Criminal Investigation

SIXTEEN
Computer Crime

eighth edition

Swanson Chamelin Territo

McGraw-Hill
2003, The McGraw-Hill Companies, Inc. All rights reserved.

LEARNING OBJECTIVES
Outline the types of crimes in which computer is the target Discuss computers as an instrumentality of the crime Describe computers as incidental to the crime Explain crimes associated with the prevalence of computers Understand the tools that computer criminals use to commit crime Discuss debates regarding privacy issues concerning the regulation of the Internet Outline profiles of computer crime suspects Explain techniques for investigating computer crime Assess methods to prevent computer crimes

McGraw-Hill

16-1

2003, The McGraw-Hill Companies, Inc. All rights reserved.

COMPUTER ABUSE
Any intentional act involving knowledge of computer use or technology in which the perpetrator could have made a gain and the victim could have experienced a loss; includes acts that may not be covered by criminal laws

McGraw-Hill

16-2

2003, The McGraw-Hill Companies, Inc. All rights reserved.

COMPUTER CRIME
Any illegal act in which knowledge of computer technology is used to commit the offense

McGraw-Hill

16-3

2003, The McGraw-Hill Companies, Inc. All rights reserved.

TYPOLOGIES OF COMPUTER CRIME

The crimes include the denial of expected service or the alteration of data
Computer Manipulation Crimes Data Alteration or Denial Network Intrusion and Theft of Data Denial of Service Computer Vandalism

McGraw-Hill

16-4

2003, The McGraw-Hill Companies, Inc. All rights reserved.

THE COMPUTER AS AN INSTRUMENTALITY OF THE CRIME

Theft
Much information stored in a computer can have value to the owner

Theft of Services
The use of these proprietary services without payment is theft

Fraud
Fraud using a computer exploits the trust, guaranteed by law, in a business transaction

Threat and Harassment

The U.S. Department of Justice (DOJ) maintains a Web site that details a range of threatening behaviors conducted on the internet
McGraw-Hill

16-5

2003, The McGraw-Hill Companies, Inc. All rights reserved.

COMMON INTERNET SCAMS

According to the Internet Fraud Watch, these were the top 10 rip-offs on the Internet in 1997: Web auctions: Items bid for but never delivered by the sellers, value of items inflated, shills suspected of driving up bids, prices increased after highest bids accepted Internet services: Charges for services that were supposedly free, payment for online and Internet services that were never provided or falsely represented General merchandise: From toys to clothes, goods never delivered or not as advertised Computer equipment and software: Sales of computer products that were never delivered or were misrepresented Pyramids and multilevel marketing: Schemes in which profits were made only from recruiting others, not from sales of goods or services to the end users Business opportunities and franchises: Empty promises of big profits with little or no work by investing in prepackaged businesses or franchise operations Work-at-home plans: Materials and equipment sold with false promises of payment for piecework performed at home Easy credit cards: False promises of credit cards to people with bad credit histories upon payment of up-front fees Prizes and sweepstakes: Requests for up-front fees to claim winnings that were never awarded Book sales: Genealogies, self-help improvement books, and other publications that were never delivered or were misrepresented
(Source: Dallas Morning News, Feb. 16, 1998, P. 2d.)

McGraw-Hill

16-6

2003, The McGraw-Hill Companies, Inc. All rights reserved.

COMPUTERS AS INCIDENTAL TO THE CRIME In this category the computer does not conduct the illegal transaction, it simply facilitates it. Examples include:
Money Laundering Criminal Enterprise Child Pornography Pedophilia and Sexual Assault

McGraw-Hill

16-7

2003, The McGraw-Hill Companies, Inc. All rights reserved.

CRIMES ASSOCIATED WITH THE PREVALENCE OF COMPUTERS

Intellectual Property Violations Misuse of Telephone Systems Component Theft and Counterfeiting Identity Theft Corporate Crime

McGraw-Hill

16-8

2003, The McGraw-Hill Companies, Inc. All rights reserved.

COSTS OF SOFTWARE PIRACY

The Business Software Alliance (BSA):
is the principal software industry anti-piracy resource it estimates losses to piracy in the U.S. alone as 2.5 million dollars it estimates world-wide losses at 11.7 million dollars
4.5

Dollar losses by region (Billions)

4.0 3.5 3.0 2.5 2.0 1.5 1.0 0.5 0 Middle East/Africa

1999 2000

Eastern Europe

Latin America

Asia/Pacific

Western Europe

North America

(Source: International Planning and Research Corporation, Sixth Annual BSA Global Software Piracy Study (Washington, DC: Business Software Alliance, May 2001): retrieved from www.bsa.org/resources/2001-05-21.55pdf, Aug. 30, 2001.)

McGraw-Hill

16-9

2003, The McGraw-Hill Companies, Inc. All rights reserved.

CLONED CELLULAR PONE

The use of cloned cellular phones is popular among criminals Drug users find cloned phones very useful

Thomas Brummett/Photodisc)

McGraw-Hill

16-10 2003, The McGraw-Hill Companies, Inc. All rights reserved.

TOOLS USED BY COMPUTER CRIMINALS TO COMMIT CRIMES

Discovery Tools
Most network intrusions attack targets of opportunity

Cryptoanalysis Tools
Bruce Schneier defines cryptanalysis as the art and science of accessing secured information without conventional means

Exploits
Exploits are a generic class of programs that are written to take advantage of a security hold

McGraw-Hill

16-11(a) 2003, The McGraw-Hill Companies, Inc. All rights reserved.

TOOLS USED BY COMPUTER CRIMINALS TO COMMIT CRIMES (Contd)

Attack Codes
Attack code is malicious software intended to impair or destroy the function of another computer or network resource

Delivery Vehicles
Delivery vehicles provide computer criminals with a method to deliver their attack software

McGraw-Hill

16-11(b) 2003, The McGraw-Hill Companies, Inc. All rights reserved.

TROJAN HORSE
Any computer program that is altered or designed to perform an unwanted or malicious function while appearing to perform a routine or benign function

McGraw-Hill

16-12 2003, The McGraw-Hill Companies, Inc. All rights reserved.

VIRUSES AND WORMS

A virus is a malicious program that is secretly inserted into normal software or a computer's active memory and runs when the host runs; causes effects ranging from annoying messages and deletion of data to interference with the computer's operation A worm is a malicious program that attacks a computer system directly, rather than infecting a host program; spreads rapidly through the internet or e-mail

McGraw-Hill

16-13 2003, The McGraw-Hill Companies, Inc. All rights reserved.

HOW VIRUSES ARE SPREAD

Virus programs are:
created by a malicious programmer are hidden within another harmless program destructive to both software and data

(Source: Houston Chronicle, Aug. 8, 1988, p. 88; modified, 1998.)

McGraw-Hill

16-14 2003, The McGraw-Hill Companies, Inc. All rights reserved.

PRIVACY ISSUES AND REGULATION OF THE INTERNET

One side of the debate focuses on the vast amount of pornographic material available through the internet Proponents for regulation say the web should be treated like any other medium Opponents of regulation say this would involve limiting free speech and violate the First Amendment The debate is ongoing and unresolved to date

McGraw-Hill

16-15 2003, The McGraw-Hill Companies, Inc. All rights reserved.

PROFILES OF COMPUTER CRIMINALS

The most likely suspects in insider computer crime are programmers and system operators. One study of computer criminals within government found:
They were considered good employees Their median age was 33

McGraw-Hill

16-16(a) 2003, The McGraw-Hill Companies, Inc. All rights reserved.

PROFILES OF COMPUTER CRIMINALS (Contd)

Seventy-five percent had some college education They had been with their respective agencies five years Seventy-five percent had been promoted Two-thirds had above average performance ratings One quarter had received performance awards

McGraw-Hill

16-16(b) 2003, The McGraw-Hill Companies, Inc. All rights reserved.

INVESTIGATING COMPUTER CRIME

Crime Scene Techniques
Frequently, computer crime evidence will be seized by the execution of a search warrant This warrant should include information about the computer, data storage devices and any peripherals that may be of concern to investigators, such as scanners

Digital Forensic Analysis

Digital forensic analysis is the science of acquiring, preserving, retrieving, and presenting data that has been processed electronically and stored on computer media

McGraw-Hill

16-17 2003, The McGraw-Hill Companies, Inc. All rights reserved.

PREVENTING COMPUTER CRIME

Protecting information, largely by making it inaccessible to unauthorized users, is a key element of preventing computer crimes
Back-Ups and Redundant File Storage Backups are the single most important security measure a company or individual can take

Firewalls
A firewall is a device or software that acts as a checkpoint between a network or stand-alone computer and the Internet

McGraw-Hill

16-18(a) 2003, The McGraw-Hill Companies, Inc. All rights reserved.

PREVENTING COMPUTER CRIME

Encryption
Encryption is a technique of securing data by scrambling it into nonsense

Password Discipline
The single greatest problem in computer security is password protection

McGraw-Hill

16-18(b) 2003, The McGraw-Hill Companies, Inc. All rights reserved.