Intro to Cyber Crime

Elements of a crime

Actus Reus Conscious, voluntary exertion of the human will Must be legally prohibited at the time it was committed The U.S Constitution prohibits the passage of Ex facto laws Omission to Act

For cybersecurity, CISA's main focus areas include

Combatting cyber crime and cyber incident response Securing federal networks, Protecting critical infrastructure, and providing cybersecurity governance Promoting information sharing, training and exercises, and safety information

Information infrastructure is composed of five essential components

Communication networks - phone, satellites, cable equipment used for provision of information - TV, radio information resources - Databases Applications digital libraries (educational, medical, e-commerce) people

Types of Malware

Computer virus: Code attached to carriers (piggybacks on files) Worms: Self replicating code Trojan horses: Embedded within another program Spyware: Used to monitor computer action Botnet: Collect of compromised computers

CIA Triangle

Confidentiality, Integrity, Availability

The two kinds of deterrence are

General and Specific

Two forms of Intent

General and Specific

Why was there an increase in cybercrime?

Growth in cybercrime IBM standalone computer (70's) and then home internet ('95)

General Hacking Methods

Identify the target system Gathering information on the target system Finding a possible loophole in the target system Exploiting this loophole using exploit code Removing all traces from the log files and escaping without a trace

Script kiddies

Individuals who want to break into computers to create damage, yet lack the advanced knowledge of computers and networks needed to do so.

Four categories of attack that encompasses cyber terrorism and/or information warfare

Infrastructure attacks - actual computer, network Information attacks deleting or altering content Technological facilitation plan or incite terrorist attack using technology Promotion by fund raising, solicitation and recruitment

Information warfare has six components

Psychological operations Electronic warfare Military deception Physical destruction of information system Security measures Information attacks direct corruption of information

Insider attack methods

Social engineering Authorized use of an organization systems Bypassing security and control processes Comprised accounts - obtaining, guessing username/password

Electronic pearl harbor

Take citizens and the government by surprise and devote the population

Four Categories of Computer Crime

The computer as a target The computer as an instrument The computer incidental to a crime Crimes associated with the prevalence of computers

The computer incidental to a crime

The computer facilities the crime

Computer as an Instrument

The computer is used as the tool of the crime to gain some other criminal objective.

The Elements of Jurisdiction in a Criminal Matter

The court must have a jurisdiction of the offense and over the alleged offender. Nature of the offense - specific elements of the defense Authority of the court to impose the penalty imposable given the allegation in the information Territorial jurisdiction of the court imposing the penalty

Hacktivists

Those who attempt to break into systems or deface Web sites to promote political or ideological goals

System Intrusion

When a hacker does not have permission to use a computer or network

Black, Grey, & White Hat

White Hat: Ethical hackers Employed maybe former Grey or Black Hats Grey Hat - Typically ethical but sometime violates ethics , public disclosure self satisfying Black hat - malicious

Choice Theory

Wrongdoers weigh the possible benefits of criminal activity against the expected costs of being caught. Maximize our pleasure (Benefits) and minimize our pain (costs)

Computer Network

a collection of interconnected digital devices that can communicate with each other

Hackers

a person who has a knowledge of computers to gain access with or without authorization to access the data. Unorthodox problem solver and master programmer

Bonet

an army of infected computers to do a DDoS attack

General Intent

an intention to act without regard to the results of the act Intending to do that which you did.

General Detterence

apprehending anyone who commits a cyber crime and making it public Everyone is going to be deterred from doing what they did

Cybercrime or digital crime:

can be loosely defined as the commission of a crime with the use of a computer and a network.

The 'ping' utility

can be used to determine whether the remote host is alive or not.

Sniffers

capture all data packets being sent across the network in the raw form

The computer as a target

computer or its data is the target of the crime Aim is to deny the legitimate user access to his or her data or to use computer or data for illegitimate means

Cyber Crime

criminal activities carried out by means of computer or the internet

Stenography

data hiding, concealing a message behind something legitimate

Terrorism

efined as the actual or threatened use of violence by an individual or group motivated by ideological or political objectives

Cryptography

enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient.

Actus Reus

guilty act

Mens Rea

guilty mind

crackers

have criminal intent when hacking

Digital Terror

individual Organization Country

Cyberterrorism

is a specifically premeditated, politically, or ideologically motivated attack or threat of attack against information, computer systems, computer programs, and data that can result in violence against civilian targets

Intranet

is enclosed network of devices that can communicate (local) like Saint Anselm College

Bug

is some defect in the software or in the hardware

Cybersecurity

is the body of technologies processes and practices that are designed to defend and protect networks, data and computers from unauthorized access

port

is where information is received (a communication endpoint)

Cyber/Computer Forensics

it is the collecting of evidence after the cyber/computer crime has been committed that is suitable for presentation in a court of law

Port Scanning

means to scan the target system Is used to get a list of open ports, services and the Operating System running on the target system.

Criminal Intent

mens rea- defendant must have acted willfully or knowingly The Model Penal Code

Digital device

s an electronic device for storing and processing data which is typically binary form according to the instructions given to it in the program.

Model Penal Code

specifies four basic culpable mental states: purposely, knowingly, recklessly, and negligently.

Information warfare

the denial of information or accurate information to an adversary

frustration-aggression hypothesis

the extent to which people feel frustrated predicts the likelihood that they will act aggressively

Steganalysis

the process of analyzing a file or files for hidden content

Stuxnet

A computer worm designed to find and infect a particular piece of industrial hardware; used in an attack against Iranian nuclear plants

General Theory of Crime

A developmental theory that modifies social control theory by integrating concepts from biosocial, psychological, routine activities, and rational choice theories.

Internet

A global network connecting millions of computers, making it possible to exchange information.

specific deterrence

A goal of criminal sentencing that seeks to prevent a particular offender from engaging in repeat criminality.

theory

A scientific theory is a set of interrelated and interdependent propositions designed to predict a given phenomenon.

Specific Intent

A thoughtful, conscious intention to perform a specific act in order to achieve a particular result. prior knowledge of a specific element of a crime.

Difference between DDoS and DoS:

DDoS - a cyber attack on a specific server or network, An attack from multiple sources DoS - is an attack that only comes from one source

Key loggers

Malicious spyware that captures keystrokes without the user's knowledge. Used to steal usernames, passwords, account numbers, and other sensitive data. Record every keystroke on computer to steal serial numbers, passwords, launch Internet attacks

cyber crime vs. traditional crime

No Physical, geographic boundaries Speed of crimes conducted Larger pool of potential victims Less effort by perpetrators Easier access to information

Crimes associated with the prevalence of computers

Often targets are industry, such as the entertainment and computer industry

Routine Activities Theory

The view that victimization results from the interaction of three everyday factors: the availability of suitable targets, the absence of capable guardians, and the presence of motivated offenders

Concurrence

There must be Concurrence between the act and the intent to commit the act.For an act to be a crime, the act must be brought on by the criminal intent.

A programmable logical controllers

they are computer that control one thing and is usually never connected to the internet

flame

was a highly destructive and sophisticated malware program observed in various countries throughout the Middle East.

Omission to Act

where there is a legal duty to do so: Status Relationship Place in Danger Only One Who Can Help