an introduction to the war between businesses and cyber criminals

36
1 An Introduction to the An Introduction to the War Between Businesses War Between Businesses and Cyber Criminals and Cyber Criminals By: Jeremy Poch By: Jeremy Poch

Upload: ezekiel-phelps

Post on 04-Jan-2016

81 views

Category:

Documents


1 download

DESCRIPTION

An Introduction to the War Between Businesses and Cyber Criminals. By: Jeremy Poch. What Is Cyber Crime. Cyber crime encompasses any criminal act dealing with computers and networks (i.e. hacking). Cyber crime also includes traditional crimes conducted through the Internet. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: An Introduction to the War Between Businesses and Cyber Criminals

1

An Introduction to the War An Introduction to the War Between Businesses and Cyber Between Businesses and Cyber

CriminalsCriminals

By: Jeremy PochBy: Jeremy Poch

Page 2: An Introduction to the War Between Businesses and Cyber Criminals

2

What Is Cyber CrimeWhat Is Cyber Crime

Cyber crime encompasses any criminal Cyber crime encompasses any criminal act dealing with computers and act dealing with computers and networks (i.e. hacking). networks (i.e. hacking).

Cyber crime also includes traditional Cyber crime also includes traditional crimes conducted through the Internet.crimes conducted through the Internet. For example; hate crimes, telemarketing and For example; hate crimes, telemarketing and

Internet fraud, identity theft, and credit card Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes account thefts are considered to be cyber crimes when the illegal activities are committed through when the illegal activities are committed through the use of a computer and the Internet. the use of a computer and the Internet.

Page 3: An Introduction to the War Between Businesses and Cyber Criminals

3

How Cyber Crime Affects How Cyber Crime Affects Businesses and IndividualsBusinesses and Individuals

Costs Companies billions of dollars Costs Companies billions of dollars per yearper year

Estimates worldwide have soared up Estimates worldwide have soared up

to $100 billionto $100 billion

Hard to get a figure a high percentage Hard to get a figure a high percentage of cyber crime goes unreported.of cyber crime goes unreported.

Page 4: An Introduction to the War Between Businesses and Cyber Criminals

4

Two Types of Cyber CrimeTwo Types of Cyber Crime

Against a personAgainst a person

Against property or a companyAgainst property or a company

Page 5: An Introduction to the War Between Businesses and Cyber Criminals

5

Against a personAgainst a person

Pornography/Offensive ContentPornography/Offensive Content

HarassmentHarassment

Cyber stalkingCyber stalking

Page 6: An Introduction to the War Between Businesses and Cyber Criminals

6

Against Property or a CompanyAgainst Property or a Company

Neo-Traditional CrimeNeo-Traditional Crime

PhreakingPhreaking

HackingHacking Cyber-TerrorismCyber-Terrorism

Internet ScamsInternet Scams

Page 7: An Introduction to the War Between Businesses and Cyber Criminals

7

Neo-Traditional CrimesNeo-Traditional Crimes Computer not needed but the addition has Computer not needed but the addition has

provided new avenues for such crimesprovided new avenues for such crimes

Any attempt of fraud done by use of a Any attempt of fraud done by use of a computercomputer

IP-SpoofingIP-Spoofing alter packet headers to conceal ones identityalter packet headers to conceal ones identity

Salami TechniqueSalami Technique Redirect small sums of money into another Redirect small sums of money into another

account which adds up over time.account which adds up over time.

Page 8: An Introduction to the War Between Businesses and Cyber Criminals

8

PhreakingPhreaking A precursor to hacking, where individuals gain access for A precursor to hacking, where individuals gain access for

bragging rights, often do relatively minor damagebragging rights, often do relatively minor damage

An older definition is using a computer or other device to An older definition is using a computer or other device to trick a phone system. Typically, phreaking is used to make trick a phone system. Typically, phreaking is used to make free calls or to have calls charged to a different account. free calls or to have calls charged to a different account.

One of the most prevalent tools was a whistle from a box of One of the most prevalent tools was a whistle from a box of Cap’n Crunch which had a frequency of 2600 cycle tone Cap’n Crunch which had a frequency of 2600 cycle tone which allowed for free long distance phone calls. which allowed for free long distance phone calls.

Steve Jobs and Steve WozniakSteve Jobs and Steve Wozniak founders of Apple founders of Apple Computers used blue boxes (devices that made the 2600 Computers used blue boxes (devices that made the 2600 tone) to get access to long distance lines for computing tone) to get access to long distance lines for computing while in collegewhile in college

Page 9: An Introduction to the War Between Businesses and Cyber Criminals

9

HackingHacking

Process by which individuals gain Process by which individuals gain unauthorized access to computer unauthorized access to computer systems for the purpose of stealing systems for the purpose of stealing and corrupting data. and corrupting data.

Corrupting Data: Worms, viruses, Corrupting Data: Worms, viruses, DDoSDDoS

Stealing Data: Credit Card info, Stealing Data: Credit Card info, customer Databasecustomer Database

Cyber-TerrorismCyber-Terrorism

Page 10: An Introduction to the War Between Businesses and Cyber Criminals

10

Seven Steps of HackingSeven Steps of Hacking

1.1. Pick a targetPick a target2.2. Find the computers of that target that are accessible Find the computers of that target that are accessible

via the internetvia the internet3.3. Discover vulnerable computer systems that Discover vulnerable computer systems that

potentially contain what is being soughtpotentially contain what is being sought4.4. Break into the computer system (Easy to do with Break into the computer system (Easy to do with

software available online)software available online)5.5. Elevate access privileges to the maximum level Elevate access privileges to the maximum level

(called rooting a box)(called rooting a box)6.6. Monitor what other computer users are doing to find Monitor what other computer users are doing to find

more vulnerable systemsmore vulnerable systems7.7. Install backdoors that allow re-entering at a later Install backdoors that allow re-entering at a later

date if the original vulnerability has been fixeddate if the original vulnerability has been fixed

Page 11: An Introduction to the War Between Businesses and Cyber Criminals

11

Generally two skill levels among Generally two skill levels among hackers:hackers:

Expert hacker (Outsider)Expert hacker (Outsider) develops software scripts and codes exploitsdevelops software scripts and codes exploits usually a master of many skillsusually a master of many skills will often create attack software and share will often create attack software and share

with otherswith others Script kiddies (Insider or teenager)Script kiddies (Insider or teenager)

hackers of limited skill hackers of limited skill use expert-written software to exploit a use expert-written software to exploit a

systemsystem do not usually fully understand the systems do not usually fully understand the systems

they hackthey hack

Page 12: An Introduction to the War Between Businesses and Cyber Criminals

12

Cyber-TerrorismCyber-Terrorism

Politically motivated cyber crime Politically motivated cyber crime which attacks people, companies and which attacks people, companies and even the government which that even the government which that person opposes.person opposes.

Some believe Al-Qaeda is planning Some believe Al-Qaeda is planning such attackssuch attacks

Page 13: An Introduction to the War Between Businesses and Cyber Criminals

13

Types of Internet ScamsTypes of Internet Scams

ISP Jacking Web CrammingWeb Cramming PhishingPhishing Identity TheftIdentity Theft

Page 14: An Introduction to the War Between Businesses and Cyber Criminals

14

ISP JackingISP Jacking

Involves disconnecting individual Involves disconnecting individual users form their selected Internet users form their selected Internet Service Provider and redirecting Service Provider and redirecting them to an illegitimate server. them to an illegitimate server.

Extremely costly to the victim because of Extremely costly to the victim because of the incurred long distance phone the incurred long distance phone chargescharges

Page 15: An Introduction to the War Between Businesses and Cyber Criminals

15

Web CrammingWeb Cramming

Criminals develop a new web page Criminals develop a new web page for a company or non-profit for a company or non-profit organization for little or no cost. organization for little or no cost. While advertising for free, they While advertising for free, they actually make unauthorized phone actually make unauthorized phone charges on the company’s account.charges on the company’s account.

Page 16: An Introduction to the War Between Businesses and Cyber Criminals

16

PhishingPhishing

Criminals Send Email Posing AsCriminals Send Email Posing As BanksBanks Credit Card CompaniesCredit Card Companies Escrow services Escrow services Internet auction sites (EBay)Internet auction sites (EBay) Example of Example of PhishingPhishing

Page 17: An Introduction to the War Between Businesses and Cyber Criminals

17

Identity TheftIdentity Theft

Stealing a company’s or an individual’s Stealing a company’s or an individual’s identity for illegal purposesidentity for illegal purposes

Company’s reputation is hurt, plus will Company’s reputation is hurt, plus will lose customers if it is their faultlose customers if it is their fault

Hurts individuals credit rating, Hurts individuals credit rating, insurance rates etc.insurance rates etc.

Page 18: An Introduction to the War Between Businesses and Cyber Criminals

18

Who commits these crimes?Who commits these crimes?

Insiders - employees or former Insiders - employees or former employeesemployees

Outsiders - professional hackersOutsiders - professional hackers

Page 19: An Introduction to the War Between Businesses and Cyber Criminals

19

Why do they commit these Why do they commit these crimes?crimes?

RevengeRevenge Profit Profit Glory Glory To help show security flaws To help show security flaws

Page 20: An Introduction to the War Between Businesses and Cyber Criminals

20

How to Monitor How to Monitor and Stop Cyber Crimeand Stop Cyber Crime

FirewallsFirewalls HoneypotsHoneypots SneakersSneakers Law EnforcementLaw Enforcement

Page 21: An Introduction to the War Between Businesses and Cyber Criminals

21

FirewallsFirewalls

Especially for Cable Access where Especially for Cable Access where user is always “On-Line”user is always “On-Line”

Once you have a firewall in place, you Once you have a firewall in place, you should test it. should test it.

Page 22: An Introduction to the War Between Businesses and Cyber Criminals

22

HoneypotsHoneypots

Act of putting up a new server with Act of putting up a new server with fake data and watching who fake data and watching who accesses it.accesses it.

All who access are unauthorized, can All who access are unauthorized, can monitor what is being done and how.monitor what is being done and how.

Brings up many ethical and law Brings up many ethical and law questions.questions.

Can be expensive to doCan be expensive to do

Page 23: An Introduction to the War Between Businesses and Cyber Criminals

23

SneakersSneakers Have hackers test your securityHave hackers test your security Who knows more than a professional Who knows more than a professional

hacker?hacker? RiskyRisky

Page 24: An Introduction to the War Between Businesses and Cyber Criminals

24

Law EnforcementLaw Enforcement FBI – Cyber Division (Operation Websnare)FBI – Cyber Division (Operation Websnare)

Secret Service – Electronic Crime Task Secret Service – Electronic Crime Task ForceForce

Local Law EnforcementLocal Law Enforcement

Page 25: An Introduction to the War Between Businesses and Cyber Criminals

25

FBI Cyber Division MissionFBI Cyber Division Mission To coordinate, supervise and facilitate the FBI's To coordinate, supervise and facilitate the FBI's

investigation of those federal violations in which the investigation of those federal violations in which the Internet, computer systems, or networks are Internet, computer systems, or networks are exploited as the principal instruments or targets of exploited as the principal instruments or targets of terrorist organizations, foreign government terrorist organizations, foreign government sponsored intelligence operations, or criminal sponsored intelligence operations, or criminal activity and for which the use of such systems is activity and for which the use of such systems is essential to that activity; essential to that activity;

form and maintain public/private alliances in form and maintain public/private alliances in conjunction with enhanced education and training conjunction with enhanced education and training to maximize counterterrorism, counter-intelligence, to maximize counterterrorism, counter-intelligence, and law enforcement cyber response capabilities.and law enforcement cyber response capabilities.

Page 26: An Introduction to the War Between Businesses and Cyber Criminals

26

Operation WebsnareOperation Websnare Led to 100 arrests/convictionsLed to 100 arrests/convictions

116 indictments116 indictments

These criminals caused $230 million worth of These criminals caused $230 million worth of damage to damage to 870,000 victims 870,000 victims

A significant number, but only a fraction of the Cyber A significant number, but only a fraction of the Cyber crime problem is represented, showing the need for crime problem is represented, showing the need for sustained law enforcement focus, and the continuing sustained law enforcement focus, and the continuing development of expanded partnerships as well.development of expanded partnerships as well.

Page 27: An Introduction to the War Between Businesses and Cyber Criminals

27

Electronic Crime Task ForceElectronic Crime Task Force The Secret Service developed a new approach to The Secret Service developed a new approach to

increase the resources, skills and vision by which increase the resources, skills and vision by which local, state, and federal law enforcement team local, state, and federal law enforcement team with prosecutors, private industry and academia with prosecutors, private industry and academia to fully maximize what each has to offer in an to fully maximize what each has to offer in an effort to combat criminal activity. By forging effort to combat criminal activity. By forging new relationships with private sector entities and new relationships with private sector entities and scholars, the task force opens itself up to a scholars, the task force opens itself up to a wealth of information and communication lines wealth of information and communication lines with limitless potential. with limitless potential.

Regional Contacts include New York, Boston, Regional Contacts include New York, Boston, Chicago, Cleveland, MiamiChicago, Cleveland, Miami

Page 28: An Introduction to the War Between Businesses and Cyber Criminals

28

Local Law EnforcementLocal Law Enforcement

Very few have their own cyber crime Very few have their own cyber crime divisiondivision

Those that do have only one or two Those that do have only one or two people in that divisionpeople in that division

Many can’t afford a divisionMany can’t afford a division

Page 29: An Introduction to the War Between Businesses and Cyber Criminals

29

The 2002 CSI/FBI survey found:The 2002 CSI/FBI survey found:

90% of organizations responding detected 90% of organizations responding detected computer security breaches within the last computer security breaches within the last yearyear

80% lost money to computer breaches80% lost money to computer breaches The number of attacks that came across the The number of attacks that came across the

Internet rose from 70% in 2001 to 74% in 2002 Internet rose from 70% in 2001 to 74% in 2002

Only 34% of organizations reported their Only 34% of organizations reported their attacks to law enforcementattacks to law enforcement

Page 30: An Introduction to the War Between Businesses and Cyber Criminals

30

Why Cyber Crime is so Difficult Why Cyber Crime is so Difficult to Stopto Stop

Cyber Crime can be performed Cyber Crime can be performed across country boundaries making across country boundaries making jurisdiction difficult to determinejurisdiction difficult to determine

Corporations are involved in the Corporations are involved in the investigations now more than everinvestigations now more than ever

The criminal can be very intelligentThe criminal can be very intelligent

Page 31: An Introduction to the War Between Businesses and Cyber Criminals

31

Difficulty of Collecting EvidenceDifficulty of Collecting Evidence

Must find relevant data, warrants only allow Must find relevant data, warrants only allow searches of specified portions of the searches of specified portions of the computercomputer

Ensure data isn’t compromisedEnsure data isn’t compromised Must make multiple copies of data gathered Must make multiple copies of data gathered

on write once driveson write once drives Must be able to break the cryptography or Must be able to break the cryptography or

steganography that was usedsteganography that was used Must do some sort of authentication probably Must do some sort of authentication probably

with a message digest (digital fingerprinting)with a message digest (digital fingerprinting)

Page 32: An Introduction to the War Between Businesses and Cyber Criminals

32

Wireless NetworkingWireless Networking

Harder to secure than a traditional Harder to secure than a traditional network since access can occur just network since access can occur just standing outside the buildingstanding outside the building

Page 33: An Introduction to the War Between Businesses and Cyber Criminals

33

User ConvenienceUser Convenience

Convenience is the CulpritConvenience is the Culprit More features and ease of use helps More features and ease of use helps

customers but hurts securitycustomers but hurts security More technology leads to more risksMore technology leads to more risks

Page 34: An Introduction to the War Between Businesses and Cyber Criminals

34

Failure To ReportFailure To Report

Why not report cyber crimes to law Why not report cyber crimes to law enforcement?enforcement? Causes embarrassment due to going Causes embarrassment due to going

publicpublic Feel a full fledged investigation will Feel a full fledged investigation will

interfere too muchinterfere too much Feel there won’t be a convictionFeel there won’t be a conviction Prosecutors won’t file the chargesProsecutors won’t file the charges

Page 35: An Introduction to the War Between Businesses and Cyber Criminals

35

ConclusionConclusion

Information is the targetInformation is the target

Don’t forget about employees within Don’t forget about employees within the organizationthe organization

Global Cooperation is neededGlobal Cooperation is needed

Any Questions????Any Questions????

Page 36: An Introduction to the War Between Businesses and Cyber Criminals

36

ReferencesReferences

Steven Branigan. (2005). Steven Branigan. (2005). High-Tech High-Tech Crimes Crimes Revealed: Cyberwar Stories From The Revealed: Cyberwar Stories From The Digital Front.Digital Front. Boston: Pearson Education Inc. Boston: Pearson Education Inc.

Marjie T. Britz. (2004). Marjie T. Britz. (2004). Computer Forensics and Computer Forensics and Cyber Crime.Cyber Crime. New Jersey: Pearson Education Inc. New Jersey: Pearson Education Inc.

Joseph Migga Kizza. (2002). Joseph Migga Kizza. (2002). Computer Network Computer Network Security and Cyber Ethics.Security and Cyber Ethics. North Carolina: North Carolina: McFarland & Company Inc.McFarland & Company Inc.

www.cybercrime.govwww.cybercrime.gov http://cybercrimes.nethttp://cybercrimes.net www.fbi.govwww.fbi.gov