Introduction• Cybercrimes can be basically divided into 3 major categories: 1. Cybercrimes against persons. 2. Cybercrimes against property. 3. Cybercrimes against government.
• "Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime."
what makes a crime a cyber crime??• when information and communications technology (ICT) systems and intellectual property become targets of exploitation, intrusion, identity and information theft.• when ICT devices are used as means to commit crimes• where the ICT devices are used as mediums of committing crimes. For example, sedition, disharmony or unrest, slandering and instigating at higher scale come under this category
The Cyber Threat EnvironmentTwo Threat Categories:3. Emerging Threats to National Security Computer Intrusions from: • Terrorist Groups • State Actors• Traditional Crime Migrating to the Internet Cyber-facilitated: • Hacking Groups • On-line Child Exploitation • Intellectual Property Violations • Internet Fraud • Identity Theft
National Security• Terrorist Groups • Web-sites • Forums • Bulletin Boards
Common Internet Crime Schemes• Credit/Debit Card Fraud• Identity Theft• Phishing• Mortgage Fraud• Investment Fraud• Computer Intrusions• Online Auction Fraud• Non-Delivery of Merchandise• Business Employment Schemes• Freight Forwarding/Reshipping• Fake Escrow Services• Ponzi & Pyramid Schemes
Current EnvironmentCarding Among Hackers• Illicit Trafficking in Stolen Credit Card Information• Conducted Openly on Russian-language Hacker Sites Starting in the Late 1990s• Confluence of Events in Late 1990s – Appearance of Domestic Credit Cards in RF – Dot-Com E-commerce Boom – Economic Collapse of 1998 —> Widespread Unemployment in the Nascent IT Sector A Brief History…
Carding Internet Sources WEB SITES, SUCH AS• www.web-hack.ru• Cardingworld.cc ARE AVAILABLE TO ALL WHO WISH A NEW IDENTITY. - Look like legitimate ID/Driver’s License but may contain the word “Novelty” somewhere in small print
How They Get Your Info• Spam• Pre-texting/Social Engineering/Fake Sites• Compromised Databases• Skimming• Old Computers
Motivation• Show me the money$$$ – Generation of hackers have grown up. – Needs have shifted to accommodate age. – Need to pay for: • Food • Rent • Love life
ASHLEY ROBY ECHOUAFNI CYBERSLAMSCHICHTEL HALL WALKER
Trends and Predictions• Spear Phishing – Faked “internal” emails• Continued attacks on personal information – Outsourcing to third party businesses – Blogs “Myspace.com”• Continued increase in cross border attacks – Exploiting poor law enforcement cooperation between many countries.
Trends and Predictions• WiFi – Easy behind the firewall access to networks• VoIP – DoS against phones or call hijacking – Covert Trojan delivery (researched by some Universities around the world) – SPIT - Voice spam• BIOS (hardware) level rootkits – Can be written in common programming language for cross platform use
Trends and Predictions• Attacks continue to get more sophisticated – Difficult to detect – Faster propagation (ie Botnets)• End users more at risk – Shift from servers to clients• Response tools very basic – Tools still very basic
Trends and Predictions• Instant message bots – Artificial intelligence software that convinces you to download virus.• Application targeted attacks – Programs that require Internet access to work (Oracle, RealPlayer, iTunes…)• More relevant IDS and network protection – False positive rate currently too high.
Security Risk For Home User…• Confidentiality• Integrity• Availability
Example of Intellectual property theft:-Data crimes• Data Interception: Interception of data in transmission.• Data Modification: Alteration, destruction, or erasing of data.• Data Theft: Taking or copying data, regardless of whether it is protected by