32nd canadian congress on criminal justice the face(s) of cybercrime in 2009 james whiting: oct. 30,...

32nd Canadian Congress on Criminal Justice

The face(s) of cybercrimein 2009

James Whiting: Oct. 30, 2009 CCJA 32nd Congress

QuickTime™ and a decompressor

are needed to see this picture.QuickTime™ and a

decompressorare needed to see this picture.


are needed to see this picture.

The views expressed are those of the presenter and do not represent the position of the Public Prosecution Service of Canada or that of any other organization


OVERVIEW

i) What is cyber-crime in 2009?ii) cyber-criminals: from fame to fortuneiii) State responsesiv) Developing Issues


What is cyber-crime in 2009?

Cyber-crime is one of the fastest growing areas of crime, as more and more criminals exploit the speed, convenience and anonymity that modern technologies offer in order to commit a diverse range of crimes.

Interpol Fact Sheet, accessed 11/01/09

In view of the highly adaptive strategies of organized crime groups, the possibility of expanding cybercrime could be great, since this is the most important and emerging area of opportunity in the 21st century.

RCMP “The Changing Structure of Organized

Crime Groups” 2005



what is a ‘computer’ and what is ‘cyber-crime?’

The 3 roles played by a computer

New crimes vs. old crimes committed in a new way



Examples of traditional crimes often committed as cyber-crimes:

-Fraud-Uttering threats-Extortion-Theft-Unauthorized use of credit card data-Money laundering-Possession of child pornography-Copyright infringement (quasi-criminal)


What is cyber-crime in 2009?Examples of ‘new’ cyber-crimes:

-Accessing child pornography: CC s. 163.1(4.1)

-Internet luring of a child: CC s. 172.1

-Mischief to data: CC s. 430(1.1)

-Unauthorized use of a computer: CC s. 342.1

-Possession of a device to obtain computer service: CC s. 342.2



‘virtual crimes:’ avatar identity theft at Habbo.com


QuickTime™ and aTIFF (Uncompressed) decompressor


What is cyber-crime in 2009?Tools commonly used by criminals to facilitate or commit cyber-crimes (often in combination):

-Virus-Worm-Trojan-Keylogger-Phishing/pharming/spoofing web sites-drive-by downloads from web sites-botnets-Distributed denial of service attacks-Social engineering


Phishing sample


QuickTime™ and aTIFF (Uncompressed) decompressor


Phishing sample





Tools commonly used by criminals to avoid detection or slow down investigations:

remailing and disposable emails encryption secure/hidden vaults on-line/remote memory self-destructing memory digital currencies and internet banks Internet access through identity theft and weakly enforced/multiple jurisdictions



What is the extent of cyber-crime?

- the ‘dark figure’ of crime applies“….more than two out of three organizations victimized by serious cyber attacks did not report

them to law enforcement”

FBI, “Just Say No…To Cyber Extortion,” 23/01/04

- poor availability of statistics

- many ‘cyber-crimes’ fall under traditional crime categories (e.g. uttering threats and fraud)



PSEPC: in 2003, the worldwide annual costs of hacking, internet fraud, DoS attacks and viruses was over $1 trillion USD

McAfee: in 2005, the worldwide annual costs of fraud, identity theft, money laundering and extortion over the internet was $400 billion USD

IBM: in 2006, 60% of companies across a variety of sectors reported cyber-crime costing them more than traditional crime


What is cyber-crime in 2009? Corel in 2009 estimated 40% of application software being used

in Canada was counterfeit

Microsoft estimates that 36% of software being used is counterfeit

Business Software Alliance’s 2006 study found that 35% of software on personal computers worldwide was counterfeit

Transnational criminal orgs are active in counterfeiting of intellectual property

1999 Ministry of Fisheries & Oceans issues a warning re counterfeit navigation software



Research centres and collaborations may develop helpful insights into cyber-crime:

Simon Fraser University announced in 2008 it would host the International Centre for Cyber-crime Research

University of Ontario Institute of Technology announced in 2008 plans for a Centre for Cybercrime Research

Ryerson University’s Privacy and Cyber-crime Institute, U of Ottawa’s Cdn. Internet Policy and Public Interest Clinic, Harvard’s Berkman Center for Internet & Society


Cyber-criminals: from fame to fortune“the visible problem of viruses shutting down whole computer systems simply for the notoriety of the hacker has given way to more sophisticated, but less visible, targeted attacks motivated by financial gain”

PSEPC, Reports on Plans and Priorities 2007-2008, Sec. II

“…Symantec discussed a significant shift in attackers motivated from fame to fortune….hackers are taking this trend to the next level by making cybercrime their actual profession.”

Arthur Wood, Senior V.P. Symantec Security Response and Managed Services

“In general, cyber attacks are becoming more sophisticated and profit-driven. Given the complexity of some cyber schemes, potential profits and anonymity, involvement of organized crime in New Brunswick is recognized.”

CISNB 2006 Public Report


Cyber-criminals: from fame to fortune

Professionalization & commercialization:

recruitment of IT graduates directly into criminal orgsMcAfee 2006 Virtual Criminology Report

large-scale conventions (Defcon), on-line gatherings (Hacker’s Quarterly) and introduction of titles such as ‘hacktivists’ and ‘ethical hackers’

Increasingly employing business-like practicesSymantec News Release, 2007

Use of secure websites and chatrooms as auction sites for stolen data such as credit and personal information

Availabilty of phishing/hacking tools (e.g. MPAck, Pinch, Hacker’s Toolkit) Botnets for hire


State responses: International

Statutory- new criminal offences- procedural and investigative

New state entities and expanded mandates for existing entities

Public/private collaborations

Training and specialization



Council of Europe’s Convention on Cybercrime

Council of Europe opened for signing on Nov. 23, 2001 (CETS No. 185)

Canada signed as non-member state but as of October 19, 2009, has yet to ratify (23 nations have)

Canada has also signed (but not ratified) the additional Protocol on criminalization of racist and xenophobic acts on the internet (CETS No. 189)


State responses: InternationalAreas of harmonization required under the Convention

Enactment of specific cyber-crimes to avoid offence-free zones

Enactment of effective procedural mechanisms Commitments to international cooperation and extradition

Commitment to operating a 24/7 point of contact to assist investigations



Interpol G8 High Tech Crime sub-group Cyber-storm Joint Exercises


State responses: statutory new criminal offences

- enacted- proposed (e.g. ‘identity theft’)

Procedural and investigative provisions- enacted: Canada Evidence Act provisions for

electronic evidence- proposed: i)Modernization of Investigative

Techniques Act (Bill C-285)ii) Investigative Powers for the 21st Century Act (Bill C-46)iii) Technical Assistance for Law Enforcement in the 21st Century Act (Bill C-47)


State responses New state entities and expanded mandates for existing

entities- CCIRC- NCECC- CSE- RECOL.ca

Public/private collaborations- associations: HTCIA, POLCYB- programs: Cybertip.ca; Project Cleanfeed

Training and specialization


Developing issues

i) search ‘incident to arrest’ii) ‘plain view’ doctrineiii) breach notification lawsiv) compelling passwords


32nd canadian congress on criminal justice the face(s) of cybercrime in 2009 james whiting: oct. 30,...

Documents

cyber crimes

extent of cybercrime

issues james whiting

organization james whiting

examples of new cybercrimes

phishing sample james

new way james whiting

dark figure of crime