computer crime computer fraud and cyber terrorism l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 10 PowerPoint Presentation
Download Presentation
Chapter 10

Loading in 2 Seconds...

play fullscreen
1 / 27

Chapter 10 - PowerPoint PPT Presentation


  • 234 Views
  • Uploaded on

Computer Crime, Computer Fraud, and Cyber Terrorism. III. COMPUTER FORENSICS, ELECTRONIC EVIDENCE, FRAUD, AND COMPUTER CRIME LAWS. Chapter 10. Chapter 10 Learning Objectives. Computer crimes and punishments. Federal statutes for prosecuting computer crimes.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Chapter 10' - RexAlvis


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
computer crime computer fraud and cyber terrorism
Computer Crime, Computer Fraud, and Cyber Terrorism

III. COMPUTER FORENSICS, ELECTRONIC EVIDENCE, FRAUD, AND COMPUTER CRIME LAWS

Chapter 10

chapter 10 learning objectives
Chapter 10 Learning Objectives
  • Computer crimes and punishments.
  • Federal statutes for prosecuting computer crimes.
  • Computers as targets of crime.
  • Computers as instruments of crime.
  • Computer fraud as white-collar crime (WCC).
  • Cyber terrorist threats
  • Incident response documentation and handling
early cyber crime and laws
Early cyber crime and laws
  • Prior to 1984, there were very few statutes that defined computer-related criminal offenses.
    • For example: When the Morris worm paralyzed half the Internet in 1988, the cost to recover was estimated at $186 million. But in 1988 there was no clearly defined law against computer viruses or worms that the government could use to prosecute Robert Morris Jr., the worms creator.
    • Instead, Morris was charged with illegal wiretapping.
slide4

Allied Irish Banks Trader Gets 7 ½ Years for fourth Largest Bank Fraud Scandal in the World

  • John M. Rusnak, a former currency trader for Allfirst Financial Inc., manipulated his company’s computer system, which allowed him to illegally collect over $850,000 in enhanced salary and bonuses.
    • Rusnak entered fictitiousoptions trades in Allfirst’s computer system in the late 1990s making it appear as if his $691 million in trading losses had been offset by the options positions, and to show millions of dollars in bogus profits.
  • Case on Point: Bank Fraud Scandal
slide5

Trusted Controller Commits $2.5 Million Fraud

  • A manufacturing firm blamed inefficiencies in their manufacturing process as the cause of cash flow problems.
    • Their new chief financial officer (CFO) realized that a manufacturing inefficiency was not the problem so he begun a forensics accounting investigation.
    • The investigation revealed that the controller had altered checks, which he then deposited into his own bank accounts.
    • The controller’s fraud scheme had cost the firm $2.5 million over 5 years.
  • Case on Point: Fraudsters are often long-time employees
slide6
U.S. Federal Statutes

That Define Computer Crime, Fraud, and Terrorism

computer fraud and abuse act of 1986
Computer Fraud and Abuse Act of 1986
  • In the U.S., most computer hacking is penalized under one or more federal statutes.
  • The most commonly used federal statute for computer crime is the Computer Fraud and Abuse Act of 1986.
electronic communications privacy act ecpa
Electronic Communications Privacy Act, (ECPA)
  • In 1986, Congress passed the first version of the Electronic Communications Privacy Act, (ECPA).
  • This Act updated the Federal Wiretap Act so that it would apply to the illegal interception of electronic communications or the intentional, unauthorized access of electronically stored data.
communications assistance for law enforcement act
Communications Assistance for Law Enforcement Act
  • On October 25, 1994, Congress amended the ECPA by enacting the Communications Assistance for Law Enforcement Act.
  • It noted that: “In the 8 years since the enactment of ECPA, society’s patterns of using electronic communications technology have changed dramatically.”
key computer fraud and abuse terms
Key “Computer Fraud and Abuse” Terms
  • The DOJ defines computer crime as:
    • “Any violations of criminal law that involve knowledge of computer technology for their perpetration, investigation, or prosecution.”
  • Statutes must define terms precisely to be effective.
    • If the wording of any key term is ambiguous, crimes are extremely difficult to prosecute.
  • Definition
specific meanings of the key terms
Specific Meanings of the Key Terms

FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act

specific meanings of the key terms12
Specific Meanings of the Key Terms

FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)

specific meanings of the key terms13
Specific Meanings of the Key Terms

FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)

specific meanings of the key terms14
Specific Meanings of the Key Terms

FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)

specific meanings of the key terms15
Specific Meanings of the Key Terms

FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)

where does junk mail spam come from
Where does junk mail (spam) come from?
  • From software called Spam ware.
    • Spam wareis software that automatically searches the Web to collect what it recognizes as email addresses.
  • Definition
cyberbrief spam ware
CyberBrief: Spam ware
  • The Center for Democracy and Technology (CDT) investigated how junk-mail spammers get hold of email addresses.
  • They created 100s of email addresses and used each one only once.
  • After 6 months, over 8,000 unsolicited emails arrived to these email addresses.

How does it work?

what can you do to help prevent spam
What can you do to help prevent spam?
  • Spam ware software failed when an email address was obscured in some way
  • For example, writing “at” instead of the @ symbol.

Obscured addresses can not be detected by spam ware

computer as the instrument of crime
Computer as the Instrument of Crime:
  • Using a Computer tend to be traditional offenses, such as:
      • Theft
      • Fraud
      • Forgery
  • They differ from traditional crimes in that they are committed using either a:
      • Computer
      • Computer network or
      • Information or communications technology

Definition

computer fraud
Computer Fraud
  • According to The Wells Report of 2000, computer fraud and abuse cost U.S. companies over $400 billion a year.
  • The Association of Certified Fraud Examiners (CFE), the largest antifraud organization, estimated that U.S. companies lost 6% of revenues, or $600 billion annually, to fraud in 2002.

Defining the Problem

computer fraud as white collar crime wcc
Computer Fraud as White-collar Crime (WCC)
  • White-collar Crime (WCC)
    • Any nonviolent crime.
    • These crimes are committed using deception for economic gain.

Definition

cyber terrorist threats
Cyber Terrorist Threats

Cyber Terrorism

  • The use of computers and the Internet to launch attacks and horrible acts that may directly or indirectly harm or kill people.

Definition

cyber terrorist threats23
Cyber Terrorist Threats
  • Computers control many important operations, such as:
    • Power plants
    • Telephone systems
    • Manufacturing activities
    • Airline traffic
    • Transportation systems
    • Energy

Therefore, disruptions in any of these systems could cause loss of life or widespread panic.

incident response documentation and handling
Incident Response Documentation and Handling
  • Documenting incidentsof computer crime is a very important activity.
  • Also critical is to have documentation of what to do in case of an incident.
    • Documentation ensures that contact information is available so that attention can be focused on containing and documenting the incident.
incident response documentation and handling26
Incident Response Documentation and Handling

Incident Survey Form

Forms may be posted on local Web server.

incident response documentation and handling27
Incident Response Documentation and Handling
  • These forms alert people to suspicious events.
  • If the incident becomes a legal action, documentation that was captured during the incident may prove:
      • Proper care,
      • Control, and
      • Chain of custody of the evidence.