2Cyber CrimeYoutube contains comic video on cyber crimes and the evolution of cyber crimes
3Why Cyber CrimeIn a day and age when everything from microwave ovens and refrigerators to nuclear power plants are being run on computers, cyber crime has assumed rather threatening implications.The majority of what are termed “cyber- crimes” is really violations of longstanding criminal law, perpetrated through the use of computers or information networks.
4What is a Computer Crime? Criminals Can Operate Anonymously Over the Computer Networks.Hackers Invade Privacy.Hackers Destroy "Property" in the Form of Computer Files or Records.Hackers Injure Other Computer Users by Destroying Information Systems.Computer Pirates Steal Intellectual Property.
5Definition of Cyber Crimes Defining cyber crimes, as "acts that are punishable by the Information Technology Act" would also cover many things such as spoofing and cyber defamation, sending threatening s etc. A simple yet sturdy definition of cyber crime would be "unlawful acts wherein the computer is either a tool or a target or both".
6Classification of Cyber Crimes: Tampering with computer source documentsHackingPublishing of information, which is obscene in electronic formChild PornographyAccessing protected systemBreach of confidentiality and privacy
7Other Cyber Crimes Cyber Stalking Cyber squatting Data Diddling Cyber DefamationTrojan AttackForgeryFinancial crimesVirus/worm attackspoofingbombingSalami attackWeb JackingInternet time theft
8Cyber Crime Videos Search for some of the following videos September 2007-crime toolkit with tech supportElectronics show June (Donation s)Scam the scammer on craigslist
9Laptop Theft Easy to carry Going through airport security Be sure the TSA person sees YOUSame TSA person keeps laptopSame TSA person gives it back to you.
10Data Theftwhen any information in the form of data is illegally copied or taken from a business or individual without his knowledge or consentpoor technical know-how of our police adds to the woesthe lack of coordination between different investigating agenciesif the culprit is caught he can easily get away because of various loopholes in our law
11Cyber Crime Videos There are several good videos on Youtube on: Blue jacking – Bluetooth hijacking jackingWar driving
12Cyber CriminalsAny person who commits an illegal act with a guilty intention or commits a crime is called an offender or a criminal.The Cyber Criminals may be children and adolescents aged 6-18 years, they may be organized hackers, may be professional hackers or crackers, discontented employees, cheaters or even psychic persons.
13Kids & Teenagers (ages 9-16) have just begun to understand what appears to be a lot about computers, it is a matter of pride to have hacked into a computer system.Appearing really smart among friends.Commit cyber crimes without really knowing that they are doing anything wrong.Teen hackers have gone from simply trying to make a name for themselves to actually working their way into a life of crime.
14Organized Hacktivists Hacktivists are hackers with a particular (mostly political) motive.Can be social activism, religious activism, etc.Attacks on approximately 200 prominent Indian websites by a group of hackers known as Pakistani Cyber Warriors are a good example of political hacktivists at work.
15Disgruntled employees Displeased employees can become spiteful.It is easy for disgruntled employees to do more harm to their employers by committing computer related crimes, which can bring entire systems down.
16Professional Hackers (Corporate espionage) Rival organizations employ hackers to steal industrial secrets and other information that could be beneficial to them.The temptation to use professional hackers for industrial espionage also stems from the fact that physical presence required to gain access to important documents is rendered needless if hacking can retrieve those.
17Microsoft – February 2010Microsoft Corp. launched a novel legal assault to take down a global network of PCs suspected of spreading spam and harmful computer code, adding what the company believes could become a potent weapon in the battle against cyber criminals.
18Security experts say it isn't yet clear how effective Microsoft's approach will be, while online rights groups warn that the activities of innocent computer users could be inadvertently disrupted.Here we go with everything we have been talking about.
19A Federal judge in Alexandria, Va A Federal judge in Alexandria, Va., granted Microsoft's request for an order to deactivate hundreds of Internet addresses that the company linked to an army of tens of thousands of PCs around the globe, infected with computer code that allows them to be harnessed to spread spam, malicious virus programs and mount mass attacks to disable Web sites.
20By cutting off access to those addresses, Microsoft hopes to prevent the masterminds behind the network from reprogramming the infected PCs with a fresh batch of addresses to reach, blocking them from directing the network.
21GoogleIn one high-profile incident, Google Inc. (February 2010) disclosed attacks against the Internet giant and other major U.S. companies that it linked to China. Chinese officials deny any involvement.
22Source Code of a Virus Not illegal to sell or publish the source code Illegal to release a virus over the Internet
23Phishing Latest menace, online identity theft Phishing s look authentic, many include accurate-looking logos.Want the user to enter sensitive information like passwords, account numbers, credit card informationInformation is then used to pilfer money from unsuspecting user’s accounts or create bogus credit cards
24Macro Virus Macro is a recorded series of steps Macros are used in many application programs (Microsoft Office)Macros can be blocked by virus detection programs but then you can’t send Access files
25Costs of Cybercrime & Cybervandalism Survey of 300 North American companies showed103 virus infections per 1000 computersCost billions of dollars each yearBlames the Internet and for spread of viruses and worms
26Malware Worms Trojan Horse Malicious pieces of code that run independentlyTravel across network connections from computer to computerTrojan HorseAppears to be goodUsed to insert corrupt information into a working programBackdoor Trojan Horse when ran opens the door for people to steal your passwords, destroy files, etc.
27“Internet Worm”One of the first cases showing the Internet’s vulnerabilityDeveloped by a Cornell University student , 1988A self-replicating C programDidn’t modify system files or destroy data but made performance deteriorate rapidly and crashHalted after 12 hours of destruction (2,500 computers infected with over $1 million cleanup)Robert Morris claimed did this to show security gapsFined $10,000 and 3 year probation
28Computer System Security Break into 4 topicsCybercrime –how it is defined and what sorts of activitiesTrespass – unauthorized accessProtection for online communicationsEncryption – different ways encrypt and decipher
29CybercrimeSpecial category of criminal acts typically executed through utilization of computer and network technologiesIncludes 3 basic categoriesSoftware piracyComputer sabotageElectronic break-ins
30Software PiracyUnauthorized duplication of proprietary software and the distribution or making available those copiesSoftware could be system software, application software or even MP3 filesIn 2001 law enforcement officials shut down a major piracy ring called “Drink or Die” of software and movies; created by students at MIT and UCLA
31Computer SabotageDisruption of computer operations by means of a virus, worm, or logic bombBlaster worm and the SoBig virus unleashed in caused of $35 billion in lossesDenial of Service (DoS) attack – attacks a server multiple mock requests that the server crashes.
32Electronic Break-insTrespassing and unauthorized access are covered later in the chapter in more detailInternet-related fraud accounted for 53% of all consumer fraud in 2004Internet is used for planning crimes in the physical world
33Anti-piracyConstant battle to keep music, videos, and software from being copied.Want to give user the ability to make a backup or use on diverse platforms (windows, mac)iPod and MP3 players and music issues
34Trespass and Unauthorized Access Milwaukee teenagers were convicted of computer trespassing but they said they were playing a game. Their game was to see if they could get in and they did allegedly break into Los Alamos Nation Laboratory and Sloan Kettering Cancer Center1986 Computer Fraud and Abuse Act (CFAA) updated in 1996 made trespassing a federal crime if done so to pilfer classified information to perpetrate fraud or to cause damage whether reckless or not
35Controversy of CFAA What if the hacker: Did no deliberate damage or destruction to propertyUncover security flaws so this is a good thingJust did this to learn how computer systems operateClaims this is just digital graffiti (a prank)Does good (Robin Hoods)
36Controversy of CFAA continued What if the hacker:Did no malicious destructionIt could still be disruptive or costlyMust be inspected to verify no damageThere should be property rights because someone took the time to set up the site
37Questionable Forms of Trespass Trespass to chattels – a tort action (negligence) based on unauthorized use or interference with another’s propertyISPs suing spammers for “trespass to chattels”Compuserve vs. CyberPromotions Inc. – Compuserve notified CyberPromotions that it was prohibited from using their mail servers to send unsolicited bulkCompuserve grants permission to use but not overwhelm the mail server
38ShopbotsShopbots comb through commercial web sites extracting pricing and product information for user comparison for the same itemeBay vs Bidder’s Edge – comparing auction data; court sided with eBay
39Security Measures in Cyberspace FirewallSoftware or hardware is first in the line of defense to protect internal networkPositioned between an organizer’s internal network and the InternetCan trap an intrusion (virus) before it can penetrateIs a packet filter (router to filter packets)allows legitimate interactionsNot always effective, use other protection as well
40Security Software AntiVirus Filtering systems Software programmed to scan a computer for malicious code then deletes it once foundNew viruses (300 launched each month) all the time so antivirus must be kept up-to-dateFiltering systemsScan mail for spam or viruses
41EncryptionEncryption - Encoding the information so it can only be read if the receiver has the proper key to decodeCryptography – use of algorithms that allow information to be understood thru secret codesTypes of keysSingle key – 1=A, 2=B, etc.Data Encryption Standard (DES) – private key, 56 bits longPublic/private – messages are encrypted with public key that can only be decrypted with a private key
42Secure Socket Layer – is most often used in e- commerce transactions Sniffers – programs used to seek out security lapse and intercept vulnerable communications travelling over a networkAuthentication – process where a security system establishes the validity of an identificationDigital signature – public key encryption that verifies identity
43Encryption Controversy Giving government the key to encryption systems not well received (like forcing builders to install microphones and cameras in all new homes)Clipper Chip (multiple versions) and controversial