Computer Forensics BACS 371 CyberCrime: Background and Motivation

Outline Categories of Computer Crime Types of CyberCrime Trends in CyberCrime Sources of CyberCrime Stakeholders in CyberCrime Hacker Types and Motivation

Definition of CyberCrime CyberCrime is “any violations of criminal law that involve knowledge of computer technology for their perpetration.”

USDOJ Categories1 Hardware as Contraband or Fruits of a Crime Hardware as an Instrumentality Hardware as Evidence Information as Contraband or Fruits of a Crime Information as an Instrumentality Information as Evidence 1 US Dept of Justice, Search and Seizure Guidelines Document

Categories of Computer Crime1 A computer can be the object of a crime A computer can be the subject of a crime The computer can be used as the tool for conducting or planning a crime Includes… compromising a computer and using that computer as a source for further attacks The symbol of the computer itself can be used to intimidate or deceive The most significant omission, according to Casey, is computers as sources of digital evidence 1 from Donn Parker as described in Eoghan Casey, Digital Evidence and Computer Crime

Categories of Computer Crime Computers as targets Computers as storage devices Computers as communication tools Same ole stuff, but computers are involved!!

Categories of Computer Crime cont. Computers as targets: Attack on the confidentiality, integrity, or availability of a computer’s information or services. Acquire information on the computer Control the target system without authorization or payment Alter integrity of data or interfere with delivery of service

Categories of Computer Crime cont. Computers as storage devices: Passive storage of information concerning a crime. Computers as a communication tool: Traditional crimes committed online. Email or chat used to plan a crime.

Types of CyberCrime DoS and DDoS Attacks Intellectual Property Theft Trade secrets Piracy Identity Theft Fraud Extortion Cyberstalking Transmission of Malware Hacking Spamming Sale of Purchase of Narcotics over Internet Gambling DoS and DDoS Attacks – Attacker floods target computer with so much traffic that it overwhelms the server. Deprives users of server access. Intellectual Property Theft – Theft of copyrighted material or private material that results in revenue loss or loss of value Trade secrets – designs of new products for example Piracy – theft of copyrighted material by illegal copying or counterfeiting Identity Theft – Wrongly using another persons identify to commit fraud Fraud – A crime that involves intentional deception for personal gain or to cause damage to another. Must be 1) intentional, 2) cause loss of > $5000, and 3) access must be unauthorized Extortion – Attempt to gain something of value by threating a victim. Cyberstalking – Using Internet, email, or other electronic means to harass another person. Transmission of Malware – distributing a malware program that attacker knows will cause damage. (not illegal to create them). Unintentional transmission is also a crime. Hacking – Illegal intrusion into computer system without permission. Spamming – Unsolicited or undesired electronic messages sent in large quntities. Sale of Purchase of Narcotics over Internet – Same laws as physical sale. Gambling – Against US law.

Trends in CyberCrime Number of threats targeting enterprises has increased. Attack toolkits make the crime easier. Web-based attacks are more numerous. Emerging countries are having increased activity.

Complaint Type Percentages 2011

Complaint Count 2001 -- 2011

Crime Complaint Categories 2011

Sources of CyberCrimes Nation-States Cyberterrorists Organized crime Activists Corporations Individuals

Stakeholders in Computer Crime Government/National Security Government/Customs & Excise Lawyers Courts Police Businesses Insurance firms Corporate crime International (transnational) crime Personal (privacy)

Categories of Computer Criminals Newbies (script kiddies) Cyberpunks Internals Coders Old guard Professional criminals Cyberterrorists

Hacker Types Thrill-seeker Hackers White-Hat Hackers Black-Hat Hackers Crackers Hacktivists Classic Mischievous Kid Disgruntled Employee Robber Ringleader Social Engineering Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud or computer system access; in most cases the attacker never comes face-to-face with the victim.

Steal money or services Why do Hackers Hack?* Revenge Profit Money and Monetary Tools Banks Stocks Digital Goods Pride Intellectual Challenge (Curiosity) Damage Business Steal money or services Damage files Invade privacy Be noticed Explore Revenge X Profit Pride Curiosity * Steven Branigan, High-Tech Crimes Revealed, Addison Wesley, 2005

Opportunities for Cybercriminals Affordability – Equipment and software becoming cheaper Acceptable risk – Risk of being caught is relatively low. Small scale criminals often not aggressively prosecuted. Attractiveness – More available targets. Laws not always current. Availability – Each Internet access for perp and victim. Anonymity – Internet gives the illusion of anonymity.