Embed Size (px)
DESCRIPTION
Computer crime (also referred to as cybercrime, e-crime or hi-tech crime) can be classified into the following categories:• Content related crime - child pornography and criminal copyright infringement.• Traditional crimes committed by means of a computer - fraud and theft.• Attacks on computers and computer systems – hacking, pharming and phishing.Those engaging in illegal activities online often have unlimited resources, time, and in most cases motivation, requiring businesses and government agencies to invest significant time and resources to upgrade their security programs to battlethe hacker. As soon as a new protocol is developed and announced, it seems that hackers have it figured out, and a more elaborate design must be developed. A 2006 FBI estimate pegged the total cost of cybercrime to businesses above $67billion. This case study will explore the different ways that cybercrime can affect students. It will also raise awareness of the broader implications of cybercrime for the economy and national security.
Citation preview
C o llegiat e
Case
S tu d y
THE NATION ’S NEW S PAPER
www.usatodaycollege.com
© Copyright 2008 USA TODAY, a division of Gannett Co., Inc. All rights reserved.
NATO to study defense against cyberattacksBy Jim Michaels
.....................................................................................5
Cybercrime arrests by FBI ‘a tiny drop in the bucket’By Brian Acohido
.....................................................................................3
Security experts say Rock Phish widening netBy Jon Swartz
.....................................................................................4
Critical inquiryDiscussion and future implications
.....................................................................................7
Computer crime (also referred to as cyber crime, e-crime or hi-tech crime) can beclassified into the following categories:
• Content related crime - child pornography and criminal copyright infringement.• Traditional crimes committed by means of a computer - fraud and theft.• Attacks on computers and computer systems – hacking, pharming and phishing.
Those engaging in illegal activities online often have unlimited resources, time,and in most cases motivation, requiring businesses and government agencies toinvest significant time and resources to upgrade their security programs to battlethe hacker. As soon as a new protocol is developed and announced, it seems thathackers have it figured out, and a more elaborate design must be developed. A2006 FBI estimate pegged the total cost of cyber crime to businesses above $67billion. This case study will explore the different ways that cyber crime mightimpact students personally, as well as raise awareness of the broader implicationsfor our economy and national security.
Chinese hackers seek U.S. accessAttacks highlight weaknesses in U.S. security
Infamous spammer arrested,faces new chargesBy Byron Acohido
.....................................................................................6
Additional resources/VoicesFurther exploration and Voices extension
....................................................................................8
C y b e r c r i m e
By Jon Swart zU S A TODAY
SAN FRANCISCO — The cyberattackof a U.S. military computer systemhas deepened concern about cyber-spying and the security of theInternet's infrastructure.
Chinese hackers were most likelybehind an intrusion in Novemberthat disabled the Naval War College'snetwork, forcing it to disconnectfrom the Internet for several weeks,says Lt. Cmdr. Doug Gabos, aspokesman for the Navy CyberDefense Operations Command inNorfolk, Va.
Forensic analysis indicates the hack-ers may have sought information onwar games in development at thenaval college, he said. The collegewas vulnerable because it did nothave the latest security protections,Gabos said.
The November attack was part of anongoing campaign by Chinese hack-ers to penetrate government com-puters. The attacks often come in theform of "spear phishing," scamswhere attackers craft e-mail mes-sages that seem to originate from therecipient's organization in a ploy togain unauthorized access to confi-dential data.
Reprinted with permission. All rights reserved. Page 2
AS SE EN IN USA TODAY’S MONEY SE CTI ON, MARCH 12, 2007, 3B
by Robert Hanishiro, USA TODAY
China is also using more traditionalhacking methods, such as computerviruses and worms, but in sophisticat-ed ways, says Alan Paller, director ofthe security research organizationSANS Institute.
Hackers are directly breaking into mil-itary and government computers, andexploiting the side doors of privatenetworks connected to them, Pallersays.
The intrusions spotlight the softunderbelly in U.S. cybersecurity. Theyalso underline the need for the federalgovernment to develop policies thatdefine responsibilities between thepublic and private sectors to fend offhackers and terrorists, say militaryofficials and cybersecurity expertsincluding Jody Westby, CEO of GlobalCyber Risk.
The attacks also underscore flaws inInternet security and the difficulty intracking bad guys, says Westby, acybersecurity consultant inWashington. Such "Swiss cheese"holes, she says, not only compromisemilitary and government networksbut those of businesses and criticalinfrastructure.
"The Internet was not designed forsecurity, and there are 243 countriesconnected to the Internet," saysWestby, who estimates 100 countriesare planning infowar capabilities."What's more, many countries don'thave cybercrime laws."
Chinese hackers gained notoriety inthe USA after a series of coordinatedattacks on American computer sys-tems at NASA and Sandia NationalLaboratories, dating to 2003, weretraced to a team of researchers in
Guangdong province. The program,called Titan Rain by the DefenseDepartment, first became public inAugust 2005. The DefenseDepartment has since retitled theprogram under a classified name.The hackers are still active, butGabos would not say if the intrusionat the Naval War College was linkedto previous attacks.
China is aggressively improving itsinformation warfare capabilities,according to a December 2006Chinese military white paper. Itsgoal is to be "capable of winninginformationized wars" by the mid-21st century.
The motives of Chinese hackers runthe gamut from intelligence gather-ing to technology theft and the infil-tration of defense networks forfuture action, cybersecurity expertssay.
The intent of Chinese operatives isunclear, but most agree they aregathering information, says PeterNeumann, a scientist at SRI
International, a non-profit researchinstitute.
U.S. cyberwarfare strategy, mean-while, is disjointed because organi-zations responsible for cyberoffense,such as the National SecurityAgency, and defense, such as theNaval Network Warfare Command,are not linked, Gen. JamesCartwright, commander of theStrategic Command, said in a speechat the Air Warfare Symposium inFlorida in February.
The U.S. must take aggressive meas-ures against foreign hackers andwebsites that help others attackgovernment systems, Gen. RonaldKeys, commander of Air CombatCommand, told reporters in Floridaon Feb. 9.
"I think it's going to take an Internet9/11, and we've had some prettyserious problems on the Internet"for the country to seriously re-examine its approach to cyberwar-fare, he said, according to a tran-script.
SEATTLE -- The tech security world cheered the FBI'sannouncement Wednesday of a crackdown on cyber-crooks who control networks of compromised comput-ers, called botnets, to spread spam and carry out scams.
But the arrests in recent weeks of accused bot con-trollers James Brewer of Arlington, Texas; Jason MichaelDowney of Covington, Ky.; and Robert Alan Soloway ofSeattle will barely make a ripple, security analysts say.
"We applaud the government's involvement in stoppingcybercrime," says Tom Gillis, senior marketing vice presi-dent at messaging security firm IronPort Systems. "Butthese arrests are a tiny drop in the bucket."
Soloway made a name for himself selling spamming kitsand botnet access to fledgling spammers, according to acivil case he lost to Microsoft in 2005. He was arrested inSeattle last month and charged with continued spam-ming.
Downey and Brewer controlled smaller botnets, federaldistrict court documents in Michigan and Illinois say. Thecourt documents did not detail what they used theirnetworks for.
Criminals turn computers into bots with malicious soft-ware programs spread through viral e-mail attachmentsand tainted Web pages. They become relay points tospread spam and can also steal any sensitive data typedby the user. Elite bot "herders" control botnets of often10,000 to 100,000 computers that are difficult to detectand shut down.
"Botnets are increasing, but we've just scratched the sur-face of what botnets are going to do," says DougCamplejohn, CEO of security firm Mi5 Networks.
The FBI asks PC users with suspected compromisedcomputers to contact their Internet service provider,
then file a complaint online through the FBI's InternetCrime Complaint Center.
"The majority of victims are not even aware that theircomputer has been compromised or their personal infor-mation exploited," says James Finch, assistant directorfor the FBI's Cyber Division. "Citizens can protect them-selves from botnets and the associated schemes by prac-ticing strong computer security habits to reduce the riskthat your computer will be compromised."
Page 3Reprinted with permission. All rights reserved.
AS SE EN IN USA TODAY’S MONEY SE CTI ON, JUNE 14, 2007, 2B
Cybercrime arrests by FBI ‘a tiny drop in the bucket’By Byron AcohidoUSA TODAY
Sam Ward, USA TODAY
Page 4Reprinted with permission. All rights reserved.
AS SE EN IN USA TODAY’S MONE Y SE CTI ON, OCTOBER 11, 2007, 3B
SAN FRANCISCO — A recent surge inphishing — fraudulent e-mail andwebsites designed to "fish" sensitivepersonal information such as pass-words and credit card numbers — isthe handiwork of a small, shadowycybergang, computer securityexperts say.
Rock Phish, a group of technicallysavvy hackers who oversee phish-ing websites and provide tools onthe Internet that let others phish, is"the major driving force behind aworsening situation, and they aredifficult to track down," saysZulfikar Ramzan, senior principalresearcher at Symantec's SecurityResponse Group.
Rock Phish got its name because ofits use of the word "rock" in theWeb addresses of phishing web-sites. It is believed to be in EasternEurope, based on the widespreadavailability of its phishing tools onwebsites hosted in that region.
FBI spokesman Paul Bresson says it isaware of the group. But U.S. authori-ties have little legal recourse to bustthe foreign group and tamp downthe surge in phishing, says PaulHenry, vice president of technologyevangelism at Secure Computing.
So far, the criminal enterprise hasvictimized customers of U.S. andEuropean financial institutions, suchas Citibank and Barclays, as well aspopular phishing targets eBay andPayPal, says Dan Hubbard, seniordirector of security and technologyresearch at security firm Websense.
The gang is also targeting the com-mercial accounts of small and largebusinesses, says Fred Felman, chiefmarketing officer at Mark Monitor, asecurity company that has devel-oped anti-phishing services. He esti-mates 77% of all active phishing sitesare linked to Rock Phish and itsmethods.
In July 2007 — the most recentmonth for which data are available —the Anti-Phishing Working Groupsaid new phishing sites pole-vaultedto 30,999, from 14,191 in July 2006.
More phishing sites have popped upthis year — more than 220,000 andcounting — than in the first sevenmonths of any other year.
Rock Phish attacks employ Webaddresses containing the names ofreal businesses, such as Bank ofAmerica, that are interspersed withrandom numbers.
The addresses appear authentic andare difficult to detect by anti-phish-ing defenses, says Paul Wood, a sen-ior analyst at e-mail security firmMessageLabs.
A common Rock Phish tactic is toregister new phishing addresses inrarely used country domains, such asMoldova (.md) and Sao Tome andPrincipe (.st), that are not on theradar of law enforcement and anti-phishing groups, Felman and otherssay.
Before the bogus domain names aredetected and removed, so-calledRock Phishers have already dupedpeople and stolen their personalinformation.
Financial information stolen on RockPhish websites is collected and fun-neled to a central computer server,Wood says.
Computer-security firm McAfeeadvises consumers to be dubious ofe-mails that come from financialinstitutions and online paymentservices asking them to take imme-diate action on their accounts. It alsowarns consumers to be cautious ofe-mail that uses poor grammar.
Security experts say Rock Phishwidening netBy Jon Swart zU S A TODAY
Page 5Reprinted with permission. All rights reserved.
AS SE EN IN USA TODAY’S NEWS SE CTI ON JUNE 15, 2007, 20A
NATO to study defenseagainst cyberattacksComputer assault staggered Estonia
By Jim Mi c h a elsU S A TODAY
BRUSSELS — NATO defense ministers are consideringextending the alliance's protection into cyberspace inthe wake of a devastating digital attack that nearly crip-pled member nation Estonia.
Defense ministers agreed "urgent work is needed toenhance the ability to protect information systems ofcritical importance," NATO spokesman James Appathuraisaid Thursday.
NATO will begin examining how it may protect its 26member states from electronic attacks like the one inEstonia, Appathurai said during a meeting of the minis-ters.
Defense Secretary Robert Gates and a number of theother officials have backed the move to study the issue.No decision has been reached on anything beyond study.
The issue is tricky for NATO. The attacks on Estonia werelaunched against public cyberspace that controls bank-ing, e-mail and other functions and not the country'smilitary command and control system. The attacks,which began in April and peaked last month, werelaunched from computers in about 50 countries, NATOspokesman Robert Pszczel said.
The alliance, a product of the Cold War, is based largelyon the notion that an attack on one member is consid-ered an attack on all.
The cyberattacks in Estonia, a former part of the SovietUnion, followed its decision to transfer a World War II-era statue of a Soviet Union soldier from a park to a mili-tary cemetery. The move triggered riots among Estonia'sethnic Russian population.
The Estonia attacks were "sustained" and "coordinated,"Appathurai said.
Estonia bills itself as one of the most advanced nationswhen it comes to online services. Estonians can voteonline, and a large percentage of people there use theInternet for banking and other services.
NATO dispatched a team of specialists to Estonia afterthe attacks, but it has limited capacity to support broad-er cyberspace defense efforts.
NATO's capabilities are directed toward protecting thealliance's own network, said Sheena Carrigan, a NATOspokeswoman. Expanding that mission would be up tothe alliance's political leadership, she said.
by Sam Ward, USA TODAY
By Byron AcohidoUSA TODAY
SEATTLE — The arrest of notoriousspammer Robert Alan Soloway, 27,on criminal charges for continuing tospread junk e-mail raised cheers inthe tech security community.
But Soloway's arrest Wednesday inSeattle won't slow down the tidalwave of spam. Unwanted commer-cial e-mail has become big business,backed by organized crime. Most ofit originates from networks of com-promised home PCs, called zombies.
The spam deluge includes recordlevels of unsolicited e-mail ads forsubprime loans, herbal remedies andget-rich-quick schemes. It includesphishing mail that lures recipientsinto typing sensitive data on boguswebsites. There's also "pharm" spampitching fake pharmaceutical drugs.And stock spam dupes recipientsinto helping drive up prices of mori-bund stocks.
"This is the modern face of the e-mail threat," says Adam O'Donnell,director of emerging technology atmessage security firm Cloudmark."Spam makes money."
Soloway pleaded not guilty and isbeing held in federal detention,pending a hearing next week. In hisheyday from 2003 to 2005, Solowaymade millions selling crude spam-ming kits to newbie spammers, andprovided access to zombie networksto help his customers acceleratespamming.
Those activities cameto light in a 2005 civiljudgment Microsoftwon against Soloway.He was ordered topay the softwaregiant $7.8 million.Microsoft spokes-woman Liz Candellosays he never paid.
Last week, a federalgrand jury returneda 35-count indict-ment against Soloway charging himwith mail fraud, wire fraud, e-mailfraud, aggravated identity theft andmoney laundering. He has been liv-ing in a ritzy apartment and drivesan expensive Mercedes convertible,says prosecutor Kathryn Warma.Prosecutors want him to forfeit$773,000 they say he made from hisbusiness, Newport InternetMarketing.
Yet he appears to have been a bitplayer in a spamming world that hasexploded in the past two years, saysPatrick Peterson, vice president oftechnology at messaging securityfirm IronPort Systems. In a 24-hourperiod this week, IronPort blocked81 billion spam messages. Spam vol-ume has nearly doubled to an aver-age 70 billion per day vs. 36 billion inMay 2006.
"Soloway is a notable actor," saysPeterson. "But he's not one of thesupercriminals who is responsible formost of the mayhem that's going ontoday."
MessageLabs last week reportedanother advance: For the first time,the London-based security firmintercepted spam pitching stock pur-chases with an enticement to click toa tainted Web page. Clicking on thelink turned over control of the PC tothe intruder.
"It shows how far they're come,"says Matt Sergeant, senior anti-spamtechnologist at MessageLabs. Well-funded, organized crime groups are"just absolutely out in the open try-ing to get you to install this stuff."
Soloway, by comparison, was asmall-timer. According to the indict-ment, clients paid him $495 to havehim send e-mail to 20 millionaddresses for 15 days or sell them80,000 e-mail addresses.
Page 6
AS SE EN IN USA TODAY’S MONE Y SE CTI ON, JUNE 1, 2007, 4B
Infamous spammer arrested, faces new chargesBut others will fill any void, officials say
by Robert Hanishiro, USA TODAY
Reprinted with permission. All rights reserved.
Page 7For more information, log on to www.usatodaycollege.com
1. In what ways might the growth of cyber crime shape how the Internet develops in the future?
2. The potentially global nature of cyber crime makes clear the need for global solutions. How might the U.S. reachconsensus with other countries that may have very different legal traditions and no basis for substantive coopera-tion? What implications are there if such cooperation and consensus can’t be achieved?
3. What steps can we, as individuals, take to protect ourselves from the impact of cyber crime in the future?Beyond identity theft, what other types of criminal behavior are most likely to affect the average citizen?
4. According to the National Cyber Security Alliance, online malfeasance and criminal activity can be divided intoCyber Ethics, Cyber Security and/or Cyber Safety. Given the explosion of new technologies such as wireless andGPS, discuss the potential for exploitation in these three areas.
1. How great of a problem is cyber crime when compared to the traditional types of crime with which we aremore familiar? What changes in law enforcement might be needed to combat the increase in cyber crime?
2. Another way to define cyber crime is simply as criminal activity involving the information technology infra-structure. The acts themselves manifest themselves in many different ways. Define and provide examples ofthe following types of cyber crime along with suggestions for solutions in combating this type of crime:
a.) Illegal or unauthorized accessb.) Illegal interception by technical means of non-public informationc.) Data interference by unauthorized damaged.) Deletion, deterioration, alteration or suppression of computer datae.) Interference with the functioning of a computer systemf.) Misuse of devicesg.) Forgery (ID theft)h.) Electronic fraud
3. Under what conditions is a company legally obligated to report a computer-related security incident to theauthorities? When should individual users report suspicious computer activity to law-enforcement? Whichagencies are set up to receive such complaints?
4. What constitutional concerns are raised by intellectual property cyber crimes?
Additional Resources
Critical Inquiry
Future Implications
uNational Cyber Security Alliancewww.staysafeonline.org
uComputer Crime & Intellectual Property Sectionwww.cybercrime.gov
uUS-CERTwww.us-cert.gov/" http://www.us-cert.gov
uPrivacy Rights Clearinghouse www.privacyrights.org
