View
217
Download
3
Category
Preview:
Citation preview
CJ416Eric Salvador
HousekeepingLets finish strong in Unit 9 discussionsAlternative seminarsFinal submission of work – Tues. May 29th
at midnight
Software to help you find your computer:http://preyproject.com/
Unit 9 – Final Project The final assignment is to analyze the State of Connecticut v. Julie Amero cyber
crime case by drafting a Cyber Crime Case Analysis Position Paper. The paper should address the following:
Investigative questions/answers: Who are the victims and the offenders? What court charges were applied to the cyber crime case? When did the event take place and over what length of time? Where did the event take place? Why did the offender committed the cyber crime committed? How did the offenders perform the cyber crime?
The development of an Attack Tree for the cyber crime case. An analysis of the legal issues argued by both cyber crime legal teams and your
position either supporting or disagreeing with their legal arguments, and why. To prevent the damage experienced in the cyber crime case from occurring in the
future, what type of defense architectures (recommendations) should organizations implement?
TerrorismThe motives behind terrorism are
difficult to quantify. We need to focus on understanding the operational framework of the planning and executing of a terrorist attack.
Identifying the patterns and common factors associated with premeditated terrorist attacks allows us to proactively respond and mitigate them.
Who is the enemy?
Terrorist NetworksSome terrorist groups now consider public
indifference to be such that more spectacular incidents involving higher casualty rates are necessary to attract attention
The effectiveness of improved security measures will prompt terrorists to seek different methods of conducting attacks
Terrorist groups are now working closer together sharing manpower, intelligence, training, equipment, operational knowledge, and resources
Terrorist networksThe identity of a large number of active
terrorist groups and their members are unknown to intelligence agencies. Today’s terrorists are younger, more intelligent and more importantly are willing to die for their cause.
Elements of a Terrorist AttackTarget selectionTarget Intelligence – terrorists will conduct
surveillanceOperational planning - vehicle bomb, aircraft,
ship, suicide bomber, chemical, biological, radiological or nuclear
Types of an attackDirect Attack Suicide Bomber Dirty Bomb Attack Using CBRN Materials Bomb Threat Any Combination of Above
Planning ErrorsDenial - A feeling that a terrorist attack could
never really happen Failure - to detect or heed warnings Underestimating - the potential damage Recognition - Terrorist incidents cause other
incidents Underestimating - response / reaction time Failure - to conduct ongoing and
comprehensive threat, risk, vulnerability assessments, document, rehearse and integrate all crisis management and security response plans
How about Technical Terrorists?
Do you think we are more at risk of “technical” terrorists who attack networks, or those that choose to physically attack infrastructure?
How about Technical Terrorists?
Type of “Hacker” Description
White hat hackerA white hat hacker has the skills to break into computer systems and do damage. However, he uses his skills to help organizations. For example, a white hat hacker might work for a company to test the security of its network.
Black hat hackerA black hat hacker, also known as a “cracker,” uses his skills for unethical reasons (for example, to steal funds).
Gray hat hacker
A gray hat hacker can be thought of as a white hat hacker who occasionally strays and acts unethically. For example, a gray hat hacker might be employed as a legitimate network security tester. However, in the course of his ethical duties, he finds an opportunity for personal gain and acts unethically to obtain that personal gain.
Phreaker
A phreaker is a hacker of a telecommunications system. For example, a phreaker known as “Captain Crunch” used a toy whistle he found in a box of Captain Crunch cereal (which generated a 2600-Hz tone) to trick phone systems into letting him place free long distance calls. Convincing a telecommunications carrier to permit free long distance calls in this manner is an example of “phreaking.”
How about Technical Terrorists?
Type of “Hacker” Description
Script kiddyA script kiddy is a user who lacks the skills of a typical hacker. Rather, he downloads hacking utilities and uses those utilities to launch attacks, rather than writing his own programs.
HacktivistA hacktivist is a hacker with political motivations, such as someone who defaces the website of a political candidate.
Computer security hacker
A computer security hacker is knowledgeable about the technical aspects of computer and network security systems. For example, this person might attempt to attack a system protected by an IPS by fragmenting malicious traffic in a way that would go undetected by the IPS.
Academic hacker
An academic hacker typically is an employee or student at an institution of higher education. The academic hacker uses the institution’s computing resources to write “clever” programs. Typically, these hackers use their real names (unlike the pseudonyms often used by computer security hackers), and they tend to focus on open-standards-based software and operating systems (for example, Linux).
How about Technical Terrorists?
http://www.msnbc.msn.com/id/44415109/ns/technology_and_science-security/
What is being said at the judiciary level?
http://www.youtube.com/watch?v=zCmJd6TI3w0
How about in the Cyber World?
In the overall state of affairs, are we winning or losing the battle?
How about in the Cyber World?
http://www.youtube.com/watch?feature=endscreen&NR=1&v=Poc8YCuK9r0
Class SummaryIf you were to summarize what your learned
into one sentence, what would you say?
Class SummaryIf you were to give one piece of advice to
somebody regarding what you learned in this class, what would it be?
Best of Luck to all of you!
Recommended