SlideShare a Scribd company logo

Privacy and cybercrime

Download as PPTX, PDF
I
Info_Studies_Aberystwyth

The document discusses privacy and cybercrime. It notes that identity theft is the fastest growing crime in America, with 9.9 million victims reported last year. It introduces Mari J. Frank, an identity theft survivor and author of a book providing guidance to victims on ending the nightmare of identity theft. Contact information is provided for two websites on identity theft run by the federal government.

Education
1 of 40
Privacy and Cybercrime The individual’s responsibilities in staying safe online
Center for Information Assurance and Cybersecurity (CIAC) The Center for Information Assurance and Cybersecurity (CIAC) at the University of Washington integrates industry, academia and the Pacific Northwest community to promote multi-disciplined, regional collaboration, produce innovative research directions and educational programs, and develop information assurance professionals at all levels who are well-prepared to contend with the dynamics of the Information Age.
Dr. Barbara Endicott-Popovsky Department Fellow Aberystwyth University Director Center for Information Assurance and Cybersecurity University of Washington Academic Director Master of Infrastructure Planning and Management Research Associate Professor University of Washington Information School email: endicott@uw.edu Office: Suite 400 RCB Phone: 206-284-6123 Website: http://faculty.washington.edu/endicott Barbara Endicott-Popovsky, Ph.D., is Director for the Center of Information Assurance and Cybersecurity at the University of Washington, designated by the NSA as a Center for Academic Excellence in Information Assurance Education and Research, Academic Director for the Masters in Infrastructure Planning and Management in the Urban Planning Department of the School of Built Environments and holds an appointment as Research Associate Professor with the Information School. Her academic career follows a 20-year career in industry marked by executive and consulting positions in IT architecture and project management. Her research interests include enterprise-wide information systems security and compliance management, forensic-ready networks, the science of digital forensics and secure coding practices. For her work in the relevance of archival sciences to digital forensics, she is a member of the American Academy of Forensic Scientists. Barbara earned her Ph.D. in Computer Science/Computer Security from the University of Idaho (2007), and holds a Masters of Science in Information Systems Engineering from Seattle Pacific University (1987), a Masters in Business Administration from the University of Washington (1985) and a Bachelor of Arts from the University of Pittsburgh.
Context Evolution Information Age Industrial Age Agricultural Age
Agricultural Industrial Information Attribute Age Age Age Wealth Land Capital Knowledge Advancement Conquest Invention Paradigm Shifts Time Sun/Seasons Factory Time Zones Whistle Workplace Farm Capital Networks equipment Organization Family Corporation Collaborations Structure Tools Plow Machines Computers Problem-solving Self Delegation Integration Knowledge Generalized Specialized Interdisciplinary Learning Self-taught Classroom Online
Our Love Affair with the Internet “Docs Embracing Internet” “US Internet Users Embrace Digital Imaging” “Baby Boomers Embracing Mobile Technology”
. . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . Species 8472 . . . . . . . . . .. . . . . . . RESISTANCE IS FUTILE. . . . PREPARE TO BE ASSIMULATED? . . . . . Courtesy: K. Bailey/E. Hayden, CISOs
Smashing Industrial Age Infrastructure!
Unintended Consequences of Embracing the Internet…..
Troubling Realities . . . . . . . . . . . . . . 41,000,000 of „em out there! . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . Dan Geer “In the world of networked computers every sociopath is Chief Scientist Verdasys you neighbor.” .
Growing Threat Spectrum
Cyber Attack Sophistication Continues To Evolve Source: CERT 2004 Cross site scripting bots High “stealth” / advanced Intruder scanning techniques Knowledge Staged packet spoofing denial of service attack sniffers distributed Tools attack tools sweepers www attacks automated probes/scans GUI back doors disabling audits network mgmt. diagnostics hijacking burglaries sessions exploiting known vulnerabilities password cracking Attack self-replicating code Sophistication password guessing Attackers Technical Skills Low 1980 1985 1990 1995 2000+
Cybercrime and Money… • McAfee CEO: “Cybercrime has become a $105B business that now surpasses the value of the illegal drug trade worldwide”
Symantec Internet Security Threat Report – Threat landscape is more dynamic than ever – Attackers rapidly adapting new techniques and strategies to circumvent new security measures – Today’s Threat Landscape.. • Increased professionalism and commercialization of malicious activities • Threats tailored for specific regions • Increasing numbers of multi-staged attacks • Attackers targeting victims by first exploiting trusted entities • Convergence of attack methods
“If the Internet were a street, I wouldn’t walk it in daytime…” K. Bailey, CISO UW • 75% of traffic is malicious • Unprotected computer infected in < 1 minute • Organized crime makes more money on the Internet than through drugs • The ‘take’ from the Internet doubles e-commerce Courtesy: FBI, LE
What does all this mean to you?….
Electronic voting outlawed in Ireland, Michael Flatley DVDs okay for now by Tim Stevens posted Apr 28th 2009 at 7:23AM Yes, it's another international blow for electronic voting. We've seen the things proven to be insecure, illegal, and, most recently, unconstitutional. Now the Emerald Isle is taking a similar step, scrapping an e-voting network that has cost €51 million to develop (about $66 million) in favor of good 'ol paper ballots. With that crisis averted Irish politicians can get back to what they do best: blaming each other for wasting €51 million in taxpayer money. http://www.engadget.com/2009/04/28/electronic-voting-outlawed-in-ireland-michael-flatley-dvds-okay/
July 31, 2009, 12:34 pm Student Fined $675,000 in Downloading Case By Dave Itzkoff Bizuayehu Tesfaye/Associated Press Joel Tenenbaum was found liable for copyright violations in a trial in Boston. Updated | 7:03 p.m. A jury decided Friday that a Boston University student should pay $675,000 to four record labels for illegally downloading and sharing music, The Associated Press reported. A judge ruled that Joel Tenenbaum, 25, who admitted to downloading more than 800 songs from the Internet between 1999 and 2007 did so in violation of copyright laws and is liable for damages. Mr. Tenenbaum testified Thursday in federal district court in Boston that he had downloaded and shared hundreds of songs by artists including Nirvana, Green Day and the Smashing Pumpkins, and said that he had lied in pretrial depositions when he said that friends or siblings may have downloaded the songs to his computer. The record labels involved the case have focused on only 30 of the songs that Mr. Tenenbaum downloaded. Under federal law they were entitled to $750 to $30,000 per infringement, but the jury could have raised that to as much as $150,000 per track if it found the infringements were willful. In arguments on Friday, The A.P. reported, a lawyer for Mr. Tenenbaum urged a jury to “send a message” to the music industry by awarding only minimal damages. http://artsbeat.blogs.nytimes.com/2009/07/31/judge-rules-student-is-liable-in-music-download-case/
Majority think outsourcing threatens network security Angela Moscaritolo September 29, 2009 A majority of IT security professionals believe that outsourcing technology jobs to offshore locations has a negative impact on network security, according to a survey released Tuesday. In the survey of 350 IT managers and network administrators concerned with computer and network security at their organizations, 69 percent of respondents said they believe outsourcing negatively impacts network security, nine percent said it had a positive impact and 22 said it had no impact. The survey, conducted this month by Amplitude Research and commissioned by VanDyke Software, a provider of secure file transfer solutions, found that 29 percent of respondents' employers outsource technology jobs to India, China and other locations. Of those respondents whose companies outsource technology jobs, half said that they believe doing so has had a negative impact on network security. Sixty-one percent of respondents whose companies outsource technology jobs also said their organization experienced an unauthorized intrusion. In contrast, just 35 percent of those whose company does not outsource did. However, the survey noted that organizations that do outsource were “significantly” more likely than those that do not to report intrusions. “We're not going to say we have any proven cause and effect,” Steve Birnkrant, CEO of Amplitude Research, told SCMagazineUS.com on Tuesday. “Correlation doesn't prove causation, but it's definitely intriguing that the companies that outsource jobs offshore are more likely to report unauthorized intrusions.” In a separate survey released last December from Lumension Security and the Ponemon Institute, IT security professionals said that outsourcing would be the biggest cybersecurity threat of 2009. In light if the recession, companies are outsourcing to reduce costs, but the practice opens organizations up to the threat of sensitive or confidential information not being properly protected, and unauthorized parties gaining access to private files, the survey concluded. In contrast to their overall views about the impact that outsourcing has on network security, Amplitude/VanDyke Software survey respondents were largely positive about the impact of outside security audits. Seventy-two percent of respondents whose companies paid for outside audits said they were worthwhile investments and 54 percent said they resulted in the discovery of significant security problems. http://www.scmagazineus.com/Majority-think-outsourcing-threatens-network-security/article/150955/
Connecticut drops felony charges against Julie Amero, four years after her arrest By Rick Green on November 21, 2008 5:16 PM | The unbelievable story of Julie Amero concluded quietly Friday afternoon at Superior Court in Norwich, with the state of Connecticut dropping four felony pornography charges. Amero agreed to plead guilty to a single charge of disorderly conduct, a misdemeanor. Amero, who has been hospitalized and suffers from declining health, also surrendered her teaching license. "Oh honey, it's over. I feel wonderful," Amero, 41, said a few minutes after accepting the deal where she also had to surrender her teaching license. "The Norwich police made a mistake. It was proven. That makes me feel like I'm on top of the world." In June of 2007, Judge Hillary B. Strackbein tossed out Amero's conviction on charges that she intentionally caused a stream of "pop-up" pornography on the computer in her classroom and allowed students to view it. Confronted with evidence compiled by forensic computer experts, Strackbein ordered a new trial, saying the conviction was based on "erroneous" and "false information." But since that dramatic reversal, local officials, police and state prosecutors were unwilling to admit that a mistake may have been made -- even after computer experts from around the country demonstrated that Amero's computer had been infected by "spyware." New London County State's Attorney Michael Regan told me late Friday the state remained convinced Amero was guilty and was prepared to again go to trial. "I have no regrets. Things took a course that was unplanned. Unfortunately the computer wasn't examined properly by the Norwich police," Regan said. "For some reason this case caught the media's attention,'' Regan said. The case also caught the attention of computer security experts from California to Florida, who read about Amero's conviction on Internet news sites. Recognizing the classic signs of a computer infected by malicious adware, volunteers examined computer records and the hard drive and determined that Amero was not responsible for the pornographic stream on her computer. The state never conducted a forensic examination of the hard drive and instead relied on the expertise of a Norwich detective, with limited computer experience. Experts working for Amero ridiculed the state's evidence, saying it was a classic case of spyware seizing control of the computer. Other experts also said that Amero's response -- she failed to turn off the computer -- was not unusual in cases like this. Among other things, the security experts found that the Norwich school system had failed to properly update software that would have blocked the pornography in the first place. http://blogs.courant.com/rick_green/2008/11/connecticut-drops-felony-charg.html
Interdependence of Critical Infrastructure
A Metaphor…..
Security/Privacy How do we stay safe online?
Security and Privacy: Two Faces of the Same Coin Security: Privacy: Outward Inward Facing Facing
Information System Security Revolution 1960-1980 1985 1995 - Packet Switch Bridge File Server Gateway Other Networks Computer Security INFOSEC Information Assurance
The Castle Approach: Defense in Depth • Perimeter defense: firewalls Protect • Layered defense: AV, IDS, IPS your data • However, these aren’t working!
Trusting Controls Assumes: • Design implements your goals • Sum total of controls implement all goals • Implementation is correct • Installation/administration are correct
Bottom line assumption: You Will Never Own a Perfectly Secure System!!! You Will Never Own a Perfectly Secure System!!! You Will Never Own a Perfectly Secure System!!!
Individual Strategy • Awareness of the threat • Layered Defense on your home computer – Multiple tools – Patch program – Upgrade • Implement privacy options in social media • Be deliberate about where your data resides • Think like a “bad guy!” • Limit your children’s access
Kid Nation • Kids know technology better than adults • More prone to commit cyber crime • Plagiarism sites • Music downloads • Disrespect for IP • Cyberbullying • Blind trust online • Need for cyberethics training
Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey! Mari J. Frank. Esq. is a survivor of identity-theft, and the author of the book From Victim to Victor; A Step-by-Step Guide For Ending The Nightmare Of Identity Theft. http://www.identitytheft.org/ http://www.identitytheft.gov/
Privacy and cybercrime
Privacy and cybercrime

Recommended

47295388 aunti-ma-ma-myar
47295388 aunti-ma-ma-myar47295388 aunti-ma-ma-myar
47295388 aunti-ma-ma-myarbabycandy007
 
P13 035
P13 035P13 035
P13 035Léo Ribeiro
 
Internet research tutorial
Internet research tutorialInternet research tutorial
Internet research tutorialMelissa Hall
 
1994 the influence of dimerization on the stability of ge hutclusters on si(001)
1994 the influence of dimerization on the stability of ge hutclusters on si(001)1994 the influence of dimerization on the stability of ge hutclusters on si(001)
1994 the influence of dimerization on the stability of ge hutclusters on si(001)pmloscholte
 
Winterday [From Www.Metacafe.Com]
Winterday [From Www.Metacafe.Com]Winterday [From Www.Metacafe.Com]
Winterday [From Www.Metacafe.Com]Calum Mackenzie
 
winter
winterwinter
wintersurachai chai
 
Winter Day
Winter DayWinter Day
Winter DayDenise Rivera
 
Winter.Images
Winter.ImagesWinter.Images
Winter.ImagesMerry C
 

Recommended

47295388 aunti-ma-ma-myar
47295388 aunti-ma-ma-myar47295388 aunti-ma-ma-myar
47295388 aunti-ma-ma-myarbabycandy007
 
P13 035
P13 035P13 035
P13 035Léo Ribeiro
 
Internet research tutorial
Internet research tutorialInternet research tutorial
Internet research tutorialMelissa Hall
 
1994 the influence of dimerization on the stability of ge hutclusters on si(001)
1994 the influence of dimerization on the stability of ge hutclusters on si(001)1994 the influence of dimerization on the stability of ge hutclusters on si(001)
1994 the influence of dimerization on the stability of ge hutclusters on si(001)pmloscholte
 
Winterday [From Www.Metacafe.Com]
Winterday [From Www.Metacafe.Com]Winterday [From Www.Metacafe.Com]
Winterday [From Www.Metacafe.Com]Calum Mackenzie
 
winter
winterwinter
wintersurachai chai
 
Winter Day
Winter DayWinter Day
Winter DayDenise Rivera
 
Winter.Images
Winter.ImagesWinter.Images
Winter.ImagesMerry C
 
Winter Places
Winter PlacesWinter Places
Winter Placesfondas vakalis
 
Happy new year2
Happy new year2Happy new year2
Happy new year2astanina-7
 
Untitled 1
Untitled 1Untitled 1
Untitled 1Cvetanka Karovska
 
فن الحرب
فن الحربفن الحرب
فن الحربBookStoreLib
 
Prioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
Prioritizing Scaffolds for Hit Selection in High Throughput Screening ProgramsPrioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
Prioritizing Scaffolds for Hit Selection in High Throughput Screening ProgramsRajarshi Guha
 
Mosquera assg 3_3
Mosquera assg 3_3Mosquera assg 3_3
Mosquera assg 3_3Gordi Hatch
 
The Smiley Model - Concept Model for designing engaging and motivating game...
The Smiley Model - Concept Model for designing engaging and motivating game...The Smiley Model - Concept Model for designing engaging and motivating game...
The Smiley Model - Concept Model for designing engaging and motivating game...CharlotteLarke
 
Discrete Time Signal Processing Oppenhm book 2nd
Discrete Time Signal Processing Oppenhm book 2nd Discrete Time Signal Processing Oppenhm book 2nd
Discrete Time Signal Processing Oppenhm book 2nd Tanzeel Ahmad
 
Micro-benchmarking the Tera MTA
Micro-benchmarking the Tera MTAMicro-benchmarking the Tera MTA
Micro-benchmarking the Tera MTAJason Riedy
 
Comprension 1
Comprension 1Comprension 1
Comprension 1Pilar Gómez
 
6282
62826282
6282kotob arabia
 
P13 007
P13 007P13 007
P13 007Léo Ribeiro
 
Philosophie
PhilosophiePhilosophie
Philosophiebades12
 
Soal Olimpiade
Soal OlimpiadeSoal Olimpiade
Soal Olimpiadefajarmath
 
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]sasanhb
 
Agt music case layout
Agt music case layoutAgt music case layout
Agt music case layoutNomad Case Design
 
4385
43854385
4385kotob arabia
 
6287
62876287
6287kotob arabia
 
5838
58385838
5838kotob arabia
 
Support services
Support servicesSupport services
Support servicesvolghan hosseyni
 
كتاب كامل عن_التعليم_عبر_الموبايل
كتاب كامل عن_التعليم_عبر_الموبايلكتاب كامل عن_التعليم_عبر_الموبايل
كتاب كامل عن_التعليم_عبر_الموبايلعبدالله المسلم
 
Yellowpage advertising
Yellowpage advertisingYellowpage advertising
Yellowpage advertisingvolghan hosseyni
 

More Related Content

What's hot

Happy new year2
Happy new year2Happy new year2
Happy new year2astanina-7
 
Prioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
Prioritizing Scaffolds for Hit Selection in High Throughput Screening ProgramsPrioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
Prioritizing Scaffolds for Hit Selection in High Throughput Screening ProgramsRajarshi Guha
 
Mosquera assg 3_3
Mosquera assg 3_3Mosquera assg 3_3
Mosquera assg 3_3Gordi Hatch
 

What's hot (6)

Winter Places
Winter PlacesWinter Places
Winter Places
 
Happy new year2
Happy new year2Happy new year2
Happy new year2
 
Untitled 1
Untitled 1Untitled 1
Untitled 1
 
فن الحرب
فن الحربفن الحرب
فن الحرب
 
Prioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
Prioritizing Scaffolds for Hit Selection in High Throughput Screening ProgramsPrioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
Prioritizing Scaffolds for Hit Selection in High Throughput Screening Programs
 
Mosquera assg 3_3
Mosquera assg 3_3Mosquera assg 3_3
Mosquera assg 3_3
 

Similar to Privacy and cybercrime

The Smiley Model - Concept Model for designing engaging and motivating game...
The Smiley Model - Concept Model for designing engaging and motivating game...The Smiley Model - Concept Model for designing engaging and motivating game...
The Smiley Model - Concept Model for designing engaging and motivating game...CharlotteLarke
 
Discrete Time Signal Processing Oppenhm book 2nd
Discrete Time Signal Processing Oppenhm book 2nd Discrete Time Signal Processing Oppenhm book 2nd
Discrete Time Signal Processing Oppenhm book 2nd Tanzeel Ahmad
 
Micro-benchmarking the Tera MTA
Micro-benchmarking the Tera MTAMicro-benchmarking the Tera MTA
Micro-benchmarking the Tera MTAJason Riedy
 
Philosophie
PhilosophiePhilosophie
Philosophiebades12
 
Soal Olimpiade
Soal OlimpiadeSoal Olimpiade
Soal Olimpiadefajarmath
 
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]sasanhb
 
كتاب كامل عن_التعليم_عبر_الموبايل
كتاب كامل عن_التعليم_عبر_الموبايلكتاب كامل عن_التعليم_عبر_الموبايل
كتاب كامل عن_التعليم_عبر_الموبايلعبدالله المسلم
 

Similar to Privacy and cybercrime (20)

The Smiley Model - Concept Model for designing engaging and motivating game...
The Smiley Model - Concept Model for designing engaging and motivating game...The Smiley Model - Concept Model for designing engaging and motivating game...
The Smiley Model - Concept Model for designing engaging and motivating game...
 
Discrete Time Signal Processing Oppenhm book 2nd
Discrete Time Signal Processing Oppenhm book 2nd Discrete Time Signal Processing Oppenhm book 2nd
Discrete Time Signal Processing Oppenhm book 2nd
 
Micro-benchmarking the Tera MTA
Micro-benchmarking the Tera MTAMicro-benchmarking the Tera MTA
Micro-benchmarking the Tera MTA
 
Comprension 1
Comprension 1Comprension 1
Comprension 1
 
6282
62826282
6282
 
P13 007
P13 007P13 007
P13 007
 
Philosophie
PhilosophiePhilosophie
Philosophie
 
Soal Olimpiade
Soal OlimpiadeSoal Olimpiade
Soal Olimpiade
 
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
شبكه هاي عصبي مصنوعي Ann farsi [www.matlabtrainings.blogfa.com]
 
Agt music case layout
Agt music case layoutAgt music case layout
Agt music case layout
 
4385
43854385
4385
 
6287
62876287
6287
 
5838
58385838
5838
 
Support services
Support servicesSupport services
Support services
 
كتاب كامل عن_التعليم_عبر_الموبايل
كتاب كامل عن_التعليم_عبر_الموبايلكتاب كامل عن_التعليم_عبر_الموبايل
كتاب كامل عن_التعليم_عبر_الموبايل
 
Yellowpage advertising
Yellowpage advertisingYellowpage advertising
Yellowpage advertising
 
P13 031
P13 031P13 031
P13 031
 
1500
15001500
1500
 
3089
30893089
3089
 
3089
30893089
3089
 

Recently uploaded

How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 

Recently uploaded (20)

How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 

Privacy and cybercrime

  • 1. Privacy and Cybercrime The individual’s responsibilities in staying safe online
  • 2. Center for Information Assurance and Cybersecurity (CIAC) The Center for Information Assurance and Cybersecurity (CIAC) at the University of Washington integrates industry, academia and the Pacific Northwest community to promote multi-disciplined, regional collaboration, produce innovative research directions and educational programs, and develop information assurance professionals at all levels who are well-prepared to contend with the dynamics of the Information Age.
  • 3. Dr. Barbara Endicott-Popovsky Department Fellow Aberystwyth University Director Center for Information Assurance and Cybersecurity University of Washington Academic Director Master of Infrastructure Planning and Management Research Associate Professor University of Washington Information School email: endicott@uw.edu Office: Suite 400 RCB Phone: 206-284-6123 Website: http://faculty.washington.edu/endicott Barbara Endicott-Popovsky, Ph.D., is Director for the Center of Information Assurance and Cybersecurity at the University of Washington, designated by the NSA as a Center for Academic Excellence in Information Assurance Education and Research, Academic Director for the Masters in Infrastructure Planning and Management in the Urban Planning Department of the School of Built Environments and holds an appointment as Research Associate Professor with the Information School. Her academic career follows a 20-year career in industry marked by executive and consulting positions in IT architecture and project management. Her research interests include enterprise-wide information systems security and compliance management, forensic-ready networks, the science of digital forensics and secure coding practices. For her work in the relevance of archival sciences to digital forensics, she is a member of the American Academy of Forensic Scientists. Barbara earned her Ph.D. in Computer Science/Computer Security from the University of Idaho (2007), and holds a Masters of Science in Information Systems Engineering from Seattle Pacific University (1987), a Masters in Business Administration from the University of Washington (1985) and a Bachelor of Arts from the University of Pittsburgh.
  • 4. Context Evolution Information Age Industrial Age Agricultural Age
  • 5. Agricultural Industrial Information Attribute Age Age Age Wealth Land Capital Knowledge Advancement Conquest Invention Paradigm Shifts Time Sun/Seasons Factory Time Zones Whistle Workplace Farm Capital Networks equipment Organization Family Corporation Collaborations Structure Tools Plow Machines Computers Problem-solving Self Delegation Integration Knowledge Generalized Specialized Interdisciplinary Learning Self-taught Classroom Online
  • 6. Our Love Affair with the Internet “Docs Embracing Internet” “US Internet Users Embrace Digital Imaging” “Baby Boomers Embracing Mobile Technology”
  • 7.
  • 8.
  • 9.
  • 10. . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . Species 8472 . . . . . . . . . .. . . . . . . RESISTANCE IS FUTILE. . . . PREPARE TO BE ASSIMULATED? . . . . . Courtesy: K. Bailey/E. Hayden, CISOs
  • 12.
  • 13. Unintended Consequences of Embracing the Internet…..
  • 14. Troubling Realities . . . . . . . . . . . . . . 41,000,000 of „em out there! . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . Dan Geer “In the world of networked computers every sociopath is Chief Scientist Verdasys you neighbor.” .
  • 16. Cyber Attack Sophistication Continues To Evolve Source: CERT 2004 Cross site scripting bots High “stealth” / advanced Intruder scanning techniques Knowledge Staged packet spoofing denial of service attack sniffers distributed Tools attack tools sweepers www attacks automated probes/scans GUI back doors disabling audits network mgmt. diagnostics hijacking burglaries sessions exploiting known vulnerabilities password cracking Attack self-replicating code Sophistication password guessing Attackers Technical Skills Low 1980 1985 1990 1995 2000+
  • 17. Cybercrime and Money… • McAfee CEO: “Cybercrime has become a $105B business that now surpasses the value of the illegal drug trade worldwide”
  • 18. Symantec Internet Security Threat Report – Threat landscape is more dynamic than ever – Attackers rapidly adapting new techniques and strategies to circumvent new security measures – Today’s Threat Landscape.. • Increased professionalism and commercialization of malicious activities • Threats tailored for specific regions • Increasing numbers of multi-staged attacks • Attackers targeting victims by first exploiting trusted entities • Convergence of attack methods
  • 19. “If the Internet were a street, I wouldn’t walk it in daytime…” K. Bailey, CISO UW • 75% of traffic is malicious • Unprotected computer infected in < 1 minute • Organized crime makes more money on the Internet than through drugs • The ‘take’ from the Internet doubles e-commerce Courtesy: FBI, LE
  • 20. What does all this mean to you?….
  • 21. Electronic voting outlawed in Ireland, Michael Flatley DVDs okay for now by Tim Stevens posted Apr 28th 2009 at 7:23AM Yes, it's another international blow for electronic voting. We've seen the things proven to be insecure, illegal, and, most recently, unconstitutional. Now the Emerald Isle is taking a similar step, scrapping an e-voting network that has cost €51 million to develop (about $66 million) in favor of good 'ol paper ballots. With that crisis averted Irish politicians can get back to what they do best: blaming each other for wasting €51 million in taxpayer money. http://www.engadget.com/2009/04/28/electronic-voting-outlawed-in-ireland-michael-flatley-dvds-okay/
  • 22. July 31, 2009, 12:34 pm Student Fined $675,000 in Downloading Case By Dave Itzkoff Bizuayehu Tesfaye/Associated Press Joel Tenenbaum was found liable for copyright violations in a trial in Boston. Updated | 7:03 p.m. A jury decided Friday that a Boston University student should pay $675,000 to four record labels for illegally downloading and sharing music, The Associated Press reported. A judge ruled that Joel Tenenbaum, 25, who admitted to downloading more than 800 songs from the Internet between 1999 and 2007 did so in violation of copyright laws and is liable for damages. Mr. Tenenbaum testified Thursday in federal district court in Boston that he had downloaded and shared hundreds of songs by artists including Nirvana, Green Day and the Smashing Pumpkins, and said that he had lied in pretrial depositions when he said that friends or siblings may have downloaded the songs to his computer. The record labels involved the case have focused on only 30 of the songs that Mr. Tenenbaum downloaded. Under federal law they were entitled to $750 to $30,000 per infringement, but the jury could have raised that to as much as $150,000 per track if it found the infringements were willful. In arguments on Friday, The A.P. reported, a lawyer for Mr. Tenenbaum urged a jury to “send a message” to the music industry by awarding only minimal damages. http://artsbeat.blogs.nytimes.com/2009/07/31/judge-rules-student-is-liable-in-music-download-case/
  • 23. Majority think outsourcing threatens network security Angela Moscaritolo September 29, 2009 A majority of IT security professionals believe that outsourcing technology jobs to offshore locations has a negative impact on network security, according to a survey released Tuesday. In the survey of 350 IT managers and network administrators concerned with computer and network security at their organizations, 69 percent of respondents said they believe outsourcing negatively impacts network security, nine percent said it had a positive impact and 22 said it had no impact. The survey, conducted this month by Amplitude Research and commissioned by VanDyke Software, a provider of secure file transfer solutions, found that 29 percent of respondents' employers outsource technology jobs to India, China and other locations. Of those respondents whose companies outsource technology jobs, half said that they believe doing so has had a negative impact on network security. Sixty-one percent of respondents whose companies outsource technology jobs also said their organization experienced an unauthorized intrusion. In contrast, just 35 percent of those whose company does not outsource did. However, the survey noted that organizations that do outsource were “significantly” more likely than those that do not to report intrusions. “We're not going to say we have any proven cause and effect,” Steve Birnkrant, CEO of Amplitude Research, told SCMagazineUS.com on Tuesday. “Correlation doesn't prove causation, but it's definitely intriguing that the companies that outsource jobs offshore are more likely to report unauthorized intrusions.” In a separate survey released last December from Lumension Security and the Ponemon Institute, IT security professionals said that outsourcing would be the biggest cybersecurity threat of 2009. In light if the recession, companies are outsourcing to reduce costs, but the practice opens organizations up to the threat of sensitive or confidential information not being properly protected, and unauthorized parties gaining access to private files, the survey concluded. In contrast to their overall views about the impact that outsourcing has on network security, Amplitude/VanDyke Software survey respondents were largely positive about the impact of outside security audits. Seventy-two percent of respondents whose companies paid for outside audits said they were worthwhile investments and 54 percent said they resulted in the discovery of significant security problems. http://www.scmagazineus.com/Majority-think-outsourcing-threatens-network-security/article/150955/
  • 24. Connecticut drops felony charges against Julie Amero, four years after her arrest By Rick Green on November 21, 2008 5:16 PM | The unbelievable story of Julie Amero concluded quietly Friday afternoon at Superior Court in Norwich, with the state of Connecticut dropping four felony pornography charges. Amero agreed to plead guilty to a single charge of disorderly conduct, a misdemeanor. Amero, who has been hospitalized and suffers from declining health, also surrendered her teaching license. "Oh honey, it's over. I feel wonderful," Amero, 41, said a few minutes after accepting the deal where she also had to surrender her teaching license. "The Norwich police made a mistake. It was proven. That makes me feel like I'm on top of the world." In June of 2007, Judge Hillary B. Strackbein tossed out Amero's conviction on charges that she intentionally caused a stream of "pop-up" pornography on the computer in her classroom and allowed students to view it. Confronted with evidence compiled by forensic computer experts, Strackbein ordered a new trial, saying the conviction was based on "erroneous" and "false information." But since that dramatic reversal, local officials, police and state prosecutors were unwilling to admit that a mistake may have been made -- even after computer experts from around the country demonstrated that Amero's computer had been infected by "spyware." New London County State's Attorney Michael Regan told me late Friday the state remained convinced Amero was guilty and was prepared to again go to trial. "I have no regrets. Things took a course that was unplanned. Unfortunately the computer wasn't examined properly by the Norwich police," Regan said. "For some reason this case caught the media's attention,'' Regan said. The case also caught the attention of computer security experts from California to Florida, who read about Amero's conviction on Internet news sites. Recognizing the classic signs of a computer infected by malicious adware, volunteers examined computer records and the hard drive and determined that Amero was not responsible for the pornographic stream on her computer. The state never conducted a forensic examination of the hard drive and instead relied on the expertise of a Norwich detective, with limited computer experience. Experts working for Amero ridiculed the state's evidence, saying it was a classic case of spyware seizing control of the computer. Other experts also said that Amero's response -- she failed to turn off the computer -- was not unusual in cases like this. Among other things, the security experts found that the Norwich school system had failed to properly update software that would have blocked the pornography in the first place. http://blogs.courant.com/rick_green/2008/11/connecticut-drops-felony-charg.html
  • 25. Interdependence of Critical Infrastructure
  • 26.
  • 28. Security/Privacy How do we stay safe online?
  • 29. Security and Privacy: Two Faces of the Same Coin Security: Privacy: Outward Inward Facing Facing
  • 30. Information System Security Revolution 1960-1980 1985 1995 - Packet Switch Bridge File Server Gateway Other Networks Computer Security INFOSEC Information Assurance
  • 31. The Castle Approach: Defense in Depth • Perimeter defense: firewalls Protect • Layered defense: AV, IDS, IPS your data • However, these aren’t working!
  • 32. Trusting Controls Assumes: • Design implements your goals • Sum total of controls implement all goals • Implementation is correct • Installation/administration are correct
  • 33. Bottom line assumption: You Will Never Own a Perfectly Secure System!!! You Will Never Own a Perfectly Secure System!!! You Will Never Own a Perfectly Secure System!!!
  • 34. Individual Strategy • Awareness of the threat • Layered Defense on your home computer – Multiple tools – Patch program – Upgrade • Implement privacy options in social media • Be deliberate about where your data resides • Think like a “bad guy!” • Limit your children’s access
  • 35. Kid Nation • Kids know technology better than adults • More prone to commit cyber crime • Plagiarism sites • Music downloads • Disrespect for IP • Cyberbullying • Blind trust online • Need for cyberethics training
  • 36.
  • 37.
  • 38. Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey! Mari J. Frank. Esq. is a survivor of identity-theft, and the author of the book From Victim to Victor; A Step-by-Step Guide For Ending The Nightmare Of Identity Theft. http://www.identitytheft.org/ http://www.identitytheft.gov/