Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202) 353-7848.

Slides:

Advertisements

Similar presentations

Legal Issues in Information Security

Advertisements

Electronic Surveillance, Security, and Privacy Professor Peter P. Swire Ohio State University InSITes -- Carnegie Mellon February 7, 2002.

Key New Surveillance Provisions Professor Peter P. Swire Ohio State University Privacy 2001 Conference October 4, 2001.

Introduction and Overview of Digital Crime and Digital Terrorism

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

Criminal Procedure for the Criminal Justice Professional 11 th Edition John N. Ferdico Henry F. Fradella Christopher Totten Prepared by Tony Wolusky Searches.

Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 12: Federal Rules and Criminal Codes.

NC State University - March David Drooz1 USA PATRIOT Federal anti- terrorism law Effective October 26, 2001 December 31, 2005, sunset for some of.

The Patriot Act And computing. /criminal/cybercrime/PatriotAct.htm US Department of Justice.

USA PATRIOT ACT: Is it a legitimate law to protect national security or is it a violation of your Civil Liberties? Essential Question:

Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.

Mohd Taufik Abdullah Department of Computer Science

Chapter 15 Counter-terrorism. Introduction  United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.

Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE.

CYBERCRIME – WEEK 1 (Lectures 1, 2) DAVID THAW University of Connecticut School of Law.

1 Book Cover Here Copyright © 2014, Elsevier Inc. All Rights Reserved PART C FOLLOW-UP MEASURES: REAPING INFORMATION Criminal Investigation: A Method for.

Computer Forensics BACS 371

Cyber X-Force-SMS alert system for threats.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

1 Chapter 15 Search Warrants. 2 Search warrants fall under the 4 th Amendment Search warrants fall under the 4 th Amendment The police must have “probable.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Computer Forensics BACS 371

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

The USA PATRIOT Act Part 2 YSU – Weapons of Mass Destruction Session 11a.

7. Legal. Topics Fourth Amendment E-Discovery Duty to Preserve Private Searches ECPA Searching With & Without a Warrant.

Federal Bureau of Investigation

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

1 Copyright © 2011 M. E. Kabay, J. Tower-Pierce & P. R. Stephenson. All rights reserved. The U.S.A.P.A.T.R.I.O.T. Act CJ341 – Cyberlaw & Cybercrime Lecture.

The Patriot Act Protecting the US or Violating People’s Freedoms.

Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.

Prepared by: Dinesh Bajracharya Nepal Security and Control.

Risk Assessment. InfoSec and Legal Aspects Risk assessment Laws governing InfoSec Privacy.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 2: Privacy.

Computer and Internet privacy (2) University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot Feb 2011 Feb 2011 ITSS 4201 Internet.

Lesson 5-Legal Issues in Information Security. Overview U.S. criminal law. State laws. Laws of other countries. Issues with prosecution. Civil issues.

1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.

Computer Forensics Law & Privacy © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU.

1 The Broader Picture Laws Governing Hacking and Other Computer Crimes Consumer Privacy Employee Workplace Monitoring Government Surveillance Cyberwar.

October 10, 2007 Fenwick & West Conference Center EFF 2007 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior.

& SELECTED TOPICS: DIGITAL FORENSICS Xinwen Fu, UMass Lowell, USA Center for Cyber Forensics, UMass Lowell.

Chap1: Is there a Security Problem in Computing?.

May 11, 2009 Golden Gate University EFF 2009 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior Staff Attorney.

Activities affecting informational privacy Collection Processing dissemination Monitoring ContractNo-contract questioning AggregationSecondary useExclusion.

1 The Broader Picture Chapter 12 Copyright 2003 Prentice-Hall.

Cybercrime What is it, what does it cost, & how is it regulated?

Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave.

Chapter 14 USA Patriot Act, Foreign Intelligence and Other Types of Electronic Surveillance Covered by Federal Law "Big Brother in the form of an increasingly.

Imperfect Ideologies Modern Challenges to Liberalism in an Evolving World Michael Blouin.

Educause Live! August 3, USA PATRIOT Act and Beyond: How Higher Education Institutions and Libraries are Cooperating and Coping Marilu Goodyear CIO.

Shaun McGorry Executive Briefing July 30, 2009 Identity Theft.

WHAT IS CYBER SECURITY? Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great.

Federal Identity Theft Investigations Richard W. Downing Assistant Deputy Chief Computer Crime and Intellectual Property Section U.S. Department of Justice.

VI. CRIMINAL PROCESS FROM ARREST TO CONCLUSION PRESENTED BY: JUDGE MARK A. SPEISER.

Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.

Information Warfare Summary. Information Security Information Assurance Information Warfare Information Dominance.

Surveillance around the world

Courts System Search Warrants.

VI. CRIMINAL PROCESS FROM ARREST TO CONCLUSION

Legal Implications.

Networking 2002 USA-Patriot Act Tracy Mitrano Cornell University

How Does Electronic Surveillance Work Legally?

Intercepting Communications

Confidentiality October 14, 2005.

Chapter 4 Law, Regulations, and Compliance

Forensic and Investigative Accounting

Laws Governing Police Surveillance

A Gift of Fire Third edition Sara Baase

Presentation transcript:

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)

Crime on the Internet The Internet provides a target rich environment for criminals Attacks are easy, low risk, hard to trace technically, hard to prosecute, and can have a high payoff Sophisticated tools are readily available Access can be from anywhere and anonymous

Computer Attacks Attacks on: –Confidentiality, –Integrity or –Availability of information or systems Theft of information, services, or damage

Typical Criminal Cases Fraud –Credit Card Fraud Economic Espionage –Large File Transfers –Raiding of Employees/Technical Know-how Hacking –Denial of Service Attack –“Cyber-vandalism”

Impacts of 9-11 Heightened awareness by businesses of the vulnerability of their information systems and physical plants. Companies need to revisit their security procedures in light of changed circumstances. Looming threat of CNA

Topics Overview What is Being Done Why Statistics are Crucial

The USA Patriot Act Provided new and clarified existing electronic evidence gathering authorities Why the “USA Patriot Act”? –Senate: Uniting and Strengthening America (Act) –House: Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (Act)

Overview The Pen Register and Trap and Trace Statute The Computer Trespasser Exception The Cable Act Fix Other Amendments to the Wiretap Statute and ECPA

The Pen/Trap Statute Old statute: the term "pen register" means a device which records or decodes electronic or other impulses which identify the numbers dialed or otherwise transmitted on the telephone line to which such device is attached (18 U.S.C. 3127(3)) New statute: Technology-neutral language

The Pen/Trap Statute (cont.) New Language: the term "pen register" means a device or process which records or decodes dialing, routing, addressing, or signaling information transmitted by an instrument or facility from which a wire or electronic communication is transmitted... Technology-neutral adjustments made throughout

Computer Trespasser Exception Old law: law enforcement often had to get a wiretap order in order to help victims monitor computer hackers This made no sense: the wiretap statute protected hackers even where they had no reasonable expectation of privacy in their communications New law: new exception to Title III –allows interception of “computer trespassers” - i.e. those without authorization to use a computer

Other Amendments Voice mail fix Scope of subpoenas under 2703(c) Voluntary disclosure of information by providers Nationwide search warrants for Voice wiretaps in hacker investigations

Why Do Statistics Matter? Companies Often Reluctant to Report Proof that they are far from unique would be very helpful

14 Why Companies Don’t Report Loss of Control –Direction of case: LE can’t be fired –Costs –Publicity Lack of Confidence –Unsure of LE interest –Unsure of LE competence

Should companies report to LE? YES! Federal agents have investigative skills forensic knowledge access to attachés in foreign countries established relationships with Internet players can aggregate your information with data from other cybercrime victims

Other Surveys CSI/FBI –503 respondents, a good start –90% had computer security breaches –80% had financial losses as a result –only 34% reported to LE PWC –44% of British businesses had suffered a “malicious security breach” in the last year

Where To Get More Information Computer Crime Section: (202) My Computer Crime Section’s page on the World Wide Web: