Computer forensics once specialized is now mainstream due to our total dependence on data. Experts deal not only with computer related crime such as hacking, software piracy, and viruses but also with conventional crimes including fraud, embezzlement, organized crime and child pornography.
2. Cyber Crime – “Is the
Internet the new “Wild
Wild West?”
3. The New Wild Wild West
More cyber criminals than
cyber cops
Criminals feel “safe”
committing crimes from
the privacy of their own
homes
Brand new challenges
facing law enforcement
Most not trained in the
technologies
Internet crimes span
multiple jurisdictions
Need to retrofit new crimes
to existing laws
4. In the News…….
1 out of 5 children received a sexual
solicitation or approach over the
Internet in a one-year period of time
(www.missingchildren.com)
California warns of massive ID theft
– personal data stolen from
computers at University of
California, Berkeley (Oct 21, 2004
IDG news service)
Microsoft and Cisco announced a
new initiative to work together to
increase internet security
(Oct 18, 2004 www.cnetnews.com)
5. Computer Crime
Computer used to commit
a crime
Child porn, threatening
email, assuming
someone’s identity, sexual
harassment, defamation,
spam, phishing
Computer as a target of a
crime
Viruses, worms, industrial
espionage, software piracy,
hacking
6. Global Scenario
Global cyber crime is $105 billion industry
which is more than global drug trafficking
Economic meltdown and recession
Under employment/unemployment
7. Who Commits Cybercrime?
Traditional journalism-speak answer: "hackers"
Note: journalists really should be saying crackers, not hackers,
but we both understand the casual/popular misuse of the
"hacker" term instead of the more strictly correct "cracker"
nomenclature.
Some more specific possible answers to the question of "Who
commits cyber intrusions?" might be…
-- Disgruntled/untrustworthy (former) insiders
-- Juveniles
-- Ideologically motivated individuals
-- Sophisticated professionals
9. Types of Threats
Malware
Virus attacks account for more than 50% of
security incidents
Two thirds of all malicious code threats
currently detected were created in 2007
Any file can be infected (Flash, Adobe PDF)
Toolkits or rootkits easily available
10. Phishing
Every month more than 20,000 unique
phishing websites are detected affecting
more than 200 brands
E-Bay
Amazon
Paypal
11. Electronic Fund Transfer
November 2008 100 compromised card
accounts resulted in $9 million fraudulent
withdrawals from 130 ATM's in 49 cities
across the world in 30 minutes
12. Online Grooming, Sexual
Exploitation and Child Abuse
Sec 67 B (B), (C) inserted in IT Act
Amendment
13. Cyber Pornography
Cyber pornography accounts for 46% of all
cyber crimes under IT Act
Every second 28,258 Internet users are view
pornography
The pornography industry is larger than
revenues of the top technology companies
combines: Microsoft, Google, Amazon,
eBay, Yahoo, Apple, Netflix and Earthlink
One of the easiest ways of installing malware
16. Spam
“Spam accounts for 9 out of every 10
emails in the United States.”
MessageLabs, Inc., an email management
and security company based in New
York.
“We do not object to the use of this slang
term to describe UCE (unsolicited
commercial email), although we do
object to the use of the word “spam” as
a trademark and the use of our product
image in association with that term”
www.hormel.com
17. Can-Spam Act of 2003
Controlling the Assault of Non-Solicited Pornography and Marketing
Act (Can-Spam)
Signed into law by President Bush on Dec 16, 2003
Took effect Jan 1, 2004
Unsolicited commercial email must:
Be labeled
Include Opt-Out instructions
No false headers
FTC is authorized (but not required) to establish a “do-not-email”
registry
www.spamlaws.com –lists all the latest in federal, state, and
international laws
18. Spam is Hostile
You pay for Spam, not Spammers
Email costs are paid by email
recipients
Spam can be dangerous
Never click on the opt-out link!
May take you to hostile web site
where mouse-over downloads
an .exe
Tells spammers they found a
working address
They won’t take you off the list
anyway
What should you do?
Filter it out whenever possible
Keep filters up to date
If you get it, just delete the email
19. Viruses and Worms
Different types of “ailments”
Viruses
software that piggybacks on
other software and runs when
you run something else
Macro in excel, word
Transmitted through sharing
programs on bulletin boards
Passing around floppy disks
An .exe, .com file in your email
Worms
software that uses computer
networks to find security holes
to get in to your computer –
usually in Microsoft OS!! But
worm for MAC was recently
written
20. Viruses and Worms
Different types of “ailments”
Viruses
software that piggybacks on
other software and runs when
you run something else
Macro in excel, word
Transmitted through sharing
programs on bulletin boards
Passing around floppy disks
An .exe, .com file in your email
Worms
software that uses computer
networks to find security holes
to get in to your computer –
usually in Microsoft OS!! But
worm for MAC was recently
written
21. Wireless Fidelity (Wi-Fi)
Using antennas to create “hot spots”
Hotspots – Internet Access (sometimes free)
Newport Harbor - All the boats in Harbor have internet access
San Francisco Giants Stadium – Surf the web while catching a
game
UMass (need to register, but it’s free)
Cambridge, MA
Philadelphia, PA – just announced – entire city by 2006
22. Wi-Fi High Jacking
60-70% wireless networks are wide open
Why are the Wi-Fi networks unprotected?
Most people say “Our data is boring”
But… criminals look for wireless networks to commit
their crimes
And… the authorities will come knocking on your
door…..
23. Other Types of Cyber Crimes
Denial of Service Attacks
Cyber stalking
Cyber squatting
Mobile cloning
24. Cyber Terrorism
Power Grid (nuclear power stations)
Banking and Financial Systems
Stock Exchange
Transportation Control Systems (Airlines
reservations)
Tele-Communications
Gas/Oil/Water Pipeline Control systems
Health/Food
Emergency Services
Military/Defense Installations
25. Computer Forensics
What is it?
an autopsy of a computer or network to
uncover digital evidence of a crime
Evidence must be preserved and hold up
in a court of law
Growing field – Many becoming
computer forensic savvy
FBI, State and Local Police, IRS,
Homeland Security
Defense attorneys, judges and
prosecutors
Independent security agencies
White hat or Ethical Hackers
Programs offered at major universities
such as URI
http://homepage.cs.uri.edu/faculty/wolfe/cf
26. Uncovering Digital Evidence
Smart Criminals don’t use their
own computers
Floppy disks
Zip/Jazz disks
Tapes
Digital cameras
Memory sticks
Printers
CDs
PDAs
Game boxes
Networks
Hard drives
27. Digital Evidence
Not obvious…….it’s most likely hidden on purpose
or needs to be unearthed by forensics experts
Criminals Hide Evidence Forensics Uncover Evidence
Delete their files and emails Restore deleted files and emails –
they are still really there!
Hide their files by encryption, Find the hidden files through
password protection, or complex password, encryption
embedding them in unrelated programs, and searching
files (dll, os etc) techniques
Use Wi-Fi networks and cyber Track them down through the
cafes to cover their tracks digital trail - IP addresses to ISPs
to the offender
28. The Crime Scene
(with Computer Forensics)
Similar to traditional crime scenes
Must acquire the evidence while
preserving the integrity of the
evidence
No damage during collection,
transportation, or storage
Document everything
Collect everything the first time
Establish a chain of custody
But also different…….
Can perform analysis of evidence on
exact copy!
Make many copies and investigate
them without touching original
Can use time stamping/hash code
techniques to prove evidence hasn’t
been compromised
29. Trends
The time to exploit vulnerability is decreasing
Cyber crimes are being committed with financial
gains in mind
The attack sophistication is increasing and
more automation can be seen in the attacks
The speed of spread of attacks are increasing
Growing evidence of organized crime and
beginning to overlap with activities of drug,
mafia, pedophiles and money laundering
Cyber crime increasing on social networking
sites
30. Protect your Computers!
Use anti-virus software and Don't share access to your
firewalls - keep them up to date computers with strangers
Keep your operating system up to If you have a wi-fi network,
date with critical security updates password protect it
and patches
Disconnect from the Internet
Don't open emails or attachments when not in use
from unknown sources
Reevaluate your security on a
Use hard-to-guess passwords. regular basis
Don’t use words found in a
dictionary. Remember that
password cracking tools exist Make sure your employees and
family members know this info
too!
Back-up your computer data on
disks or CDs often