Cyber Crime.Ppt 1


Published on

Published in: Business, Technology
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber Crime.Ppt 1

  1. 1. CYBERCRIME <ul><li>Cybercrimes reach everywhere and hurt everyone: </li></ul><ul><ul><li>Electronic commerce crime (like the theft of hundreds of thousands of credit card records) threatens the internet boom that has fueled the unprecedented economic growth in the U.S. </li></ul></ul><ul><ul><li>Economic espionage (like theft of biotech secrets stored in digital files) threatens U.S. competitiveness in the global marketplace. </li></ul></ul><ul><ul><li>Infrastructure attacks (like an assault against a nation’s power grid) threaten the safety and well-being of whole populations. </li></ul></ul>
  2. 2. CYBERCRIME <ul><li>Types of Cybercriminals - defy stereotypes: </li></ul><ul><ul><li>Dishonest or disgruntled insiders (such as employees, ex-employees, contractors, temporary workers) who want to sell your trade secrets, commit financial fraud, or just destroy your data or networks for revenge. </li></ul></ul><ul><ul><li>Hackers, who break in simply to explore and vandalize. </li></ul></ul><ul><ul><li>Crackers, who break in to steal or destroy information. </li></ul></ul><ul><ul><li>Professional spies and saboteurs; the most elusive, who work for rival governments and competing corporations. They are paid and are very adept. They can bring down your company, your government, or crash your stock market. They are rarely caught. </li></ul></ul>
  3. 3. CYBERCRIME <ul><li>Types of Cybercriminals - “youthful hackers” and other that demonstrate the following traits: </li></ul><ul><ul><li>Precociousness, curiosity and persistence </li></ul></ul><ul><ul><li>Habitual lying, cheating, stealing and exaggerating </li></ul></ul><ul><ul><li>Juvenile idealism, e.g., “power to the people,” “if it feels good, do it.” </li></ul></ul><ul><ul><li>Hyperactivity. </li></ul></ul><ul><ul><li>Drug and alcohol abuse. </li></ul></ul><ul><ul><li>Behavioral characteristics listed on tables 2.1 - 2.4. </li></ul></ul>
  4. 4. CYBERCRIME <ul><li>Types of Cybercrime: </li></ul><ul><ul><li>Unauthorized access by insiders (such as employees)‏ </li></ul></ul><ul><ul><li>System penetration by outsiders (such as hackers)‏ </li></ul></ul><ul><ul><li>Theft of proprietary information (whether a simple user ID and password or a trade secret worth millions of dollars)‏ </li></ul></ul><ul><ul><li>Financial fraud using computers </li></ul></ul><ul><ul><li>Sabotage of data or networks </li></ul></ul><ul><ul><li>Disruption of network traffic (e.g., denial of service attacks)‏ </li></ul></ul>
  5. 5. CYBERCRIME <ul><li>Types of Cybercrime, continued: </li></ul><ul><ul><li>Creation and distribution of computer viruses </li></ul></ul><ul><ul><li>Software piracy </li></ul></ul><ul><ul><li>Identity theft </li></ul></ul><ul><ul><li>Hardware theft (e.g., laptop theft). </li></ul></ul><ul><ul><li>Terrorists that target critical infrastructures, such as the PSTN, power grid, and the air traffic control system. </li></ul></ul>
  6. 6. CSI/FBI Computer Crime and Security Survey Results Revealed: <ul><li>Organizations are under cyberattack from both inside and outside their electronic perimeters. </li></ul><ul><li>A wide range of cyberattacks have been declared. </li></ul><ul><li>Cyberattacks can result in serious financial losses. </li></ul><ul><li>Defending successfully against such attacks requires more than just the use of information security technologies. </li></ul>
  7. 7. CYBERCRIME 2000 <ul><li>Types of Cyberattacks, by percentage (source- FBI)‏ </li></ul><ul><ul><li>Financial fraud: 11% </li></ul></ul><ul><ul><li>Sabotage of data/networks: 17% </li></ul></ul><ul><ul><li>Theft of proprietary information: 20% </li></ul></ul><ul><ul><li>System penetration from the outside: 25% </li></ul></ul><ul><ul><li>Denial of service: 27% </li></ul></ul><ul><ul><li>Unauthorized access by insiders: 71% </li></ul></ul><ul><ul><li>Employee abuse of internet privileges 79% </li></ul></ul><ul><ul><li>Viruses: 85% </li></ul></ul>
  8. 8. CYBERCRIME 2000 <ul><li>“ If you experienced computer system intrusions by someone from outside your organization, indicate the type of activity performed by the intruder.” </li></ul><ul><ul><li>Manipulate data integrity 6.8% </li></ul></ul><ul><ul><li>Installed a sniffer 6.6% </li></ul></ul><ul><ul><li>Stole password files 5.6% </li></ul></ul><ul><ul><li>Proving/scanning systems 14.6% </li></ul></ul><ul><ul><li>Trojan logons 5.8% </li></ul></ul><ul><ul><li>IP spoofing 4.8% </li></ul></ul><ul><ul><li>Introduced virus 10.6% </li></ul></ul><ul><ul><li>Denied use of services 6.3% </li></ul></ul>
  9. 9. CYBERCRIME 2000 <ul><li>“ If you experienced computer system intrusions by someone from outside your organization, indicate the type of activity performed by the intruder.” </li></ul><ul><ul><li>Downloaded data 8.1% </li></ul></ul><ul><ul><li>Compromised trade secrets 9.8% </li></ul></ul><ul><ul><li>Stole/diverted money 0.3% </li></ul></ul><ul><ul><li>Compromised e-mail/documents 12.6% </li></ul></ul><ul><ul><li>Publicized intrusion 0.5% </li></ul></ul><ul><ul><li>Harassed personnel 4.5% </li></ul></ul><ul><ul><li>Other 3.0% </li></ul></ul>
  10. 10. CYBERCRIME 2000 <ul><li>What was done to insiders caught misusing company information? </li></ul><ul><ul><li>Oral admonishment 54.3% </li></ul></ul><ul><ul><li>Written admonishment 20.9% </li></ul></ul><ul><ul><li>Suspended 5.4% </li></ul></ul><ul><ul><li>Resigned 6.2% </li></ul></ul><ul><ul><li>Fired 8.5% </li></ul></ul><ul><ul><li>Referred to Law Enforcement 1.6% </li></ul></ul><ul><ul><li>Out-of-Court settlement 0.0% </li></ul></ul><ul><ul><li>No action 3.1% </li></ul></ul><ul><ul><li>Other 0.0% </li></ul></ul>
  11. 11. CYBERCRIME 2000 <ul><li>Cost of Cybercrime during the year 2000: </li></ul><ul><ul><li>FBI statistics: 273 reported incidents, for a total loss of $265,589,940. </li></ul></ul><ul><ul><li>Prominent news items: </li></ul></ul><ul><ul><ul><li>Kevin Mitnick’s (“Condor”) hacking spree cost high-tech companies at least $291.8 million over a two-year span before his capture. </li></ul></ul></ul><ul><ul><ul><li>David L. Smith, a 31 year-old programmer, pleaded guilty to creating the Melissa virus and using an ex-rated web site to spread it through cyberspace, causing $80 million in damages. </li></ul></ul></ul><ul><ul><ul><li>4 High School Kids hacked into a Bay Area internet server and used stolen credit card numbers to order computer equipment: $200k. </li></ul></ul></ul><ul><ul><ul><li>A temporary employee broke into Forbes’ computers, caused a computer crash, that cost Forbes $100,000 to restore. </li></ul></ul></ul>
  12. 12. CYBERCRIME 2000 <ul><li>Calculating the Cost of Information Security: </li></ul><ul><ul><li>Capital costs, such as hardware, software, networks, servers and switches. </li></ul></ul><ul><ul><li>Administration costs, such as management of the assets, security monitoring and follow-up, legal assistance, and audit department </li></ul></ul><ul><ul><li>Technical support costs, when all the people call the help desk, documentation of the calls, end-user training, etc. </li></ul></ul><ul><ul><li>End user operational costs, such as the management of user data of resources breached, awareness training of users. </li></ul></ul>
  13. 13. CYBERCRIME 2000 <ul><li>System Penetration from the Outside costs: </li></ul><ul><ul><li>Downtime/lost opportunity/ lost business </li></ul></ul><ul><ul><li>Staff time </li></ul></ul><ul><ul><li>Consultant fees </li></ul></ul><ul><ul><li>Legal time </li></ul></ul><ul><ul><li>Cost breakdown by information security steps taken: </li></ul></ul><ul><ul><ul><li>detection </li></ul></ul></ul><ul><ul><ul><li>response </li></ul></ul></ul><ul><ul><ul><li>repair </li></ul></ul></ul><ul><ul><ul><li>prosecution </li></ul></ul></ul>
  14. 14. Hackers, Crackers, and Virus Writers <ul><li>Mischief Makers </li></ul><ul><ul><li>The Morris Worm </li></ul></ul><ul><ul><ul><li>In 1988, Robert Morris, Jr., a 23-year old graduate student in computer science at Cornell and the son of a NSA computer security expert, wrote an experimental, self-replicating, self-propagating program called a worm (99 lines of code) and injected it into the internet. He chose to release it from MIT, to disguise the fact that the worm came from Cornell. </li></ul></ul></ul><ul><ul><ul><li>60,000 computer sites at universities, military sites, hospitals, research facilities, corporations and government institutions were affected; the estimated cost of dealing with the worms ranged from $200 to $50,000 for each site </li></ul></ul></ul><ul><ul><ul><li>Morris was convicted of violating the Computer Fraud and Abuse Act; he received 3 years’ probation, 400 hours of community service, and a fine of $10,050. </li></ul></ul></ul>
  15. 15. Hackers, Crackers, and Virus Writers <ul><li>Mischief Makers, continued: </li></ul><ul><ul><li>“ Datastream Cowboy” and “Kuji” attack USAF’s Rome Labs </li></ul></ul><ul><ul><ul><li>26 days of attacks; 20 days of monitoring </li></ul></ul></ul><ul><ul><ul><li>7 sniffers, over 150 intrusions from 10 points of origin from 8 different countries </li></ul></ul></ul><ul><ul><ul><li>Priceless cost to national security, but $211,722 to undo damage to computer systems. Investigative costs also not included </li></ul></ul></ul><ul><ul><ul><li>Datastream = 16-years old Richard Pryce (UK); pleaded guilty in British Court and paid a 1,200 British pounds. </li></ul></ul></ul><ul><ul><ul><li>Kuji = Matthew Bevan; after 20 hearings, the charges were dropped. </li></ul></ul></ul>
  16. 16. Hackers, Crackers, and Virus Writers <ul><li>Mischief Makers, continued: </li></ul><ul><ul><li>“ HotterthanMojaveinmyheart” AKA “El Griton,” Julio Ardita </li></ul></ul><ul><ul><ul><li>Hacked into NASA, DoD, U.S. colleges, and colleges in Korea, Mexico, Taiwan, Chile and Brazil </li></ul></ul></ul><ul><ul><ul><li>Hacked into the private telephone systems of companies in his native Argentina, dialed into Harvard U’s computer system, and launched his U.S. hacking attacks through Harvard. </li></ul></ul></ul><ul><ul><ul><li>Caught: USN San Diego detected that certain system files had been altered - they uncovered a sniffer file and a file that contained the passwords he was logging, and programs to gain root access and to cover tracks. Argentine officials arrested him for hacking into telephone company facilities, seized his computers. </li></ul></ul></ul><ul><ul><ul><li>$15K telephone service theft, millions in damaged files and investigative costs yielded a $5k fine and 3 years of probation. </li></ul></ul></ul>
  17. 17. Hackers, Crackers, and Virus Writers <ul><li>Data Theft - Crackers </li></ul><ul><ul><li>Carlos “SMAK” Salgado </li></ul></ul><ul><ul><ul><li>Hacked several companies doing business on the WWW, including an ISP, gained unauthorized access, and harvested tens of thousands of credit card records. </li></ul></ul></ul><ul><ul><ul><li>Two of the companies involved had no knowledge of being hacked until they were contacted by the FBI </li></ul></ul></ul><ul><ul><ul><li>SMAK made about $200k from the sale of credit card information to other criminals, who in turn inflicted $10 million in damage upon the consuming public. </li></ul></ul></ul><ul><ul><ul><li>SMAK pleaded guilty on four of the five counts, and received 2 1/2 years in federal prison and five years of probation. </li></ul></ul></ul>
  18. 18. Hackers, Crackers, and Virus Writers <ul><li>Cyber Bank Robbers </li></ul><ul><ul><li>Vladimir Levin and the great 1994 Citibank online heist: </li></ul></ul><ul><ul><ul><li>Not an internet heist, per se: Citibank’s product, the Customer Cash Management Account (CCMA), was a dial-up telecom-based product. </li></ul></ul></ul><ul><ul><ul><li>Product tradeoff favored ease of use at the expense of security. </li></ul></ul></ul><ul><ul><ul><li>No evidence of insider collusion; all fraud was external to Citibank </li></ul></ul></ul><ul><ul><ul><li>Series of fraudulent account transfers netted Levin $10 million U.S. </li></ul></ul></ul><ul><ul><ul><li>It took the FBI 30 months to convince the Russians to extradite Levin; he was convicted, fined $240,015, and received a 3-year prison term. </li></ul></ul></ul>
  19. 19. Hackers, Crackers, and Virus Writers <ul><li>The Phonemasters Case </li></ul><ul><ul><li>“ Blacknet” and the stolen information brokers </li></ul></ul><ul><ul><li>Toll fraud- downloaded scripts of telephone numbers, including toll-free numbers, and then loaded them onto public switched telephone network databases with phony billing addresses. </li></ul></ul><ul><ul><li>Credit card fraud: stole identities, created identities, and cashed in on others’ credit. </li></ul></ul><ul><ul><li>$1.85 million stolen; jail time was 41, 24 and 18 months for the 3. </li></ul></ul><ul><ul><li>Knowledge of information security techniques: </li></ul></ul><ul><ul><ul><li>how to pull out sniffers </li></ul></ul></ul><ul><ul><ul><li>how to get around secure identification systems </li></ul></ul></ul><ul><ul><ul><li>how to install back doors. </li></ul></ul></ul>
  20. 20. Hackers, Crackers, and Virus Writers <ul><li>Hackivists and Cybervandals </li></ul><ul><ul><li>Defined: </li></ul></ul><ul><ul><ul><li>“ Hactivism is the marriage of hacking and activism. It covers operations that use hacking techniques against a target internet site with the intent of disrupting normal operations but not causing serious damage. Examples are web sit-ins and virtual blockades, and computer viruses and worms.” </li></ul></ul></ul><ul><ul><ul><li>“ Cyberterrorism is the convergence of cyberspace and terroism. It covers politically motivated hacking operations intended to cause grave harm such as the loss of life or severe economic damage.” Dorothy Denning , Georgetown U. </li></ul></ul></ul><ul><ul><li>Who are the Internet Liberation Front and the Zombies? </li></ul></ul>
  21. 21. Hackers, Crackers, and Virus Writers <ul><li>Hackivists and Cybervandals, continued: </li></ul><ul><ul><li>Attack of the Zombies: the Distributed Denial of Service (DDOS) attack on Yahoo!, eBay, and during 2/2000. </li></ul></ul><ul><ul><ul><li>DDOS tools “Trinoo” and “Tribe Flood Network” (TFN) hit on 7-9 February 2000. </li></ul></ul></ul><ul><ul><ul><ul><li>Yahoo! Hit first; lost about 20% of its page hits. </li></ul></ul></ul></ul><ul><ul><ul><ul><li>eBay incapacitated for hours; hit a low of 9.4% availability, and CNN’s was 5%. It took users 5 minutes to access </li></ul></ul></ul></ul><ul><ul><ul><li>Several claims were made in hacker bulletin boards that the DDOS attacks were launched in retaliation for the “commercialization” of the internet. Damages estimated at $100 million to $1.2 billion. </li></ul></ul></ul><ul><ul><ul><li>Many were questioned; no one was charged. </li></ul></ul></ul>
  22. 22. MALWARE <ul><li>Malicious Software </li></ul><ul><ul><li>Melissa, CIH/Chernobyl, Happy99, ExploreZip </li></ul></ul><ul><ul><li>Chews up hard disks, corrupts files, disrupts operations. </li></ul></ul><ul><ul><li>Transmitted through the internet via popular e-mail features to propagate itself </li></ul></ul><ul><ul><ul><li>Melissa through MS Word 97 and 2000 applications </li></ul></ul></ul><ul><ul><ul><li>Happy99.exe Trojan Horse displays “Happy99” and fireworks, and then mails itself to lots of people with addresses on the victim’s browser. </li></ul></ul></ul><ul><li>Melissa: cost $93 - 385 million in damage! </li></ul>
  23. 23. MALWARE <ul><li>The Virus Curve </li></ul><ul><li>Virus Year Type Reach Period Damages </li></ul><ul><ul><li>Jerusalem, 1990 .exe file, 3 years $50 mill </li></ul></ul><ul><ul><li>Cascade boot sector </li></ul></ul><ul><ul><li>Concept 1995 Word macro 4 months $50 mill </li></ul></ul><ul><ul><li>Melissa 1999 E-mailed, 4 days $93- </li></ul></ul><ul><ul><li>Word macro $385 mil </li></ul></ul><ul><ul><li>Love Bug 2000 E-mail and 5 hours >700mil </li></ul></ul><ul><ul><li>enabled, VBS </li></ul></ul>