Cyber Crime and Cyber Terrorism Overview midterm

Bot

A ____ program enables an attacker to compromise and infect multiple computers at once.

Tojan horse

A _______ is a program that neither replicates nor copies itself, but causes damage or compromises the security of the computer.

polymorhpic

A ________ has no constant section of code.

trademark

A ________ or service mark may be infringed by offering goods, services, labels, or other packaging containing a counterfeit mark.

Denial of service

A __________ uses multiple systems to attack one or more victim systems or websites with the intent of denying service to legitimate users wishing to log on or utilize the attacked server.

code

A common technique for the Mexican drug cartels is the use of ________ words to communicate with each other via social media.

80

A recent study by the United Nations estimated that over ________ percent of all cyber crime worldwide was perpetrated by organized crime associations.

the environment they operate in, the operating system they are targeted at.

A virus can be categorized based on:

an unmet expectation

According to CERT the most common precipitating event that led to an insider attack was:

late 2000

Although it was invented in 2002, the popularity of the dark web did not really take hold until ____________.

phone phreaking

An example of early cyber criminal activity.

spyware

An unauthorized program typically contained within a legitimate program is known as a:

They are both software that copy itself elsewhere but unlike viruses worms do not attach itself to, or modify other files

Compare how a worm operates and how a virus operates.

Exposure

Computer systems and software are graded in terms of their _______ to vulnerabilities.

trade secrets, intellectual property, research and development, business strategies, customer data, financial information, and employee information.

Corporate espionage schemes may target which areas?

outsiders

Corporate spies are divided into two distinct groups: insiders and _________.

Economic Espionage Act of 1996

Criminal activities related to corporate espionage are prosecuted under which of the following federal statutes?

The dark web is a hidden part of the internet that requires special software, such as the Tor browser, to access. It consists of encrypted websites that are not indexed by traditional search engines, providing users with anonymity and privacy. The Tor Network (The Onion Router) routes internet traffic through a series of volunteer-operated relays, concealing users' locations and usage from surveillance and traffic analysis. This network was originally developed by the U.S. Naval Research Laboratory to protect intelligence communications.

Define and describe the "dark web" or Tor Net.

Spam: Chain Mail: Hoaxes: Virus Hoaxes: Fraud:

Discuss the five general types of e-mail hoaxes.

File Viruses: Boot Viruses: Marcoviruses: Network Viruses:

Discuss the four primary environments that viruses operate in.

Industrial spies

Domestic spies hired by corporate competitors that are intent on gaining a competitive advantage over American firms are what type of corporate spies?

1970s

During what decade did electronic funds transfers (EFTs) begin to expand money laundering opportunities?

Crowdstrike

Each year, _______ publishes their Global Threat Report, which provides an update about Internet threat activity, including network-based attacks, attackers, a review of known vulnerabilities, and highlights of malicious code.

related

Embezzlement can be classified as a computer-_______crime.

Spyware

Gathers information on the user and then give information back to the person who created it to sell it later

What are the different types of espionage?

Human Intelligence (HUMINT): Gathering information through human sources, such as spies or informants Signals Intelligence (SIGINT): Intercepting communications and electronic signals Imagery Intelligence (IMINT): Using satellite or aerial imagery to gather information Measurement and Signature Intelligence (MASINT): Collecting data from sensors to identify and track objects or activities Cyber Espionage: Hacking into computer systems to steal sensitive information Industrial Espionage: Spying on corporations to gain competitive advantages

Similarities: both cause damage, replicate rapidly, Spread rapidly Differences: You have to trigger Viruses while Worms you do not, Worms can spread to other computers Viruses cannot

Identify similarities and differences between viruses and worms.

insiders

Individuals involved in the ________ attack exhibited concerning behaviors such as being disgruntled, going to work for a competitor in the same industry, and embarking on suspicious foreign travel.

Email, email attachments, websites, digital pictures instant messaging

List ways that viruses and other types of malicious code are primarily spread today?

the misappropriation of cash and/or noncash assets by employees.

Losses from insider fraud are primarily due to:

Common business software

Macro viruses are most commonly associated with:

Blended threats

Malicious code attacks that combine the characteristics of viruses, worms, Trojan horses, and malicious code with server and Internet vulnerabilities to initiate, transmit, and spread an attack are known as:

employees, managers, executives, or business owners

Occupational fraud can be carried out by:

Sextortion

One __________ method involves the use of trojan malware where the perpetrator claims that the trojan malware has been installed on the victim's device that records all video chats and social media content uploaded through a webcam to threaten the user and get them to pay a ransom.

Italian mafia

Over the past 200 years, which organization/society has become one of the most notorious and widespread of all criminal societies?

Phishing

Perpetrators of _______ attempt to lure or 'hook' potential victims to fraudulent Web sites for the purpose of gathering sensitive personal information.

hacker haven

Russia is commonly referred to as the "________" due to the number of hackers living in the country and claiming to be the best at cyber crime.

Crimeware

Some researchers use the term ________ as a reference to the programs and tools that facilitate fraud and computer attacks.

Cookies

Spyware can be installed through ______, which are files that contain information about a program, a website, the user, or the user's computer

accounting department

The 2021 Global Fraud Study found that nearly half of all schemes originated in which department?

Over $10,000

The Bank Secrecy Act of 1970 requires banks and other financial institutions to file records concerning suspicious financial transactions over what amount?

complaint

The FBI Internet Crime ________ Center (IC3) provides data on complaints of Internet crime received directly from citizens.

East Asian

The ________ Asian criminal enterprises include groups, like the Chinese tongs, based in the United States.

Silk road

The ________ is an underground website named after a great East-to-West trade route.

deep web

The ________ web is a vast, uncharted part of the Internet that is not accessible through regular Internet browsing or search engines.

intent and objectives

The elements of cyber crime are nearly identical to the activities of cyber terrorism, state-sponsored information warfare, and espionage. The distinction between these activities is most often defined from the perspective of the ________.

1700s

The first documented case of industrial espionage occurred in the:

Morris

The first known Internet worm was the _____ worm.

Loss of work hours and Time spent patching systems

The greatest cost of a virus or malicious code attack is:

laundered

The introduction of telecommunications and computer technologies in the 1960s and 1970s served to increase the ease with which money could be ____________.

Script kiddies

The largest group of attackers, comprising over 95% of the attacker population, is referred to as:

Wildness

The most common term used to describe how a virus is operating and the effect it is having is listing the virus as "in the wild," and the ________ of a virus measures the extent to which the virus is spreading among computer users and systems.

laundering

The primary objective of ___________ is to hide the source and ownership of illegally obtained funds through the creation of a seemingly legitimate history or paper trail.

smurfing , shell companies,trade-based laundering, utilizing cash businesses.

Traditional money laundering techniques include:

child sex tourism

Traveling abroad to have sex with underage children is known as:

Self replicating virus

What are characteristics of a computer worm?

celebrity stalkers, casual acquaintance stalkers, and random chance encounter stalkers.

What are not primary categories of stalkers?

older teens, troubled youth, frequent Internet users, and those who participate in chat rooms or communicate online with strangers.

What are some commonalities in the type of youths targeted for sexual solicitations and approaches?

dumpster diving, mail theft, pick-pocketing, and stealing belongings.

What are some low-tech means identity thieves use to steal personal information?

Applications that send information gathered to the people to sell

What are the characteristics of spyware?

File viruses, boot virus, macro virus and companions

What are the four primary environments viruses operate in?

data encryption, jurisdictional challenges, anonymity tools, resource limitations, and outdated legal frameworks.

What are the major obstacles for law enforcement in investigating Internet exploitation?

difficulties managing emotions, impulsivity, and a sense of entitlement to a relationship or contact with someone.

What are typical characteristics of stalkers?

Opening an email downloading a peer-to-peer fil, self executing dates

What can be triggers for a virus?

technological advances, globalization, remote work, economic pressures, and insider threats.

What has increased the occurrence of corporate espionage in the last few decades?

Motivation to sexually abuse: Overcoming internal inhibitions: Overcoming external barriers: Overcoming the child's resistance:

What is Finkelhor's four-part model that enunciates how a sex offense occurs between an offender and a child victim?

Salami slicing

What is NOT an inherent weakness that early cyber criminals exploited in computer systems and networks?

Salami slicing

What occurs when the embezzler sets up a system whereby a very small amount of money is taken off every transaction and gets processed and deposited into another account that the embezzler controls?

Bank Secrecy Act (BSA) data and providing training.

What secondary support does FinCen provide to local law enforcement agencies?

Logic bombs

What term describes the use of computer commands that periodically operate to shift money from an organizational account into the embezzler's account?

Finical gain from system manipulation, data manipulation, or bulk exfiltration of data.

When insiders conspire with or are recruited by outside organized crime groups, the fraud is typically related to:

Proxy/Wingate trojans

Which Trojan horse turns a victim's computer into a zombie server available to the whole world or to the attacker only?

Defend Trade Secrets Act of 2016

Which act created a private civil cause of action for trade secret misappropriation?

love obsessional stalkers

Which category of stalker is the type where no prior relationship exists between the perpetrator and the victim or they are casual acquaintances?

China

Which country has become the MOST active source of national and industrial espionage?

Ukraine

Which country is NOT traditionally connected with child sex tourism?

Embezzlement

Which crime is essentially a theft in violation of trust?

FBI

Which federal agency combats Internet exploitation, cyber stalking, and obscenity?

Italian Mafia (Cosa Nostra), the Russian Mafia, and Balkan organized crime groups

Which organized crime enterprises have traditional clan structures?

regressed child molester

Which subtype of child molester typically leads the most stable life?

those who are perceived as vulnerable and more open to manipulation. Additionally,

Who are typical victims of online exploitation?

Shill

_____ bidding is the use of intentional fake bidding on the part of the seller in order to artificially inflate an item's auctioned price.

Boot

_____ viruses operate based on algorithms for starting an operating system upon power on or reboot.

Payload

______ is the part of the virus program that delivers the malicious intent or other device.

Adware

______ manifest(s) in several ways, including changes to the browser, redirecting startup pages on Internet browsers, replacing the search function within the browser, and generating pop-up ads and frames that can be difficult to delete or shut down.

Botnets

_______ can reach very large sizes and may include thousands of machines.

Eurasian

________ Organized Crime describes groups composed of criminals born in or with family from the former Soviet Union or Central Europe.

Employees

________ generally commit fraud when a permissive environment or misplaced trust exists.

Espionage

________ has its roots as an elementary and basic tradecraft.

laundering

________ is the act of concealing the source of assets that have been illegally obtained.

Industrial espionage

________ is the misappropriation of trade secrets related to or included in a product that is produced for or placed in interstate or foreign commerce to the economic benefit of anyone other than the owner, with the knowledge or intent that the offense will injure the owner of that trade secret.

Economic espionage

________ is the misappropriation of trade secrets with the knowledge or intent that the offense will benefit a foreign government, foreign instrumentality, or foreign agent.

Phishing

________ is/are the most widely reported type of Internet fraud.

Intellectual property

________ property is defined as a legal concept referring to creations of the mind.

Skimming

_________ occurs when the embezzler 'skims' customer account information from an organization's database and uses the information to set up fake accounts from which to steal funds.

Skimming

__________ devices capture and store magnetic strip data from debit and credit cards to steal data from unsuspecting individuals.

Structuring

__________ involves the division of large amounts of cash into smaller denominations so as to conceal its common origin.

Embezzlement

___________ is essentially a theft in violation of trust.

the Tor Network

a free, open-source overlay network designed to enable anonymous communication by routing internet traffic through a series of volunteer-operated relays. This process conceals a user's location and usage from network surveillance and traffic analysis, enhancing privacy and security online

Occupational Fraud

employees steal or misuse resources; corruption, involving bribery, conflicts of interest, and extortion; and financial statement fraud, where employees falsify financial records to deceive stakeholders.