04/15/23 2
What’s Cyber Crimes?
Cyber crime, also called computer crime, is any illegal behavior directed by means of electronic operations that targets the security of computer systems and the data processed .
04/15/23 3
Types of Attacks
Military and Intelligence Attacks
Business Attacks Financial Attacks Terrorist Attacks Grudge Attacks “Fun” Attacks
04/15/23 4
Types of Offenders
Cracker: motivation is to access a system or data
Criminals: motivation is financial gain.
Vandals: motivation is to damage the system or data files.
04/15/23 5
Types of Security
Physical security Personnel security Communications security Operations security
04/15/23 6
Types of Cyber Crimes - Breaches of physical security
Dumpster diving (trashing) Wiretapping Eavesdropping on Emanations Denial or Degradation of Service
Prevention method:
- Locks and keys. - Natural disasters - Environmental threats
Dumpster diving Dumpster diving is a term that
describes pawing through a target's garbage in search of valuable information. The amount of information you can learn about a target is astonishing.
04/15/23 7
Dumpster diving
Going through a company.s garbage (often in an outside and vulnerable Dumpster) to find
discarded information that either itself has value, or provides a tool to use in a
social engineering attack, such as internal phone numbers or titles
04/15/23 8
emanations
can be a potential computer security threat if information is emitted in a form that can be practically separated from background noise and decoded at sufficient distance usingcompact and available equipment. It can then be used to bypass commonly employed physical, cryptographic, and software access-control mechanisms at the operating-system,network, and application level.
Such exploitable emanations can occur as a result of: • the normal operation of a system • deliberate or accidental exposure of a device to an unusual environment • the execution of software that was designed to modulate data into emitted
energy
04/15/23 9
Denial or Degradation of Service
attack is a type of denial of service (DoS) attack geared toward disrupting the service, speed and response time of a network or website. It is designed to degrade services of a target to its point before becoming partially or permanently unavailable.
04/15/23 10
HOW TO PREVENT?
Prevention method:
- Locks and keys. - Natural disasters - Environmental threats
04/15/23 11
04/15/23 12
Types of Cyber Crimes - Breaches of Personnel security
Masquerading Social engineering Harassment Software piracy
Prevention method:
- Background checks and careful monitoring on the job
Masquerading
Masquerading occurs when one person uses the identity of another to gain access to a computer. This may be don
e in person or remotely.
04/15/23 13
Continue
There are both physical and electronic forms of masquerading. In person, a criminal may use an authorized user's identity or access card to get into restricted areas where he will have access to computers and data. This may be as simple as signing someone else's name to a signin sheet at the door of a building.
piggybacking, involves following an authorized person into a restricted area--a building or a computer room
04/15/23 14
Social engineering Social engineering is a term that describes a non-
technical kind of intrusion that relies heavily on human interaction and often involves tricking
other people to break normal security procedures. A social engineer runs what used to be called a "con
game." For example, a person using social engineering to break into a computer network might try to gain the confidence of an authorized user and get them to reveal information that compromises the network's security.
04/15/23 15
04/15/23 16
Types of Cyber Crimes - Breaches of communications and data security (Data attacks)
Unauthorized Copying of Data Traffic analysis Covert channels
Traffic Analysis Sometimes, the attacks on data might not be so
obvious. Even data that appears quite ordinary may be valuable to a foreign or industrial spy
In one industrial espionage case, a competitor monitored a company's use of online data services to find out what questions it had and what information it was collecting on certain types of metallurgy. The information allowed the competitor to monitor the company's progress on a research and development project and to use this information in developing its own similar product. That product reached the market several weeks before the original developer was able to. The original company's research and development investment and its potential share of the market--many millions--were all but lost
04/15/23 18
Covert channels
A clever insider can hide stolen data in otherwise innocent output. For example, a filename or the contents of a report could be changed slightly to include secret information that is obvious only to someone who is looking for it. A password, a launch code, or the location of sensitive information might be conveyed in this way
04/15/23 19
04/15/23 20
Types of Cyber Crimes - Breaches of communications and data security (Software attacks)
Trap doors (back doors) One classic software attack is the trap door or back
door. A trap door is a quick way into a program; it allows program developers to bypass all of the security built into the program now or in the future.
Session hijacking
Tunneling
Trojan horses Viruses and Worms
Timing Attacks
Timing attacks are another technically complex way to get unauthorized access to software or data.
04/15/23 21
04/15/23 22
Types of Cyber Crimes - Breaches of communications and data security (Software attacks)
Salamis Logic bombs
Prevention methods:
- Access control
- Cryptographic methods
- Physical protection and shielding of network cabling
- Firewall technology
04/15/23 23
Types of Cyber Crimes - Breaches of operations security
Data diddling (false data entry) IP spoofing Password Sniffing Scanning Excess Privileges
Prevention: The only way it can be effective is if it is integrated into an organization’s physical, personnel, and communications security programs.
04/15/23 25
Steps taken after the breach
The first step is to assess the situation.
- What is the severity level of the intrusion?
- Who will be involved in the investigation?
- Who is responsible for determining future actions?
04/15/23 26
Steps taken after the breach
The second step is to repair damage and prevent recurrence.
Under a serious breach, asking
- Government agencies.
- Private companies.
04/15/23 27
Report Cyber Crimes Cyber crimes the NCCS (The FBI’s National
Computer Crimes Squad) investigates include:
- Intrusions of the Public Switched Network (the telephone company).
- Major computer network intrusions. - Network integrity violations. - Privacy violations - Industrial espionage. - Pirated computer software. - Other crimes where the computer is a major
factor in committing the criminal offense.
04/15/23 28
Methods of investigations
The important first step is determining if a criminal still has control of any relevant computer.
As a general rule, an investigator should not let the attacker know that they are being disconnected or tracked due to unauthorized access.
Recommended