Cyber Crime: by Ramesh Kumar
Cyber Crime: by Ramesh Kumar
Cyber Crime: by Ramesh Kumar
By Ramesh Kumar
Introduction
Cyber crime is unlawful acts wherein the computer is either a tool or a target or both. Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code.
In the News.
1 out of 5 children received a sexual solicitation or approach over the Internet in a one-year period of time (www.missingchildren.com) California warns of massive ID theft personal data stolen from computers at University of California, Berkeley (Oct 21, 2004 IDG news service) Microsoft and Cisco announced a new initiative to work together to increase internet security (Oct 18, 2004 www.cnetnews.com)
More cyber criminals than cyber cops Criminals feel safe committing crimes from the privacy of their own homes Brand new challenges facing law enforcement
Most not trained in the technologies Internet crimes span multiple jurisdictions
Computer Crime
Computer used to commit a crime
Child porn, threatening email, assuming someones identity, sexual harassment, defamation, spam, phishing
Computer Forensics
What is it?
an autopsy of a computer or network to uncover digital evidence of a crime Evidence must be preserved and hold up in a court of law
FBI, State and Local Police, IRS, Homeland Security Defense attorneys, judges and prosecutors Independent security agencies White hat or Ethical Hackers Programs offered at major universities such as URI
http://homepage.cs.uri.edu/faculty/wolfe/cf
Digital Evidence
Not obvious.its most likely hidden on purpose or needs to be unearthed by forensics experts
Hide their files by encryption, password protection, or embedding them in unrelated files (dll, os etc) Use Wi-Fi networks and cyber cafes to cover their tracks
Must acquire the evidence while preserving the integrity of the evidence
No damage during collection, transportation, or storage Document everything Collect everything the first time
Can perform analysis of evidence on exact copy! Make many copies and investigate them without touching original Can use time stamping/hash code techniques to prove evidence hasnt been compromised
Spam
Spam accounts for 9 out of every 10 emails in the United States.
MessageLabs, Inc., an email management and security company based in New York.
We do not object to the use of this slang term to describe UCE (unsolicited commercial email), although we do object to the use of the word spam as a trademark and the use of our product image in association with that term www.hormel.com
FTC is authorized (but not required) to establish a do-not-email registry www.spamlaws.com lists all the latest in federal, state, and international laws
Spam is Hostile
You pay for Spam, not Spammers
Email costs are paid by email recipients Never click on the opt-out link!
May take you to hostile web site where mouse-over downloads an .exe
Tells spammers they found a working address They wont take you off the list anyway Filter it out whenever possible Keep filters up to date If you get it, just delete the email
software that piggybacks on other software and runs when you run something else Macro in excel, word
Transmitted through sharing programs on bulletin boards Passing around floppy disks
An .exe, .com file in your email software that uses computer networks to find security holes to get in to your computer usually in Microsoft OS!! But worm for MAC was recently written
Worms
Industrial Espionage Identity theft Defamation A lot of bored 16 year olds late at night To commit crimes Take down networks Distribute porn Harass someone Help break into networks to prevent crimes
Mafia Boy
Newport Harbor - All the boats in Harbor have internet access San Francisco Giants Stadium Surf the web while catching a game UMass (need to register, but its free) Cambridge, MA Philadelphia, PA just announced entire city by 2006
Most people say Our data is boring But criminals look for wireless networks to commit their crimes And the authorities will come knocking on your door..
Cybercrime Cases
Network Packet
Evidence from
Technical support is requested and the level is determined according to the case contents
21
Evidence
Collection
Internet Interception
Search Seizure Complete Forensic analysis and interpret the evidence found for legal/courtroom setting
Forensics tools
To assist in the forensic acquisition of digital evidence, it is essential that every computer crime investigator has access to the correct forensic hardware and software tools. This plays a critical role in the detection of computer related crimes as well as the collection and analysis of evidence.
2.
Reconstructable Network Packet
Email , Web Mail ,IM, FTP , P2P, VoIP, Video Streaming , HTTP, Online Games, Telnet
By using Forensic Tools, we can obtain supporting evidence like log, files and records from both victim and suspect computers.
Internet Interception
Capturing network packets to reconstruct Email , Web Mail , IM, FTP , P2P, VoIP, Video Streaming , HTTP, Online Game, Telnet
Network Packet
Digital Evidence
Court
Forensic Analysis
Forensic Reports
Thank you!