Professional Documents
Culture Documents
Computer Crime CSE429 f06
Computer Crime CSE429 f06
CSE/CJ 429
29 November 2006
• Telephone
• Mobile & Wireless
– Cell phones, PDAs, Wireless computers, GPS
• Carrier Services
• Broadband Access
– DSL, Telephone and Cable providers
– Opens a portal
• Networks & Infrastructure
– Ethernets, WANs and LANs, Operating Systems
Telephone
http://www.gocsi.com/
CSI/FBI Computer Crime
and Security Survey 2006
• Virus attacks – main sources of financial
losses
• Unauthorized access – second greatest
financial loss source
• Laptop and theft of proprietary data (3 & 4)
• Categories account for almost 75% of
losses
CSI/FBI Computer Crime
and Security Survey 2006
• Organizational reporting to law enforcement
increased (from 20-25%)
• Estimated losses = $52,494,290 (615
respondents)
• ROI, IRR, and NPV are primary forms of
economic evaluation of security expenditures
– 80% of organizations conduct audits
– Range 6%-26% of IT budget on Security
– Relatively little outsourcing of IT security
• Sarbanes-Oxley Act has substantial impact
– Shifts organizational focus from technology to
corporate governance
CSI/FBI Computer Crime
and Security Survey 2006
• Critical Issues
1. Data protection
2. Regulatory Compliance
3. ID Theft and Information leakage
4. Viruses and worms
5. Management Involvement, Risk
Management, and Resource Allocation
6. Access Control; Awareness/Education
CSI/FBI Computer Crime
and Security Survey 2006
• Key Training Areas
– Security Policy
– Network Security
– Security Management
– Access Controls
– Systems architecture
– Economics
– Investigations and legal Issues
– Cryptography
Top Bugs
• Privacy
• Identity
• Social Conduit to Trouble
• Financial
Economic/Social
Victimization
• Infrastructure
– Energy (Oil/Gas/Electricity); Water; Transportation;
Health and Safety; Banking/Finance
– (video clip)
• Communications
– Telegraph, telephone, internet, cable, cellular,
satellite; connective technologies
• National Security
• Information Warfare
– disruption of information infrastructure
• Cyberterrorism
– “Criminal act perpetrated through computers resulting in
violence, death, and/or destruction, and creating terror
for the purpose of coercing a government to change its
policies” NIPC
• Continuity/control of Government
• Disinformation
• Erase, deface, replace
Organized Crime and
Computing
• Strengthening links between international,
regional, national, and local networks and
markets based on
– Shared need for secrecy/privacy in operations
– Shared need for methods and modes of
international distribution
– Shared antipathy for governments and
national sovreignty
Privacy/Information
Control
• Throw-away phones (need
distribution/coordination network)
• Encryption
• Steganography
• Bit-streaming (bit torrent)
• Firewalls, filters, fundamentals
Cryptography and
Encryption
• Close to as old as human communications
• Governments and militaries, particularly but also
other types of data
• Involves coding information to protect secrets
• Key issues
– Authentication
– Authorization
– Confidentiality
– Integrity
– Privacy
• www.howstuffworks.com has a good overview of encryption and
applications
How encryption works
Steganography
• Federal
– 1984 Computer Fraud and Abuse Act 18 U.S.C. 1030
– 18 U.S.C. 1029, 1362, 2510, 3701, 3121
– Homeland Security Act; USA Patriot Act
– Presidential Directives
– Justice, Defense, Treasury; CIA, NSA
• States
– 1978 Florida; All states had acts w/ 20 years
• International
– Treaties, Conventions
– UN, Interpol; Council of Europe
Jurisdictional Issues
• Offense origination
• Offense occurrence
• Prosecution locale
• Agency cost burden
– Time, $/Equipment, Personnel
• Investigational Logistics
– Search/Seizure; Info Volume; Protocols
• Cooperation/Information Exchange
Resources/Response
Capacity
• Responsibility: whose job is it?
– Caveat emptor?
• Motivation: Public Good vs. Private Profit
• Skill/Personnel
– Training; Retention
• Forensic Capabilities
– Equipment, Processing Time, Backlogs
Responses (not solutions)
• Transnational Coordination
– Multi-sector cooperation (state, private, NGO)
• Information and Resource Sharing
• Enhanced Law, Enforcement, Judicial
Capabilities
• Enhanced Public Awareness,
Responsibility
• Evolutionary responsiveness: reactive or
proactive?
Criminal Justice
Agencies
• Traditional and Emerging Roles
• Police
• Prosecution
Criminal Justice
Agencies
• Traditional and Emerging Roles
• Police
– Approximately 18,760 police agencies, w/ c. 950k
employees, and $ 51 billion budget
– 60 Federal Police Agencies; 13 Intelligence Agencies;
Military Police
• Prosecution
– Approximately 2,300 Municipal, County, Parish and
Local prosecutors
– 94 U.S. Attorneys
– 56 Attorneys General
A Model for Building
Computer Crime Capacity
• Individual
– Professional exposure
– Contact, Problem ID
• Individuals, Team
– Directed Activities
– Policy Development
– Support External Problem Solving
Building Computer Crime
Capacity Continued
• Task Force, Working Groups
– Resource Support
– Coordinated Internal and External Activities
• Unit, Bureaus, Divisions
– Structural Permanence
– Integrated Internal and External Strategy and
Operations
– Network Anchor
Examples
• Jurisdiction
• Evidence
– Non-traditional
– Easily corruptible
• Warrants
• Search and Seizure
• Infrastructure Issues
– Banking, financial, computer records
– Private, proprietary
Investigation
• Jurisdiction: What Agency
– FBI, SS vs. state and local
• Evidence, Search and Seizure
• Instrumentality (volume of materials)
• Physical place to be searched
• Original and duplicates
• Authentication
Key International Issues
Motivated Offender
Suitable Target/Victim
Location/Opportunity
• 4-5 Groups/Goals
– Terrorist Threat
Agencies
• Budget/Congressional
• Defense
• Legal
• Operational
Info Sec Exercise
• Goals: Phase I
– ID most probable/damaging type/sets of
attacks from criminal and LE perspective
• Goals: Phase II
– Prepare for execution of ID most
probable/damaging type/sets of attacks from
criminal and LE perspective