Upload
kenneth-mills
View
214
Download
0
Embed Size (px)
Citation preview
Page 1
Battling Botnets: Implications for a Cybercrime Strategy
July 8, 2010
Page 2
Is it a game, or is it real?
Page 3
Times have changed!
Page 4
The botnets
Page 5
The threat is real
• 1.5 million infected machines/ day
• 21 million botnet connections per month
• 44 billion bad e‐mails/month
• 200 Petabytes of malicious traffic / year
Page 6
Victims are clueless
Page 7
Agenda
• the nature of cybercrime
• different regulatory modalities
• examples from the Canadian Criminal Code
• implications for a cybercrime strategy
Page 8
Question:
Can we apply general rules of law, and specifically, criminal law, to the Internet context?
Page 9
Take one
“…the best way to learn the law applicable to specialized endeavors is to study general rules.... Any effort to collect these strands into a course on "The Law of the Horse" is doomed to be shallow and to miss unifying principles.”
- F. Easterbrook “Cyberspace and the Law of the Horse” (1996)
Page 10
Take two
“… there is an important general point that comes from thinking in particular about how the law and cyberspace connect.
This general point is about the limits on law as a regulator and about the techniques for escaping those limits. This escape in both real space and in cyberspace comes from recognizing the collection of tools that society has at hand for affecting constraints upon behavior.”
- Lawrence Lessig, “The Law of the Horse: What Cyberlaw Might Teach” (1999)
Page 11
Cybercrimes
In the Canadian Criminal Code
Page 12
Section 342.1(2)
“computer system” means a device that, or a group of interconnected or related devices one or more of which,(a) contains computer programs or other data, and(b) pursuant to computer programs,
(i) performs logic and control, and(ii)may perform any other function;
Page 13
Categories of cybercrimes
1. child exploitation
2. hate crimes
3. fraud
4. identity theft
Page 14
The headlines
Page 15
Regulatory modalities: an example
Page 16
Legal
Page 17
Social
Page 18
Market forces
Page 19
Architecture
Page 20
Modal Interplay
recognizing the interplay of all four modalities will enhance our ability to contend with cybercrimes
Page 21
“thou shall not use the Internet to prey on minors”
The law is clear
Page 22
Ok, but is the same true online?
Are other constraints we have on predators in real space effective in cyberspace?
Page 23
A chatroom isn’t like a classroom
Page 24
Social modality is different
• victims are aware they are conversing online with adults
• only 5% of offenders pretended to be teens when they met potential victims online
• rarely deceive victims about their sexual interests
Source: Wolak et al., 2004
Page 25
Market forces seemingly absent
• some child friendly sites
• some emphasizing parental controls
Page 26
Architecture modality is largely untouched
• physical layers (cable, wireline, etc)
• logical layers (software and standards)
• content layer (text, images, etc.)
Page 27
The challenge of cyberspace
• the regulatory modalities change
• changes need to be noted
Page 28
Proactive defence
• discover, infiltrate and disrupt activity before an attack
• involves a multi-pronged approach that leverages technology
Page 29
Bill C-28
• Fighting Internet and Wireless Spam Act (FISA)
• considers the technology
• promotes a holistic
• reflecting the regulatory modalities
Page 30
FISA law
• recognizes nature of the technology
• facilitates consultation, referral and information sharing
• implicates foreign states
Page 31
FISA social
• recognizes impact on the individual and privacy issues
• promotes the transparency and openness of practices
Page 32
FISA architecture
• prohibits the altering of a data transmission
• exempts service providers for the purposes of “network management”
• promotes the use of systems to help identify and intercept activities
Page 33
FISA market forces
• part of a general Canadian trend
• service provider intervention is permissible if not necessary
Page 34
What does this mean?
Implications for a cybercrime strategy
Page 35
Law: strategic implications
• recognize the different modalities and how they work in cyberspace
• design with technology in mind
Page 36
Social: strategic implications
• public awareness campaign
• individuals need to know about the risks associated with these crimes and how to mitigate these risks.
Page 37
Market forces: strategic implications
• incent players to participate
• better risk management capabilities should provide competitive advantage
• law enforcement agencies should outsource functions where more efficient to do so
Page 38
Architecture: strategic implications
• consider all layers of the technology form
• “sector networks” or “associations” to promote strategic partnerships among relevant players in cyber security
• establish standards for infrastructure protocols and procedures.
Page 39
Conclusion
• cybercrimes are substantively different from real space crimes - regulatory modalities may not function the same way
• no longer be a case of using old laws to adapt to new technology
• bolster proactive defences and take into account all regulatory modalities