cyber-crime-1209117260149121-8

8/20/2019 cyber-crime-1209117260149121-8

1/19

Cyber Crime – “Is theCyber Crime – “Is theInternet the new “Internet the new “W W ildild

W W ildild W W est?”est?”Prepared for the Southern MassachusettsPrepared for the Southern Massachusetts

E-Commerce etwor!E-Commerce etwor!

o" # $%%&o" # $%%&byby

Su'anne MelloSu'anne Mello

www.suzannemello.comwww.suzannemello.com

8/20/2019 cyber-crime-1209117260149121-8

2/19

E-Commerce etwor! - Su'

-

In the ews(()In the ews(()

1 out of 5 children received a1 out of 5 children received asexual solicitation or approachsexual solicitation or approachover the Internet in a one-yearover the Internet in a one-year period of time ( period of time ( www.missingchildren.comwww.missingchildren.com ) )

California warns of massive ICalifornia warns of massive Itheft ! personal data stolen fromtheft ! personal data stolen fromcomputers at "niversity ofcomputers at "niversity ofCalifornia# $er%eley (&ct '1# 'California# $er%eley (&ct '1# 'I* news service)I* news service)

+icrosoft and Cisco announced a+icrosoft and Cisco announced anew initiative to wor% together tonew initiative to wor% together toincrease internet securityincrease internet security(&ct 1,# '(&ct 1,# ' www.cnetnews.comwww.cnetnews.com ) )

http://www.missingchildren.com/http://www.missingchildren.com/http://www.cnetnews.com/http://www.cnetnews.com/http://www.cnetnews.com/http://www.missingchildren.com/

8/20/2019 cyber-crime-1209117260149121-8

3/19


-

*he ew +ild +ild +est*he ew +ild +ild +est

More cyber criminals thanMore cyber criminals thancyber copscyber cops

Criminals feel “safe”Criminals feel “safe”committin, crimes fromcommittin, crimes from

the pri"acy of their ownthe pri"acy of their ownhomeshomes

rand new challen,esrand new challen,esfacin, law enforcementfacin, law enforcement Most not trained in theMost not trained in the

technolo,iestechnolo,ies Internet crimes spanInternet crimes span

multiple .urisdictionsmultiple .urisdictions eed to retrofit new crimeseed to retrofit new crimes

to e/istin, lawsto e/istin, laws

8/20/2019 cyber-crime-1209117260149121-8

4/19


-

Computer CrimeComputer Crime

Computer used to commitComputer used to commit

a crimea crime Child porn0 threatenin,Child porn0 threatenin,

email0 assumin, someone1semail0 assumin, someone1s

identity0 se/ual harassment0identity0 se/ual harassment0

defamation0 spam0 phishin,defamation0 spam0 phishin,

Computer as a tar,et of aComputer as a tar,et of acrimecrime 2iruses0 worms0 industrial2iruses0 worms0 industrial

espiona,e0 software piracy0espiona,e0 software piracy0

hac!in,hac!in,

8/20/2019 cyber-crime-1209117260149121-8

5/19


-

Computer 3orensicsComputer 3orensics

+hat is it?+hat is it? an autopsy of a computer or networ! toan autopsy of a computer or networ! to

unco"er di,ital e"idence of a crimeunco"er di,ital e"idence of a crime E"idence must be preser"ed and hold upE"idence must be preser"ed and hold up

in a court of lawin a court of law

4rowin, field – Many becomin,4rowin, field – Many becomin,computer forensic sa""ycomputer forensic sa""y 3I0 State and 5ocal Police0 I6S03I0 State and 5ocal Police0 I6S0

7omeland Security7omeland Security 8efense attorneys0 .ud,es and8efense attorneys0 .ud,es and

prosecutorsprosecutors Independent security a,enciesIndependent security a,encies +hite hat or Ethical 7ac!ers+hite hat or Ethical 7ac!ers Pro,rams offered at ma.or uni"ersitiesPro,rams offered at ma.or uni"ersities

such as 96Isuch as 96Ihttp:;;http:;;homepa,e)cs)uri)edu;faculty;wolfe;cf homepa,e)cs)uri)edu;faculty;wolfe;cf

http://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cf

8/20/2019 cyber-crime-1209117260149121-8

6/19


-

9nco"erin, 8i,ital E"idence9nco"erin, 8i,ital E"idence

Smart Criminals don’t use theirSmart Criminals don’t use theirown computersown computers

3loppy dis!s3loppy dis!s

s4ame bo/es4ame bo/es

etwor!setwor!s

7ard dri"es7ard dri"es

8/20/2019 cyber-crime-1209117260149121-8

7/19


-

8i,ital E"idence8i,ital E"idence

Criminals 7ide E"idenceCriminals 7ide E"idence

8elete their files and emails8elete their files and emails

7ide their files by encryption07ide their files by encryption0password protection0 orpassword protection0 or

embeddin, them in unrelatedembeddin, them in unrelatedfiles dll0 os etc@files dll0 os etc@

9se +i-3i networ!s and cyber9se +i-3i networ!s and cybercafes to co"er their trac!scafes to co"er their trac!s

3orensics 9nco"er E"idence3orensics 9nco"er E"idence

6estore deleted files and emails –6estore deleted files and emails –they are still really thereAthey are still really thereA

3ind the hidden files throu,h3ind the hidden files throu,hcomple/ password0 encryptioncomple/ password0 encryption

pro,rams0 and searchin,pro,rams0 and searchin,techniBuestechniBues

*rac! them down throu,h the*rac! them down throu,h thedi,ital trail - IP addresses to ISPsdi,ital trail - IP addresses to ISPsto the offender to the offender

Not obvious…….it’s most likely hidden on purposeor needs to be unearthed by forensics experts

8/20/2019 cyber-crime-1209117260149121-8

8/19


-

*he Crime Scene*he Crime Scene(with Computer orensics)(with Computer orensics)

Similar to traditional crime scenesSimilar to traditional crime scenes

Must acBuire the e"idence whileMust acBuire the e"idence whilepreser"in, the inte,rity of the e"idencepreser"in, the inte,rity of the e"idence

o dama,e durin, collection0o dama,e durin, collection0transportation0 or stora,etransportation0 or stora,e

8ocument e"erythin,8ocument e"erythin,

Collect e"erythin, the first timeCollect e"erythin, the first time

Establish a chain of custodyEstablish a chain of custody

ut also different(()ut also different(()

Can perform analysis of e"idence onCan perform analysis of e"idence one/act copyAe/act copyA

Ma!e many copies and in"esti,ateMa!e many copies and in"esti,atethem without touchin, ori,inalthem without touchin, ori,inal

Can use time stampin,;hash codeCan use time stampin,;hash codetechniBues to pro"e e"idence hasn1ttechniBues to pro"e e"idence hasn1tbeen compromisedbeen compromised

8/20/2019 cyber-crime-1209117260149121-8

9/19

*op Cyber Crimes that*op Cyber Crimes that

>ttac! usiness >ttac! usinessSpamSpam

2iruses;+orms2iruses;+orms

Industrial Espiona,e and 7ac!ersIndustrial Espiona,e and 7ac!ers

+i-3i 7i,h =ac!in,+i-3i 7i,h =ac!in,

8/20/2019 cyber-crime-1209117260149121-8

10/19


-

SpamSpam

““Spam accounts for out of e"ery D%Spam accounts for out of e"ery D%emails in the 9nited States)”emails in the 9nited States)”

+essagea/s# Inc.# an email management+essagea/s# Inc.# an email managementand security company /ased in 0ewand security company /ased in 0ewor%.or%.

2 2 3e do not o/4ect to the use of this slang3e do not o/4ect to the use of this slangterm to descri/e "C (unsolicitedterm to descri/e "C (unsolicitedcommercial email)# although we docommercial email)# although we doo/4ect to the use of the word 2spam6 aso/4ect to the use of the word 2spam6 asa trademar% and the use of our producta trademar% and the use of our product

image in association with that term6image in association with that term6www.hormel.comwww.hormel.com

http://www.hormel.com/http://www.hormel.com/http://www.hormel.com/

8/20/2019 cyber-crime-1209117260149121-8

11/19


-

Can-Spam >ct of $%%Can-Spam >ct of $%%

Controllin, the >ssault of on-Solicited Porno,raphy and Mar!etin,Controllin, the >ssault of on-Solicited Porno,raphy and Mar!etin, >ct Can-Spam@ >ct Can-Spam@

Si,ned into law by President ush on 8ec DF0 $%%Si,ned into law by President ush on 8ec DF0 $%% *oo! effect =an D0 $%%&*oo! effect =an D0 $%%&

9nsolicited commercial email must:9nsolicited commercial email must: e labelede labeled Include Gpt-Gut instructionsInclude Gpt-Gut instructions o false headerso false headers

3*C is authori'ed but not reBuired@ to establish a “do-not-email”3*C is authori'ed but not reBuired@ to establish a “do-not-email”re,istryre,istry

www)spamlaws)comwww)spamlaws)com –lists all the latest in federal0 state0 and –lists all the latest in federal0 state0 andinternational lawsinternational laws

http://www.spamlaws.com/http://www.spamlaws.com/http://www.spamlaws.com/

8/20/2019 cyber-crime-1209117260149121-8

12/19

Su'anne Mello - o" # $

Spam is 7ostileSpam is 7ostile

Hou pay for Spam0 not SpammersHou pay for Spam0 not Spammers Email costs are paid by emailEmail costs are paid by email

recipientsrecipients

Spam can be dan,erousSpam can be dan,erous e"er clic! on the opt-out lin!Ae"er clic! on the opt-out lin!A

May ta!e you to hostile web siteMay ta!e you to hostile web sitewhere mouse-o"er downloadswhere mouse-o"er downloads

an )e/ean )e/e

*ells spammers they found a*ells spammers they found a

wor!in, addresswor!in, address

*hey won1t ta!e you off the list*hey won1t ta!e you off the list

anywayanyway+hat should you do?+hat should you do? 3ilter it out whene"er possible3ilter it out whene"er possible

eep filters up to dateeep filters up to date

If you ,et it0 .ust delete the emailIf you ,et it0 .ust delete the email

8/20/2019 cyber-crime-1209117260149121-8

13/19


-

2iruses and +orms2iruses and +orms

8ifferent types of “ailments”8ifferent types of “ailments”

2iruses2iruses software that pi,,ybac!s onsoftware that pi,,ybac!s on

other software and runs whenother software and runs whenyou run somethin, elseyou run somethin, else

Macro in e/cel0 wordMacro in e/cel0 word*ransmitted throu,h sharin,*ransmitted throu,h sharin,pro,rams on bulletin boardspro,rams on bulletin boards

Passin, around floppy dis!sPassin, around floppy dis!s >n )e/e0 )com file in your email >n )e/e0 )com file in your email

+orms+orms software that uses computersoftware that uses computer

networ!s to find security holesnetwor!s to find security holesto ,et in to your computer –to ,et in to your computer –usually in Microsoft GSAA utusually in Microsoft GSAA utworm for M>C was recentlyworm for M>C was recentlywrittenwritten

8/20/2019 cyber-crime-1209117260149121-8

14/19

E-Commerce etwor! - Su'-

7ac!ers are E"erywhere7ac!ers are E"erywhere

Stealin, dataStealin, data Industrial Espiona,eIndustrial Espiona,e Identity theftIdentity theft 8efamation8efamation

8eletin, data for fun8eletin, data for fun > lot of bored DF year olds late at > lot of bored DF year olds late at

ni,htni,ht

*urnin, computers into 'ombies*urnin, computers into 'ombies *o commit crimes*o commit crimes *a!e down networ!s*a!e down networ!s 8istribute porn8istribute porn

7arass someone7arass someoneEthical;white hat hac!ers e/ist tooEthical;white hat hac!ers e/ist too 7elp brea! into networ!s to7elp brea! into networ!s to

pre"ent crimespre"ent crimes

Mafia oy

8/20/2019 cyber-crime-1209117260149121-8

15/19


+ireless 3idelity +i-3i@+ireless 3idelity +i-3i@

9sin, antennas to create “hot spots”9sin, antennas to create “hot spots”

7otspots – Internet >ccess sometimes free@7otspots – Internet >ccess sometimes free@ ewport 7arbor - >ll the boats in 7arbor ha"e internet accessewport 7arbor - >ll the boats in 7arbor ha"e internet access

San 3rancisco 4iants Stadium – Surf the web while catchin, aSan 3rancisco 4iants Stadium – Surf the web while catchin, a,ame,ame

9Mass need to re,ister0 but it1s free@9Mass need to re,ister0 but it1s free@

Cambrid,e0 M>Cambrid,e0 M>

Philadelphia0 P> – .ust announced – entire city by $%%FPhiladelphia0 P> – .ust announced – entire city by $%%F

8/20/2019 cyber-crime-1209117260149121-8

16/19


+i-3i 7i,h =ac!in,+i-3i 7i,h =ac!in,

F%-J%K wireless networ!s are wide openF%-J%K wireless networ!s are wide open

+hy are the +i-3i networ!s unprotected?+hy are the +i-3i networ!s unprotected? Most people say “Gur data is borin,”Most people say “Gur data is borin,”

ut( criminals loo! for wireless networ!s to commitut( criminals loo! for wireless networ!s to commit

their crimestheir crimes

>nd( the authorities will come !noc!in, on your >nd( the authorities will come !noc!in, on yourdoor())door())

8/20/2019 cyber-crime-1209117260149121-8

17/19


Protect your ComputersAProtect your ComputersA

Use anti-virus software andUse anti-virus software andrewalls - keep them up to daterewalls - keep them up to date

Keep your operating system upKeep your operating system upto date with critical securityto date with critical securityupdates and patchesupdates and patches

Don't open emails orDon't open emails orattachments from unknownattachments from unknownsourcessources

Use hard-to-guess passwords.Use hard-to-guess passwords.Don’t use words found in aDon’t use words found in a

dictionary. Rememer thatdictionary. Rememer thatpassword cracking tools e!istpassword cracking tools e!ist

"ack-up your computer data on"ack-up your computer data ondisks or #Ds oftendisks or #Ds often

Don't share access to yourDon't share access to yourcomputers with strangerscomputers with strangers

$f $f you have a wi- network%you have a wi- network%password protect itpassword protect it

Disconnect from the $nternetDisconnect from the $nternetwhen not in usewhen not in use

Reevaluate your security on aReevaluate your security on aregular asisregular asis

&ake sure your employees&ake sure your employeesand family memers knowand family memers knowthis info toothis info too

8/20/2019 cyber-crime-1209117260149121-8

18/19

*han! youA*han! youA

8/20/2019 cyber-crime-1209117260149121-8

19/19


+eb sites of Interest+eb sites of Interest

http:;;http:;;homepa,e)cs)uri)edu;faculty;wolfe;cf homepa,e)cs)uri)edu;faculty;wolfe;cf

www)missin,children)comwww)missin,children)com

www)spamlaws)comwww)spamlaws)com

www)netsmart')or,www)netsmart')or,http:;;www)ifccfbi),o"http:;;www)ifccfbi),o" - operation web snare – latest- operation web snare – latest

cyber crimes to be aware of cyber crimes to be aware of

http:;;www)dcfl),o";dc;home)htmhttp:;;www)dcfl),o";dc;home)htm

http:;;www)cops)or,;http:;;www)cops)or,;
http://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cfhttp://www.missingchildren.com/http://www.missingchildren.com/http://www.spamlaws.com/http://www.spamlaws.com/http://www.ifccfbi.gov/http://www.ifccfbi.gov/http://www.dcfl.gov/dc3/home.htmhttp://www.dcfl.gov/dc3/home.htmhttp://www.dcfl.gov/dc3/home.htmhttp://www.ifccfbi.gov/http://www.spamlaws.com/http://www.missingchildren.com/http://homepage.cs.uri.edu/faculty/wolfe/cfhttp://homepage.cs.uri.edu/faculty/wolfe/cf

Documents

cyber-crime-1209117260149121-8