SlideShare a Scribd company logo

1112015 search.proquest.comcriminaljusticeperiodicalsprint.docx

Download as DOCX, PDF
H
hyacinthshackley2629

11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewfile?accountid=33337 1/8 Abstract Full Text Back to previous page document 1 of 1 Tracking the CybercrimeTrail Sartin, Bryan. Security Management 48.9  (Sep 2004): 95­100. Private cybercrime investigators and law enforcement can collaborate to both protect the bottom line and stem crime. In the case discussed, several credit card associations and major credit card issuers began to notice increasing instances of fraud over a three­or four­month stretch. By looking at the patterns and types of fraud and tying that information back to common points, they believed they had identified one company as the source of the fraud. They contacted the company and asked them to cooperate with forensic examiners from Ubizen who would be sent to their site to investigate the possibility that a security breach had occurred within their production network environment. The primary objective of the forensic investigations was to determine the source and full extent of the breach. If sufficient evidence was found to prove that a crime had been committed, another objective would be to assist law enforcement in gathering additional evidence for prosecution. The team conducted an in­depth analysis of the fraud patterns and found that the fraud resulted from duplicated credit cards used in card­present transactions. Headnote In addition to knowing how to follow the bits of evidence, forensic detectives must know how to work with law enforcement. IN SPRING OF 2003, several credit card associations and major credit card issuers began to notice increasing instances of fraud over a three­or four­month stretch. By looking at the patterns and types of fraud and tying that information back to common points, they believed they had identified one company (we'll call them Company A) as the source of the fraud. While the patterns of evidence pointed to Company A, it was still too circumstantial to call in law enforcement. Hard evidence was needed. So the associations and credit card issuers joined forces and contacted Ubizen (the author's company), which conducts cybercrime investigations. They also contacted Company A and asked them to cooperate with forensic examiners from Ubizen who would be sent to their site to investigate the possibility that a security breach had occurred within their production network environment. Company A officials said that they were not aware of any security breach, but they agreed to work with the investigators. Company A is a software company that provides electronic payment software to numerous retail outlets, including restaurants, retail stores, and Internet companies. Company A's core business is its payment gateway service that processes credit card and check transactions. While the majority of Company A's transactions come from the Internet, wireless transactions are also common. The .

Education
1 of 17
11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 1/8 Abstract Full Text Back to previous page document 1 of 1 Tracking the CybercrimeTrail Sartin, Bryan. Security Management 48.9 (Sep 2004): 95-100. Private cybercrime investigators and law enforcement can colla borate to both protect the bottom line and stem crime. In the case discussed, several credit card associatio ns and major credit card issuers began to notice increasing instances of fraud over a three-or four-month s tretch. By looking at the patterns and types of fraud and tying that information back to common points, they believed they had identified one company as the source of the fraud. They contacted the company and asked t hem to cooperate with forensic examiners from Ubizen who would be sent to their site to investigate the p ossibility that a security breach had occurred within their production network environment. The primary objec tive of the forensic investigations was to
determine the source and full extent of the breach. If sufficient evidence was found to prove that a crime had been committed, another objective would be to assist law enforc ement in gathering additional evidence for prosecution. The team conducted an in-depth analysis of the fra ud patterns and found that the fraud resulted from duplicated credit cards used in card-present transactions. Headnote In addition to knowing how to follow the bits of evidence, foren sic detectives must know how to work with law enforcement. IN SPRING OF 2003, several credit card associations and major credit card issuers began to notice increasing instances of fraud over a three-or four-month stretch. By lookin g at the patterns and types of fraud and tying that information back to common points, they believed they had identified one company (we'll call them Company A) as the source of the fraud. While the patterns of ev idence pointed to Company A, it was still too circumstantial to call in law enforcement. Hard evidence was ne eded. So the associations and credit card issuers joined forces and contacted Ubizen (the author's compan y), which conducts cybercrime investigations. They also contacted Company A and asked them to cooperate wi th forensic examiners from Ubizen who would be sent to their site to investigate the possibility that a security breach had occurred within their production network environment. Company A officials said that they were not aware of any security breach, but they agreed to work with the investigators. Company A is a software company that provides electronic pay ment software to numerous retail outlets, including restaurants, retail stores, and Internet companies. Co
mpany A's core business is its payment gateway service that processes credit card and check transaction s. While the majority of Company A's transactions come from the Internet, wireless transactions are al so common. The two different types of transactions are routed through two separate payment gateways, and together they often account for more than 200,000 electronic payment transactions daily. http://search.proquest.com/criminaljusticeperiodicals/docview/2 31156268/fulltext/D2C9D238C81542FBPQ/1?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals?accountid =33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/au/Sartin,+Bryan/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/pubidlink handler/sng/pubtitle/Security+Management/$N/7251/PrintViewF ile/231156268/$B/BC64AD188A9E4444PQ/1?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingv olumeissuelinkhandler/7251/Security+Management/02004Y09Y 01$23Sep+2004$3b++Vol.+48+$289$29/48/9?accountid=33337 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 2/8 The primary objective of the forensic investigations "was to det ermine the source and full extent of the breach. If sufficient evidence was found to prove that a crime h ad been committed, another objective would be to assist law enforcement in gathering additional evidence fo r prosecution.
Discovery. Before arriving at the company's site, the forensic te am conducted an exhaustive discovery process. This advance work would enable the forensic team to h it the ground running when they went on to the company site. Stolen data. The team conducted an in-depth analysis of the frau d patterns and found that the fraud resulted from duplicated credit cards used in "card-present transactions." These are seenarios where legitimate account numbers are fraudulently reproduced on unauthorized d uplicate cards and used by criminals to purchase goods or services in person, often using matching falsi fied information. For a criminal to duplicate a credit card with account informatio n that will pass muster, he or she must have gotten access to the data contained in the magnetic stripe on the back of a card. A credit card magnetic stripe contains two separate tracks of information. Track 1 data contai ns information printed on the card, such as the cardholder's name, but this data is not a component of the tr ansaction authorization-it merely verifies that the name on the card has not been changed. Track 2 contain s more sensitive information, including the CVV code (the card verification value, a number string that is p rinted, not embossed, on a card), which helps verify that a transaction is authorized. Sophisticated fraud could be perpetrated by skimming this infor mation from individual cards. But the fraud pattern in this case made it likely that theft of data in large batc hes had occurred. In fact, the investigation revealed that full mag-stripe information had been taken from C ompany A's network.
Because mag-stripe information allows criminals to duplicate a credit card, the payment service industry stipulates that this type of information not be stored subsequent to authorization. The finding of theft at Company A raised questions about whether the mag-stripe infor mation was being handled properly, according to the payment service industry's commonly accepted security st andards. The fact that mag-stripe information was involved in this breach meant that the informati on was likely stored despite the standard against doing so. Investigators needed to locate where on the customer's network this type of information resided. They could then identify the most likely avenues of intrusion through the ne twork. Lay of the land. To accomplish this, the forensic experts studied diagrams to learn the layout of Company A's computer network and determine whether it was vulnerable and which parts of the network were most likely to be exposed if a hacker had been able to penetrate the system. Frequently, the most likely targets are Internet-visible systems, such as Web servers and FTP servers, or weakly configured wireless network access points. The team found that, indeed, Company A's network -was not sufficiently hardened against an attack, making it likely that hackers could have penetrated the system a nd stolen the account information. FBI assistance. Given these findings, the forensic team recogniz ed that it was time for law enforcement to be brought into the process. This was a point sometimes overlooke d by private firms: It was vital that the appropriate government agents be on the scene to help in the ass
embling of evidence that could lead to the capture and eventual prosecution of the attacker. In this case, be cause of the nature of the crime and the magnitude of the fraud, FBI agents were contacted. In early June, FBI agents from the Atlanta field office -were the first to visit the site, although they were soon replaced by agents from the Chicago field office, who had much more extensive experience investigating cybercrimes. These agents had in fact worked with Ubizen inves tigators on previous investigations. Ubizen s 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 3/8 forensic experts also visited the FBI field office to hold discussi ons over the specifics of the investigation, such as what forensic tools would be used to ensure the integrity of a ny data taken and how chain of custody would be maintained. At the scene with the FBI agents, Ubizeris investigators began d ata collection; they first collected mirror images of Company A's payment gateway, which they shared wi th the FBI investigators. Together the two teams then interviewed Company A's staff for additional inform ation on how the breach could have occurred, determining, for example, who in the organization had access to particular servers. Track 2 information had been compromised, so it was important to understand where in t
he network such data sat, which would indicate to the team what systems must have been touched by th e attacker. This information could also help answer other questions, such as whether it could have been an i nside job or whether the Internet was the avenue of attack. After interviewing the staff and examining the organizations net work diagram, several systems were identified that seemed likely avenues of attack based on their proximity to the Internet and lack of suitable security controls. The team investigated several servers where they susp ected a significant point of exposure and found on one of the systems a number of files that had not been installed by Company A's administrators. These files included keystroke loggers and a common backdoor program called HackerDefender. This made it clear that the system had indeed been compromised, leading the team to rule out an inside job. Footprints. FBI agents and the Ubizen team looked at files and a udit logs to find the hacker's footprint and attack signature-that is, how the hacker broke in and what the h acker did once he or she had access. Without more in-depth analysis it would be impossible to determine how the intruder was first able to gain access to the systems. However, based on the immediately visible footprint left behind by the intruder, it became clear that the server had become the staging point through which the intruder could continually gain access into other components of Company A's production network environment. Once the intruder had gained a foothold into the environment from the outside, he or she placed hacking tool s and utilities within the systems, effectively
exploiting the breach. Live prey. When tracing the hacker's steps, the investigators loo ked closely at dates and time stamps to determine when the hacker last penetrated the company's networ k. They found files created by the hacker the day before the investigation began, proving that there was a n ongoing breach, an important development since it could help the investigators to catch the attacker in the act. Sewing up the breaches. The team first needed to repair the brea ch. Since the incidents of fraud associated with Company A were rapidly escalating-as many as hundreds p er day-it was imperative to immediately lock out the hacker's access to private information. The team began by purging from the organization's systems sens itive cardholder data that, under industry standards, should never have been stored on the systems. With t hat data removed, the exposure created by any future unauthorized access would be much less severe. The team also took several of Company A's servers offline, repl acing many of the compromised systems. They then enabled and configured logging and auditing functions to e nsure that if unauthorized access were attempted again, the organization would be able to detect and re spond to the unwanted activity. All of the information collected on site was preserved, includin g hard drives from the compromised systems and logs from the intrusion detection system, the firewall, and t he routers. The information was shipped back to Ubizeris labs for in-depth analysis and preservation for evide ntiary purposes.
11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 4/8 A number of different open-source tools were used to identify a nd salvage any other traces left behind by the intruder that might shed more light on the timeline of the attack or other systems that might be involved. The tools used included both Ubizen-proprietary and over-the-c ounter forensic tools such as Encase. Because these tools had been tested extensively in court, the FBI team co uld be sure that any evidence (such as copies of drives) provided by Ubizen would be admissible. Setting the trap. With the loss of data stanched, investigators we re ready to catch the hacker in the act. To accomplish this, the Ubizen team and the FBI set a trap with thr ee components. The first part was a packet sniffer, a laptop with a software prog ram called EtherPeek that would watch traffic in and out of the affected servers. It allowed investigators to mo nitor any data the hacker was sending, such as individual keystrokes, the machines the intruder was attempti ng to access, and how he or she was attempting to do so. Also, the sniffer would capture firsthand ev idence of files removed from the network that would, under normal circumstances, contain sensitive informati on or data that could be used for fraud.
Next, the files on those servers were loaded with dummy credit- card information to prevent additional fraud from occurring and to keep the hacker unaware that he or she ha d been noticed. The third part of the trap was the use of Tripwire, a program that monitors the integrity o f files, which was configured to set off an alarm the moment any of the date and time-stamps of the files u nder observation were changed. That would allow the investigators to know exactly when the attacker hit so that they could catch the intruder in the act. Underlying the trap was the fact that the investigators had deter mined precisely how the hacker would attack. The investigation had shown the particular backdoor the attacker was using and what port would be used in the compromise. But with a huge amount of traffic flowi ng back and forth across the network (this company also conducts e-commerce business), waiting for a Tri pwire alarm was not necessarily going to allow the investigators to see the compromise as it happened. So, a Ub izen technician worked with the FBI's Quantico-based Data Analysis Team to create a signature that th ey could look for on the sniffer to see exactly when and where the hacker was attacking. Hooked. The trap worked perfectly. When the hacker snuck in t o begin copying what looked like credit-card information that Company A had backed up, he fell right into th e ambush and was caught red handed. From this point, FBI agents took the evidence collected by the Ubizen and FBI teams and began the hunt for the suspect. They contacted a law enforcement computer-crime liaison group in the Eastern European country where it was determined that the hacker was located. Ultimately, the hac
ker-a college-age male-was arrested and extradited, and the evidence gathered against him will be used when the case comes to trial. Aftermath. While Company A breathed a sigh of relief when the hacker was caught, the work of the Ubizen investigative team wasn't over yet. Their mission was not only t o help identify the hacker but also to determine the full extent of the breach and figure out precisely how many credit cards had been compromised, and when. Targets. The complete analysis showed that there were in fact se veral intruders who took advantage of the backdoor the original hacker left, and they seemed to be unawar e of each other's presence. Altogether these attackers maintained some level of access into Company A for more than six months, two months longer than the previously recognized fraud dates. The team was also able t o identify other machines on the network that had been compromised. These included the organizations two da tabase servers, the mail server, two file and print servers, and each of the Internet-visible systems. Recommendations. The final step was to provide recommendatio ns to Company A on how to bolster its 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 5/8
security against future attacks. These included the obvious sugg estion of adapting to industry best practices. MasterCard and VISA have led the industry in establishing guid elines to secure customer credit card data. MasterCard's Site Data Protection Service (SDP) and Visas Card holder Information Security Program (CISP) are industry mandates with serious financial penalties for noncompl iance. These programs define a standard of due care for deploying security compliance programs, ensuring t hat online merchants and payment service providers are adequately protected against hacker intrusions and account data compromises. The investigative team determined that Company A was far from fulfilling these r equirements and outlined exactly what measures the company needed to take to be fully compliant. A key suggestion was for Company A to conduct regular vulner ability scanning internally or to outsource the scans to an expert. This inexpensive automated process proactiv ely identifies vulnerabilities to find out if and where a computer system can be exploited or is vulnerable. Finally, the team provided a set of recommendations above and beyond the established credit card industry standards. The team advised Company A to either add an interna l IT team dedicated solely to security or to consider outsourcing key elements of its security program to a managed security services provider. The amount of data generated by security devices is overwhelming, and it can only be properly monitored by a dedicated team whose sole function is to oversee the network da ta. Since the attackers had access to stored credit card data, the tea m also urged Company A not to retain credit
card data longer than needed. As this case made clear, storing th is type of sensitive information opens up a high risk of exposure. This case illustrates how private cybercrime investigators and la w enforcement can collaborate to both protect the bottom line and stem crime. That's good news for long-belea guered online businesses, and bad news for online fraudsters. Sidebar Forensic detectives can often quickly identify the most likely ta rgets of a hacker attack on a given network. Sidebar Two Teams are Better Than One Cybercrime investigations are Often initiated by the victimized company not through a call to the police, but through a call to a private firm that specializes in computer fore nsics examinations. These private-sector teams will then call law enforcement into the process as soon as they confirm that illegal activity is occurring. Cooperation between law enforcement and private-sector investi gators is still a fairly new idea, however. Several years ago, when the author's company first started cond ucting forensics investigations, it was often met with distrust by both their private sector clients, who feared bad publicity or losing control of company data, and law enforcement agents, who were reluctant to share i nformation with third-party vendors. However, this reluctance is diminishing as law enforcement bec omes more accustomed to working with third- party cyberforensics experts and as clients see that the process c an work. Companies like Ubizen work under
strict conditions and with detailed nondisclosure agreements, w hich protects clients and helps allay fears. Although they need to work together, it is important to understa nd that ultimately the two groups of investigators have different goals. The private-sector team has t he ultimate goal of understanding the full extent of the compromise and helping the client find and close t he vulnerability that led to the breach-in other words, to protect its reputation and profits. Law enforcement is focused on the illegal activity and in collecting any evidence that will lead to the attacker and help in a prosecut ion. 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 6/8 Details Subject Credit card fraud; Forensic sciences; Network security; Investigations; Case studies Location United States, US Name: Ubizen NV NAICS: 514191
Company / organization Classification 9190: United States 5140: Security management 5250: Telecommunications systems & Internet communications 9110: Company specific 8331: Internet services industry Title Tracking the CybercrimeTrail Author Sartin, Bryan Publication title Security Management Volume 48 Issue 9 The two groups also work differently due to the nature of their r esponsibilities. A private forensic firm is doing paid work for a client and will devote a team to getting the work done in a short time frame. For example, this case took Ubizen two days on site and another two weeks to co mplete the analysis and write a report. By contrast, law enforcement agents typically are juggling multiple cases or responsibilities and may take longer to complete an investigation or may have difficulty devoting suf ficient resources to a specific case. While the goals are different, the groundwork serves both object ives. For that reason, the analysis completed by the private-sector team is often useful to law enforcement, sa ving them time and giving them a head start in understanding all the technical details of an investigation so t hat they can make a case for protection.
AuthorAffiliation Bryan Sartin is director of technology for Ubizen, where he is r esponsible for all customer-facing issues regarding the technology of its managed security solution offeri ngs. Copyright American Society for Industrial Security Sep 2004 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Credit+card+fraud/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Forensic+sciences/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Network+security/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Investigations/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Case+studies/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/loc/United+States/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/loc/US/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/org/Ubizen+NV/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/naics/514191/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/9190:+United+States/Keyword?accountid=333 37 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/5140:+Security+management/Keyword?accoun tid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/5250:+Telecommunications+systems+$26+Int ernet+communications/Keyword?accountid=33337
http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/9110:+Company+specific/Keyword?accountid =33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/8331:+Internet+services+industry/Keyword?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/au/Sartin,+Bryan/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/pubidlink handler/sng/pub/Security+Management/ExactMatch/7251/DocVi ew/$B/$B/$B/$B?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingv olumeissuelinkhandler/7251/Security+Management/02004Y09Y 01$23Sep+2004$3b++Vol.+48+$289$29/48/9?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingv olumeissuelinkhandler/7251/Security+Management/02004Y09Y 01$23Sep+2004$3b++Vol.+48+$289$29/48/9?accountid=33337

Recommended

Unit VI Case StudyHeadnoteIn addition to knowing how to fo.docx
Unit VI Case StudyHeadnoteIn addition to knowing how to fo.docxUnit VI Case StudyHeadnoteIn addition to knowing how to fo.docx
Unit VI Case StudyHeadnoteIn addition to knowing how to fo.docx
dickonsondorris
 
DRAFT 2 RP.docx
DRAFT 2 RP.docxDRAFT 2 RP.docx
DRAFT 2 RP.docx
DharmendraMedatwal
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
cowinhelen
 
Data Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsData Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsMelissa Lim
 
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsBlake A. Klinkner
 
Phish phry operation
Phish phry operationPhish phry operation
Phish phry operation
Mohamed Zahran
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Binit Kumar
 
Top Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout HistoryTop Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout History
Protected Harbor
 

Recommended

Unit VI Case StudyHeadnoteIn addition to knowing how to fo.docx
Unit VI Case StudyHeadnoteIn addition to knowing how to fo.docxUnit VI Case StudyHeadnoteIn addition to knowing how to fo.docx
Unit VI Case StudyHeadnoteIn addition to knowing how to fo.docx
dickonsondorris
 
DRAFT 2 RP.docx
DRAFT 2 RP.docxDRAFT 2 RP.docx
DRAFT 2 RP.docx
DharmendraMedatwal
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
cowinhelen
 
Data Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsData Sheet_What Darktrace Finds
Data Sheet_What Darktrace FindsMelissa Lim
 
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsBlake A. Klinkner
 
Phish phry operation
Phish phry operationPhish phry operation
Phish phry operation
Mohamed Zahran
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Binit Kumar
 
Top Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout HistoryTop Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout History
Protected Harbor
 
Weak Links: Cyber Attacks in the News & How to Protect Your Assets
Weak Links: Cyber Attacks in the News & How to Protect Your AssetsWeak Links: Cyber Attacks in the News & How to Protect Your Assets
Weak Links: Cyber Attacks in the News & How to Protect Your Assets
OilPriceInformationService
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docx
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docxFrancophoned – A Sophisticated Social Engineering AttackBy Syma.docx
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docx
budbarber38650
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
Philippe Boivineau
 
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docxAccessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
nettletondevon
 
FCL-Introduction.pptx
FCL-Introduction.pptxFCL-Introduction.pptx
FCL-Introduction.pptx
aratibhavsar
 
9 Trends in Identity Verification (2023) by Regula
9 Trends in Identity Verification (2023) by Regula9 Trends in Identity Verification (2023) by Regula
9 Trends in Identity Verification (2023) by Regula
Regula
 
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdfData leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
naresh2004s
 
dataleakagedetection-1811210400vgjcd01.pptx
dataleakagedetection-1811210400vgjcd01.pptxdataleakagedetection-1811210400vgjcd01.pptx
dataleakagedetection-1811210400vgjcd01.pptx
naresh2004s
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
gaurav kumar
 
Cybercriminality
CybercriminalityCybercriminality
Cybercriminality
Chantal Abam
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015Jörn Weber
 
SCAM Detection in Credit Card Application
SCAM Detection in Credit Card ApplicationSCAM Detection in Credit Card Application
SCAM Detection in Credit Card Application
ijcnes
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyChukwunonso Okoro, CFE, CAMS, CRISC
 
Graphs in Government
Graphs in GovernmentGraphs in Government
Graphs in Government
Neo4j
 
A Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity TheftA Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity Theft
Martha Brown
 
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
Robert Craig
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
TransUnion
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonUlf Mattsson
 
Your company nameYour nameInstruction Page1. O.docx
Your company nameYour nameInstruction Page1. O.docxYour company nameYour nameInstruction Page1. O.docx
Your company nameYour nameInstruction Page1. O.docx
hyacinthshackley2629
 
Your Company NameYour Company NameBudget Proposalfor[ent.docx
Your Company NameYour Company NameBudget Proposalfor[ent.docxYour Company NameYour Company NameBudget Proposalfor[ent.docx
Your Company NameYour Company NameBudget Proposalfor[ent.docx
hyacinthshackley2629
 

More Related Content

Similar to 1112015 search.proquest.comcriminaljusticeperiodicalsprint.docx

Weak Links: Cyber Attacks in the News & How to Protect Your Assets
Weak Links: Cyber Attacks in the News & How to Protect Your AssetsWeak Links: Cyber Attacks in the News & How to Protect Your Assets
Weak Links: Cyber Attacks in the News & How to Protect Your Assets
OilPriceInformationService
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docx
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docxFrancophoned – A Sophisticated Social Engineering AttackBy Syma.docx
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docx
budbarber38650
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
Philippe Boivineau
 
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docxAccessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
nettletondevon
 
FCL-Introduction.pptx
FCL-Introduction.pptxFCL-Introduction.pptx
FCL-Introduction.pptx
aratibhavsar
 
9 Trends in Identity Verification (2023) by Regula
9 Trends in Identity Verification (2023) by Regula9 Trends in Identity Verification (2023) by Regula
9 Trends in Identity Verification (2023) by Regula
Regula
 
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdfData leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
naresh2004s
 
dataleakagedetection-1811210400vgjcd01.pptx
dataleakagedetection-1811210400vgjcd01.pptxdataleakagedetection-1811210400vgjcd01.pptx
dataleakagedetection-1811210400vgjcd01.pptx
naresh2004s
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
gaurav kumar
 
Cybercriminality
CybercriminalityCybercriminality
Cybercriminality
Chantal Abam
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015Jörn Weber
 
SCAM Detection in Credit Card Application
SCAM Detection in Credit Card ApplicationSCAM Detection in Credit Card Application
SCAM Detection in Credit Card Application
ijcnes
 
Graphs in Government
Graphs in GovernmentGraphs in Government
Graphs in Government
Neo4j
 
A Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity TheftA Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity Theft
Martha Brown
 
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
Robert Craig
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
TransUnion
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonUlf Mattsson
 

Similar to 1112015 search.proquest.comcriminaljusticeperiodicalsprint.docx (20)

Weak Links: Cyber Attacks in the News & How to Protect Your Assets
Weak Links: Cyber Attacks in the News & How to Protect Your AssetsWeak Links: Cyber Attacks in the News & How to Protect Your Assets
Weak Links: Cyber Attacks in the News & How to Protect Your Assets
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
 
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docx
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docxFrancophoned – A Sophisticated Social Engineering AttackBy Syma.docx
Francophoned – A Sophisticated Social Engineering AttackBy Syma.docx
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
 
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docxAccessing Password Protected andor Encrypted Mobile DataAbstrac.docx
Accessing Password Protected andor Encrypted Mobile DataAbstrac.docx
 
FCL-Introduction.pptx
FCL-Introduction.pptxFCL-Introduction.pptx
FCL-Introduction.pptx
 
9 Trends in Identity Verification (2023) by Regula
9 Trends in Identity Verification (2023) by Regula9 Trends in Identity Verification (2023) by Regula
9 Trends in Identity Verification (2023) by Regula
 
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdfData leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
Data leakage detbxhbbhhbsbssusbgsgsbshsbsection.pdf
 
dataleakagedetection-1811210400vgjcd01.pptx
dataleakagedetection-1811210400vgjcd01.pptxdataleakagedetection-1811210400vgjcd01.pptx
dataleakagedetection-1811210400vgjcd01.pptx
 
Data leakage detection
Data leakage detectionData leakage detection
Data leakage detection
 
Cybercriminality
CybercriminalityCybercriminality
Cybercriminality
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015
 
SCAM Detection in Credit Card Application
SCAM Detection in Credit Card ApplicationSCAM Detection in Credit Card Application
SCAM Detection in Credit Card Application
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
Graphs in Government
Graphs in GovernmentGraphs in Government
Graphs in Government
 
A Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity TheftA Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity Theft
 
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler Seminar
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattsson
 

More from hyacinthshackley2629

Your company nameYour nameInstruction Page1. O.docx
Your company nameYour nameInstruction Page1. O.docxYour company nameYour nameInstruction Page1. O.docx
Your company nameYour nameInstruction Page1. O.docx
hyacinthshackley2629
 
Your Company NameYour Company NameBudget Proposalfor[ent.docx
Your Company NameYour Company NameBudget Proposalfor[ent.docxYour Company NameYour Company NameBudget Proposalfor[ent.docx
Your Company NameYour Company NameBudget Proposalfor[ent.docx
hyacinthshackley2629
 
Your company recently reviewed the results of a penetration test.docx
Your company recently reviewed the results of a penetration test.docxYour company recently reviewed the results of a penetration test.docx
Your company recently reviewed the results of a penetration test.docx
hyacinthshackley2629
 
Your company wants to explore moving much of their data and info.docx
Your company wants to explore moving much of their data and info.docxYour company wants to explore moving much of their data and info.docx
Your company wants to explore moving much of their data and info.docx
hyacinthshackley2629
 
Your company plans to establish MNE manufacturing operations in Sout.docx
Your company plans to establish MNE manufacturing operations in Sout.docxYour company plans to establish MNE manufacturing operations in Sout.docx
Your company plans to establish MNE manufacturing operations in Sout.docx
hyacinthshackley2629
 
Your company just purchased a Dell server MD1420 DAS to use to store.docx
Your company just purchased a Dell server MD1420 DAS to use to store.docxYour company just purchased a Dell server MD1420 DAS to use to store.docx
Your company just purchased a Dell server MD1420 DAS to use to store.docx
hyacinthshackley2629
 
your company is moving to a new HRpayroll system that is sponsored .docx
your company is moving to a new HRpayroll system that is sponsored .docxyour company is moving to a new HRpayroll system that is sponsored .docx
your company is moving to a new HRpayroll system that is sponsored .docx
hyacinthshackley2629
 
Your company is considering the implementation of a technology s.docx
Your company is considering the implementation of a technology s.docxYour company is considering the implementation of a technology s.docx
Your company is considering the implementation of a technology s.docx
hyacinthshackley2629
 
Your company is a security service contractor that consults with bus.docx
Your company is a security service contractor that consults with bus.docxYour company is a security service contractor that consults with bus.docx
Your company is a security service contractor that consults with bus.docx
hyacinthshackley2629
 
Your company has just sent you to a Project Management Conference on.docx
Your company has just sent you to a Project Management Conference on.docxYour company has just sent you to a Project Management Conference on.docx
Your company has just sent you to a Project Management Conference on.docx
hyacinthshackley2629
 
Your company has designed an information system for a library.  The .docx
Your company has designed an information system for a library.  The .docxYour company has designed an information system for a library.  The .docx
Your company has designed an information system for a library.  The .docx
hyacinthshackley2629
 
Your company has had embedded HR generalists in business units for t.docx
Your company has had embedded HR generalists in business units for t.docxYour company has had embedded HR generalists in business units for t.docx
Your company has had embedded HR generalists in business units for t.docx
hyacinthshackley2629
 
Your company You are a new Supply Chain Analyst with the ACME.docx
Your company You are a new Supply Chain Analyst with the ACME.docxYour company You are a new Supply Chain Analyst with the ACME.docx
Your company You are a new Supply Chain Analyst with the ACME.docx
hyacinthshackley2629
 
Your company has asked that you create a survey to collect data .docx
Your company has asked that you create a survey to collect data .docxYour company has asked that you create a survey to collect data .docx
Your company has asked that you create a survey to collect data .docx
hyacinthshackley2629
 
Your Communications PlanDescriptionA.What is your .docx
Your Communications PlanDescriptionA.What is your .docxYour Communications PlanDescriptionA.What is your .docx
Your Communications PlanDescriptionA.What is your .docx
hyacinthshackley2629
 
Your community includes people from diverse backgrounds. Answer .docx
Your community includes people from diverse backgrounds. Answer .docxYour community includes people from diverse backgrounds. Answer .docx
Your community includes people from diverse backgrounds. Answer .docx
hyacinthshackley2629
 
Your Communications Plan Please respond to the following.docx
Your Communications Plan Please respond to the following.docxYour Communications Plan Please respond to the following.docx
Your Communications Plan Please respond to the following.docx
hyacinthshackley2629
 
Your Communication InvestigationFor your mission after reading y.docx
Your Communication InvestigationFor your mission after reading y.docxYour Communication InvestigationFor your mission after reading y.docx
Your Communication InvestigationFor your mission after reading y.docx
hyacinthshackley2629
 
Your Communications PlanFirst step Choose a topic. Revi.docx
Your Communications PlanFirst step Choose a topic. Revi.docxYour Communications PlanFirst step Choose a topic. Revi.docx
Your Communications PlanFirst step Choose a topic. Revi.docx
hyacinthshackley2629
 
Your coffee franchise cleared for business in both countries (Mexico.docx
Your coffee franchise cleared for business in both countries (Mexico.docxYour coffee franchise cleared for business in both countries (Mexico.docx
Your coffee franchise cleared for business in both countries (Mexico.docx
hyacinthshackley2629
 

More from hyacinthshackley2629 (20)

Your company nameYour nameInstruction Page1. O.docx
Your company nameYour nameInstruction Page1. O.docxYour company nameYour nameInstruction Page1. O.docx
Your company nameYour nameInstruction Page1. O.docx
 
Your Company NameYour Company NameBudget Proposalfor[ent.docx
Your Company NameYour Company NameBudget Proposalfor[ent.docxYour Company NameYour Company NameBudget Proposalfor[ent.docx
Your Company NameYour Company NameBudget Proposalfor[ent.docx
 
Your company recently reviewed the results of a penetration test.docx
Your company recently reviewed the results of a penetration test.docxYour company recently reviewed the results of a penetration test.docx
Your company recently reviewed the results of a penetration test.docx
 
Your company wants to explore moving much of their data and info.docx
Your company wants to explore moving much of their data and info.docxYour company wants to explore moving much of their data and info.docx
Your company wants to explore moving much of their data and info.docx
 
Your company plans to establish MNE manufacturing operations in Sout.docx
Your company plans to establish MNE manufacturing operations in Sout.docxYour company plans to establish MNE manufacturing operations in Sout.docx
Your company plans to establish MNE manufacturing operations in Sout.docx
 
Your company just purchased a Dell server MD1420 DAS to use to store.docx
Your company just purchased a Dell server MD1420 DAS to use to store.docxYour company just purchased a Dell server MD1420 DAS to use to store.docx
Your company just purchased a Dell server MD1420 DAS to use to store.docx
 
your company is moving to a new HRpayroll system that is sponsored .docx
your company is moving to a new HRpayroll system that is sponsored .docxyour company is moving to a new HRpayroll system that is sponsored .docx
your company is moving to a new HRpayroll system that is sponsored .docx
 
Your company is considering the implementation of a technology s.docx
Your company is considering the implementation of a technology s.docxYour company is considering the implementation of a technology s.docx
Your company is considering the implementation of a technology s.docx
 
Your company is a security service contractor that consults with bus.docx
Your company is a security service contractor that consults with bus.docxYour company is a security service contractor that consults with bus.docx
Your company is a security service contractor that consults with bus.docx
 
Your company has just sent you to a Project Management Conference on.docx
Your company has just sent you to a Project Management Conference on.docxYour company has just sent you to a Project Management Conference on.docx
Your company has just sent you to a Project Management Conference on.docx
 
Your company has designed an information system for a library.  The .docx
Your company has designed an information system for a library.  The .docxYour company has designed an information system for a library.  The .docx
Your company has designed an information system for a library.  The .docx
 
Your company has had embedded HR generalists in business units for t.docx
Your company has had embedded HR generalists in business units for t.docxYour company has had embedded HR generalists in business units for t.docx
Your company has had embedded HR generalists in business units for t.docx
 
Your company You are a new Supply Chain Analyst with the ACME.docx
Your company You are a new Supply Chain Analyst with the ACME.docxYour company You are a new Supply Chain Analyst with the ACME.docx
Your company You are a new Supply Chain Analyst with the ACME.docx
 
Your company has asked that you create a survey to collect data .docx
Your company has asked that you create a survey to collect data .docxYour company has asked that you create a survey to collect data .docx
Your company has asked that you create a survey to collect data .docx
 
Your Communications PlanDescriptionA.What is your .docx
Your Communications PlanDescriptionA.What is your .docxYour Communications PlanDescriptionA.What is your .docx
Your Communications PlanDescriptionA.What is your .docx
 
Your community includes people from diverse backgrounds. Answer .docx
Your community includes people from diverse backgrounds. Answer .docxYour community includes people from diverse backgrounds. Answer .docx
Your community includes people from diverse backgrounds. Answer .docx
 
Your Communications Plan Please respond to the following.docx
Your Communications Plan Please respond to the following.docxYour Communications Plan Please respond to the following.docx
Your Communications Plan Please respond to the following.docx
 
Your Communication InvestigationFor your mission after reading y.docx
Your Communication InvestigationFor your mission after reading y.docxYour Communication InvestigationFor your mission after reading y.docx
Your Communication InvestigationFor your mission after reading y.docx
 
Your Communications PlanFirst step Choose a topic. Revi.docx
Your Communications PlanFirst step Choose a topic. Revi.docxYour Communications PlanFirst step Choose a topic. Revi.docx
Your Communications PlanFirst step Choose a topic. Revi.docx
 
Your coffee franchise cleared for business in both countries (Mexico.docx
Your coffee franchise cleared for business in both countries (Mexico.docxYour coffee franchise cleared for business in both countries (Mexico.docx
Your coffee franchise cleared for business in both countries (Mexico.docx
 

Recently uploaded

Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
thanhdowork
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
deeptiverma2406
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
chanes7
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Scholarhat
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
Kartik Tiwari
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
gb193092
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 

Recently uploaded (20)

Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
 
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHatAzure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 

1112015 search.proquest.comcriminaljusticeperiodicalsprint.docx

  • 1. 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 1/8 Abstract Full Text Back to previous page document 1 of 1 Tracking the CybercrimeTrail Sartin, Bryan. Security Management 48.9 (Sep 2004): 95-100. Private cybercrime investigators and law enforcement can colla borate to both protect the bottom line and stem crime. In the case discussed, several credit card associatio ns and major credit card issuers began to notice increasing instances of fraud over a three-or four-month s tretch. By looking at the patterns and types of fraud and tying that information back to common points, they believed they had identified one company as the source of the fraud. They contacted the company and asked t hem to cooperate with forensic examiners from Ubizen who would be sent to their site to investigate the p ossibility that a security breach had occurred within their production network environment. The primary objec tive of the forensic investigations was to
  • 2. determine the source and full extent of the breach. If sufficient evidence was found to prove that a crime had been committed, another objective would be to assist law enforc ement in gathering additional evidence for prosecution. The team conducted an in-depth analysis of the fra ud patterns and found that the fraud resulted from duplicated credit cards used in card-present transactions. Headnote In addition to knowing how to follow the bits of evidence, foren sic detectives must know how to work with law enforcement. IN SPRING OF 2003, several credit card associations and major credit card issuers began to notice increasing instances of fraud over a three-or four-month stretch. By lookin g at the patterns and types of fraud and tying that information back to common points, they believed they had identified one company (we'll call them Company A) as the source of the fraud. While the patterns of ev idence pointed to Company A, it was still too circumstantial to call in law enforcement. Hard evidence was ne eded. So the associations and credit card issuers joined forces and contacted Ubizen (the author's compan y), which conducts cybercrime investigations. They also contacted Company A and asked them to cooperate wi th forensic examiners from Ubizen who would be sent to their site to investigate the possibility that a security breach had occurred within their production network environment. Company A officials said that they were not aware of any security breach, but they agreed to work with the investigators. Company A is a software company that provides electronic pay ment software to numerous retail outlets, including restaurants, retail stores, and Internet companies. Co
  • 3. mpany A's core business is its payment gateway service that processes credit card and check transaction s. While the majority of Company A's transactions come from the Internet, wireless transactions are al so common. The two different types of transactions are routed through two separate payment gateways, and together they often account for more than 200,000 electronic payment transactions daily. http://search.proquest.com/criminaljusticeperiodicals/docview/2 31156268/fulltext/D2C9D238C81542FBPQ/1?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals?accountid =33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/au/Sartin,+Bryan/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/pubidlink handler/sng/pubtitle/Security+Management/$N/7251/PrintViewF ile/231156268/$B/BC64AD188A9E4444PQ/1?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingv olumeissuelinkhandler/7251/Security+Management/02004Y09Y 01$23Sep+2004$3b++Vol.+48+$289$29/48/9?accountid=33337 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 2/8 The primary objective of the forensic investigations "was to det ermine the source and full extent of the breach. If sufficient evidence was found to prove that a crime h ad been committed, another objective would be to assist law enforcement in gathering additional evidence fo r prosecution.
  • 4. Discovery. Before arriving at the company's site, the forensic te am conducted an exhaustive discovery process. This advance work would enable the forensic team to h it the ground running when they went on to the company site. Stolen data. The team conducted an in-depth analysis of the frau d patterns and found that the fraud resulted from duplicated credit cards used in "card-present transactions." These are seenarios where legitimate account numbers are fraudulently reproduced on unauthorized d uplicate cards and used by criminals to purchase goods or services in person, often using matching falsi fied information. For a criminal to duplicate a credit card with account informatio n that will pass muster, he or she must have gotten access to the data contained in the magnetic stripe on the back of a card. A credit card magnetic stripe contains two separate tracks of information. Track 1 data contai ns information printed on the card, such as the cardholder's name, but this data is not a component of the tr ansaction authorization-it merely verifies that the name on the card has not been changed. Track 2 contain s more sensitive information, including the CVV code (the card verification value, a number string that is p rinted, not embossed, on a card), which helps verify that a transaction is authorized. Sophisticated fraud could be perpetrated by skimming this infor mation from individual cards. But the fraud pattern in this case made it likely that theft of data in large batc hes had occurred. In fact, the investigation revealed that full mag-stripe information had been taken from C ompany A's network.
  • 5. Because mag-stripe information allows criminals to duplicate a credit card, the payment service industry stipulates that this type of information not be stored subsequent to authorization. The finding of theft at Company A raised questions about whether the mag-stripe infor mation was being handled properly, according to the payment service industry's commonly accepted security st andards. The fact that mag-stripe information was involved in this breach meant that the informati on was likely stored despite the standard against doing so. Investigators needed to locate where on the customer's network this type of information resided. They could then identify the most likely avenues of intrusion through the ne twork. Lay of the land. To accomplish this, the forensic experts studied diagrams to learn the layout of Company A's computer network and determine whether it was vulnerable and which parts of the network were most likely to be exposed if a hacker had been able to penetrate the system. Frequently, the most likely targets are Internet-visible systems, such as Web servers and FTP servers, or weakly configured wireless network access points. The team found that, indeed, Company A's network -was not sufficiently hardened against an attack, making it likely that hackers could have penetrated the system a nd stolen the account information. FBI assistance. Given these findings, the forensic team recogniz ed that it was time for law enforcement to be brought into the process. This was a point sometimes overlooke d by private firms: It was vital that the appropriate government agents be on the scene to help in the ass
  • 6. embling of evidence that could lead to the capture and eventual prosecution of the attacker. In this case, be cause of the nature of the crime and the magnitude of the fraud, FBI agents were contacted. In early June, FBI agents from the Atlanta field office -were the first to visit the site, although they were soon replaced by agents from the Chicago field office, who had much more extensive experience investigating cybercrimes. These agents had in fact worked with Ubizen inves tigators on previous investigations. Ubizen s 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 3/8 forensic experts also visited the FBI field office to hold discussi ons over the specifics of the investigation, such as what forensic tools would be used to ensure the integrity of a ny data taken and how chain of custody would be maintained. At the scene with the FBI agents, Ubizeris investigators began d ata collection; they first collected mirror images of Company A's payment gateway, which they shared wi th the FBI investigators. Together the two teams then interviewed Company A's staff for additional inform ation on how the breach could have occurred, determining, for example, who in the organization had access to particular servers. Track 2 information had been compromised, so it was important to understand where in t
  • 7. he network such data sat, which would indicate to the team what systems must have been touched by th e attacker. This information could also help answer other questions, such as whether it could have been an i nside job or whether the Internet was the avenue of attack. After interviewing the staff and examining the organizations net work diagram, several systems were identified that seemed likely avenues of attack based on their proximity to the Internet and lack of suitable security controls. The team investigated several servers where they susp ected a significant point of exposure and found on one of the systems a number of files that had not been installed by Company A's administrators. These files included keystroke loggers and a common backdoor program called HackerDefender. This made it clear that the system had indeed been compromised, leading the team to rule out an inside job. Footprints. FBI agents and the Ubizen team looked at files and a udit logs to find the hacker's footprint and attack signature-that is, how the hacker broke in and what the h acker did once he or she had access. Without more in-depth analysis it would be impossible to determine how the intruder was first able to gain access to the systems. However, based on the immediately visible footprint left behind by the intruder, it became clear that the server had become the staging point through which the intruder could continually gain access into other components of Company A's production network environment. Once the intruder had gained a foothold into the environment from the outside, he or she placed hacking tool s and utilities within the systems, effectively
  • 8. exploiting the breach. Live prey. When tracing the hacker's steps, the investigators loo ked closely at dates and time stamps to determine when the hacker last penetrated the company's networ k. They found files created by the hacker the day before the investigation began, proving that there was a n ongoing breach, an important development since it could help the investigators to catch the attacker in the act. Sewing up the breaches. The team first needed to repair the brea ch. Since the incidents of fraud associated with Company A were rapidly escalating-as many as hundreds p er day-it was imperative to immediately lock out the hacker's access to private information. The team began by purging from the organization's systems sens itive cardholder data that, under industry standards, should never have been stored on the systems. With t hat data removed, the exposure created by any future unauthorized access would be much less severe. The team also took several of Company A's servers offline, repl acing many of the compromised systems. They then enabled and configured logging and auditing functions to e nsure that if unauthorized access were attempted again, the organization would be able to detect and re spond to the unwanted activity. All of the information collected on site was preserved, includin g hard drives from the compromised systems and logs from the intrusion detection system, the firewall, and t he routers. The information was shipped back to Ubizeris labs for in-depth analysis and preservation for evide ntiary purposes.
  • 9. 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 4/8 A number of different open-source tools were used to identify a nd salvage any other traces left behind by the intruder that might shed more light on the timeline of the attack or other systems that might be involved. The tools used included both Ubizen-proprietary and over-the-c ounter forensic tools such as Encase. Because these tools had been tested extensively in court, the FBI team co uld be sure that any evidence (such as copies of drives) provided by Ubizen would be admissible. Setting the trap. With the loss of data stanched, investigators we re ready to catch the hacker in the act. To accomplish this, the Ubizen team and the FBI set a trap with thr ee components. The first part was a packet sniffer, a laptop with a software prog ram called EtherPeek that would watch traffic in and out of the affected servers. It allowed investigators to mo nitor any data the hacker was sending, such as individual keystrokes, the machines the intruder was attempti ng to access, and how he or she was attempting to do so. Also, the sniffer would capture firsthand ev idence of files removed from the network that would, under normal circumstances, contain sensitive informati on or data that could be used for fraud.
  • 10. Next, the files on those servers were loaded with dummy credit- card information to prevent additional fraud from occurring and to keep the hacker unaware that he or she ha d been noticed. The third part of the trap was the use of Tripwire, a program that monitors the integrity o f files, which was configured to set off an alarm the moment any of the date and time-stamps of the files u nder observation were changed. That would allow the investigators to know exactly when the attacker hit so that they could catch the intruder in the act. Underlying the trap was the fact that the investigators had deter mined precisely how the hacker would attack. The investigation had shown the particular backdoor the attacker was using and what port would be used in the compromise. But with a huge amount of traffic flowi ng back and forth across the network (this company also conducts e-commerce business), waiting for a Tri pwire alarm was not necessarily going to allow the investigators to see the compromise as it happened. So, a Ub izen technician worked with the FBI's Quantico-based Data Analysis Team to create a signature that th ey could look for on the sniffer to see exactly when and where the hacker was attacking. Hooked. The trap worked perfectly. When the hacker snuck in t o begin copying what looked like credit-card information that Company A had backed up, he fell right into th e ambush and was caught red handed. From this point, FBI agents took the evidence collected by the Ubizen and FBI teams and began the hunt for the suspect. They contacted a law enforcement computer-crime liaison group in the Eastern European country where it was determined that the hacker was located. Ultimately, the hac
  • 11. ker-a college-age male-was arrested and extradited, and the evidence gathered against him will be used when the case comes to trial. Aftermath. While Company A breathed a sigh of relief when the hacker was caught, the work of the Ubizen investigative team wasn't over yet. Their mission was not only t o help identify the hacker but also to determine the full extent of the breach and figure out precisely how many credit cards had been compromised, and when. Targets. The complete analysis showed that there were in fact se veral intruders who took advantage of the backdoor the original hacker left, and they seemed to be unawar e of each other's presence. Altogether these attackers maintained some level of access into Company A for more than six months, two months longer than the previously recognized fraud dates. The team was also able t o identify other machines on the network that had been compromised. These included the organizations two da tabase servers, the mail server, two file and print servers, and each of the Internet-visible systems. Recommendations. The final step was to provide recommendatio ns to Company A on how to bolster its 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 5/8
  • 12. security against future attacks. These included the obvious sugg estion of adapting to industry best practices. MasterCard and VISA have led the industry in establishing guid elines to secure customer credit card data. MasterCard's Site Data Protection Service (SDP) and Visas Card holder Information Security Program (CISP) are industry mandates with serious financial penalties for noncompl iance. These programs define a standard of due care for deploying security compliance programs, ensuring t hat online merchants and payment service providers are adequately protected against hacker intrusions and account data compromises. The investigative team determined that Company A was far from fulfilling these r equirements and outlined exactly what measures the company needed to take to be fully compliant. A key suggestion was for Company A to conduct regular vulner ability scanning internally or to outsource the scans to an expert. This inexpensive automated process proactiv ely identifies vulnerabilities to find out if and where a computer system can be exploited or is vulnerable. Finally, the team provided a set of recommendations above and beyond the established credit card industry standards. The team advised Company A to either add an interna l IT team dedicated solely to security or to consider outsourcing key elements of its security program to a managed security services provider. The amount of data generated by security devices is overwhelming, and it can only be properly monitored by a dedicated team whose sole function is to oversee the network da ta. Since the attackers had access to stored credit card data, the tea m also urged Company A not to retain credit
  • 13. card data longer than needed. As this case made clear, storing th is type of sensitive information opens up a high risk of exposure. This case illustrates how private cybercrime investigators and la w enforcement can collaborate to both protect the bottom line and stem crime. That's good news for long-belea guered online businesses, and bad news for online fraudsters. Sidebar Forensic detectives can often quickly identify the most likely ta rgets of a hacker attack on a given network. Sidebar Two Teams are Better Than One Cybercrime investigations are Often initiated by the victimized company not through a call to the police, but through a call to a private firm that specializes in computer fore nsics examinations. These private-sector teams will then call law enforcement into the process as soon as they confirm that illegal activity is occurring. Cooperation between law enforcement and private-sector investi gators is still a fairly new idea, however. Several years ago, when the author's company first started cond ucting forensics investigations, it was often met with distrust by both their private sector clients, who feared bad publicity or losing control of company data, and law enforcement agents, who were reluctant to share i nformation with third-party vendors. However, this reluctance is diminishing as law enforcement bec omes more accustomed to working with third- party cyberforensics experts and as clients see that the process c an work. Companies like Ubizen work under
  • 14. strict conditions and with detailed nondisclosure agreements, w hich protects clients and helps allay fears. Although they need to work together, it is important to understa nd that ultimately the two groups of investigators have different goals. The private-sector team has t he ultimate goal of understanding the full extent of the compromise and helping the client find and close t he vulnerability that led to the breach-in other words, to protect its reputation and profits. Law enforcement is focused on the illegal activity and in collecting any evidence that will lead to the attacker and help in a prosecut ion. 11/1/2015 search.proquest.com/criminaljusticeperiodicals/printviewfile?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/printviewf ile?accountid=33337 6/8 Details Subject Credit card fraud; Forensic sciences; Network security; Investigations; Case studies Location United States, US Name: Ubizen NV NAICS: 514191
  • 15. Company / organization Classification 9190: United States 5140: Security management 5250: Telecommunications systems & Internet communications 9110: Company specific 8331: Internet services industry Title Tracking the CybercrimeTrail Author Sartin, Bryan Publication title Security Management Volume 48 Issue 9 The two groups also work differently due to the nature of their r esponsibilities. A private forensic firm is doing paid work for a client and will devote a team to getting the work done in a short time frame. For example, this case took Ubizen two days on site and another two weeks to co mplete the analysis and write a report. By contrast, law enforcement agents typically are juggling multiple cases or responsibilities and may take longer to complete an investigation or may have difficulty devoting suf ficient resources to a specific case. While the goals are different, the groundwork serves both object ives. For that reason, the analysis completed by the private-sector team is often useful to law enforcement, sa ving them time and giving them a head start in understanding all the technical details of an investigation so t hat they can make a case for protection.
  • 16. AuthorAffiliation Bryan Sartin is director of technology for Ubizen, where he is r esponsible for all customer-facing issues regarding the technology of its managed security solution offeri ngs. Copyright American Society for Industrial Security Sep 2004 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Credit+card+fraud/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Forensic+sciences/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Network+security/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Investigations/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/subject/Case+studies/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/loc/United+States/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/loc/US/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/org/Ubizen+NV/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/naics/514191/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/9190:+United+States/Keyword?accountid=333 37 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/5140:+Security+management/Keyword?accoun tid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/5250:+Telecommunications+systems+$26+Int ernet+communications/Keyword?accountid=33337
  • 17. http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/9110:+Company+specific/Keyword?accountid =33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/cc/8331:+Internet+services+industry/Keyword?ac countid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingli nkhandler/sng/au/Sartin,+Bryan/$N?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/pubidlink handler/sng/pub/Security+Management/ExactMatch/7251/DocVi ew/$B/$B/$B/$B?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingv olumeissuelinkhandler/7251/Security+Management/02004Y09Y 01$23Sep+2004$3b++Vol.+48+$289$29/48/9?accountid=33337 http://search.proquest.com/criminaljusticeperiodicals/indexingv olumeissuelinkhandler/7251/Security+Management/02004Y09Y 01$23Sep+2004$3b++Vol.+48+$289$29/48/9?accountid=33337