An Introduction to the War Between Businesses and Cyber Criminals • By: Jeremy Poch
What Is Cyber Crime • Cyber crime encompasses any criminal act dealing with computers and networks (i.e. hacking). • Cyber crime also includes traditional crimes conducted through the Internet. • For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.
How Cyber Crime Affects Businesses and Individuals • Costs Companies billions of dollars per year • Estimates worldwide have soared up to $100 billion • Hard to get a figure a high percentage of cyber crime goes unreported.
Two Types of Cyber Crime • Against a person • Against property or a company
Against a person • Pornography/Offensive Content • Harassment • Cyber stalking
Against Property or a Company • Neo-Traditional Crime • Phreaking • Hacking • Cyber-Terrorism • Internet Scams
Neo-Traditional Crimes • Computer not needed but the addition has provided new avenues for such crimes • Any attempt of fraud done by use of a computer • IP-Spoofing • alter packet headers to conceal ones identity • Salami Technique • Redirect small sums of money into another account which adds up over time.
Phreaking • A precursor to hacking, where individuals gain access for bragging rights, often do relatively minor damage • An older definition is using a computer or other device to trick a phone system. Typically, phreaking is used to make free calls or to have calls charged to a different account. • One of the most prevalent tools was a whistle from a box of Cap’n Crunch which had a frequency of 2600 cycle tone which allowed for free long distance phone calls. • Steve Jobs and Steve Wozniakfounders of Apple Computers used blue boxes (devices that made the 2600 tone) to get access to long distance lines for computing while in college
Hacking • Process by which individuals gain unauthorized access to computer systems for the purpose of stealing and corrupting data. • Corrupting Data: Worms, viruses, DDoS • Stealing Data: Credit Card info, customer Database • Cyber-Terrorism
Seven Steps of Hacking • Pick a target • Find the computers of that target that are accessible via the internet • Discover vulnerable computer systems that potentially contain what is being sought • Break into the computer system (Easy to do with software available online) • Elevate access privileges to the maximum level (called rooting a box) • Monitor what other computer users are doing to find more vulnerable systems • Install backdoors that allow re-entering at a later date if the original vulnerability has been fixed
Generally two skill levels among hackers: • Expert hacker (Outsider) • develops software scripts and codes exploits • usually a master of many skills • will often create attack software and share with others • Script kiddies (Insider or teenager) • hackers of limited skill • use expert-written software to exploit a system • do not usually fully understand the systems they hack
Cyber-Terrorism • Politically motivated cyber crime which attacks people, companies and even the government which that person opposes. • Some believe Al-Qaeda is planning such attacks
Types of Internet Scams • ISP Jacking • Web Cramming • Phishing • Identity Theft
ISP Jacking • Involves disconnecting individual users form their selected Internet Service Provider and redirecting them to an illegitimate server. • Extremely costly to the victim because of the incurred long distance phone charges
Web Cramming • Criminals develop a new web page for a company or non-profit organization for little or no cost. While advertising for free, they actually make unauthorized phone charges on the company’s account.
Phishing • Criminals Send Email Posing As • Banks • Credit Card Companies • Escrow services • Internet auction sites (EBay) • Example of Phishing
Identity Theft • Stealing a company’s or an individual’s identity for illegal purposes • Company’s reputation is hurt, plus will lose customers if it is their fault • Hurts individuals credit rating, insurance rates etc.
Who commits these crimes? • Insiders - employees or former employees • Outsiders - professional hackers
Why do they commit these crimes? • Revenge • Profit • Glory • To help show security flaws
How to Monitor and Stop Cyber Crime • Firewalls • Honeypots • Sneakers • Law Enforcement
Firewalls • Especially for Cable Access where user is always “On-Line” • Once you have a firewall in place, you should test it.
Honeypots • Act of putting up a new server with fake data and watching who accesses it. • All who access are unauthorized, can monitor what is being done and how. • Brings up many ethical and law questions. • Can be expensive to do
Sneakers • Have hackers test your security • Who knows more than a professional hacker? • Risky
Law Enforcement • FBI – Cyber Division (Operation Websnare) • Secret Service – Electronic Crime Task Force • Local Law Enforcement
FBI Cyber Division Mission • To coordinate, supervise and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as the principal instruments or targets of terrorist organizations, foreign government sponsored intelligence operations, or criminal activity and for which the use of such systems is essential to that activity; • form and maintain public/private alliances in conjunction with enhanced education and training to maximize counterterrorism, counter-intelligence, and law enforcement cyber response capabilities.
Operation Websnare • Led to 100 arrests/convictions • 116 indictments • These criminals caused $230 million worth of damage to 870,000 victims • A significant number, but only a fraction of the Cyber crime problem is represented, showing the need for sustained law enforcement focus, and the continuing development of expanded partnerships as well.
Electronic Crime Task Force • The Secret Service developed a new approach to increase the resources, skills and vision by which local, state, and federal law enforcement team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. By forging new relationships with private sector entities and scholars, the task force opens itself up to a wealth of information and communication lines with limitless potential. • Regional Contacts include New York, Boston, Chicago, Cleveland, Miami
Local Law Enforcement • Very few have their own cyber crime division • Those that do have only one or two people in that division • Many can’t afford a division
The 2002 CSI/FBI survey found: • 90% of organizations responding detected computer security breaches within the last year • 80% lost money to computer breaches • The number of attacks that came across the Internet rose from 70% in 2001 to 74% in 2002 • Only 34% of organizations reported their attacks to law enforcement
Why Cyber Crime is so Difficult to Stop • Cyber Crime can be performed across country boundaries making jurisdiction difficult to determine • Corporations are involved in the investigations now more than ever • The criminal can be very intelligent
Difficulty of Collecting Evidence • Must find relevant data, warrants only allow searches of specified portions of the computer • Ensure data isn’t compromised • Must make multiple copies of data gathered on write once drives • Must be able to break the cryptography or steganography that was used • Must do some sort of authentication probably with a message digest (digital fingerprinting)
Wireless Networking • Harder to secure than a traditional network since access can occur just standing outside the building
User Convenience • Convenience is the Culprit • More features and ease of use helps customers but hurts security • More technology leads to more risks
Failure To Report • Why not report cyber crimes to law enforcement? • Causes embarrassment due to going public • Feel a full fledged investigation will interfere too much • Feel there won’t be a conviction • Prosecutors won’t file the charges
Conclusion • Information is the target • Don’t forget about employees within the organization • Global Cooperation is needed • Any Questions????
References • Steven Branigan. (2005). High-Tech Crimes Revealed: Cyberwar Stories From The Digital Front. Boston: Pearson Education Inc. • Marjie T. Britz. (2004). Computer Forensics and Cyber Crime. New Jersey: Pearson Education Inc. • Joseph Migga Kizza. (2002). Computer Network Security and Cyber Ethics. North Carolina: McFarland & Company Inc. • www.cybercrime.gov • http://cybercrimes.net • www.fbi.gov