SlideShare una empresa de Scribd logo
1 de 31
Descargar para leer sin conexión
What It Was Used For?
 Who Used to Own It?
Cyber Crime – “Is the
Internet the new “Wild
     Wild West?”
The New Wild Wild West
More cyber criminals than
cyber cops
Criminals feel “safe”
committing crimes from
the privacy of their own
homes
Brand new challenges
facing law enforcement
 Most not trained in the
  technologies
 Internet crimes span
  multiple jurisdictions
 Need to retrofit new crimes
  to existing laws
In the News…….
 1 out of 5 children received a sexual
  solicitation or approach over the
  Internet in a one-year period of time
  (www.missingchildren.com)

 California warns of massive ID theft
  – personal data stolen from
  computers at University of
  California, Berkeley (Oct 21, 2004
  IDG news service)

 Microsoft and Cisco announced a
  new initiative to work together to
  increase internet security
  (Oct 18, 2004 www.cnetnews.com)
Computer Crime

Computer used to commit
a crime
 Child porn, threatening
  email, assuming
  someone’s identity, sexual
  harassment, defamation,
  spam, phishing


Computer as a target of a
crime
 Viruses, worms, industrial
  espionage, software piracy,
  hacking
Global Scenario
Global cyber crime is $105 billion industry
which is more than global drug trafficking
Economic meltdown and recession
Under employment/unemployment
Who Commits Cybercrime?
Traditional journalism-speak answer: "hackers"

Note: journalists really should be saying crackers, not hackers,
but we both understand the casual/popular misuse of the
"hacker" term instead of the more strictly correct "cracker"
nomenclature.

Some more specific possible answers to the question of "Who
commits cyber intrusions?" might be…

-- Disgruntled/untrustworthy (former) insiders
-- Juveniles
-- Ideologically motivated individuals
-- Sophisticated professionals
Threats
Individuals
Organized cyber criminals
Rival organizations
Hostile States
Insiders/ex employees 44%
Hactivists
Terrorists
Types of Threats
Malware
Virus attacks account for more than 50% of
  security incidents
Two thirds of all malicious code threats
  currently detected were created in 2007
Any file can be infected (Flash, Adobe PDF)
Toolkits or rootkits easily available
Phishing
Every month more than 20,000 unique
  phishing websites are detected affecting
  more than 200 brands
E-Bay
Amazon
Paypal
Electronic Fund Transfer

November 2008 100 compromised card
 accounts resulted in $9 million fraudulent
 withdrawals from 130 ATM's in 49 cities
 across the world in 30 minutes
Online Grooming, Sexual
 Exploitation and Child Abuse
Sec 67 B (B), (C) inserted in IT Act
 Amendment
Cyber Pornography
Cyber pornography accounts for 46% of all
 cyber crimes under IT Act
Every second 28,258 Internet users are view
 pornography
The pornography industry is larger than
 revenues of the top technology companies
 combines: Microsoft, Google, Amazon,
 eBay, Yahoo, Apple, Netflix and Earthlink
One of the easiest ways of installing malware
Botnets
Collection of compromised computers
Centralized control
Identity Theft
Estimated more than 9 million incidents each
 year
Separate offense created under IT Act
 Amendment
Spam
“Spam accounts for 9 out of every 10
   emails in the United States.”
            MessageLabs, Inc., an email management
              and security company based in New
              York.


“We do not object to the use of this slang
  term to describe UCE (unsolicited
  commercial email), although we do
  object to the use of the word “spam” as
  a trademark and the use of our product
  image in association with that term”
           www.hormel.com
Can-Spam Act of 2003
Controlling the Assault of Non-Solicited Pornography and Marketing
Act (Can-Spam)
Signed into law by President Bush on Dec 16, 2003
  Took effect Jan 1, 2004

Unsolicited commercial email must:
    Be labeled
    Include Opt-Out instructions
    No false headers

FTC is authorized (but not required) to establish a “do-not-email”
registry

www.spamlaws.com –lists all the latest in federal, state, and
international laws
Spam is Hostile
You pay for Spam, not Spammers
  Email costs are paid by email
   recipients
Spam can be dangerous
  Never click on the opt-out link!
         May take you to hostile web site
         where mouse-over downloads
         an .exe
  Tells spammers they found a
   working address
  They won’t take you off the list
   anyway
What should you do?
    Filter it out whenever possible
    Keep filters up to date
    If you get it, just delete the email
Viruses and Worms
Different types of “ailments”
Viruses
  software that piggybacks on
   other software and runs when
   you run something else
  Macro in excel, word
       Transmitted through sharing
       programs on bulletin boards
       Passing around floppy disks
  An .exe, .com file in your email
Worms
  software that uses computer
   networks to find security holes
   to get in to your computer –
   usually in Microsoft OS!! But
   worm for MAC was recently
   written
Viruses and Worms
Different types of “ailments”
Viruses
  software that piggybacks on
   other software and runs when
   you run something else
  Macro in excel, word
       Transmitted through sharing
       programs on bulletin boards
       Passing around floppy disks
  An .exe, .com file in your email
Worms
  software that uses computer
   networks to find security holes
   to get in to your computer –
   usually in Microsoft OS!! But
   worm for MAC was recently
   written
Wireless Fidelity (Wi-Fi)
Using antennas to create “hot spots”
Hotspots – Internet Access (sometimes free)
 Newport Harbor - All the boats in Harbor have internet access
 San Francisco Giants Stadium – Surf the web while catching a
  game
 UMass (need to register, but it’s free)
 Cambridge, MA
 Philadelphia, PA – just announced – entire city by 2006
Wi-Fi High Jacking
60-70% wireless networks are wide open

Why are the Wi-Fi networks unprotected?
   Most people say “Our data is boring”
   But… criminals look for wireless networks to commit
    their crimes
   And… the authorities will come knocking on your
    door…..
Other Types of Cyber Crimes
Denial of Service Attacks
Cyber stalking
Cyber squatting
Mobile cloning
Cyber Terrorism
Power Grid (nuclear power stations)
Banking and Financial Systems
Stock Exchange
Transportation Control Systems (Airlines
  reservations)
Tele-Communications
Gas/Oil/Water Pipeline Control systems
Health/Food
Emergency Services
Military/Defense Installations
Computer Forensics
What is it?
  an autopsy of a computer or network to
   uncover digital evidence of a crime
  Evidence must be preserved and hold up
   in a court of law

Growing field – Many becoming
computer forensic savvy
  FBI, State and Local Police, IRS,
   Homeland Security
  Defense attorneys, judges and
   prosecutors
  Independent security agencies
  White hat or Ethical Hackers
  Programs offered at major universities
   such as URI
     http://homepage.cs.uri.edu/faculty/wolfe/cf
Uncovering Digital Evidence
Smart Criminals don’t use their
  own computers

  Floppy disks
  Zip/Jazz disks
  Tapes
  Digital cameras
  Memory sticks
  Printers
  CDs
  PDAs
  Game boxes
  Networks
  Hard drives
Digital Evidence
    Not obvious…….it’s most likely hidden on purpose
    or needs to be unearthed by forensics experts

Criminals Hide Evidence             Forensics Uncover Evidence
  Delete their files and emails       Restore deleted files and emails –
                                      they are still really there!

  Hide their files by encryption,     Find the hidden files through
  password protection, or             complex password, encryption
  embedding them in unrelated         programs, and searching
  files (dll, os etc)                 techniques

  Use Wi-Fi networks and cyber        Track them down through the
  cafes to cover their tracks         digital trail - IP addresses to ISPs
                                      to the offender
The Crime Scene
                   (with Computer Forensics)
Similar to traditional crime scenes

   Must acquire the evidence while
    preserving the integrity of the
    evidence
        No damage during collection,
        transportation, or storage
        Document everything
        Collect everything the first time
   Establish a chain of custody

But also different…….

   Can perform analysis of evidence on
    exact copy!
   Make many copies and investigate
    them without touching original
   Can use time stamping/hash code
    techniques to prove evidence hasn’t
    been compromised
Trends
The time to exploit vulnerability is decreasing
Cyber crimes are being committed with financial
 gains in mind
The attack sophistication is increasing and
 more automation can be seen in the attacks
The speed of spread of attacks are increasing
Growing evidence of organized crime and
 beginning to overlap with activities of drug,
 mafia, pedophiles and money laundering
Cyber crime increasing on social networking
 sites
Protect your Computers!
Use anti-virus software and           Don't share access to your
firewalls - keep them up to date      computers with strangers

Keep your operating system up to      If you have a wi-fi network,
date with critical security updates   password protect it
and patches
                                      Disconnect from the Internet
Don't open emails or attachments      when not in use
from unknown sources
                                      Reevaluate your security on a
Use hard-to-guess passwords.          regular basis
Don’t use words found in a
dictionary. Remember that
password cracking tools exist         Make sure your employees and
                                      family members know this info
                                      too!
Back-up your computer data on
disks or CDs often
Thank you!

Any Questions?

Más contenido relacionado

La actualidad más candente

Cyber crime and its types
Cyber crime and its  typesCyber crime and its  types
Cyber crime and its typesDINESH KAMBLE
 
Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxanbersattar
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxanbersattar
 
Information-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxInformation-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxanbersattar
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrimeravikanthh
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newDr. Arun Verma
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimemuhammad awais
 
Cyber crime lecture one definition and nature
Cyber crime lecture one definition and natureCyber crime lecture one definition and nature
Cyber crime lecture one definition and natureDr. Arun Verma
 
It presentation cyber crime
It presentation cyber crimeIt presentation cyber crime
It presentation cyber crimeAshish Ojha
 
Cyber crime- a case study
Cyber crime- a case studyCyber crime- a case study
Cyber crime- a case studyShubh Thakkar
 
Cyber crime lecture pp update
Cyber crime lecture pp updateCyber crime lecture pp update
Cyber crime lecture pp updateyahooteacher
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media SecurityHem Pokhrel
 
Statutory laws pertaining to cybercrimes in india
Statutory laws pertaining to cybercrimes in indiaStatutory laws pertaining to cybercrimes in india
Statutory laws pertaining to cybercrimes in indiaDr. Arun Verma
 

La actualidad más candente (19)

Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber crime and its types
Cyber crime and its  typesCyber crime and its  types
Cyber crime and its types
 
File000145
File000145File000145
File000145
 
Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
 
Cyber Crime
Cyber  CrimeCyber  Crime
Cyber Crime
 
Information-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxInformation-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptx
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrime
 
Historical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes newHistorical genesis and evolution of cyber crimes new
Historical genesis and evolution of cyber crimes new
 
chapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crimechapter 3 ethics: computer and internet crime
chapter 3 ethics: computer and internet crime
 
Cyber crime lecture one definition and nature
Cyber crime lecture one definition and natureCyber crime lecture one definition and nature
Cyber crime lecture one definition and nature
 
It presentation cyber crime
It presentation cyber crimeIt presentation cyber crime
It presentation cyber crime
 
Powerpoint
PowerpointPowerpoint
Powerpoint
 
Cyber crime- a case study
Cyber crime- a case studyCyber crime- a case study
Cyber crime- a case study
 
Cyber crime lecture pp update
Cyber crime lecture pp updateCyber crime lecture pp update
Cyber crime lecture pp update
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
 
Computer crime
 Computer crime Computer crime
Computer crime
 
Statutory laws pertaining to cybercrimes in india
Statutory laws pertaining to cybercrimes in indiaStatutory laws pertaining to cybercrimes in india
Statutory laws pertaining to cybercrimes in india
 

Similar a Cybercrime

Information Technology - System Threats
Information Technology - System ThreatsInformation Technology - System Threats
Information Technology - System ThreatsDrishti Bhalla
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxCUInnovationTeam
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security9784
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGudipudiDayanandam
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Securitydkp205
 
Cyber Crime PPT
Cyber Crime PPTCyber Crime PPT
Cyber Crime PPTAnandKaGe
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101Travis Good
 
L N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptL N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptlowlesh1
 
L N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptL N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptlowlesh1
 
Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515lisawhipp
 
cyber crime and security
cyber crime and securitycyber crime and security
cyber crime and securityAjay Singh
 
Hacking presentation
Hacking presentation Hacking presentation
Hacking presentation Ajith Reddy
 

Similar a Cybercrime (20)

Information Technology - System Threats
Information Technology - System ThreatsInformation Technology - System Threats
Information Technology - System Threats
 
Cybercrimeg
CybercrimegCybercrimeg
Cybercrimeg
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cybercrime 1
Cybercrime 1Cybercrime 1
Cybercrime 1
 
Cyber Crime Types & Tips
Cyber Crime Types & TipsCyber Crime Types & Tips
Cyber Crime Types & Tips
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptx
 
Presentation1
Presentation1Presentation1
Presentation1
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Security
 
Cyber Crime PPT
Cyber Crime PPTCyber Crime PPT
Cyber Crime PPT
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
 
L N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptL N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.ppt
 
L N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptL N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.ppt
 
Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
 
cyber crime and security
cyber crime and securitycyber crime and security
cyber crime and security
 
Hacking presentation
Hacking presentation Hacking presentation
Hacking presentation
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 

Más de Keller Williams Lynchburg (14)

Longitude and Latitude
Longitude and LatitudeLongitude and Latitude
Longitude and Latitude
 
Physics Work and Energy
Physics Work and EnergyPhysics Work and Energy
Physics Work and Energy
 
Physics Work and Energy
Physics Work and EnergyPhysics Work and Energy
Physics Work and Energy
 
Physics Work and Energy
Physics Work and EnergyPhysics Work and Energy
Physics Work and Energy
 
Earth Science Types of Rocks
Earth Science Types of RocksEarth Science Types of Rocks
Earth Science Types of Rocks
 
Minerals and Formation
Minerals and FormationMinerals and Formation
Minerals and Formation
 
Mineral Formation
Mineral FormationMineral Formation
Mineral Formation
 
Minerals Of The Earth's Crust
Minerals Of The Earth's CrustMinerals Of The Earth's Crust
Minerals Of The Earth's Crust
 
01.introduction to earth_science
01.introduction to earth_science01.introduction to earth_science
01.introduction to earth_science
 
Physics Chapter 2 Lesson1
Physics Chapter 2 Lesson1Physics Chapter 2 Lesson1
Physics Chapter 2 Lesson1
 
Chemistry Chapter 1 Lesson 2 Powerpoint 2
Chemistry Chapter 1 Lesson 2 Powerpoint 2Chemistry Chapter 1 Lesson 2 Powerpoint 2
Chemistry Chapter 1 Lesson 2 Powerpoint 2
 
Phys chap1 lesson2 pp2
Phys chap1 lesson2 pp2Phys chap1 lesson2 pp2
Phys chap1 lesson2 pp2
 
Welcome to Mr Thompsons Class
Welcome to Mr Thompsons ClassWelcome to Mr Thompsons Class
Welcome to Mr Thompsons Class
 
Safety powerpoint
Safety powerpointSafety powerpoint
Safety powerpoint
 

Último

Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 

Último (20)

Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 

Cybercrime

  • 1. What It Was Used For? Who Used to Own It?
  • 2. Cyber Crime – “Is the Internet the new “Wild Wild West?”
  • 3. The New Wild Wild West More cyber criminals than cyber cops Criminals feel “safe” committing crimes from the privacy of their own homes Brand new challenges facing law enforcement  Most not trained in the technologies  Internet crimes span multiple jurisdictions  Need to retrofit new crimes to existing laws
  • 4. In the News…….  1 out of 5 children received a sexual solicitation or approach over the Internet in a one-year period of time (www.missingchildren.com)  California warns of massive ID theft – personal data stolen from computers at University of California, Berkeley (Oct 21, 2004 IDG news service)  Microsoft and Cisco announced a new initiative to work together to increase internet security (Oct 18, 2004 www.cnetnews.com)
  • 5. Computer Crime Computer used to commit a crime  Child porn, threatening email, assuming someone’s identity, sexual harassment, defamation, spam, phishing Computer as a target of a crime  Viruses, worms, industrial espionage, software piracy, hacking
  • 6. Global Scenario Global cyber crime is $105 billion industry which is more than global drug trafficking Economic meltdown and recession Under employment/unemployment
  • 7. Who Commits Cybercrime? Traditional journalism-speak answer: "hackers" Note: journalists really should be saying crackers, not hackers, but we both understand the casual/popular misuse of the "hacker" term instead of the more strictly correct "cracker" nomenclature. Some more specific possible answers to the question of "Who commits cyber intrusions?" might be… -- Disgruntled/untrustworthy (former) insiders -- Juveniles -- Ideologically motivated individuals -- Sophisticated professionals
  • 8. Threats Individuals Organized cyber criminals Rival organizations Hostile States Insiders/ex employees 44% Hactivists Terrorists
  • 9. Types of Threats Malware Virus attacks account for more than 50% of security incidents Two thirds of all malicious code threats currently detected were created in 2007 Any file can be infected (Flash, Adobe PDF) Toolkits or rootkits easily available
  • 10. Phishing Every month more than 20,000 unique phishing websites are detected affecting more than 200 brands E-Bay Amazon Paypal
  • 11. Electronic Fund Transfer November 2008 100 compromised card accounts resulted in $9 million fraudulent withdrawals from 130 ATM's in 49 cities across the world in 30 minutes
  • 12. Online Grooming, Sexual Exploitation and Child Abuse Sec 67 B (B), (C) inserted in IT Act Amendment
  • 13. Cyber Pornography Cyber pornography accounts for 46% of all cyber crimes under IT Act Every second 28,258 Internet users are view pornography The pornography industry is larger than revenues of the top technology companies combines: Microsoft, Google, Amazon, eBay, Yahoo, Apple, Netflix and Earthlink One of the easiest ways of installing malware
  • 14. Botnets Collection of compromised computers Centralized control
  • 15. Identity Theft Estimated more than 9 million incidents each year Separate offense created under IT Act Amendment
  • 16. Spam “Spam accounts for 9 out of every 10 emails in the United States.” MessageLabs, Inc., an email management and security company based in New York. “We do not object to the use of this slang term to describe UCE (unsolicited commercial email), although we do object to the use of the word “spam” as a trademark and the use of our product image in association with that term” www.hormel.com
  • 17. Can-Spam Act of 2003 Controlling the Assault of Non-Solicited Pornography and Marketing Act (Can-Spam) Signed into law by President Bush on Dec 16, 2003  Took effect Jan 1, 2004 Unsolicited commercial email must:  Be labeled  Include Opt-Out instructions  No false headers FTC is authorized (but not required) to establish a “do-not-email” registry www.spamlaws.com –lists all the latest in federal, state, and international laws
  • 18. Spam is Hostile You pay for Spam, not Spammers  Email costs are paid by email recipients Spam can be dangerous  Never click on the opt-out link! May take you to hostile web site where mouse-over downloads an .exe  Tells spammers they found a working address  They won’t take you off the list anyway What should you do?  Filter it out whenever possible  Keep filters up to date  If you get it, just delete the email
  • 19. Viruses and Worms Different types of “ailments” Viruses  software that piggybacks on other software and runs when you run something else  Macro in excel, word Transmitted through sharing programs on bulletin boards Passing around floppy disks  An .exe, .com file in your email Worms  software that uses computer networks to find security holes to get in to your computer – usually in Microsoft OS!! But worm for MAC was recently written
  • 20. Viruses and Worms Different types of “ailments” Viruses  software that piggybacks on other software and runs when you run something else  Macro in excel, word Transmitted through sharing programs on bulletin boards Passing around floppy disks  An .exe, .com file in your email Worms  software that uses computer networks to find security holes to get in to your computer – usually in Microsoft OS!! But worm for MAC was recently written
  • 21. Wireless Fidelity (Wi-Fi) Using antennas to create “hot spots” Hotspots – Internet Access (sometimes free)  Newport Harbor - All the boats in Harbor have internet access  San Francisco Giants Stadium – Surf the web while catching a game  UMass (need to register, but it’s free)  Cambridge, MA  Philadelphia, PA – just announced – entire city by 2006
  • 22. Wi-Fi High Jacking 60-70% wireless networks are wide open Why are the Wi-Fi networks unprotected?  Most people say “Our data is boring”  But… criminals look for wireless networks to commit their crimes  And… the authorities will come knocking on your door…..
  • 23. Other Types of Cyber Crimes Denial of Service Attacks Cyber stalking Cyber squatting Mobile cloning
  • 24. Cyber Terrorism Power Grid (nuclear power stations) Banking and Financial Systems Stock Exchange Transportation Control Systems (Airlines reservations) Tele-Communications Gas/Oil/Water Pipeline Control systems Health/Food Emergency Services Military/Defense Installations
  • 25. Computer Forensics What is it?  an autopsy of a computer or network to uncover digital evidence of a crime  Evidence must be preserved and hold up in a court of law Growing field – Many becoming computer forensic savvy  FBI, State and Local Police, IRS, Homeland Security  Defense attorneys, judges and prosecutors  Independent security agencies  White hat or Ethical Hackers  Programs offered at major universities such as URI http://homepage.cs.uri.edu/faculty/wolfe/cf
  • 26. Uncovering Digital Evidence Smart Criminals don’t use their own computers Floppy disks Zip/Jazz disks Tapes Digital cameras Memory sticks Printers CDs PDAs Game boxes Networks Hard drives
  • 27. Digital Evidence Not obvious…….it’s most likely hidden on purpose or needs to be unearthed by forensics experts Criminals Hide Evidence Forensics Uncover Evidence Delete their files and emails Restore deleted files and emails – they are still really there! Hide their files by encryption, Find the hidden files through password protection, or complex password, encryption embedding them in unrelated programs, and searching files (dll, os etc) techniques Use Wi-Fi networks and cyber Track them down through the cafes to cover their tracks digital trail - IP addresses to ISPs to the offender
  • 28. The Crime Scene (with Computer Forensics) Similar to traditional crime scenes  Must acquire the evidence while preserving the integrity of the evidence No damage during collection, transportation, or storage Document everything Collect everything the first time  Establish a chain of custody But also different…….  Can perform analysis of evidence on exact copy!  Make many copies and investigate them without touching original  Can use time stamping/hash code techniques to prove evidence hasn’t been compromised
  • 29. Trends The time to exploit vulnerability is decreasing Cyber crimes are being committed with financial gains in mind The attack sophistication is increasing and more automation can be seen in the attacks The speed of spread of attacks are increasing Growing evidence of organized crime and beginning to overlap with activities of drug, mafia, pedophiles and money laundering Cyber crime increasing on social networking sites
  • 30. Protect your Computers! Use anti-virus software and Don't share access to your firewalls - keep them up to date computers with strangers Keep your operating system up to If you have a wi-fi network, date with critical security updates password protect it and patches Disconnect from the Internet Don't open emails or attachments when not in use from unknown sources Reevaluate your security on a Use hard-to-guess passwords. regular basis Don’t use words found in a dictionary. Remember that password cracking tools exist Make sure your employees and family members know this info too! Back-up your computer data on disks or CDs often