). Voting with IPads: idea whose time is coming? Retrieved March 28, 2012, from CBSNEWS: http://www.cbsnews.com/8301-502303_162-57320358/voting-with-ipads-idea-whose-time-is-coming/CBS News. (n.d.). WikiLeaks' Julian Assange, Pt. 1. Retrieved from 60 Minutes: http://www.cbsnews.com/video/watch/?id=7300034nGreenhalgh, E. (2012, March 28). Cyber Challenge Games are On. Retrieved March 28, 2012, from Providence Business News: http://www.pbn.com/Cyber-challenge-games-are-on,66381

March 30, 2012

Works Cited (continued)

Grier, P. (2010, April 6). Video of Iraqi journalists' killings: Is WikiLeaks a security threat? Retrieved March 28, 2012, from The Christian Science Monitor: http://www.csmonitor.com/USA/Military/2010/0406/Video-of-Iraqi-journalists-killings-Is-WikiLeaks-a-security-threat

Kar, S. (2011, November 8). State of Oregon Counties First to Introduce iPad Voting for the Disabled. Retrieved March 28, 2012, from Silicon Angle: http://www.google.com/imgres?q=Voting+with+Ipads&hl=en&client=safari&sa=X&rls=en&biw=1237&bih=866&tbm=isch&prmd=imvns&tbnid=LV2lCytGaS_LPM:&imgrefurl=http://siliconangle.com/blog/2011/11/08/state-of-oregon-counties-first-to-introduce-ipad-voting-for-the-disabled/&docid=C_GSFEHvXOOF6M&imgurl=http://siliconangle.com/files/2011/11/ipad-your-vote-counts-in-oregon.jpg&w=300&h=300&ei=bBJzT7buHKrg0QH67di0AQ&zoom=1&iact=hc&vpx=269&vpy=152&dur=307&hovh=164&hovw=157&tx=100&ty=84&sig=102187905883335174659&page=1&tbnh=155&tbnw=146&start=0&ndsp=21&ved=1t:429,r:1,s:0

March 30, 2012

Works Cited (continued)

Koerner, B. (2008, July 21). Mr. Know-It-All: Cyberextortion, Your Kid's Cell Phone, Online Degrees. Retrieved March 28, 2012, from Wired: http://www.wired.com/techbiz/people/magazine/16-08/st_kia

Langevin, C. J. (2012, March 27). Cybersecurity. Retrieved March 28, 2012, from US Congressman Jim Langevin: http://langevin.house.gov/issues/cybersecurity-1/

Neal, D. (2012, March 28). Anonymous suspects are arrest in the Dominican Republic. Retrieved March 28, 2012, from The Inquirer: http://www.theinquirer.net/inquirer/news/2164273/anonymous-suspects-arrested-dominican-republic

Ratliff, E. (2005, October 10). The New Yorker. Retrieved March 28, 2012, from The Zombie Hunters, On the trail of cyberextortionists: http://www.newyorker.com/archive/2005/10/10/051010fa_fact

March 30, 2012

Works Cited (continued)

Verini, J. (2010, November 10). The Great Cyberheist. Retrieved March 28, 2012, from The New York Times Magazine: http://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html?pagewanted=all

Worthington, P. (2011, December 28). Wikileaks Wasn't a Threat. Retrieved March 28, 2012, from FrumForum: http://www.frumforum.com/wikileaks-wasnt-a-threat

Zamost, S., & Kaye, R. (2012, March 20). 10news/CNN Special Investigations Unit. Retrieved March 28, 2012, from Criminals May be Pocketing Your Tax Refund: http://www.10news.com/money/30720937/detail.html

March 30, 2012