Your SlideShare is downloading. ×
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Building a cybercrime case
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Building a cybercrime case

390

Published on

Click Here …

Click Here

http://www.eacademy4u.com/

Online Educational Website For You

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
390
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. © FISE Building A Cybercrime Case
  • 2. Introduction • The growing danger from crimes committed against computers, or against information on computers, is beginning to claim attention in national capitals. In most countries around the world, however, existing laws are likely to be unenforceable against such crimes. This lack of legal protection means that businesses and governments must rely solely on technical measures to protect themselves from those who would steal, deny access to, or destroy valuable information.
  • 3. Types of Cyber Crimes: Data crimes. • Data Interception: Interception of data in transmission. • Data Modification: Alteration, destruction, or erasing of data. • Data Theft: Taking or copying data, regardless of whether it is protected by other laws, e.g., copyright, privacy, etc.
  • 4. Types of Cyber Crimes: Network crimes • Network Interference: Impeding or preventing access for others. The most common example of this action is instigating • a distributed denial of service (DDOS) attack, flooding Web sites or Internet Service Providers. DDOS attacks are often launched from numerous computers that have been hacked to obey commands of the perpetrator. • Network Sabotage: Modification or destruction of a network or system.
  • 5. Types of Cyber Crimes: Related crimes. • Aiding and Abetting: Enabling the commission of a cyber crime. • Computer-Related Forgery: Alteration of data with intent to represent as authentic. • Computer-Related Fraud: Alteration of data with intent to derive economic benefit from its misrepresentation.
  • 6. Bodies Of Law THREE bodies of law : (1) Criminal law, or penal law • Is the body of rules with the potential for severe impositions as punishment for failure to comply. Criminal punishment, depending on the offense and jurisdiction, may include execution, loss of liberty, government supervision (parole or probation), or fines.
  • 7. Bodies Of Law • There are some archetypal (example) crimes, like murder, but the acts that are forbidden are not wholly consistent between different criminal codes, and even within a particular code lines may be blurred as civil infractions may give rise also to criminal consequences. Criminal law typically is enforced by the government, unlike the civil law, which may be enforced by private parties.
  • 8. Bodies Of Law (2) Civil law • As opposed to criminal law, is the branch of law dealing with disputes between individuals and/or organizations, in which compensation may be awarded to the victim. For instance, if a car crash victim claims damages against the driver for loss or injury sustained in an accident, this will be a civil law case.
  • 9. Bodies Of Law (3) Administrative law • Is the body of law that governs the activities of administrative agencies of government. Government agency action can include rulemaking, adjudication, or the enforcement of a specific regulatory agenda. Administrative law is considered a branch of public law.
  • 10. Bodies Of Law • As a body of law, administrative law deals with the decision- making of administrative units of government (e.g., tribunals, boards or commissions) that are part of a national regulatory scheme in such areas as police law, international trade, manufacturing, the environment, taxation, broadcasting, immigration and transport. Administrative law expanded greatly during the twentieth century, as legislative bodies worldwide created more government agencies to regulate the increasingly complex social, economic and political spheres of human interaction.
  • 11. Security Incident: The attempted or successful unauthorized access, use disclosure, modification, or destruction of information or interference with system operations in an information system
  • 12. Examples • Bombings, explosions, fire, flood, storm, power outage, hardware/software failure • Cyber-theft, identity-theft, intellectual property theft, regular theft (involving information), virus, worm, network intrusions, unauthorized use, denial of service, etc } Contingency Plan } Incident response
  • 13. Goals • Provide an effective and efficient means of dealing with the situation • in a manner that reduces the potential impact to the organization. • Provide management with sufficient information in order to decide on • an appropriate course of action. • Maintain or restore business continuity. • Defend against future attacks. • Deter attacks through investigation and prosecution.
  • 14. Incident Handling Steps • Preparation • Identification • Containment • Eradication • Recovery • Lessons learned
  • 15. Incident Handling Steps • Preparation - The organization educates users and IT staff of the importance of updated security measures and trains them to respond to computer and network security incidents quickly and correctly. • Identification - The response team is activated to decide whether a particular event is, in fact, a security incident. The team will tracks Internet security activity and has the most current information on viruses and worms. • Containment - The team determines how far the problem has spread and contains the problem by disconnecting all affected systems and devices to prevent further damage.
  • 16. Incident Handling Steps • Eradication - The team investigates to discover the origin of the incident. The root cause of the problem and all traces of malicious code are removed. • Recovery - Data and software are restored from clean backup files, ensuring that no vulnerabilities remain. Systems are monitored for any sign of weakness or recurrence. • Lessons learned - The team analyzes the incident and how it was handled, making recommendations for better future response and for preventing a recurrence.
  • 17. Why Need Structure Handling • Structure/Organization – Dealing with incidents can be chaotic – Simultaneous incidents occur – Having a predefined methodology lends structure to the chaos • Efficiency – Time is often of the essence when dealing with incidents – Incidents can be costly both financially and organizationally • Process oriented approach – Breaks incidents into small manageable chunks – Logical order of dealing with issues – Includes methods for improving the overall process
  • 18. Why Need Structure Handling • Dealing with the unexpected – Provides a mental framework for dealing with incidents in general – Promotes flexible thinking to deal with novel situations • Legal Considerations – Can demonstrate due care or due diligence – May limit liability – May reduce insurance premiums
  • 19. Evidence Management • During an incident, evidence may be collected during any of the 6 steps. • In early stages we may not know what the final outcome might be (e.g., Job Termination, Civil or Criminal Litigation). • Network/Computer Forensics may become an issue • Must collect data in a “Forensically Friendly” manner • Must maintain the chain of custody • Important to understand the evidence lifecycle
  • 20. Forensics • Computer Forensics: The study of computer technology as it relates to the law. • Forensic Analysis: Examination of material and/or data to determine its essential features and their relationship in an effort to discover evidence in a manner that is admissible in a court of law; post- mortem examination.
  • 21. Forensics • Electronic Evidence: Evidence relating to the issue that consists of computer files, or data, in their electronic state. • Electronic Media Discovery: The discoverability of electronic data or files.
  • 22. Forensics • Chain of Custody: A means of accountability, that shows who obtained the evidence, where and when the evidence was obtained, who secured the evidence, who had control or possession of the evidence. • Rules of Evidence: Evidence must be competent, relevant, and material to the issue.
  • 23. Evidence Life Cycle • Collection & identification • Storage, preservation, and • transportation • Presentation in court • Return to victim or court
  • 24. Case Study: MALAYSIAN CYBERLAWS AND THEIR IMPLE

×