Cyber crime cyber ethics
This presentation is the property of its rightful owner.
Sponsored Links
1 / 25

Cyber Crime & Cyber Ethics PowerPoint PPT Presentation


  • 154 Views
  • Uploaded on
  • Presentation posted in: General

Cyber Crime & Cyber Ethics. Agenda. Cybercrime 2010 Current issues in computer forensics Legal, practical and ethical issues in the digital age. Cybercrime 2010. Increasing sophistication of cyber attacks Encryption ACH frauds Well coordinated international rings of hackers

Download Presentation

Cyber Crime & Cyber Ethics

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cyber crime cyber ethics

Cyber Crime & Cyber Ethics


Agenda

Agenda

  • Cybercrime 2010

  • Current issues in computer forensics

  • Legal, practical and ethical issues in the digital age


Cybercrime 2010

Cybercrime 2010

  • Increasing sophistication of cyber attacks

    • Encryption

    • ACH frauds

  • Well coordinated international rings of hackers

    • Many located in Eastern Europe or Asia

  • Increasingly focused on stealing data that can be turned into money

    • Data thefts now routinely deal with thefts of thousands of identities


Us v the get rich or die trying crew

US v. “The Get Rich or Die Trying Crew”

  • US v. Albert Gonzalez, et al

  • Largest computer fraud/identity theft case ever prosecuted


Meet the crew us

Meet the Crew - US

  • Albert “Segvec,”“Soup Nazi” Gonzalez

    • Resident of Miami

    • USSS CI

    • Hacker, ring leader

  • Damon Patrick Toey

    • Gonzalez’s roommate in Miami


Meet the crew us1

Meet the Crew – US

  • Jonathan James

    • Miami hacker previously convicted for hacking into NASA

  • Stephen Watt

    • NY based coder


Meet the crew europe asia

Meet the Crew – Europe & Asia

  • Maxim “Maksik” Yastrzemski

    • Ukrainian casher ring operator

  • Aleksandr “Johnny Hell” Suvorov

    • Estonian coder

  • Sergey “Fidel” Storchak

    • Ukrainian casher

  • Gooi “Delpiero” Kokseng

    • Malaysian casher


The hacks

The Hacks

  • TJX (D. MA) (40 million credit cards stolen)

    • TJX companies (TJ Max, Marshall’s)

    • BJ’s Wholesale

    • Barnes & Noble

    • Office Max

    • Boston Market

    • Sports Authority

    • Forever 21

    • DSW

  • Dave & Buster’s Restaurant Chain (ED NY)

  • Heartland (D NJ) (130 million accounts)

    • Heartland data processors

    • 7- Eleven

    • Hannaford Brothers


The hunt

The Hunt

  • First hack detected 12/2006

  • Three loosely coordinated groups

    • Coder ring

    • Hacker ring

    • Casher ring

  • The problem of encryption

  • International cooperation

  • Traditional skills & hi-tech techniques


The hunt1

The Hunt

  • July 2007 arrest in Turkey

  • May 2008 Miami warrants

    • Gonzalez’s apartment

    • Gonzalez’s parents’ home

      • (We missed $1.1m in the backyard!)

    • James’ home

      • James’ suicide

    • Gonzalez’s South Beach hotel room

  • May 2008 arrest


Bringing down the curtain us crew

Bringing Down the Curtain – US Crew

  • March 2010 Boston

    • Gonzalez - 20 year sentence

      • Internet addiction & Asperger’s Syndrome

    • Toey – 5 year sentence

    • Watt – 2 year sentence

      • General deterrence

        • US v. Watt, 2010 WL 1676439 (D. MA)


Bringing down the curtain foreign crew

Bringing Down the Curtain – Foreign Crew

  • Suvorov – pre trial incarceration in ED NY

    • Still faces charges in SD CA

  • Maksik

    – 30 years in Turkey

    • Pending extradition to US on charges in ED NY & SD CA

  • Fidel

    • 2010 - picked up on vacation in India

    • Pending extradition to SD CA

  • Delpiero

    • 2010 – picked up in Thailand

    • Pending extradition to SD CA


Royal bank of scotland hack

Royal Bank of Scotland Hack

  • November 2008 hack

  • Rechargeable debit cards

  • Hacking ring is entirely outside of the US

  • Loose network

    • Hacking ring

    • Cashing ring

  • Result:

    • $9 million + is stolen over one weekend

    • 14,000 transactions from 2100 ATMs in 280 cities worldwide


Results

Results

  • 2009 arrests in Estonia

  • November 2009 indictment of Estonians and Russians in ND GA

  • August 2010 extradition from Estonia to US

  • September 2010 conviction in Russia


Deterrence

Deterrence

  • Capture in US

    • US v Poo

  • Catch them when they travel

    • Maksik – Turkey

    • Suvorov – Germany

    • Fidel – India

    • DelPietro- Thailand


Us v vladimir badb horohoin

US v. Vladimir “BadB” Horohoin

  • Sometimes they advertise


Current issues in computer forensics

Current Issues in Computer Forensics


Legal practical ethical issues in the digital age

Legal, Practical & Ethical Issues in the Digital Age

  • The ongoing challenge of US v. CDT, 621 F.3d 1162 (9th. Cir. 2010)

  • Background

  • Current legal status


Technical issues in us v cdt

Technical issues in US v. CDT

  • Co-mingled data

  • Giving back parts of a hard drive

  • Plain view and computer forensic tools


Legal issues in us v cdt

Legal issues in US v. CDT

  • Reasonable expectation of privacy

    • House

      • Multiple residents

      • Sensitive information

      • Destruction of evidence during search

    • Computer

      • Multiple users

      • Sensitive information

      • Massive volume of information

      • Destruction of evidence


Computers at the border

Computers at the Border

  • Basic issues of scope of border search

    • General scope

    • Searches based upon “reasonable suspicion”

    • Searches based upon probable cause

  • How does a computer at the border change the paradigm?

  • US v. Cotterman, 2009 WL 465028 (D AZ)


Discovery electronic evidence

Discovery & Electronic evidence

  • Government has a Constitutional (Brady/Giglio) and statutory (Jencks, FRCrP 16) obligation to provide information to defense

  • Recent DoJ initiatives

    • AG Direction

    • Training


Adequacy of forensic resources

Adequacy of Forensic Resources

  • Government challenge

  • Defense challenge

  • DoJ criminal discovery coordinator

    • Dialogue with FPD on electronic discovery issues


Special ethical issues

Special Ethical Issues

  • Discovery issues and hard drives

  • Discovery issues and electronic messages

    • US v. Suarez, 2010 WL 4226524 (D NJ)


Contact

Contact

  • Phone:202-514-1026

  • Web:www.cybercrime.gov

Howard W. Cox

Computer Crime and

Intellectual Property Section

United States Department of Justice


  • Login