150 likes | 254 Views
IS 376 Government / Cyber Crimes. October 10, 2013. New Century, New Risks?. Development in information technologies has fundamentally changed the global environment for individual & state security: its perception, maintenance, and the nature of its threat.
E N D
IS 376Government / Cyber Crimes October 10, 2013
New Century, New Risks? • Development in information technologies has fundamentally changed the global environment for individual & state security: • its perception, • maintenance, and • the nature of its threat. • Ontological insecurity: a profound emotional uneasiness about one’s safety and security, or even one’s existence. A term coined by R.D. Laing. • A new feeling of fear and impending catastrophe (this is amplified by echo chambers). • Security has become a central political, societal and economic issue. • There is a dialectical tension between the need for safety vs. the need for freedom: How to balance between the two? • See ACLU’s concerns
Defining Cyber Crimes • Cyberpiracy = using cybertech: • To reproduce copies of proprietary information; • To distribute proprietary information in digital form. • Cybertrespass = using cybertech gain unauthorized access to: • An individual’s or an organization’s computer system, or • Password protected Website • Cybervandalism = using cybertech to unleash programs that: • Disrupt the transmission of electronic information across networks • Destroy data resident in a computer or damage a computer’s resources.
Active Fed Oversight • Federal Trade Commission • OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information. • Bureau of Consumer Protection • Office of Consumer and Business Education • Homeland Security • Department of Commerce • Office of Justice Programs • Securities and Exchange Commission • United States Postal Inspection Service
Tracking Computer Crimes • Tracking computer crimes requires law enforcement to recognize and respond to myriad attacks. • Computer forensics tools may include: • Undercover agents, • Honey pots (sting operations in cyberspace), • Archives of online message boards, • Tools for recovering deleted or coded information. • Computer forensics agencies and services include: • Computer Emergency Response Team (CERT), • National Infrastructure Protection Center (NIPC), • Private companies specializing in recovering deleted files and e-mail, tracking hackers via Web site and telephone logs, etc. (e.g., ESS Data Recovery in Edwardsville)
Scams Alert • “Computers don’t steal - people do” • Email scams could include: • Phishing • Work-at-Home Scams • Weight Loss Claims • Foreign Lotteries • Cure-All Products • Check Overpayment Scams • Pay-in-Advance Credit Offers • Debt Relief • Investment Schemes
Scams Alert • Computers and online infrastructure are perfect venues to commit all sorts of crimes: • Shill bidding • Bidding on one’s or accomplice’s items to drive price up. • Get rich schemes, such as: • Pyramids
Fraud and Abuse • Small computer fraud could include: • Credit card and Identity theft • E.g. numbers stolen by store clerks or information collected from trashed documents. • In the last decade in South Africa, the cashier brings the Credit Card terminal to your table. • In the USA products such as these: verifonePayWare; SquareUp • ATM theft • E.g. ATM surveillance by criminals, cloning cards and altering magnetic strips. • Cell Phones cloning • Altering the billing information emitted by a phone
Computer Fraud and Abuse Act (CFAA, 1986) • It is a crime to access, alter, damage, or destroy information on a computer without authorization. • Criminalizes computer access to info that could be used to injure the U.S. • Criminalizes illegal access to financial or credit records • Criminalizes unauthorized access to federal government computers • Penalties: Up to 5 years for a first offense; up to 10 years for a second offense • Computers protected under this law include: • Government computers, • Financial systems, • Medical systems, • Interstate commerce, and • any computer on the Internet.
USA Patriot Act (2001) • Amended the CFAA. • Doubles the maximum penalties of the CFAA • Considers aggregate, not just individual damages • Includes state law violations as priors • Includes investigation time in damages assessed • Specifically • Allows for recovery of losses due to responding to a hacker attack, assessing damages, and restoring systems. • Higher penalties can be levied against anyone hacking into computers belonging to criminal justice system or the military. • The government can monitor online activity without a court order.
International Fraud Networks • Sale of counterfeit commodities • A lot of international trade is done this way • Offshoring • Hiding money in secure accounts in Offshore Financial Centers (OFCs) • Interpol polices money laundering activities. • Money laundering is not only related to drug monies, but to funds that are obtained from fraudulent investment victims and then laundered through other accounts to hide the funds from investigation attempts. • Interpol's definition of money laundering is “Any act or attempted act to conceal or disguise the identity of illegally obtained proceeds so that they appear to have originated from legitimate sources.”
International Cooperation • Computer crimes are committed across borders and result in international cooperation between governments and multilateral organizations. For example: Silk Road just got shut down • Governments operate through several agencies such as: • Interpol (International Crime Police Organization) • UN organizations and World Bank (Directorate of International Payment and Transfers) • Direct government-to-government interventions
International Denial of Service • The biggest Denial of Service happened in March 2013, sending 300 billion bits per second by a network of computers. • Arrests made in Spain. • Arrests made in US.
IRS Whistleblower • IRS Whistleblower awarded $104 million