1 / 27

Scene of the Cybercrime:

Scene of the Cybercrime:. Assisting Law Enforcement In Tracking Down and Prosecuting Cybercriminals. Please allow me to introduce myself …. Debra Littlejohn Shinder, MCSE Former police sergeant/police academy and college criminal justice instructor Technical trainer

madelia
Download Presentation

Scene of the Cybercrime:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Scene of the Cybercrime: Assisting Law Enforcement In Tracking Down and Prosecuting Cybercriminals

  2. Please allow meto introduce myself … • Debra Littlejohn Shinder, MCSE • Former police sergeant/police academy and college criminal justice instructor • Technical trainer • Networking, operating systems, IT security • Author • Cisco Press, Syngress Media, Que, New Riders • TechRepublic, CNET, Cramsession/Brainbuzz • Consultant • Businesses and government agencies

  3. What I’m going to talkabout today • What is cybercrime and is it really a problem? • Who are the cybercriminals? • Why should you want to help law enforcement officers catch them? • The Great Governmental Divide • How techies can build a bridge • Building the cybercrime case

  4. Civil vs. Criminal Law • Two separate systems of law • What are the differences? • Double jeopardy doesn’t apply • Constitutional protections – when do they apply? Breach of contract is not a crime – except when it is.

  5. Defining cybercrime Cybercrime is any illegal act committed using a computer network (especially the Internet). Cybercrime is a subset of computer crime. What do we mean by “illegal?” Bodies of law: Criminal, civil and administrative

  6. Who are the cybercriminals? • It’s not just about hackers • Using the ‘Net as a tool of the crime • White collar crime • Computer con artists • Hackers, crackers and network attackers • Incidental cybercriminals • Accidental cybercriminals • Situational cybercriminals

  7. Who are the cybervictims? • Companies • Security? What’s that? • Bottom liners • Individuals • Naive/Newbies • Desparados • Pseudovictims • In the wrong place at the wrong time • Society

  8. Who are the cyberinvestigators? • IT professionals • Corporate security personnel • Private investigators • Law enforcement Ultimate destination This is where the authority lies How can all Work together? When and why the police should be Called in

  9. What’s in it for me? • Why should IT personnel cooperate with police in catching cybercriminals? • What are the advantages? • What are the disadvantages? What are the legalities? What happens if you don’t cooperate?

  10. The Great (Governmental) Divide • Law enforcement culture • Highly regulated • Paramilitary (emphasis on “para”) • “By the book” The “Police Power” myth Weight of law agency policy political factors Public relations

  11. Police Secrets • Most officers are not as confident as they appear • Command presence required • The bluff is in • Most cops feel pretty powerless • Cops don’t like feeling powerless • Most cops don’t understand technology • Cops don’t like not understanding

  12. This leads to… • A touch of paranoia • “Us vs. Them” attitude • Cops against the world • The truth about the thin blue line • The blue wall of silence Best kept secret: Cops are human beings

  13. Why cops and techiesdon’t mix • Lifestyle differences • Elitist mentality – on both sides • Adversarial relationship • Many techies support or at least admire talented hackers • It’s human nature to protect “your own” • Many cops don’t appreciate the difference between white and black hat • Bad laws

  14. What cops and techieshave in common • Long, odd hours • Caffeine addiction • Dedication to/love of job • Want things to “make sense” • Problem solvers by nature What can tech people do to solve the problem of how to work with law enforcement?

  15. Building team spirit • Ability to “think like the criminal” • Important element of good crime detection • Difficult for LE when they don’t know the technology • IT’s role • You know the hacker mindset • You know what can and can’t be done with the technology • You know where to look for the clues Police know – or should know – law, rules of evidence, case building, court testimony

  16. Bridging the Gap • “Talk the talk” • Technotalk vs police jargon • Learn the concepts • Legal • Investigative procedure • Understand the “protocols” • “Unwritten rules”

  17. Building the Case • Detection techniques • Collecting and preserving digital evidence • Factors that complicate prosecution • Overcoming the obstacles

  18. Cybercrime Detection Techniques • Auditing/log files • Firewall logs and reports • Email headers • Tracing domain name/IP addresses • IP spoofing/anti-detection techniques

  19. Collecting and Preserving Digital Evidence • File recovery • Preservation of evidence • Intercepting transmitted data • Documenting evidence recovery • Legal issues • Search and seizure laws • Privacy rights • Virtual “stings” (honeypots/honeynets) Is it entrapment?

  20. Factors that complicateprosecution of cybercrime • Difficulty in defining the crime • Jurisdictional issues • Chain of custody issues • Overcoming obstacles Lack of understanding of technology (by courts/juries) Lack of understanding of law (by IT industry)

  21. Difficulty indefining the crime • CJ theory • mala in se • mala prohibita • Elements of the offense • Defenses and exceptions • Burden of proof • Level of proof Civil vs. criminal law Statutory, Case and Common Law

  22. Jurisdictional issues • Defining jurisdiction • Jurisdiction of law enforcement agencies • Jurisdiction of courts • Types of jurisdictional authority • Level of jurisdiction

  23. Chain of Custody • What is the chain of custody? • Why does it matter? • How is it documented? • Where do IT people fit in?

  24. Overcoming the obstacles • Well defined roles and responsibilities • The prosecution “team” • Law enforcement officers • Prosecutors • Judges • Witnesses What can CEOs and IT managers do?

  25. Testifying in acybercrimes case • Expert vs evidentiary witness • Qualification as an expert • Testifying as an evidentiary witness • Cross examination tactics Three types of evidence:Physical evidence Intangible evidence Direct evidence

  26. Summing it up • Cybercrime is a major problem – and growing • Cybercrime is about much more than hackers • There is a natural adversarial relationship between IT and police • Successful prosecution of cybercrime must be a team effort • IT personnel must learn investigation and police must learn technology

  27. The book: Scene of the Cybercrime by Debra Littlejohn Shinder Defining and Categorizing Cybercrime A Brief History of the Rise of Cybercrime Understanding the People on the Scene of the Cybercrime Understanding Computer and Networking Basics Understanding Network Intrusions and Attacks Understanding Cybercrime Prevention Implementing System Security Implementing Cybercrime Detection Techniques Collecting and Preserving Digital Evidence Understanding Laws Pertaining to Computer Crimes Building and Prosecuting the Cybercrime Case Training the Cybercrime Fighters of the Future

More Related