1 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Overview of Cybercrime CJ341 – Cyberlaw & Cybercrime.

Slides:



Advertisements
Similar presentations
1-1/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 INFORMATION WARFARE Part 1: Fundamentals Advanced Course in Engineering 2006 Cyber.
Advertisements

Application Design (2) Database – IS 240 Lecture #23 – M. E. Kabay, PhD, CISSP Dept of Computer Information Systems Norwich University
Managing Multi-User Databases (3) IS 240 – Database Management Lecture # Prof. M. E. Kabay, PhD, CISSP Norwich University
Copyright © 2003 M. E. Kabay. All rights reserved.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Computer Crime The Internet has opened the door to new kinds of crime and new ways of carrying out traditional crimes. Computer crime is any act that violates.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
1 Copyright © 2013 M. E. Kabay, D. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Introduction to Intellectual Property Law CJ341 – Cyberlaw.
Security, Privacy, and Ethics Online Computer Crimes.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Threats and Attacks Principles of Information Security, 2nd Edition
CYBER CRIME AND SECURITY TRENDS
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.
Chapter 11 Security and Privacy: Computers and the Internet.
Protecting People and Information: Threats and Safeguards
Cyber Crime & Security Raghunath M D BSNL Mobile Services,
Computer Crime and Information Technology Security
Defining Security Issues
Cyber Crimes.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Cyber crime & Security Prepared by : Rughani Zarana.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Viruses & Destructive Programs
C8- Securing Information Systems
By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.
CYBER CRIME.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.
By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cybercrime is nothing but where.
CYBER CRIME AND SECURITY If we can defeat them sitting at home……who needs to fight with tanks and guns!!!! Presented By Lipsita Behera. B.Sc IST, 3 rd.
 Carla Bates Technology and Education ED 505.  Social Media Sites are interactive webpages, blogs, and other user created sites that all others to create,
Computer crimes.
CONTROLLING INFORMATION SYSTEMS
Computer Security By Duncan Hall.
Security and Ethics Safeguards and Codes of Conduct.
ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.
Computer threats, Attacks and Assets upasana pandit T.E comp.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
DoS Attacks Phishing Keylogging Computer Laws/Acts.
Cybersecurity Test Review Introduction to Digital Technology.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Issues for Computer Users, Electronic Devices, Computer and Safety.
Security, Ethics and the Law. Vocabulary Terms Copyright laws -software cannot be copied or sold without the software company’s permission. Copyright.
DEPARTMENT OF COMPUTER SCIENCE INTRODUCTION TO CYBER AND SECURITY.
Cyber crimes is the most popular news we come across daily In good olden days there were no development in the usage of computers as we have now As.
Cyber crime and security issues
Securing Information Systems
IT Security  .
Lecture 8. Cyber Security, Ethics and Trust
Securing Information Systems
Five Unethical Uses of Computers
Societal Issues in Computing (COMP466)
HOW DO I KEEP MY COMPUTER SAFE?
Faculty of Science IT Department By Raz Dara MA.
Presentation transcript:

1 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Overview of Cybercrime CJ341 – Cyberlaw & Cybercrime Lecture #2 M. E. Kabay, PhD, CISSP-ISSMP D. J. Blythe, JD School of Business & Management

2 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Topics  Computers and Crime  Fundamentals of IA  Computers and Crime  Terminology  Criminal Hacker Propaganda

3 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Computers and Crime (1)  Computers can play three roles in crime  Target  Tool  Repository of evidence  Information assurance attempts to reduce vulnerabilities of systems to attacks  Secure design and programming try to reduce vulnerabilities of code to misuse  Cyberforensics provide methods for securing evidence from computers and networks

4 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Computers and Crime (2)  Computer crime always is directed against a computer – everything else is computer-related crime  Computers as the victim or target  Theft (as a byproduct of an attack against a computer)  Vandalism  Denial of service  Malware targets: viruses, worms, Trojans  Computers as tools  Fraud  Identity theft  Industrial espionage  Information warfare  Computers as repositories of evidence  Logs  Journals  Documents Michigan v Miller (see later in notes)

5 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Fundamentals of IA: What are We Protecting?  The Classic Triad  The Parkerian Hexad  Confidentiality  Possession Confidentiality & Possession Losses  Integrity  Authenticity Integrity & Authenticity Losses  Availability  Utility Availability & Utility Losses

6 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. The Classic Triad C – I – A

7 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. The Parkerian Hexad Protect the 6 atomic elements of INFOSEC:  Confidentiality  Possession or control  Integrity  Authenticity  Availability  Utility

8 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Why “Parkerian?”

9 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Confidentiality Restricting access to data  Protecting against unauthorized disclosure of existence of data  E.g., allowing industrial spy to deduce nature of clientele by looking at directory names  Protecting against unauthorized disclosure of details of data  E.g., allowing 13-yr old girl to examine HIV+ records in Florida clinic

10 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Possession Control over information  Preventing physical contact with data  E.g., case of thief who recorded ATM PINs by radio (but never looked at them)  Preventing copying or unauthorized use of intellectual property  E.g., violations by software pirates

11 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Confidentiality & Possession Losses  Locating  Disclosing  Observing, monitoring, and acquiring  Copying  Taking or controlling  Claiming ownership or custodianship  Inferring  Exposing to all of the other losses  Endangering by exposing to any of the other losses  Failure to engage in or to allow any of the other losses to occur when instructed to do so

12 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Integrity Internal consistency, validity, fitness for use  Avoiding physical corruption  E.g., database pointers trashed or data garbled  Avoiding logical corruption  E.g., inconsistencies between order header total sale & sum of costs of details

13 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Authenticity Correspondence to intended meaning  Avoiding nonsense  E.g., part number field actually contains cost  Avoiding fraud  E.g., sender’s name on is changed to someone else’s

14 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Integrity & Authenticity Losses  Insertion, use, or production of false or unacceptable data  Modification, replacement, removal, appending, aggregating, separating, or reordering  Misrepresentation  Repudiation (rejecting as untrue)  Misuse or failure to use as required

15 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Availability Timely access to data  Avoid delays  E.g., prevent system crashes & arrange for recovery plans  Denial-of-service (DoS) attacks can be ruinous  High-volume commercial sites can lose $M  Avoid inconvenience  E.g., prevent mislabeling of files

16 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Utility Usefulness for specific purposes  Avoid conversion to less useful form  E.g., replacing dollar amounts by foreign currency equivalent  Prevent impenetrable coding  E.g., employee encrypts source code and "forgets" decryption key

17 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Availability & Utility Losses  Destruction, damage, or contamination  Denial, prolongation, acceleration, or delay in use or acquisition  Movement or misplacement  Conversion or obscuration

18 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Michigan v. Miller (2001)*  Michigan housewife Sharee Miller  Pathological liar, schemer, sociopath  Met Missouri man Jerry Cassaday in Internet chat room  Miller concocted tales of abuse by her husband  Met and had sex with Cassaday  Told him she was carrying his child  But actually had tubal ligation  Claimed husband Bruce was in organized crime (really ran salvage yard)  Cassaday killed Bruce Miller with a shotgun.  Miller dropped Cassaday after murder  Cassaday shot himself  Left logs of s and IM

19 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Michigan v. Miller* (cont’d) “Michigan vs Miller is a classic murder triangle that was planned over the Internet. The news media at the time was claiming that this was the first prosecution where the Internet was key in the planning of a murder.... The case itself was made from a briefcase left behind by a jilted lover, an ex homicide detective, who committed suicide. Jerry Cassaday had driven to Michigan and killed Bruce Miller, Sharee Miller’s husband. Computer Forensics played a major part in building the history of the seduction and validating evidence left by Jerry Cassaday. Prosecutors clearly state that without the computer forensic evidence, no prosecution would have been possible. Sharee Miller [went to] prison for Conspiracy to Commit First Degree Murder – Life Sentence and Second Degree Murder – years....” _____ * Also

20 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Terminology and References  CJ341 materials   Learn basic terms: see Glossary and texts  Glossary available online  Other reference materials    Department of Justice Cybercrime site   Constantly updated list of press releases and documents about computer-related crime

21 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Criminal Hacker Propaganda 1.“I don’t know why you system guys are getting your shorts in a knot: we’re just looking around – we’re not doing any harm.” – Eric Corley ~1996 at a panel discussion organized by the NCSA 2.“Breaking into your systems is doing you a favor by showing you your vulnerabilities so you can fix them.” 3.“Vandalizing Web sites / writing viruses / creating denial-of-service attacks improves security by forcing manufacturers to improve their products.” 4.“Information wants to be free.”

22 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Propaganda from IP Thieves 1.“Everyone’s doing it.” 2.“We won’t get caught.” 3.“It’s the music / software industry’s fault: if they don’t want theft, they should charge less.” 4.“It’s the producers’ fault: if they don’t want theft, they should make it technically impossible.” 5.“It doesn’t hurt anyone.” 6.“It only hurts a company — I wouldn’t steal it from an individual.” 7.“The music industry is violating the rights of the musicians, so breaching copyright is a Good Thing.” 8.“Our theft is helping the software / music industry increase their sales.” 9.“No software / music / art should ever be copyrighted — it should always be free.” 10.“But I need it and I don’t want to pay for it.”

23 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. IS340 Class Notes about Computer Crime IS340 Lectures or  CSH5 Ch 2 History of Computer Crime  CSH5 Ch 14 Information Warfare  CSH5 Ch 15 Penetrating Computer Systems and Networks  CSH5 Ch 16 Malicious Code  CSH5 Ch 17 Mobile Code  CSH5 Ch 18 Denial-of-service Attacks  CSH5 Ch 19 Social Engineering and Low-Tech Attacks  CSH5 Ch 20 Spam, Phishing and Trojans CSH5 = Bosworth, Kabay & Whyne. Computer Security Handbook, 5 th edition. Wiley, 2009.

24 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Now go and study

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.