You are on page 1of 5

Computer and Internet Crimes

Computer crime, or cybercrime, refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime. Netcrime refers, more precisely, to criminal exploitation of the Internet. Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise. On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, financial theft, and other cross-border crimes sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions, with the International Criminal Court among the few addressing this threat.[3] Computer crime encompasses a broad range of potentially illegal activities. Generally, however, it may be divided into one of two types of categories: (1) crimes that target computer networks or devices directly; (2) crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device. Exploit - is an attack on an information system that takes advantage of a particular system vulnerability. Often this attack is due to poor system design or implementation. Once the vulnerability is discovered, software developers quickly create and issue a “fix” or patch, to eliminate problem. Users of the system or application are responsible for obtaining and installing the patch, which they can usually download from the Web. Types of Exploits 1. Computer virus – is a piece of programming code, usually disguised as something else, that causes a computer to behave in an unexpected and usually undesirable manner. Often a virus is attached to a file, so that when the infected file is opened, the virus executes. Other viruses sit in a computer’s memory and infect files as the computer opens, modifies or creates them. Macro viruses are easily created form of virus. Attackers use an application macro language such as Visual Basic or VBScript. 2. Worms – unlike a computer virus, which requires users to spread infected files to other users, a worm is a harmful program that resides in the active memory of the computer and duplicates itself. Worms differ from viruses in that they can propagate even without interventions, sending copies of themselves to other computers by email or Internet Relay Chat (IRC) Negative Impact of Worm • Lost data and program • Lost of productivity due to workers being unable to use the programs • Additional lost of productivity as workers attempt to recover data and programs

Cost impact of worms Name Storm ILOVEYOU Code Red SirCam Melissa

Year released 2007 2000 2001 2001 1999

Economic Impact > $10 Billion $8 Billion $2.62 Billion $1.15 Billion $1.10 Billion

3. Trojan Horses – is a program in which malicious code is hidden inside a seemingly harmless program. It can be delivered as an email attachment, downloaded from a website, or contracted via a removable media device such as CD/DVD or USB. Example: Opanki Trojan horse disguised it self as a file coming from Apple’s popular online iTunes music service. It was distributed via an instant message that read “This picture never gets old.” An unsuspecting user who clicked a link in the message would install the Trojan horse. Example: Another type of Trojan horse is a Logic Bomb which executes when it is triggered by a specific event such as changing a particular file, typing specific series of keystrokes or just by specific time and date. 4. Botnet – is a large group of computers controlled from one or more remote locations by hackers, without the knowledge or consent of their owners. Botnets are frequently used to distribute span and malicious code. . Example: Cutwail, a large botnet, controlled approximately one million active bots at one time. It is estimated that about one in four personal computers in the United States is part of botnet. Example: In 2008, about 90 percent of spam was distributed by botnets, including the notorious Storm, Srizbi and Cutwai botnet. 5. Distributed Denial-of-Service (DD0S) Attacks – is one in which malicious hacker takes over computers on the Internet and causes them to flood a target site with demands for data and other small tasks. DDOS does not involve infiltration of the targeted system, instead, it keeps the target so busy responding to a stream of automated request that legitimate users cannot get in. 6. Rootkit is a set of programs that enables its users to gain administrator level access to a computer without the end user’s consent or knowledge. Once installed, the attacker can gain full control of the system and even obscure the presence of the rootkit from legitimate system administrators. Attackers use rootkit to: • Execute files • Access logs • Monitors users activity • Changes computer configuration Effect of Rootkits: • The computer locks up or fails to respond to input from the keyboard or mouse • The screen saver changes wihout any action on the part of the user.

• The taskbar disappears. • Network activities function extremely slow. 7. E-mail Spam – is the abuse of e-mail systems to send unsolicited e-mail to large numbers of people. Most spam is a form of low-cost commercial advertising, sometimes for questionable products such as pornography, phony get-rich-quick schemes and worthless stock. Spam is extremely inexpensive method of marketing used by many legitimate organizations. Example: • A company might send e-mail to a board cross section of potential customers to announce the release of a new product in an attempt to increase sales. • Spam can be used to deliver harmful worms and other malware. Solution: A partial solution to this problem is the use of Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) software generates and grades test that humans can pass that most sophisticated computer programs cannot. 8. Phishing – is the act of using email to try to get the recipient to reveal personal data. The sender sends legitimate looking e-mails urging the recipient to take action to avoid a negative consequence or to receive a reward. Spear phishing – is a variation of phishing in which the phisher sends fraudulent e-mails to a certain organization’s employees. The phony e-mails are designed to look like they came from high-level executives within the organization. Employees are again directed to a fake website and then asked to enter personal information, such as name, Social Security number and network password. 9. Computer fraud is any dishonest misrepresentation of fact intended to let another to do or refrain from doing something which causes loss.[citation needed] In this context, the fraud will result in obtaining a benefit by: Altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes; • Altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect; • Altering or deleting stored data; • Altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes.

Perpetrators The people who launch these attacks including: 1. thrill seekers wanting a challenge 2. common criminal looking for financial gain 3. industrial spies trying to gain competitive advantage 4. terrorists seeking to cause destruction to further their cause

Types of Perpetrators 1. Hackers – test the limitations of information systems out of intellectual curiosity to see whether they can gain access and how far they can go. They have at least a basic understanding of information systems and security features and the desire to learn more. Sources on how to learn hacking: - Online chat group - Web sites - Downloadable hacker tools - Hacker conventions such as DEFCON annual gathering of hacker in Las Vegas Cracking is a form of hacking that is clearly criminal activity. Crackers break other people’s networks and systems to cause harm such as: • Defacing webpages • Crashing computers • Spreading harmful programs and hateful messages • Writing scripts and automated programs that let other people do the same thing. Example: Crackers defaced a CERN (the European Organizational for Nuclear Research) website. 2. Malicious Insider is an ever present and ever extremely dangerous adversary. Threat to the company by a malicious insider: • Diversion of company funds • Theft of assets • Fraud connected with bidding process • Invoice and payment fraud • Computer fraud • Credit card fraud Steps to reduce the potential for attacks from insiders: • Perform a thorough background check as well as psychological and drug testing • Establish an expectation of regular and ongoing psychological and drug testing. • Limit the number of people for sensitive positions • Define job roles and procedures • Periodically rotate employees in sensitive positions • Immediately revoke all rights and privileges required to perform old job • Implement an ongoing audit process 3. Industrial Spies use illegal means to obtain trade secrets from competitors of their sponsors. Trade secrets are protected by the Economic Espionage Act of 1996, which makes it a federal crime to use a trade secret for one’s own benefit or another benefit. Trade secrets are most often stolen by insider such as disgruntled employees and ex-employees. Competitive Intelligence uses legal techniques to gather information that is available to the public such as: • Financial report • Trade journals • Public filings • Printed interviews with company officials

Industrial espionage involves illegal means to obtain information that is not available to the public such as: • Wire tapping phones of key officials • Bugging a conference room • Break into research and development facilities to steal test results • Stealing new product design, production data, marketing information and new software source code 4. Cybercriminals are motivated by the potential for monetary gain and hack into corporate computers to steal, often by transferring money from one account to another – leaving a hopelessly complicated trail for law enforcement officers to follow. Activities of a cybercriminal involves stealing and reselling credit card numbers, personal identities and cell phone IDs. Because the potential for monetary gain is high, they can afford to spend large sum of money to buy the technical expertise and access they need from unethical insiders. Possible solutions: • Encryption technology is used by most of e-commerce Web sites to protect information from consumers • Credit Verification Value (CVV) - the three digit number above the signature panel on the back of the credit card. This technique makes it impossible to make purchase with the credit card number stolen online. • Transaction-risk scoring software – keeps track of costumers historical shopping patterns and notes deviation from the norms. 5. Hacktivists and Cyberterrorists Hacktivism, a combination of the word hacking and activism, is hacking to achieve a political or social goal. Cyberterrorist launches computer-based attacks against other computers or networks in an attempt to intimidate or coerce a government in order to advance certain political and social objectives. They are more extreme in their goal that hacktivists although there is no clear demarcation line