The document discusses various types of crimes involving computers. It describes white-collar crimes like the Enron case, where executives hid losses and fabricated profits. It also discusses counterintelligence gathering to protect against espionage. Economic espionage and theft of intellectual property from companies are provided as examples. Common computer crimes also described include financial fraud, hacking, denial of service attacks, computer viruses, and theft of data.

1. Page 1System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving
Computers

2. Page 2System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving Computers
 White-collar crimes - refers to financially motivated nonviolent crime
committed by business and government professionals [higher level
employee]
Enron case (energy, commodities, and services company) - In this
famous white collar crime case, a company that was once successful
resorted to schemes to hide losses and fabricate profits.
Though Enron shares were worth $90.75 at its peak, they fell to just
$0.67 after the company filed for bankruptcy in 2002. Some of the
criminal practices involved in the Enron case included using off-
balance-sheet special purpose vehicles (SPVs) in order to hide
mounting debt and “toxic assets” from both investors and creditors.
Chief Financial Officer (CFO) Andrew Fastow was held largely
responsible for orchestrating these false business tactics.

3. Page 3System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving
Computers
 Counterintelligence -
information gathered
and activities
conducted to protect
against espionage
(spying), other
intelligence
activities, sabotage,
or assassinations
conducted for or on
behalf of foreign
(state) powers,
organizations or
persons or
international terrorist
activities

4. Page 4System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving
Computers
 Counterintelligence -
information gathered
and activities
conducted to protect
against espionage
(spying), other
intelligence
activities, sabotage,
or assassinations
conducted for or on
behalf of foreign
(state) powers,
organizations or
persons or
international terrorist
activities

5. Page 5System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving Computers
 Economic espionage (spying)
Example 1 - In a January 2010 blog post, Google disclosed that it
detected the previous month a highly sophisticated cyberattack
originating from China that resulted in the theft of its intellectual
property. The company said evidence suggested that a primary goal of
the attackers was to access the Gmail accounts of Chinese human
rights activists. Google said a wide range of companies were also
targeted, including those in the finance, technology, media, and
chemical industries. "This is a big espionage program aimed at getting
high-tech information and politically sensitive information," James A.
Lewis, a cyber and national security expert at the Center for Strategic &
International Studies, told the Washington Post. Photographer:
Bloomberg

6. Page 6System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving Computers
 Economic espionage (spying)
Example 2 - Hackers stole proprietary information from six U.S. and
European energy companies, including Exxon Mobil, Royal Dutch Shell,
and BP, according to investigators and one of the companies. McAfee
said the attacks resulted in the loss of "project-financing information with
regard to oil and gas field bids and operations." It also said the attacks,
dubbed Night Dragon, originated "primarily in China" and began in
November 2009. Marathon Oil, ConocoPhillips, and Baker Hughes were
also hit, according to people familiar with the investigations. Hackers
targeted computerized topographical maps worth "millions of dollars"
that locate potential oil reserves, said Ed Skoudis of InGuardians, a
security company. Photographer: Bloomberg

7. Page 7System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes
Involving Computers
 Financial fraud (payment
card, money laundering,
counterfeit currency and
security documents,
social engineering fraud
(phishing and telecomm
fraud) -
 social engineering: Social
engineering, in the
context of information
security, refers to
psychological
manipulation of people
into performing actions or
divulging confidential
information.
It is a set of psychological techniques and social skills
which, used consciously and premeditatedly, allow
data to be stolen. What a social engineer does with
the information they have gathered hasn’t got limits
(although that no longer belongs to social
engineering) - it’s even possible that a social engineer
would never touch a computer or access any system.
In some cases, a social engineer does not have to
gain the confidence of his or her victims, or
manipulate them, as he or she can obtain data by
paying attention to the information which is in view of
everybody.
It could be a post it on a desktop, notes of a
notebook, messages that appear on a mobile screen,
or even looking for data in the trash (a method known
as trashing). In other words, a social engineer can
get data without applying any pressure on people.
In these cases, we would not be talking about a scam
technique, but taking advantage of carelessness.
Social Engineering – A Case Study –
http://resources.infosecinstitute.com/social-engineering-a-case-study/#gref

8. Page 8System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes
Involving Computers
 Theft of intellectual
property (trade
secret, copyright
infringement,
software
copyrights) –
issues with those
materials that is
not protected by IP
laws with low
ownership right
The intellectual property in software can be protected
three ways: patents, copyrights and trade secrets.
Patents protect "inventions" that are useful, nonobvious
and novel, and must be approved by the country’s
patent office (e.g. U.S. Patent and Trademark Office)
Copyright law applies to "works of authorship" that are
fixed in a tangible medium of expression (such as a CD
or a book), and applies automatically (a filing with the
U.S. Copyright Office is required prior to bringing a
lawsuit). Thus, the code of virtually all software is
automatically protected by copyright.
Copyright prohibits the reproduction, distribution,
modification, public performance and public display of
software that is "substantially similar" to the original
software.
Trade secret law protects any information that is not
"commonly known" and which the company has taken
reasonable steps to keep in confidence. The protection
is more limited than patent and copyright protection:
Trade secret law prevents only misappropriation, which
means wrongful taking.
Trade secret law could protect secrets in the source
code of the software, for example.

9. Page 9System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving Computers
 Counterfeiting - act of imitate something like reproducing or replicating
items, files etc , producing fake product/software, fake money.
One of the top counterfeiters of our time is Arthur Williams who made
some of the most realistic looking fake 1996, $100 bills. Over the
course of ten years he managed to produce over $10 million in fake
banknotes. To cash in some real money from his operation he would
sell his fake money to gangsters in his area for 20 cents on the
dollar.

10. Page 10System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes
Involving Computers
 Planting of virus,
trojan and
worms.
 What about
stealth virus,
polymorphic
viruses and
cavity virus?
a stealth virus is a computer virus that uses
various mechanisms to avoid detection by antivirus
software (to conceal any changes made by the
malware to the infected system).
Generally, stealth describes any approach to
doing something while avoiding notice – for
example, rootkits (A rootkit is a clandestine
computer program designed to provide continued
privileged access to a computer while actively
hiding its presence)
A polymorphic virus is a complicated computer
virus that affects data types and functions. It is a
self-encrypted virus designed to avoid detection
by a virus scanner. Upon infection,
the polymorphic virus duplicates itself by creating
usable, albeit slightly modified, copies of itself.
Example – Elkern, Marburg, Satan bug, Tuareg
and Dark Avenger
A cavity virus attempts to install itself inside of the
file it is infecting.
https://www.symantec.com/
connect/articles/security-11-
part-1-viruses-and-worms

11. Page 11System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Crimes Involving Computers
 Denial of Service Attacks - a denial-of-service attack (DoS attack)
is a cyber-attack where the perpetrator seeks to make a machine or
network resource unavailable to its intended users by temporarily or
indefinitely disrupting services of a host connected to the Internet.
Denial of service is typically accomplished by flooding the targeted
machine or resource with superfluous requests in an attempt to
overload systems and prevent some or all legitimate requests from
being fulfilled
 Damage of company service networks
 Hacker system penetrations – social engineering, DoS,
 Violent crimes —murder, terrorism
 Other crimes involving computers include drug dealing and child
pornography.

12. Page 12System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Let’s Play:
Identify the Crime

13. Page 13System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 1
 An attacker disseminates a virus from a rogue
Web site that infects many computers.
 A rogue Web site is one that subverts a legitimate Web site by appearing to
replace it. In programming, rogue code is another term for code that
constitutes a virus)
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

14. Page 14System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 2
 An attacker sends out false e-mails suggesting
the receiver can make a large sum of money with
very little investment.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

15. Page 15System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
An attacker inserts SQL commands into
text boxes, often using the username and
password text fields on a logon screen.
Question 3
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

16. Page 16System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 4
A criminal uses phishing (an email asking
individuals to reveal their personal info) to
trick a victim into giving up personal
information.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

17. Page 17System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 5
A denial of service (DoS) attack is an
example of this type of this crime.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

18. Page 18System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 6
Data piracy is an example of this type of
crime.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

19. Page 19System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 7
 An attacker remotely accesses a power plant's computer
system and inserts a logic bomb (a set of instructions secretly
incorporated into a program so that if a particular condition is satisfied
they will be carried out, usually with harmful effects.)

 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

20. Page 20System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 8
An attacker dumpster (recycling bins,
deleted files) dives to look for a victim's
personal information, such as in discarded
mail, bills, and bank statements.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

21. Page 21System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 9
A suspicious person in a chat room asks for
your home address every time you are both
online together.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

22. Page 22System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Question 10
A person from Nigeria e-mails you, asking
to use your bank account to “park” some
money temporarily.
 Answer choices:
• Identity theft
• Hacking
• Cyberstalking and harassment
• Computer fraud
• Non-access computer crime
• Cyberterrorism

23. Page 23System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Questions to ponder
Why do criminals use the Internet?
 Targets are readily available through the Internet. In addition,
the risks for criminals are much lower than with traditional
crimes. The cybercriminal can work from the comfort of home
or some other remote site. A criminal can actually rob a bank
with no chance of being physically harmed in the process.
How can the Internet be used in traditional
crimes?
 The Internet can simply be a tool for a traditional crime.
Criminals can set up Web sites to illegally sell prescription
drugs, exchange child pornography, or provide false
identification.

24. Page 24System Forensics, Investigation, and Response
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Motivation for cyber crime