An introduction to the war between businesses and cyber criminals
1 / 36

- PowerPoint PPT Presentation

  • Updated On :

An Introduction to the War Between Businesses and Cyber Criminals By: Jeremy Poch What Is Cyber Crime Cyber crime encompasses any criminal act dealing with computers and networks (i.e. hacking). Cyber crime also includes traditional crimes conducted through the Internet.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - jacob

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

What is cyber crime l.jpg
What Is Cyber Crime Criminals

  • Cyber crime encompasses any criminal act dealing with computers and networks (i.e. hacking).

  • Cyber crime also includes traditional crimes conducted through the Internet.

    • For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.

How cyber crime affects businesses and individuals l.jpg
How Cyber Crime Affects Businesses and Individuals Criminals

  • Costs Companies billions of dollars per year

  • Estimates worldwide have soared up to $100 billion

  • Hard to get a figure a high percentage of cyber crime goes unreported.

Two types of cyber crime l.jpg
Two Types of Cyber Crime Criminals

  • Against a person

  • Against property or a company

Against a person l.jpg
Against a person Criminals

  • Pornography/Offensive Content

  • Harassment

  • Cyber stalking

Against property or a company l.jpg
Against Property or a Company Criminals

  • Neo-Traditional Crime

  • Phreaking

  • Hacking

    • Cyber-Terrorism

  • Internet Scams

Neo traditional crimes l.jpg
Neo-Traditional Crimes Criminals

  • Computer not needed but the addition has provided new avenues for such crimes

  • Any attempt of fraud done by use of a computer

  • IP-Spoofing

    • alter packet headers to conceal ones identity

  • Salami Technique

    • Redirect small sums of money into another account which adds up over time.

Phreaking l.jpg
Phreaking Criminals

  • A precursor to hacking, where individuals gain access for bragging rights, often do relatively minor damage

  • An older definition is using a computer or other device to trick a phone system. Typically, phreaking is used to make free calls or to have calls charged to a different account.

  • One of the most prevalent tools was a whistle from a box of Cap’n Crunch which had a frequency of 2600 cycle tone which allowed for free long distance phone calls.

  • Steve Jobs and Steve Wozniakfounders of Apple Computers used blue boxes (devices that made the 2600 tone) to get access to long distance lines for computing while in college

Hacking l.jpg
Hacking Criminals

  • Process by which individuals gain unauthorized access to computer systems for the purpose of stealing and corrupting data.

  • Corrupting Data: Worms, viruses, DDoS

  • Stealing Data: Credit Card info, customer Database

  • Cyber-Terrorism

Seven steps of hacking l.jpg
Seven Steps of Hacking Criminals

  • Pick a target

  • Find the computers of that target that are accessible via the internet

  • Discover vulnerable computer systems that potentially contain what is being sought

  • Break into the computer system (Easy to do with software available online)

  • Elevate access privileges to the maximum level (called rooting a box)

  • Monitor what other computer users are doing to find more vulnerable systems

  • Install backdoors that allow re-entering at a later date if the original vulnerability has been fixed

Generally two skill levels among hackers l.jpg
Generally two skill levels among hackers: Criminals

  • Expert hacker (Outsider)

    • develops software scripts and codes exploits

    • usually a master of many skills

    • will often create attack software and share with others

  • Script kiddies (Insider or teenager)

    • hackers of limited skill

    • use expert-written software to exploit a system

    • do not usually fully understand the systems they hack

Cyber terrorism l.jpg
Cyber-Terrorism Criminals

  • Politically motivated cyber crime which attacks people, companies and even the government which that person opposes.

  • Some believe Al-Qaeda is planning such attacks

Types of internet scams l.jpg
Types of Internet Scams Criminals

  • ISP Jacking

  • Web Cramming

  • Phishing

  • Identity Theft

Isp jacking l.jpg
ISP Jacking Criminals

  • Involves disconnecting individual users form their selected Internet Service Provider and redirecting them to an illegitimate server.

    • Extremely costly to the victim because of the incurred long distance phone charges

Web cramming l.jpg
Web Cramming Criminals

  • Criminals develop a new web page for a company or non-profit organization for little or no cost. While advertising for free, they actually make unauthorized phone charges on the company’s account.

Phishing l.jpg
Phishing Criminals

  • Criminals Send Email Posing As

    • Banks

    • Credit Card Companies

    • Escrow services

    • Internet auction sites (EBay)

    • Example of Phishing

Identity theft l.jpg
Identity Theft Criminals

  • Stealing a company’s or an individual’s identity for illegal purposes

  • Company’s reputation is hurt, plus will lose customers if it is their fault

  • Hurts individuals credit rating, insurance rates etc.

Who commits these crimes l.jpg
Who commits these crimes? Criminals

  • Insiders - employees or former employees

  • Outsiders - professional hackers

Why do they commit these crimes l.jpg
Why do they commit these crimes? Criminals

  • Revenge

  • Profit

  • Glory

  • To help show security flaws

How to monitor and stop cyber crime l.jpg
How to Monitor Criminalsand Stop Cyber Crime

  • Firewalls

  • Honeypots

  • Sneakers

  • Law Enforcement

Firewalls l.jpg
Firewalls Criminals

  • Especially for Cable Access where user is always “On-Line”

  • Once you have a firewall in place, you should test it.

Honeypots l.jpg
Honeypots Criminals

  • Act of putting up a new server with fake data and watching who accesses it.

  • All who access are unauthorized, can monitor what is being done and how.

  • Brings up many ethical and law questions.

  • Can be expensive to do

Sneakers l.jpg
Sneakers Criminals

  • Have hackers test your security

  • Who knows more than a professional hacker?

  • Risky

Law enforcement l.jpg
Law Enforcement Criminals

  • FBI – Cyber Division (Operation Websnare)

  • Secret Service – Electronic Crime Task Force

  • Local Law Enforcement

Fbi cyber division mission l.jpg
FBI Cyber Division Mission Criminals

  • To coordinate, supervise and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as the principal instruments or targets of terrorist organizations, foreign government sponsored intelligence operations, or criminal activity and for which the use of such systems is essential to that activity;

  • form and maintain public/private alliances in conjunction with enhanced education and training to maximize counterterrorism, counter-intelligence, and law enforcement cyber response capabilities.

Operation websnare l.jpg
Operation Websnare Criminals

  • Led to 100 arrests/convictions

  • 116 indictments

  • These criminals caused $230 million worth of damage to 870,000 victims

  • A significant number, but only a fraction of the Cyber crime problem is represented, showing the need for sustained law enforcement focus, and the continuing development of expanded partnerships as well.

Electronic crime task force l.jpg
Electronic Crime Task Force Criminals

  • The Secret Service developed a new approach to increase the resources, skills and vision by which local, state, and federal law enforcement team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. By forging new relationships with private sector entities and scholars, the task force opens itself up to a wealth of information and communication lines with limitless potential.

  • Regional Contacts include New York, Boston, Chicago, Cleveland, Miami

Local law enforcement l.jpg
Local Law Enforcement Criminals

  • Very few have their own cyber crime division

  • Those that do have only one or two people in that division

  • Many can’t afford a division

The 2002 csi fbi survey found l.jpg
The 2002 CSI/FBI survey found: Criminals

  • 90% of organizations responding detected computer security breaches within the last year

  • 80% lost money to computer breaches

  • The number of attacks that came across the Internet rose from 70% in 2001 to 74% in 2002

  • Only 34% of organizations reported their attacks to law enforcement

Why cyber crime is so difficult to stop l.jpg
Why Cyber Crime is so Difficult to Stop Criminals

  • Cyber Crime can be performed across country boundaries making jurisdiction difficult to determine

  • Corporations are involved in the investigations now more than ever

  • The criminal can be very intelligent

Difficulty of collecting evidence l.jpg
Difficulty of Collecting Evidence Criminals

  • Must find relevant data, warrants only allow searches of specified portions of the computer

  • Ensure data isn’t compromised

  • Must make multiple copies of data gathered on write once drives

  • Must be able to break the cryptography or steganography that was used

  • Must do some sort of authentication probably with a message digest (digital fingerprinting)

Wireless networking l.jpg
Wireless Networking Criminals

  • Harder to secure than a traditional network since access can occur just standing outside the building

User convenience l.jpg
User Convenience Criminals

  • Convenience is the Culprit

    • More features and ease of use helps customers but hurts security

    • More technology leads to more risks

Failure to report l.jpg
Failure To Report Criminals

  • Why not report cyber crimes to law enforcement?

    • Causes embarrassment due to going public

    • Feel a full fledged investigation will interfere too much

    • Feel there won’t be a conviction

    • Prosecutors won’t file the charges

Conclusion l.jpg
Conclusion Criminals

  • Information is the target

  • Don’t forget about employees within the organization

  • Global Cooperation is needed

  • Any Questions????

References l.jpg
References Criminals

  • Steven Branigan. (2005). High-Tech Crimes Revealed: Cyberwar Stories From The Digital Front. Boston: Pearson Education Inc.

  • Marjie T. Britz. (2004). Computer Forensics and Cyber Crime. New Jersey: Pearson Education Inc.

  • Joseph Migga Kizza. (2002). Computer Network Security and Cyber Ethics. North Carolina: McFarland & Company Inc.