Cyber Crimes

1
Cyber Crimes

• Chunlian QU

2
Whats Cyber Crimes?

• Cyber crime, also called computer crime, is any
  illegal behavior directed by means of electronic
  operations that targets the security of computer
  systems and the data processed .

3
Types of Attacks

• Military and Intelligence Attacks
• Business Attacks
• Financial Attacks
• Terrorist Attacks
• Grudge Attacks
• Fun Attacks

4
Types of Offenders

• Cracker motivation is to access a system or data
• Criminals motivation is financial gain.
• Vandals motivation is to damage the system or
  data files.

5
Types of Security

• Physical security
• Personnel security
• Communications security
• Operations security

6
Types of Cyber Crimes - Breaches of physical
security

• Dumpster diving (trashing)
• Wiretapping
• Eavesdropping on Emanations
• Denial or Degradation of Service
• Prevention method
• - Locks and keys.
• - Natural disasters
• - Environmental threats

7
Types of Cyber Crimes - Breaches of Personnel
security

• Masquerading
• Social engineering
• Harassment
• Software piracy
• Prevention method
• - Background checks and careful monitoring
  on the job

8
Types of Cyber Crimes - Breaches of
communications and data security (Data
attacks)

• Unauthorized Copying of Data
• Traffic analysis
• Covert channels

9
Types of Cyber Crimes - Breaches of
communications and data security (Software
attacks)

• Trap doors (back doors)
• Session hijacking
• Tunneling
• Timing Attacks
• Trojan horses
• Viruses and Worms

10
Types of Cyber Crimes - Breaches of
communications and data security (Software
attacks)

• Salamis
• Logic bombs
• Prevention methods
• - Access control
• - Cryptographic methods
• - Physical protection and shielding of
  network cabling
• - Firewall technology

11
Types of Cyber Crimes - Breaches of operations
security

• Data diddling (false data entry)
• IP spoofing
• Password Sniffing
• Scanning
• Excess Privileges
• Prevention The only way it can be effective is
  if it is integrated into an organizations
  physical, personnel, and communications security
  programs.

12
Steps taken after the breach

• The first step is to assess the situation.
• - What is the severity level of the
  intrusion?
• - Who will be involved in the investigation?
• - Who is responsible for determining future
  actions?

13
Steps taken after the breach

• The second step is to repair damage and prevent
  recurrence.
• Under a serious breach, asking
• - Government agencies.
• - Private companies.

14
Report Cyber Crimes

• Cyber crimes the NCCS (The FBIs National
  Computer Crimes Squad) investigates include
• - Intrusions of the Public Switched
  Network (the telephone company).
• - Major computer network intrusions.
• - Network integrity violations.
• - Privacy violations
• - Industrial espionage.
• - Pirated computer software.
• - Other crimes where the computer is a
  major factor in committing the criminal offense.

15
Methods of investigations

• The important first step is determining if a
  criminal still has control of any relevant
  computer.
• As a general rule, an investigator should not let
  the attacker know that they are being
  disconnected or tracked due to unauthorized
  access.

16
Suggestions because of laws

• Firms should secure their networked information.
• Government should assure that their laws apply to
  cyber crimes.
• Firms, governments, and civil society should work
  cooperatively to strengthen legal frameworks for
  cyber security.