Cybercrime chapters 1-4
What is the 2010 "Kill Switch"
"Kill Switch" bill (2010) in Congress giving government power to take over parts of internet in national emergency
What are two of the psychological theories applied criminal activity
(1) Moral developmental theories §(2) Personal disorder theories
What are the characteristics and purposes of thrill seekers, terrorist sympathizers, terrorist groups, and nation states
(1) Thrill Seekers •No political motives •Seeking notoriety - bragging rights •'Nuisance attacks' using pre-fabricated tools and exploits •Potential for serious disruptions and monetary damage (2) Terrorist Sympathizers and Anti-U.S. •Extremist Muslim groups - known hacker groups (G-Force Pakistan, Pakistan Hackerz Club) •Anti-Israeli groups •Anti-capitalism and anti-globalization movement •Chinese hackers (3) Terrorist Groups §ISIS §Al-Qaeda §Taliban §Hamas (4) Nation States Find the Weapons Facility
What are the four methods of obtaining access into a computer system
1) Front doors:Password guessing §(2) Back doors:Often left by original developers as debug §(3) Trojan horses:Malware that is usually hidden §(4) Software vulnerability exploitation: software's website along with security patches
Why is it so difficult to defend America
1) Internet created in USA in an environment of intellectual freedom, mostly under private control (2) Efforts to change - e.g. "Kill Switch" bill (2010) in Congress giving government power to take over parts of internet in national emergency (3) Other countries can more easily mount defense (e.g. fewer entry points, and their government already control their networks) (4) US military cyber-capabilities are significantly focused on offense, not defense
5. How is the RAT applicable to digital crime
1) The rapid expansion of technology has increased the number of available targets. §(2) Without adequate software protection there is a lack of capable guardians to protect people from digital crime. 3) In addition, there are more motivated offenders such as hackers, all over the world.
8. Explain the two developments that have heightened the current cybercrime wave.
1.Social networking and constant online communication (2) Online banking, investing, retail and wholesale trade, and intellectual property distribution present countless opportunities for theft, fraud, misdirection, misappropriation, and other cyber crimes
What are the ten top cybercrimes?
10. Over-payment fraud 9. Credit card fraud• 8. Auction fraud 7. Spam• 6. Advanced Fee Fraud• 5. Miscellaneous fraud 4. Computer crimesCrimes that target computer networks or devices directly orCrimes facilitated by computer networks ordevices 3. Identity theft• 2. FBI scams (Emails using the FBI name) 1. Non-delivery merchandise / payment
Where is Florida in the number of victim complaints?
2
What is a white hat hacker
A "White hat hacker" is an ethical hacker.
What is a black hat hacker
A "black hat hacker" is a cracker or malicious hacker
What is a gray hat hacker
A "gray hat hacker" is someone who typically behaves in an ethical manner, but sometimes violates accepted ethics.
Is all hacking illegal
A lot of hacker activity is illegal, such as breaking into government and military systems. §However, not all hackers engage in illegal activity.
What is "cryptology"
A method to secure and protect information from unwanted eyes and unauthorized use.
According to the RAT, when does crime occur
According to RAT, crime occurs when there is a convergence in time and space of three factors: §A motivated offender §A suitable target §The absence of a capable guardian •All three factors must be present in order for crime to occur.
What are the premises of the "Choice Theory"
According to choice theory, an individual commits a crime because he or she makes a rational choice to do so by weighing the risks and benefits of committing the act.
Cybercrime
Any crime that involves a computer and a network
Are attacks against U.S. businesses and governments rare
Attacks against U.S. businesses and governments are commonplace, with an estimated 100 million attempts each day.
What is password harvesting
Based on the belief that people don't change their passwords over different accounts
What are the four approaches of social engineering
Carelessness Comfort Zone Helpfulness Fear
What does the Cognitive development theory state
Cognitive development theory assumes that individuals develop in a sequential manner.
What are some of the major complications of cybercrime today?
Cybercrime has increased dramatically in recent years and because of this..... §There is a significant inconsistency in defining computer crime offenses. §There is no systematic data collection procedure for cybercrimes. §Offenses vary greatly from purely criminal i.e. identity theft to vague privacy violations i.e. access
Definition of "cybercrime"
Cybercrime or digital crime can be loosely definedas the commission of a crime with the use of a computer and a network.
What is "stenography"
Data hiding :Also known as stenography, data hiding includes an assortment of methods for secret communication that can conceal the fact that a message even exists at all.
Definition of hacking
Defined as: The process of attempting to learn about a system by examining it and exploiting flaws
What is the definition of digital terrorism
Definedas: Are Violent acts which are intended to create fear (terror)
What does the "deterrence theory" state
Deterrence theory argues that offenders commit crime because they make a choice to do so.
What are the "new" threats to the information age?
Distribution of child pornography •i.e. share ware "lime wire "•Exploitation •Cyber Stalking •Identity theft (most feared) •Financial crimes •Terrorism
What is the major source of crimes by employees?
Embezzlement of funds by employees is a major source of crime.
What are the two kinds of deterrence, explain each
General deterrence seeks to deter would-be offenders from committing criminal acts because of the threat of punishment. Specific deterrence is designed to impose a sanction on a convicted offender in order to prevent him or her from continuing to commit criminal acts in the future.
Who are the cybercriminals of today?
Hackers •Organizedcrime •Mafia •Online gangs •Professional criminals •Terrorists •Disgruntled employees
What is a hacktivists
Hacktivists are hackers that have come together to challenge the treatment of their peers by the government.
Has there ever been a recorded instance of a hacker corrupting medical records and killing a person
However, there has never been a recorded instance of a hacker corrupting medical records and killing a person
What are examples of infrastructure attacks
Hurricane Ivan
How does information attacks work
Information attacks are focused on destroying or altering contact within a system, but physical and virtual systems are still preserved.
What are the three categories of digital terrorism
Infrastructure attacks Information attacks Technological facilitation
What famous hacker was known as Captain Crunch
John Drapper
What famous hacker was known as the first "phreaker"
John Drapper
Network abbreviations
LAN - Local Area NetworkComputers are geographically close together (Ex: same building) WLAN - Wireless Local Area Network WAN - Wide-Area NetworkComputers are farther apart and are connected by telephone lines or radio waves CAN - Campus Area NetworkComputers are within a limited geographic area, such as a campus or military base HAN - Home Area Network Network contained within a user's home that connects a person's digital devices
What are some attractive targets of a DoS attack
Mail servers Government web sites e-commerce sites Communications
Why is cyber defense so difficult to accomplish
Many entry points to internet, most networksDifficult to trace attacks Many of these attacks are from robot networks (botnets) Internet created for convenience, not security Internet technology does not support easy defense Defenders have to defend against many possible attacks, but attackers only have to find one hole
Where do we get our estimates of cybercrime and are they accurate?
Most estimates are derived from surveys of corporations and government agencies.These estimates vary dramatically and highly inaccurate
. Who was a pioneer in the early research for using computers for crime?
Mr. Donn Parker.
What are some of the potential sources of cyber attack
Potential Sources of Attack: §Thrill Seekers §Terrorist Sympathizers and Anti-U.S. Hackers §Terrorist Groups §Nation-States
What is a stuxnet, flame, slammer, sobig, and what were they used for
Stuxnet was a computer virus produced by Israel and the United States. Flame was a highly destructive and sophistical malware program observed in various countries throughout the Middle East. The Slammerworm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant Sobig virus blamed for shutting down train signaling systems throughout the east coast of the U.S.
Is the internet a critical tool for political and social movements of all types
The Internet is a critical tool for political and social movements of all types around the world.
What is social engineering
The act of manipulating people into performing actions or divulging confidential information
Are hackers usually inside employees
The consensus among computer crime experts is that most cybercriminals are insiders to the victim's organization.....not someone seeking to gain entry.
What is the key to legal or illegal hacking
The key is authorization.
What does the Moral development theories state
These theories contend that there are differences between the moralbeliefs of criminals and non-criminals.
What was "operation eligible receiver"
Thirty-five hackers were hired by the National Security Agency and were requested to launch simulated attacks on federal computers similar to Hollywood's movie "Sneakers
What is the premise of the "Routine Activities Theory"
This theory argues that there is always a steady supply of offenders who are motivated to commit crime.
Why is it difficult to explain the behavior of "virus writers"
Virus writers come from many walks of life and are typically wealthy enough to afford the computer machinery necessary to practice their trade.
What is a system intrusion
When a hacker does not have permission to use a computer or network.
What is a "technological facilitation attack
communication via the Internet by terrorist groups, or promotion of terror might be as simple as recruitment and propaganda.
What is a script kiddie
do not have enough skill to write their own programs or create new exploits themselves.
What is a cracker
malicious hackers
What are tiger teams
teams of hackers hired to "test" the defenses of an organization.
What is the common characteristic of a hacktivist
use of hacker skills and attitudes to convey a political message.
Are the dynamics and processes involved in the production of (1) digital crime and (2) digital terrorism the same?
yes,The rise of digital terrorism poses just as grave a threat as digital crime
What are the two trends that drive the reality of increased cybervictimization?
§(1) Increased use of computers §(2) Increased availability of technical information on virus creation and computer hacking techniques
What are the four categories of computer crimes?
§(1) The computer as a target: the denial of "expected service" or the "alteration of data. Ex. Data alteration Network intrusion Computer vandalism §(2) The computer as an instrument of a crime: Ex. Theft Fraud Threats and harassment Bullying §(3) The computer is incidental to a crime:The computer facilitates a crime. Ex. Money laundering Criminal enterprise Child pornography Luring victims i.e. Craigslist killer §(4) Crimes associated with the prevalence of computers: Even those who avoid technology can be victims of crime through the prevalence of computers. Targets of these types of crimes are mainly the industryitself, but also include its customersand even people who have avoided information technology. Ex. Intellectual property theft Component theft Counterfeiting Identity theft
What three factors need be present for RAT
§A motivated offender §A suitable target §The absence of a capable guardian
What is a DoS and how does it work
§An attempt to make a computer or network resource unavailable to its intended users §Cyber equivalent of vandalism §Attacks usually use a multitude of compromised systems to attack a single target §Examples: Zombies, botnet §The flood of incoming messages to the target system essentially forces it to slow or shut down §Renders the target system unusable
How does the psychological theories explain pedophilia
§It is unclear why a person becomes a pedophile, but the Internet has provided a huge outlet for the dissemination of child pornography. §Most experts agree that pedophiles develop a sexual interest over a long period of time.
8. What are some of the assumptions of the deterrence theory Individual are rational actors.
§Offenders are aware of the penalty for a particular crime. §Offenders view these risks as unpleasant. §Sanctions are swift, certain, and severe.
What are the six components of information warfare
§Psychological operations §Electronic warfare §Military deceptions §Physical destruction §Security measures §Information attacks
What are Kohlberg's six stages of moral development
§Punishment and obedience stage §Hedonistic orientation stage §Interpersonal concordance stage §Law and order orientation stage §Social contract, legalistic stage §Orientation to universal ethical principals stage
What are the three consistent ideas or values that guide hacker behavior
§Technology §Secrecy §Mastery
Examples of hacking
•Accessing without authorization any Internet computer•Transmitting a virus or worm •Trafficking in computer passwords •Intercepting a telephone conversation, email, or any other data transmission •Accessing stored email messages without authorization •Adopting another identity to carry out an illegal activity
What are Sheldon and Glueck's characteristics conducive to crime
•Extroversion •Impulsivity •Lack of self-control •Assertiveness
What are some of the examples that present countless opportunities for theft, fraud, misdirection, misappropriation, and other cybercrimes.
•Foreign rogue governments, terrorist organizations exploit cyber vulnerabilities to help fund their espionage, warfare, and terror campaigns •Organized crime has extended its reach into cyberspace, adding cyber crime to its portfolio of "businesses" •Economic hardships spawned by the recession may generate resentment and financial motivations that can drive internal parties or former employees to crime
