The Cyber Crime Research Paper

The Cyber Crime Research Paper

Instructions/Descriptions

Chapter 4

Objectives

• Explore the current state of Internet crimes
• Discuss emerging trends in Web-based crime
• Describe the six classifications of motive for computer intruders
• Become familiar with more computer terms and recent laws that aid the government in cracking down on computer criminals
• Gain knowledge of modern terrorists and their use of technology which is changing the face of terrorism.

[Order Now]

Details

I.Web-Based Criminal Activity: Introduction

• Originally “computer crime” referred to theft of computers or components
• Cyberage changed the focus to “theft of information”
• Combination of the computer and telecommunications has increased crime in cyberspace
• The Anonymity factor has expanded the number of offenders
• Internet gambling promoted by the Web increased across the country
• People who would never walk into an Adult book store view porn at home
• Individuals who would be afraid to commit a violent bank robbery would alter bank records or manipulate stock records
• People who were reluctant to take revenge through traditional avenues may feel comfortable posting embarrassing or compromising information on the Web
• Hackers have become a significant threat to achieve publicity
• Hacker group named “ Global Hell” suspected of hacking into Army, FBI and WH
• Impact of computer crime
• Financial losses
• Personal security (Identity theft)
• Industrial espionage
• International security
• Public safety
• Eco-terrorism
• Traditional competition among companies may have escalated to malicious destruction of data or theft by physical means
• The internet introduced interconnectivity of technical devices within corporations which increased the vulnerability of companies’ information assets
• Impact of a physical mail bomb (explosive device) was limited to the immediate physical area surrounding the packaging
• Impact of an e-mail bomb is potentially very broad and may include a dismantling of the company’s informational infrastructure
• Viruses
• ( 1960’s) first computer virus named, “the rabbit’: reduced productivity of computer systems by cloning themselves and occupying system resources
• Rabbits were local and could not spread across systems
• Caused by mistakes or pranks by system programmers
• Four Distinct Eras of Computer Viruses
• Classical Era (1960’s-1970’s); system anomalies; accidents; pranks by system administrators
• Floppy Era (1980’s-1990’s); infection of DOS machines spread by removable media; easy to detect, isolate and eliminate
• Macro Era (1990’s-2000’s); infect documents and templates, not

programs; virus infects system when user opens the corrupted document

(Microsoft-Macintosh); further spread by e-mails, networks and the

Internet

• Melissa Virus (1999); infected 20% of US largest businesses; created by David Smith, advertised to contain password to Adult Web sites; propagated itself by sending virus to victim’s computer address files;

Sentenced to 20 months in federal prison and $5,000 fine

• Internet Era ( 2000-present); used infected systems address book to spread infections
• CodeRed: scanned internet for vulnerable machines, then infected them
• Nimda: infected computers with corrupt e-mails that entered computer if user viewed MS Outlook through a preview window
• Denial of Service (DoS) Attacks
• Primary objective is to disable a system, not access
• Mail bombing: jam system server with voluminous e-mails
• Manipulation of phone switches
• Low level data transmission
• Directed at Amazon, eBay and Yahoo
• Distributed Denial of Service (DDoS) Attacks
• (1991); first DDoS attacks; use large batches of compromised computers, named Zombies or bots, to increase their impact on victims
• Most owners of Zombie computers were unaware that they were compromised
• Motivations range from boredom to theft to extortion
• Hacktivists have launched DDoS attacks against religious and financial organizations
• (2006) Organized crime family was threatened with DDoS attack of the org’s

online gaming site. The org paid protection money (extortion)

• Spam: Abuse of electronic messaging systems to randomly or indiscriminately send unsolicited bulk messages
• Traditionally used by businesses to advertise
• Also used by porn sites
• Recent study disclosed significant loss of productivity by businesses caused by workers deleting spam from their computers at work; $22 billion
• Attacks increasing: spread viruses; malware, DDoS, identity theft, promote political extremism
• (2006) Can Spam Act used to convict Daniel Lin; three years, federal prison; $10,000 fine
• Distributed millions of e-mail messages with fraudulent header information through a variety of zombie computers advertising health care products
• Ransomeware
• Used most often to extort money from victims
• Malware program which encrypts or disables computer system until demands are met (extortion)
• Originally surfaced in 1989 then went low key until 2005
• Greatest risk to cyber criminal is being identified when money is transferred
• Create e-shell companies to accept ransom money
• Use legitimate online merchant to receive money from victim for commission based referral service

1. Theft of Information, Data Manipulation and Web Encroachment

• Two methods of obtaining confidential information- computer system intrusion & employees
• Employees are the most vulnerable component
• Criminals use deceptive practices through social engineering to gain access to company computers or telephone systems
• Criminals disguise themselves as vendors for security system or IT department
• Employees fail to protect their passwords due to laziness and lack of security awareness
• Criminals use shoulder surfing as a method to gain confidential information: watching over someone’s shoulder as they log on or input data into their computer
• Employees discard confidential information in common garbage receptacles instead of designated Confidential Bins or paper shredders
• Business and government entities do not set employee training as a high priority
• Trade Secrets and Copyrights
• Some criminals sell proprietary information to industry competitors for personal gain or national patriotism
• Gillette corporation employee was caught using company equipment to solicit bids for the design specs for Gillette’s Mach-3 razor
• French government ( Intelligence Service) used eavesdropping devices on French planes to obtain confidential information from an American company that was competing against a French company for business contracts
• Political Espionage
• Advanced technology has also increased the threats to the nation’s public infrastructure from communications to banking
• Theft of information is a significant threat
• Government entities have been criticized for not investing enough money to protect secrets technologically stored or created
• Recent audit of laptop computers for US State Department:
• did not have an accurate accounting for classified and unclassified laptop computers in bureaus covered in the audit
• 27 laptops were missing
• 35 were not available for inspection
• 57 had been disposed
• 215 laptops were inspected for encryption protection: 172 failed
• FBI estimates at least 120 foreign governments actively pursuing information in the US
• Traditional methods of stealing CPU’s, employee laptops and other devices are very common
• Employees failed to adequately safeguard the laptops in many cases.

[Order Now]

III. Cyberterrorism :

• politically or religiously motivated attack against data compilations, computer programs, and/or information systems
• intended to disrupt and/or deny service or acquire information
• which disrupts the social, physical, or political infrastructure of a target
• Computers may be the target or be incidental to the activity i.e. the means of retrieving the information
• Attacks may be in the form of hackng, DDoS, viruses, worms
• Centers of Disease Control (CDC)
• Altering small portion of a formula for a vaccination
• Changing labeling instructions for biological contaminants
• Systematically removing years of priceless research or patients records
• Introduction of viruses or worms could wreak havoc on public health
• A virus destroyed over 40% of patient’s records in one US hospital
• Terrorist Organization Propaganda Dissemination
• International (Nation of Islam) and domestic (White Aryan Resistance) use virtual platforms to spread their messages
• Solicit funds and recruit new members
• Communicate with each other via e-mails using strong encryption protections
• Ramzi Yousef (WTC bombing conspirator had bombing plans in encrypted files on his laptop computer)
• Launching of DDoS and defacement of Web sites of foreign governments
• Chinese hackivists threatened to launch DoS attacks against American financial institutions and government sites following the crash of a US spy plane and Chinese fighter plane
• Neotraditional Crime
• Dissemination of Contraband
• Child Pornography: Many pedophiles and child porn peddlers meet on the electronic bulletin boards and chat rooms
• They are protected under the First Amendment because they have the same “common carrier” status as the telephone company and post office
• Example: NAMBLA (North American Man Boy Love Association) has a Web-site
• Motivations for child pornography possession
• Pedophilia or hebephilia: satisfies sexual fantasies or provide gratification for those individuals who are sexually interested in prepubescent children or adolescents
• Sexual miscreants: satisfies a new and different sexual stimuli
• Curiosity seekers: possession satisfies a peculiar curiosity
• Criminal opportunists: possession and subsequent distribution is designed for economic profit
• Profile of Offenders ( Office of Juvenile Justice and Delinquency Prevention & National Center for Missing and Exploited Children)
• White males older than 25
• Majority (83%) had images of prepubescent children engaging in sex
• More than 20% depicted sexual violence toward the children
• 40% arrested for child porn were considered “dual offenders” (also sexually victimized children)
• 15% attempted to sexually victimize children by soliciting undercover police who posed online as minors
• Most of the child porn cases (60 %) originated from local and state agencies; balance by federal and international authorities
• Above statistics are based upon arrest records only so extent of online victimization of children via the Internet is difficult to determine
• On Line Victim Profile
• Children who express frustration with parental controls or appear naïve or vulnerable
• Children are confused about their sexuality
• Children who express feelings of being outsiders from their peer groups
• Children who enjoy unsupervised computer communications
• Many children actively seek association with adult suitors but many are lured into fictional relationships that encourage dangerous liaisons
• Online Pharmacies
• Convenient in terms of shopping and ordering
• Many operate illegally w/o licenses or dispense medicines in states where they are not licensed
• Some don’t require a valid prescription
• Some dispense medicine on demand w/o prescription
• “ Operation Cyber Chase” 2005
• Illegal online pharmaceutical sales operation based in India
• Supplied drugs for 200 Web sites
• Sold $20 million worth of controlled substances w/o prescriptions global customers
• FBI and DEA arrested individuals from India, Canada and US
• Seized $7 million from banks and 7 million doses of drugs
• Online Gambling
• First online gambling casino launched (Internet Casinos, Inc.)
• Revenues for 2005 were $10 billion; projected to increase to $180 billion by 2015
• Significant support from politicians, labor unions and community groups
• Lack of physicality makes online casinos accessible to any user with a computer, Iphone or IPAD
• Continuous operation makes them accessible 24/7
• Accessibility to minors increase the consumer base as proper age verification is not attempted
• Increase in e-banking allows users to access funds w/o leaving their chair; psychological intangibility of e-cash encourages customers to overspend
• Risks to individuals and communities
• Addiction
• Bankruptcy
• Crime
• Fail to create jobs or other revenue
• Threatening and Harassing Communications
• Stalking: willful, malicious, and repeated following and/or harassing another person in an effort to inflict or cause fear of actual harm through words or deeds
• Offender profile: White males(18-35)
• Victim profile: Females or Children
• Categories of Motivation
• Obsessional Stalkers: re-establish relationship with unwilling partner and are considered to be the most dangerous
• Love Obsession Stalker: individuals have low self-esteem and target victim they hold in high regard
• Erotomaniacs: stalkers are delusional and believe victims are in love with them or had a previous relationship with them
• Vengeance or Terrorist Stalker: economic gain or revenge
• Cyberstalking: same definition as stalking but done by electronic means
• Activities may be threatening or may result in injury
• Sending barrage of threatening e-mails
• Cyberharassment
• Activities are threatening, harassing or injurious on their face
• Focuses on actual harm suffered including defacement of character
• Posting fictitious or slanderous information in a public forum
• Courts have been reluctant to establish electronic boundaries of the First Amendment and have narrowly interpreted cyberstalking and cyberharassment legislation
• Cyberbullying: Aggressive, intentional act carried out by a group or individual, using electronic forms of contact, repeatedly and over time against a victim who cannot easily defend themselves
• May be committed using e-mails, social networking sites, Web pages, blogs, chat rooms, or instant messaging
• Case example: 10/17/2006, Megan Meier, 13, committed suicide after receiving hateful e-mails and IM’s from an adult female (mother of former friend and classmate of Megan) posing as a teen-age boy. Suspect was indicted on several charges and found guilty on one misdemeanor violation of the “Computer Fraud and Abuse Act”, subsequently overturned
• Online Fraud: fraud is the intentional deception, misrepresentation, or falsehood made with the intention of receiving unwarranted compensation or gratification
• Internet has provided cybercriminals anonymity and accessibility to the global community of citizens and businesses
• Auction Fraud: common fraudulent activity on the Internet: 4 types
• Nondelivery: accepts payment for item, fails to deliver
• Misrepresentation: deceives bidder on condition of item
• Fee-stacking: adds hidden charges to the advertised price of an item (ship-handling)
• Shill bidding: seller drives up price of their own item by making bids on their own items
• Case Example: page 10
• Online Credit Card Fraud
• Skimming: fraudsters install devices on card readers located in ATM’s, gas pumps, restaurants wherever magnetic strip credit card readers are employed. The information is transferred to another card for downloading
• Radio Frequency Identification (RFID): fraudsters use them to copy credit card information as they walk past individuals in street, subways, malls, concerts, etc.
• Information gleaned from the above techniques may be sold on carding sites where other criminals can purchase credit card dumps
• Securities Fraud
• Manipulating stock prices by posting false information on fraudulent Web sites and legitimate Web sites
• Page 104-105 for cases
• Insider Trading
• Individuals using chat rooms to provide others with material non-public information on companies
• Note case on page 105
• e-Fencing: sale of stolen goods through tech means
• organized retail theft rings post stolen goods on online auction sites
• Fraudulent Instruments: Counterfeiting & Forgery
• Counterfeiting: act of creating a fraudulent document with criminal intent
• Forgery: act of falsifying a document with criminal intent
• Made easier with high-level graphics software and hardware advances
• Create fraudulent payroll checks and generate forged signatures for authentication
• Ancillary Crimes
• Money Laundering: enterprise or practice of engaging in deliberate financial transactions to conceal the identity, source, and/or destination of income.
• Three stages
• Placement: initial point of entry for illicit funds (open account)
• Layering: develop complex network of transactions to obscure source of illegal funds

· Integration: return funds to legitimate economy

The Cyber Crime Research Paper

PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!