2036CCJ Cyber-crime (Week 1-6)
CC Generation 2
Committed across networks, crime as hybrids
Of the attempted cyber security incidents (AUS) what are the top 4 tactics used?
- Email phishing and social engineering fraud - Malware infection - Other types of compromise - DoS attack
Of the successful cyber security incidents (AUS) what are the top 4 tactics used?
- Malware infection - Email phishing and social engineering fraud - Other types of compromise - DoS attack
What are the characteristics of cyber-crime ?
- Organised - Financially motivated - Technologically sophisticated - Transnational
What percentage of the world population use the internet as at 2016 ?
40%
How many phone scam reports did the ATO receive in the 5 months between Jan 2016 and May 2016 ?
40.5K
What percentage of victims reports of cyber-crime in AUS are from females ?
44%
What percentage of developing countries have access to the internet ?
47%
What percentage of businesses had experienced at lease one successful cyber attack against them ?
58%
While it is typically large, multinational or government organisations cyber security incidents which are reported in the media, a significant proportion of attacks are targeted at small and medium business. What percentage of attacks target small-medium Australian businesses ?
60%
Why is portability and transferability important to technology become a 'crime enabler'
Advances in technology now enable large datasets to be created, and easily distributed with relative ease and cheaply --> i.e. 1TB hard drives, increasing internet speeds enabling superfast transfers, smart phones, real-time but at a distance thanks to availability of mobile internet, enables people to post information instantaneously of where law enforcement are located or conducting activities, use of cryptocurrencies which leave little to no paper trail unlike cash or other 'traditional bank transactions', provides an avenue for secure text communications rendering wiretaps, or metadata searches obsolete.
What is the core agency in US for cyber fraud ?
Internet Crime Complaint Center (IC3)
What is National Fraud Intelligence Bureau (NFIB) ? (UK)
National policing lead for fraud. Uses millions of reports of fraud and cyber crime to identify serial offenders, organised crime gangs and established as well as emerging crime types
What is IC3s mission ?
To provide the public with a reliable and convenient reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated fraud schemes and to develop effective alliances with law enforcement and industry partners
- BEC (business email compromise) - Romance and confidence fraud - Non-payment and non-delivery
Top 3 crimes by reported loss in US
- dating scams & romance scams - investment scams
Top 3 fraud/cyber-crimes by reported loss to ACCC in AUS
What is advance fee fraud ?
Very common and vary in type, style and delivery but all are after the same thing - to get you to pay for non-existent funds or goods. The perpetrators are experts in conning people by coming up with various reasons why you need to send money for things like legal fees, government charges, United Nations anti-terrorism or money laundering certificates & may refer you to others masquerading as banks or lawyers, and often use official looking logos on letters and emails.
What activities constitute "offences against a computer system ? "
illegal access illegal interception data interference system interference's misuse of devices hacking
What does the ACCC do ?
publishes fraud and scam statistics
Types of catergories of cyber-crime included in the Australian Cybercrime Act 2001 (Cth) ? How does the Act differentiate between types of cyber-crimes ?
- Crime directed at computers (true cybercrime) or other ICTs; or - Crime where computers of ICTs are an integral part of the offence
In the ACA 2001 what does "Crime directed at computers (true cybercrime) or other ICTs" include ?
- Cyber Fraud - Offences against a computer system
What does the NCCS look into ?
- Cyber attacks - Cyber theft - Other computer security incidents
When was did the Cyber-security National Action Plan (US) come into force ?
2016
Of the affected business in Australia affected by one or more cyber security incidents how many report to an external party ?
48%
What was the reported $ losses due to ATO scams to Australian victims between Jan 2016 and May 2016 ?
$1.2M
How much are Australian TFNs worth ?
$1K
How much are Australian Medicare details worth ?
$200
What is the total financial investment by the Australian Government into cyber security over the next 4 years ?
$230M
What is the average cost of a cyber crime attack to businesses in Australia ?
$276K
What are the reported losses due to cyber crime in AUS ?
$300M
What are reported losses of male victims of cyber-crime in AUS ?
$35.6M
Australian identity credentials are worth how much on the dark net ?
$50-$5.2K
There has been an increase in scams targeting business and Government. How many victims ?
90% of businesses have faced some form of successful attempt, or attempt of cyber-crime in last year
What percentage of security incidents involved human error ?
95%
LulzSec
an underground group, an offshoot of the international hacking collective Anonymous
'Computer as a target' refers to ...
Offences where a computer itself is the target of a crime (HACKING)
What does Malicious Software (#2) refer to IN RELATION TO HACKING ?
Offender disseminates viruses, worms, spyware, backdoors, scare-ware, ransom wear, adware and/or Trojans onto target computer. The nature of which depends on the purpose for which it has been distributed
Particular environments increases one's exposure and proximity to dangerous situations, BUT whether a person becomes a crime victim depends on their presumed subjective utility over alternative targets
Opportunity model of victimisation
What is the least valuable Australian identity credential?
Passwords
3 core criminological theories are applicable to Cyber crime - what are they ?
Social Learning Theory General Theory of Crime Space Transition Theory
Several theories (new and old) are applicable to cyber crime. What are they ?
Social Learning Theory General Theory of Crime Space transition theory
More than half of victimised businesses are alerted to possible breaches by external third parties, before they detect it themselves ?
True
Health information and medical records are worth how much on the dark net ?
US$12.20
UTI ?
Unintentional Insider Threats
What activities are considered to be 'advance fee fraud' ?
romance scams inheritance scams investment scams fraudulent financial transactions
What does the Australian Consumer Fraud Taskforce do ?
Comprised of a rich tapestry of agencies and departments with responsibility for consumer protection and policing in areas of scams and frauds
CC Generation 1
Computers used to assist traditional offending
'Computer as a target' offenders are against...
Confidentiality Integrity and availability of data and systems
Why has cybercrime and crimes enabled by cyber technology have continued to increase ?
Connectedness and rapid development (and affordability)
What is physical guardianship ?
target hardening tools
What factors affect or influence criminal decision-making and behaviour according to Routine Activities Approach/Theory ?
target suitability and guardianship
Why is PII valuable ?
to commit identity fraud; file tax returns, apply for loans & credit cards; launch phishing attacks
Computer supported
traditional crimes where use of the computer is an incidental aspect of the commission of the crime , but can be enhanced by use of technology
What is hacking ?
unauthorised access to computers or computer systems; malicious software; DoS attacks
What is data breach ?
use of phishing and social engineering
Data value
vary in price; like any market, varies according to availability, volume, accessibility and potential use
According to Opportunity model of victimisation particular environments increase ones exposure and proximity to dangers situations... BUT...
whether a person becomes a crime victims depends on their presumed subjective utility over alternative targets
According to Akers the 4 learning mechanisms in Social Learning theory are - differential association - definitions - differential reinforcement - imitation Explain differential reinforcement
Definitions supporting criminal behaviour is critical to justify behaviour, reinforcement is needed - financial or social. Positive reaction to behaviour will encourage future behavior of a similar kind + perceived or actual punishment will decrease behaviour
The following is what ? Age Sex Race Income Marital status Education Occupation
Demographic characteristics
What is the premise of Lifestyle exposure theory ?
Demographic differences in likelihood of victimisation are attributed to differences in personal lifestyles of victims
What does DoS attacks (#2) refer to IN RELATION TO HACKING ?
Denial of Service
What makes a target suitable ?
Depends on the offenders interests. May be a computer system/network; data; harassment of an individual; exploitation of a child; terrorist activities
What is Malicious Software ?
Designed to disrupt, damage, or gain unauthorised access to a computer system, without the knowledge of the owner
The costs to businesses of attempted, and success cyber security incidents involves many activities. What activity do businesses have to undertake as a result of the incident which is 53% of the total cost ?
Detection and recovery
What is Routine Activities Approach/Theory ?
Direct contact predatory victimisation occurs when there is a convergence in both space and time of three factors 1. Motivated offender 2. Suitable target 3. Absence of capable guardian
Of all types of cyber security incidents experienced by businesses, which incident type results in the highest average cost to business ?
DoS attacks
What is the focus of the Australian Cyber Security Strategy ?
Efforts of multiple agencies to provide a secure cyberspace for Australia. Working with international agencies to promote free, open and secure Internet, and redoubling our efforts to counter the spread of extremist and terrorist violence
The following are what ? - there is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information - likely to result in serious harm to one or more individuals - entity has not been able to prevent the likely risk of serious harm with remedial action
Eligible data breaches according to Notifiable Data Breaches scheme
The following are what ? - a device containing customers' personal information is lost or stolen - a database containing personal information is hacked - personal information is mistakenly provided to the wrong person
Examples of a data breaches
Ashley Madison.com data breach
Exposed passwords, credit card information and activities of users
According to Akers the 4 learning mechanisms in Social Learning theory are - differential association - definitions - differential reinforcement - imitation Explain definitions
Exposure and engagement with peers or attitudes and norms which favour breaking law or providing justifications that neutralize possible negative consequences of deviance
LulzSec case study
Extensive breach of the computer systems belonging to Sony Pictures Europe. Published the names, birth dates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony Authorities have said the Sony breach ultimately cost the company more than $US600,000
Phone based scams are still more prevalent that online scams ?
False
True or false ? High self-control is one of the best correlates of crime and consistently linked to crime and deviance
False
What is the NCSS (US) ?
National Computer Security Survey
How could you apply Social Learning Theory to DIGITAL PIRACY ?
Need to download music or movie files without authorisation Individual needs to interact with fellow digital pirates, learn how and where to do downloads Imitate what they have observed Learn definitions supportive of violation of intellectual property laws Rewarded financially and/or socially for efforts to reinforce behaviour Friends/relationships provide information on methods of pirating and location of material; skills are learnt from interacting with others Peer associations assist in learning new methods of downloading through imitation and in supporting views of the 'lack of harm' and 'guidelines' indicating behavior is unethical
What is the dark figure of cyber crime ?
Not all attacks (attempted or successful) are reported to agencies or law enforcement. Only reported incidents end up in official reports/statistics. Resulting in a 'black hole' of information.
What is gain control of a computer ? in terms of UNAUTHORISED ACCESS 'computer as a target' motivations
Offenders can use/take over computers for unauthorised purposes i.e. war-driving - Use of service - Provides anonymous access to illegal content - Point of entry for computer system - Intercept communication
What is modification / impairment of data ? in terms of UNAUTHORISED ACCESS 'computer as a target' motivations
Offenders may not only gain access to data but may modify it in some way - to harm a company or conceal information - for financial or other advantage - changing grades; increasing credit limits
Attention
Various factors increase or decrease the amount of attention paid. Includes distinctiveness, effective valence, prevalence, complexity, functional value. Differs for individuals depending on characteristics such as sensory capacities, arousal level, perceptual set, past reinforcement).
True or false ? Low self-control is one of the best correlates of crime and consistently linked to crime and deviance
True
What does Hack or Malicious Code refer to ? IN TERMS OF UTI
an outsider's electronic entry acquired through social engineering (e.g., phishing email attack, planted or unauthorized USB drive) and carried out via software, such as malware and spyware
Cyber dependant
crimes that are true cybercrimes, can only exists because the technology exists
CC Generation 3
True cybercrime (opportunities created by the development of internet)
True / False ? Reporting data breaches in Australia has been made compulsory
True. Effective 22 February 2018
Social Security numbers are worth how much on the dark net ?
US$55.70
Health information and medical records are worth how much on the dark net ?
US$59.80
Passwords are worth how much on the dark net ?
US$75.80
Cyber enabled
existing/traditional crimes are perpetrated through the use of the internet
Opportunity model of victimisation has 2 central propositions, what are they ?
- An individuals routine activity patterns and lifestyle contributes to creation of criminal opportunity structure by enhancing contact between potential offenders and victims - The value of person/object and its level of guardianship determine choice of particular crime target
Basic postulates of Routine Activities Approach/Theory ?
- Assumption that there will always be motivated offenders. - Focus on social and technological changes that can affect crime rates. - Interested in examining how daily behavioural routines increase proximity of an attractive target to motivated offenders
Necessary conditions for effective modeling in Social Learning Theory, according to Bandura ?
- Attention - Retention - Reproduction - Motivation
ABS Census - a target ? why ?
high profile target public comments about privacy and security embarrass Australian government internationally building a reputation / ego based known / guaranteed event
What does Loss of Portable Equipment refer to ? IN TERMS OF UTI
lost, discarded, or stolen data storage device, such as a laptop, PDA, smart phone, portable memory device, CD, hard drive, or data tape
What is an Unintentional Insider Threats (UTI)
A current or former employee, contractor or business partner, who has or had authorised access to an organization's network, system, or data and who, through action or inaction without malicious intent, causes harm or substantially increases the probability of future serious harm to the confidentiality, integrity, or availability of the organisation's information or information systems.
What does Australian Cybercrime Online Reporting Network (ACORN) do ?
A national policing initiative and a national online system that allows the public to securely report instances of cybercrime. It will also provide advice to help people recognise and avoid common types of cybercrime.
What is social guardianship ?
protection from family or social networks
What do the Australian Consumer and Competition Commission (ACCC) ?
publishes fraud and scam statistics
What is this statement referring too ? "Much research on victimisation related to mainstream volume crimes such as burglary, rape and domestic violence, very little research on fraud and cybercrime victims"
Common perception that fraud and cybercrime is a 'victimless' crime that has little impact
What is personal guardianship ?
self-protective behaviours (and situational crime prevention)
What does Accidental Disclosure refer to ? IN TERMS OF UTI
sensitive information posted publicly on a website unintentionally; mishandled; sent to the wrong party via email, fax, or mail
Why are credentials valuable data ?
stealing intellectual property, espionage, launch phishing attacks
What does the NCSS (US) do ?
Documents the nature, prevalence, and impact of cyber intrusions against businesses in the United States
What does this statement mean ? Australia along with US, Russia, UK are highly connected countries.
Large majority (if not all) citizens/individuals have ready access to the internet and online engagement. That's what creates the opportunities for cybercrime.
What are some of costs to businesses as a result of cybercrime?
Reputation Opportunity costs from loss of IP Cost of remedy Legal costs Loss in trust in partnerships Lost productivity Ransom Cost to Australian economy Implementing new cyber security strategies Cost of investigation / examination Lost confidence
Apart from phone and online scams, what are other types of scams seen in Australia ?
SMS Door-to-door Employment Investment Romance Advance fee fraud Threat and penalty Prize Lottery Charity Small business False billing
How has technology become a 'crime enabler' ? How does technology assist criminal activities ?
Scale (increased the scale at which victims exists) Accessibility Anonymity Portability and transfer-ability Global reach Absence of capable guardian Organised crime
Why do scammers seek iTunes cards from victims as 'payment' or financial support (falsely represented) ?
Scammer can sell the voucher numbers on the online black market and put the credit into online accounts to purchase goods & services
What are the most common type of cyber activities experience by Australian businesses ?
Spear phishing emails - hundreds a day
What are 'other computer security incidents' ?
Spyware, adware, hacking, phishing, spoofing, pinging, port scanning, and theft of other information, regardless of whether the breach was successful
Who leads cyber security threat response activities (US) ?
The Department of Justice, acting through the FBI and the National Cyber Investigative Joint Task Force (NCIJTF)
Who leads cyber security intelligence support and related activities (US) ?
The Office of the Director of National Intelligence, through its Cyber Threat Intelligence Integration Center
- Non-payment and non-delivery - Personal data breach - Payment scams
Top 3 fraud/cyber-crimes reported by victims in US
- Phishing - Advance fee fraud - False billing scams
Top 3 fraud/cyber-crimes reported by victims to ACCC in AUS
What is Action Fraud ? (UK)
UK's national reporting centre for fraud and cyber crime where you should report fraud if you have been scammed, defrauded or experienced cyber crime. Central point of contact for information about fraud and financially motivated internet crime
Of all types of cyber security incidents experienced by businesses, which incident type results in the lowest average cost to business ?
Wirus/worm/trojan or malware
What are the reported losses due to cyber crime in US ?
$1.3B
What dollar value in losses do investment scams cost Australians ?
$59M
What activities constitute "Crime where computers of ICTs are an integral part of the offence"
- Cyber fraud - Advance fee fraud - Identify theft
What is the dark figure of cyber crime in AUS (approx) ?
15%
What percentage of less developed countries have access to the internet ?
15%
How many cases of cyberfraud in AUS (approx) ?
200K
How many cases of computer misuse in UK (approx) per year ?
2M
How many cases of cyberfraud in UK (approx) per year ?
3.6M
How many cases of cyberfraud in US (approx) ?
300K
How many victims over cyber-crime in AUS ?
300K
What percentage of victims reports of cyber-crime in AUS are from males ?
39%
Of the affected business in Australia affected by one or more cyber security incidents how many do not report the incident ?
45%
True / False ? Attacks occur from both inside and external in 'Computer as a target' offences
True
True / False ? RAA not focused on assessing motives but on factors affecting victimization
True
True / False ? The ATO census system issues a result of DoS/DDos attack
True
Routine Activities Approach/Theory theorist ?
Cohen and Felson (1979)
Opportunity model of victimisation theory theorist ?
Miethe & Meier (1990)
What is Opportunity model of victimisation theory ?
Combination of RAA and Lifestyle approaches
Space Transition Theory theorist ?
Jaishankar (2008)
What percentage of business victimised (AUS) sustained financial losses exceeding $10,000 in 2005 ?
68%
What percentage of business victimised (US) sustained financial losses exceeding $10,000 in 2005 ?
68%
What percent of the global population have access to mobile broadband ?
84%
Approximately how many attempted or successful online fraud and cyber crime incidents (UK) are unreported ?
85%
What percentage of business experienced an cyber security attack/attacks (AUS) in 15/16 ?
86%
What percentage of business victimised (US) detected multiple cyber security incidents in 2005 ?
86%
What challenges, besides under reporting, is faced in cyber crime and fraud data collection / statistics ?
- Difficulty in identifying the victim, eg. bank fraud, is the victim an individual or the bank? - Many victims of a single criminal act, counting victims and/or crime events? eg. mass marketing fraud where there are thousands of victims from a single crime - Jurisdictional boundary issues, where is the crime 'counted'? - Data is distributed across multiple police agencies, government agencies and regulatory authorities
How can General Theory of Crime be applied to identity theft ?
- Easy and simple crime; gain 'quick' cash to support immediate wants
How can General Theory of Crime be applied to online child pornography ?
- Impulsive and focus on easy/simple immediate gratification
How can General Theory of Crime be applied to cyber harassment and stalking ?
- Inability to control their temper and resolve problems physically
What does unauthorised access (#1) refer to IN RELATION TO HACKING ?
- Logging into a computer of system without permission - Using networks to gain remote access - Exploit vulnerabilities
How can General Theory of Crime be applied to - Online harassment and stalking - Online pornography - Digital piracy - Identity theft
- Offender seeking immediate gratification - Offender lacks self-control - Offender lacks internal regulation
General Theory of Crime has been shown to reliably explain several types of cyber crime. What are they ?
- Online harassment and stalking - Online pornography - Digital piracy - Identity theft
A data breach occurs when ...
- Personal information held by an organisation is lost or subjected to unauthorised access or disclosure
Basic postulates of Space Transition Theory ?
- Persons with repressed criminal behavior (in physical space) have a propensity to commit crime in cyberspace, due to their status and position - Identity flexibility, dissociative anonymity, and lack of deterrence in cyberspace enables offenders the choice to commit crime - Criminal behaviour of offenders in cyberspace is likely to be imported to physical space; physical space may be exported cyberspace - Intermittent ventures of offenders in cyberspace and dynamic spatio-temporal nature of cyberspace provides chance to escape - strangers are likely to unite together in cyberspace to commit crime in physical space; associates in physical space are likely to unite to commit crime in cyberspace - Persons from closed society are likely to commit crime in cyberspace - The conflict of norms and values of physical space with the norms and values of cyberspace may lead to cybercrimes
Structural factors
- Proximity and exposure - Pattern the nature of social interaction and predispose individuals to riskier situations
What are the characteristics of a Phishing scam ? (think fishing... wide net)
- Seek to obtain personal information, such as names, addresses, date of birth and tax file numbers - Use link shorteners or embed links that redirect users to suspicious websites in URLs (appear legitimate) - Incorporates threats, fear and/or sense of urgency to manipulate the user into acting quickly
Choice factors
- Target attractiveness and guardianship - Determine the selection of particular crime target within a sociospatial context
Akers reformulated Differential Association to specify learning mechanisms - social learning theory
- differential association - definitions - differential reinforcement - imitation
3 aspects of 'Computer as a target' offences...
- gaining unauthorised access to a computer or computer system; - causing unauthorized damage or impairment to computer data or the operation of the computer or system; - unauthorised interception of computer data
What are the characteristics of a Spear phishing scam ? (think fishing... more specific)
- increase in sophistication of attack - limit the target audience and increase the precision of their messages; increases the appeal of the message and apparent legitimacy - target individuals within a particular business sector, who work in the same company, in the same department, or who share some other common attribute - research their target(s) in order to maximise their chances of success
How can General Theory of Crime be applied to digital piracy ?
-Immediate gratification with little/no effort; little empathy for owners of intellectual property
3 main categories of HACKING
1. Unauthorised access to computers or computer systems 2. Malicious software 3. DoS attacks
In 2015-16 how many data breaches were reported to the Office of the Australian Information Commissioner (OAIC)?
107
In 2014-15 how many data breaches were reported to the Office of the Australian Information Commissioner (OAIC)?
110
How many users were affected by the Ashley Madison.com data breach ?
37M
What is General Theory of Crime?
A theory of self control. Posits that behaviour is regulated by social controls and self controls.
What is Social Learning Theory ?
A theory that learning takes place in a social context and can occur purely through observation or direct instruction, even in the absence of motor reproduction or direct reinforcement.
Offender motivations for UNAUTHORISED ACCESS category 'computer as target' offences
Access to information Modification or impairment of data Want to take over control of computer or system
According to Akers the 4 learning mechanisms in Social Learning theory are - differential association - definitions - differential reinforcement - imitation Explain differential association
An individuals exposure and engagement with peers provides models for deviant behaviour and definitions, eg. attitudes and norms
Spear phising
An offender is likely to use identity or 'hack the identity' of a third party that is to be known or of interest to the intended victim(s), such as a supplier, to leverage existing trust relationships
What is unauthorised access ? in terms of UNAUTHORISED ACCESS 'computer as a target' motivations
At the base level, this involves logging on to a computer and/or system without permission
What does this statement from the Australian Prime Minister relate to ? "As the Snowden disclosures demonstrate, often the most damaging risk to government or business online security is not 'malware' but 'warmware'; the ability of a trusted insider to cause massive disruption to a network or to use legitimate access to obtain classified material and then illegally disclose it."
Australian Cyber Security Strategy
What is the most valuable Australian identity credential?
Australian passport
Social Learning Theory theorist ?
Bandura / Akers
How does control affect an offenders behaviour according to General Theory of Crime ?
Belief that high criminality individuals have less control placed on them, making them more likely to pursue criminal acts
The following statement refers to what ? "Program that infects the target computer and allows it to be controlled remotely"
Bots
What is the 'crime triangle' ?
Crime occurs when there is a convergence in both space and time of three factors 1. Motivated offender 2. Suitable target / place 3. Absence of capable guardian with an additional layer added - 1. Handler 2. Manager 3. Guardian
Extortion - DoS attacks (#2) refer to IN RELATION TO HACKING ?
Cyber criminals have been known to follow a DDoS attack with a ransom note, demanding money in exchange for stopping the attacks
Business competition - DoS attacks (#2) refer to IN RELATION TO HACKING ?
DDoS attacks can be used by people to make the website of their competition to crash
Hacktivist - DoS attacks (#2) refer to IN RELATION TO HACKING ?
DDoS attacks to express displeasure against targets, ranging from governments to private companies
Typically happen because of human error or innocent mistake...
Data breaches
What are non-financial impacts (possible or real) impact of fraud and/or cyber crime ?
Feelings of anger Feelings of stress Psychological stress Relationship problems Health problems Loss of pension / income Decrease personal credit rating Loss of home Feelings or suicide Suicide attempt/s Mental health trigger
What are arguments against Space Transition Theory ?
Few empirical studies have examined the theory Variants of other theories Inconsistencies with current research on cybercrime offending and victimisation
What similarities do cyber-crime applicable theories have to traditional crime theories ?
Financial (gain) Satisfaction of desires (sexual) Power and control (harrassment, bullying) Thrill (excitement, immediate gratification)
Personal Guardianship activities
Firewalls Anti-virus software Passwords Two-step verification Encryption
According to what theory are individuals who are insensitive, impulsive are more likley to act on the spur of the moment (seek instant gratification) without considering consequences ?
General Theory of Crime
What theory does the following statement relate to ? "Crimes are simple acts that provide immediate gratification; offenders lack self-control and internal regulation"
General Theory of Crime
General Theory of Crime theorist ?
Gottfredson and Hirschi (1990)
Data breaches affected a number of sectors across Australia. What are they ?
Government Finance (including superannuation) Health service providers Retail Online services
Lifestyle exposure theory theorist ?
Hindelang, Gottfredson & Garofalo (1978)
How to offenders select targets for data breaches ?
Identify vulnerabilities Focused on "tricking users"
UTI Threat Vectors (paths/course/route)
Improper of Accidental Disposal of Physical Records Loss of Portable Equipment Accidental Disclosure Hack or Malicious Code
How is malicious software (malware) get distributed ?
In-direct - downloading (email attachment) Direct - physical intervention/infection (usb)
What does this statement refer to ? "Evidence that offenders regularly interact in cyberspace without any 'real world' connection"
Inconsistency of Space Transition Theory with current research on cybercrime offending and victimisation
2 types of adaptations in lifestyle according to Lifestyle Exposure Theory ?
Individual Sub-cultural
What is Denial of Service (DoS) or Distributed Denial of Service (DDoS) ?
Individuals may send thousands of emails or sufficient number of requests to website to overwhelm system - website is unable to cope with the number of requests it is receiving - Also can be achieved from a replicating program such as a virus to overwhelm the system.
What is the Privacy Amendment (Notifiable Data Breaches) Bill 2016 ?
Legislation to make data breach reporting compulsory, under some circumstances
The following statement relates to what victimisation theory ? "People are not equally exposed to high-risk places and times, and they vary in the degree to which they associate with high-risk persons. This translates to a persons lifestyle influencing the exposure and association with high-risk persons"
Lifestyle Exposure Theory
Why is variation in lifestyle important to Lifestyle exposure theory ?
Lifestyle is the context in which daily activities occur; daily activities may bring potential victims in contact with crime or increase risk of victimisation - differential exposure to places, times and people results in variations in victimisation risk
Lifestyle + Associations + Exposure = what ?
Likelihood of personal victimisation
What differences do cyber-crime applicable theories have to traditional crime theories ?
Malware Hacking Concept of space (virtual v physical) Anonymity
Opportunity model of victimisation theorist ?
Meithe & Meier (1990)
Reproduction
Mirroring. Including physical capabilities, and self-observation of reproduction.
Structural and choice factors affect (can increase) your likelihood of crime victimisation
Opportunity model of victimisation
How could you apply Social Learning Theory to HACKING ?
Peer associations have strong correlation; so too imitation and introduction and reinforcement of beliefs to excuse and justify hacking behaviours Hacking subculture Websites and chatrooms play large role in social learning processes; websites to learn basic hacking techinques
What is the Weakest link in Information Security ?
People / Humans
Why does social engineering work ?
People want to be helpful People want to give good customer service to coworkers, clients, and vendors
Types of guardians in cyber space ?
Personal Social Physical
Updating software/OS, using spam filters and checking email credentials are a form of what cyber guardianship ?
Personal Guardianship
Valuable data in data breaches ?
Personally Identifiable Information (PII) Financial data Credentials
Most common Social Engineering attack ?
Phishing scams
According to Akers the 4 learning mechanisms in Social Learning theory are - differential association - definitions - differential reinforcement - imitation Explain imitation
Plays key role in social learning process; particularly early in learning process. As learning continues, reinforcement and definitions take on increasing importance
What is Social Learning Theory ?
Posits that people learn from one another, via observation, imitation, and modeling. The theory has often been called a bridge between behaviorist and cognitive theories because it encompasses attention, memory, and motivation.
What is Space Transition Theory ?
Proposed individuals behave differently while online than they would in physical space + individual behavioural patterns are different online compared to physical environments
Opportunity model of victimology is a combination of which two theories ?
RAA X Lifestyle
Motivation
Reason to imitate. Includes motives such as past (i.e. traditional behaviorism), promised (imagined incentives) and vicarious (seeing and recalling the reinforced model)
The following refer to what ? - Hacktivist - Extortion - Business competition - Script kiddies
Reasons why DDoS attacks are launched
Retention
Remembering what you paid attention to. Includes symbolic coding, mental images, cognitive organization, symbolic rehearsal, motor rehearsal
What are the key impacts cyber security incidents for businesses ?
Resources Financial Service Reputation Other
What theory does the 'crime triangle' relate to ?
Routine Activities Approach/Theory
Yar (2005) argued what ?
Routine Activities Approach/Theory is not truly applicable to cyber crime as it does not meet the elements of time and space convergence (because cyber environments are spatially and temporarily disconnected
Several theories (victimisation) are applicable to cyber crime. What are they ?
Routine Activities Theory Lifestyle Exposure Theory Opportunity Model of Victimology
Who can you report cyber fraud victimisation to, in AUS ?
ScamWatch, ACORN, CERT, ACCC
Sharing security tips and cyber peers are a form of what cyber guardianship ?
Social Guardianship
What theory does the following relate to ? - Example applied to computer skills/expertise - Individuals need to learn how to operate equipment (ie. computer) and specific procedures (eg. programming) - This learning can occur from others already skilled in these techniques and processes
Social Learning theory
What theory does this statement relate to ? "individuals who have a greater proportion of beliefs that support deviant behaviours, they will be more likely to engage in those activities"
Social Learning theory
The following statement refers to what ? "Generic description of programs that in some way monitor computer use"
Spyware
What are the 2 core factors which affect offender decision making according to the Opportunity model of victimisation ?
Structural Choice
The following is what ? Economic Familial Educational Legal
Structural constraints
Who leads cyber security asset response activities (US) ?
The Department of Homeland Security, acting through the National Cybersecurity and Communications Integration Center
What is a predictor of cyberspace criminal behaviour, according to General Theory of Crime ?
The amount of control placed on the individual by law, society, school, friends, family etc
What is Lifestyle exposure theory ?
The lifestyle/exposure theory is a model of victimology that posits that the likelihood an individual will suffer a personal victimization depends heavily upon the concept of life style. The lifestyle theory is constructed upon several premises.
Social Engineering in the context of UTI
The manipulation of people to get them to unwittingly perform actions that cause harm (or increase the probability of causing future harm) to the confidentiality, integrity, or availability of the organisation's resources or assets, including information, information systems, or financial systems
What are victimisation theories ?
Theories about the factors the place individuals at risk of becoming a victim of crime
What are new / old theories ?
Theories about why some individuals are more likely to commit crime.
Script kiddies - DoS attacks (#2) refer to IN RELATION TO HACKING ?
These type of DDoS attacks are performed by cyber vandals using premade scripts and tools disrupt internet users — usually online gamers
LulzSec case study
Took credit for denial-of-service attacks last year against PayPal, Visa, and Mastercard after the payment service providers announced they would stop processing donations intended for the secret-spilling site WikiLeaks
The following statement refers to what ? "Appear to be innocent programs but contain hidden functions"
Trojans / Trojan horses
The following statement refers to what ? "Infects computers and performs a programmed function, deletion or modification of data and installation of other malwear"
Viruses and worms
Indra Fraud / Scam case study
Migrant who had been contacted by scammers, and was convinced to pay over $2000 to 'save' her husband from arrest (which was false)
What percentage did ATO scams (reported) increase by between 2014 and 2015 ?
90%
What is/does the Australian Consumer Fraud Taskforce (ACFT) do ?
Comprised of government regulatory agencies and departments with responsibility for consumer protection and policing in the areas of scams and fraud
What are the following factors of ? - increasing use of social media - iTunes and gift card scams - threat-based and impersonation scams - scams targeting businesses
Emerging scams trends in 2016
What does the following statement refer to ? Whilst similar to transitional crimes and a lot of overlap, technology has created discrete crimes specific to cyberspace. To some extent yes, but majority of cybercrimes only exists because of the technology. Most are existing crimes, created in new ways.
Old Wine in New Bottles
How many potential victims exist (globally) as a result of the rapid development of technology and increased used in daily life ?
Over 4 billion devices are connected globally to mobile broadband
What is the Cyber-security National Action Plan ? (US)
The FBI is the lead federal agency for investigating cyber attacks by criminals, overseas adversaries and terrorists
What are the reported losses due to cyber fraud as stated by ABS Personal Fraud Survey ?
$3B
What dollar value in losses do dating and romance scams cost Australians ?
$42M
What are key indicators of ATO scam emails ?
- The email address isn't correct, or looks to be linked to a 'spoof/copy' account - the email not being personalised - poor grammar - states that you are eligible for a large unexpected refund - Requests you click on an active link to 'download' something - asks for personal identification documents to 'verify your identity' - requests you open an attachment that is embedded within the email
What are the 3 generations of cyber-crime ?
- computers used to assist traditional offending - committed across networks, crime as hybrids - true cybercrime (opportunities created by the development of internet)
Apply routine activities approach to Advance Fee Fraud ?
A person who spent long hours on the internet would be more likely to become a target to a global pool of motivated offenders. Fewer internet security measures would mean greater likelihood of victimisation because of the absence of capable guardianship to prevent the crime from occurring.
What is this an example of ? 57-year-old man received a call that appeared to originate from Victoria. The victim answered the call and was spoken to by an unknown man. The caller said he was from the ATO, and there was a pending warrant for the victim in relation to outstanding tax owed. The man then instructed the victim to buy $1300 worth of iTunes gift cards, which he did at a local supermarket while still on the phone. The victim was then asked to read the serial numbers of the cards over the phone to the unknown man, which he did
ATO and iTunes Card Scam
What type of fraud do these activities relate to - offers to participate in business deals; - assisting dignitaries by paying fees to move large sums of money out of a foreign country in order to receive a share of the proceeds; - paying fees in order to receive lottery winnings/inheritance/prize - paying money to develop a relationship or marriage
Advance Fee Fraud
What type of cyber-crime or fraud has the highest reported losses for Australian's ?
Advance Fee Fraud - such scams have had a huge impact globally, with Ultrascan (2008) estimating that US$4.3b was lost to advance fee fraud in 2006.
ASCC, ASD, DIO, ASIO, CERT, ACIC and AFP are all apart of what ? (AUS)
Australia's Cyber Security Strategy
What is Australia's legislative regime on cyber-crime ?
Australian Cybercrime Act 2001 (Cth)
How does anonymity 'enable' crime on the internet ?
Creates opportunities for offenders to offend at a distance from their offenders, and in relative secrecy due to privacy software, difficulty in tracing locations, use of false names or false personal accounts/social media profiles. Obviously the most skilled you are, the easier it is to 'cloak' your movements or identity online. However this also means it inhibits detection and prevention by law enforcement
What is 'cyber theft' ?
Crimes in which a computer is used to steal money or other things of value ie. embezzlement, fraud, theft of intellectual property, and theft of personal or financial data.
What is a 'cyber attack' ?
Crimes in which the computer system is the target ie. computer viruses (including worms and Trojan horses), denial of service attacks, and electronic vandalism or sabotage.
A. There are three major categories of cybercrime. What are they ?
Cyber DEPENDANT Cyber ENABLED COMPUTER-SUPPORTED
