1

Philippine College of Criminology

641 Sales Street in Sta. Cruz, Manila

Prepared By: Lover D. Madrilejos Professor: Dr. Rodolfo Sebastian

INTRODUCTION

Crime and criminality have been associated with man since his fall. Crime remains elusive and ever strives to hide itself in the face of development. Different nations have adopted different strategies to contend with crime depending on their nature and extent. One thing is certain, it is that a nation with high incidence of crime cannot grow or develop. That is so because crime is the direct opposite of development. It leaves a negative social and economic consequence.

What is Cyber Crime?

CYBERCRIME Is defined as crimes committed on the internet using the computer as either a tool or a targeted victim. It is very difficult to classify crimes in general into distinct groups as many crimes evolve on a daily basis. Even in the real world, crimes like rape, murder or theft need not necessarily be separate. However, all cybercrimes involve both the computer and the person behind it as victims; it just depends on which of the two is the main target. Hence, the computer will be looked at as either a target or tool for simplicitys sake. For example, hacking involves attacking the computers information and other resources. It is important to take note that overlapping occurs in many cases and it is impossible to have a perfect classification system. Cyber-crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber-crime also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber-crimes when the illegal activities are committed through the use of a computer and the Internet.

Crime ware
A type of malicious software that is designed to commit crimes on the Internet. Crimeware may be a virus, spyware or other deceptive piece of software that can be used to commit identity theft and fraud.

Cyberprise
Slang term used to describe the merging of cyberspace and the enterprise. The term cyberprise was first trademarked by the company Wall Data Inc., which used the word as its product name. Wall Data's Cyberprise is a suite of tools used for creating multiple online communities that include an enterprise's customers, vendors and partners. In 1999, Wall Data was acquired by NetManage, Inc. What is Computer Crime? Any crime in which computer-related technology is encountered. The commission of illegal acts through the use of a computer or against a computer system.

Types of Computer Crime Business attacks Financial attacks

3 Terrorist attacks Grudge attacks Fun attacks

Most Common Computer Crimes Fraud by computer manipulation Computer forgery Damage to or modifications of computer data or programs Unauthorized access to computer systems and service Unauthorized reproduction of legally protected computer programs

Computer Crimes Are Hard to Prosecute Lack of understanding Lack of physical evidence Lack of recognition of assets Lack of political impact Complexity of case Juveniles

Computer Criminals Are Hard to Catch

Multinational activity

No international laws for computer crimes

Complexity

Networked attacks hard to trace

Spam is Hostile
You pay for Spam, not Spammers Email costs are paid by email recipients Spam can be dangerous Never click on the opt-out link! May take you to hostile web site where mouse-over downloads an .exe Tells spammers they found a working address They wont take you off the list anyway

4 What should you do? Filter it out whenever possible Keep filters up to date If you get it, just delete the email

Wi-Fi High Jacking

60-70% wireless networks are wide open Why are the Wi-Fi networks unprotected? Most people say Our data is boring But criminals look for wireless networks to commit their crimes And the authorities will come knocking on your door.. Protect your Computers! Use anti-virus software and firewalls - keep them up to date Keep your operating system up to date with critical security updates and patches Don't open emails or attachments from unknown sources Use hard-to-guess passwords. Dont use words found in a dictionary? Remember that password cracking tools exist Back-up your computer data on disks or CDs often Don't share access to your computers with strangers If you have a wi-fi network, password protect it Disconnect from the Internet when not in use Reevaluate your security on a regular basis Make sure your employees and family members know this info too!

Internet Infrastructure in INDIA

The Complexity of Todays Network

Changes Brought in IT

Large network as backbone for connectivity across the country Multiple Service providers for providing links BSNL, MTNL, Reliance, TATA, Rail Tel Multiple Technologies to support network infrastructure CDMA, VSAT, DSL Multiple Applications

Trends shaping the future

Ubiquitous computing, networking and mobility Embedded Computing Security IPv6 VoIP

Intranet

Perimeter Network

Branch
Desktops New PC Router
` `

Laptops

Router

Router Unmanaged Devices

Extranet Servers Internet

`

Router Router Network Infrastructure

Branch Offices
` ` `

Servers

Router

Internet
Remote Workers
`

Home Users Unmanaged Device

Cyber Threat Evolution

Virus

Malicious Code (Melissa) (Melissa) Breaking Web sites

Advanced Worm /Trojan (I LOVE YOU)

Identity Theft (Phishing)

Organized crime Data Theft, DoS/DDoS

1977

1995

2000

2003-04

2005-06

2007-08

Trends of Incidents

Phishing
o o o o o

Increase in cases of fast-flux phishing and rock-phish Domain name phishing and Registrar impersonation Crimeware Targeting personal information for financial frauds Information Stealing through social networking sites

Rise in Attack toolkits

o

Toolkits like Mpack and Neospolit can launch exploits for browser and client-side vulnerabilities against users who visit a malicious or compromised sites

Global Attack Trend

Top originating countries Malicious code

INFORMATION SECURITY
Availability Authenticity INFORMATION SECURITY Authenticity

Security Policy

People

Regulatory Compliance
User Awareness Program

Access Control

Process

Security Audit Incident Response Encryption, PKI Firewall, IPS/IDS Antivirus

Technology
Three faces of cyber crime
Organized Crime Terrorist Groups Nation States

Different Types of Cyber crime Spam

The most common type of cyber-crime is spam. While email spam laws are fairly new, there have been laws on the books regarding "unsolicited electronic communications" for many years.

Fraud
Credit fraud is another common form of cyber-crime. Certain computer viruses can log keystrokes on your keyboard and send them to hackers, who can then take your Social Security number, credit card number and home address. This information will be used by the hacker for his own means.

Cyber Bullying
Harassment, or cyber bullying, is a growing problem among teenagers. Many countries in Europe and several states in the United States have laws to punish those who consistently harass somebody over the Internet.

10

Drug Trafficking
Believe it or not, drug trafficking is happening over the Internet. Many traffickers use encrypted email or password-protected message boards to arrange drug deals.

Cyber terrorism
There are many forms of cyber terrorism. Sometimes it's a rather smart hacker breaking into a government website, other times it's just a group of like-minded Internet users who crash a website by flooding it with traffic. No matter how harmless it may seem, it is still illegal.

Piracy
Far and away the most talked about form of cybercrime is thievery. Yes, downloading music from peer-to-peer websites is illegal and therefore a form of cybercrime Mail Bombing

Similar in some ways to a DoS attack A stream of large-sized emails are sent to an address, overloading the destination account This can potentially shut-down a poorly-designed email system or tie up the telecom channel for long periods Defense: email filtering

Break-Ins
Hackers are always trying to break-in into Internet-connected computers to steal info or plant malicious programs Defense: Intrusion detectors

Credit Card Fraud (1)

A thief somehow breaks into an ecommerce server and gets hold of credit numbers and related info The thief then uses that info to order stuff on the Internet

Credit Card Fraud (2) Alternatively, the thief may auction the credit card info on certain Web sites setup just for that purpose Defense: Use single-use credit card numbers for your Internet transactions Using a piece of SW without the authors permission or employing it for uses not allowed by the author is SW piracy For whatever reason, many computer users do not consider it to be a serious crime, but it is!

Software Piracy (1)

Software Piracy (2) Only the large rings of illegal SW distributors are ever caught and brought to justice Defense: Various authentication schemes. They, however, are seldom used as they generally annoy the genuine users

11

Industrial Espionage

Spies of one business monitoring the network traffic of their competitors They are generally looking for info on future products, marketing strategies, and even financial info Defense: Private networks, encryption, network sniffers

Web Store Spoofing A fake Web store (e.g. an online bookstore) is built Customers somehow find that Web site and place their orders, giving away their credit card info in the process The collected credit card info is either auctioned on the Web or used to buy goods and services on the Web

Viruses (1)
Self-replicating SW that eludes detection and is designed to attach itself to other files Infects files on a computers through: Floppy disks, CD-ROMs, or other storage media The Internet or other networks

Viruses (2)
Viruses cause tens of billions of dollars of damage each year One such incident in 2001 the LoveBug virus had an estimated cleanup/lost productivity cost of US$8.75 billion The first virus that spread world-wide was the Brain virus, and was allegedly designed by someone in Lahore

One Way of Classifying Viruses Malicious

The type that grabs most headlines May destroy or broadcast private data May clog-up the communication channels May tie-up the uP to stop it from doing useful work

Neutral
May display an annoying, but harmless message

Helpful
May hop from one computer to another while searching for and destroying malicious viruses

12

Anatomy of a Virus A virus consists of 2 parts:

Transmission mechanism Payload

Transmission Mechanism
Viruses attach themselves to other computer programs or data files (termed as hosts) They move from one computer to another with the hosts and spring into action when the host is executed or opened

Payload
The part of the virus that generally consists of malicious computer instructions The part generally has two further components: Infection propagation component:

This component transfers the virus to other files residing on the computer Actual destructive component:

This component destroys data or performs or other harmful operations

Commonsense Guidelines (1)

Download SW from trusted sites only Do not open attachments of unsolicited emails Use floppy disks and CDROMs that have been used in trusted computers only When transferring files from your computer to another, use the write-protection notches

Commonsense Guidelines (2)

1. 2. 3. Stay away from pirated SW Regularly back your data up Install Antivirus SW; keep it and its virus definitions updated

Antivirus SW
1. 2. Designed for detecting viruses & inoculating Continuously monitors a computer for known viruses and for other tell-tale signs like: 1. 2. 3. 3. Most but, unfortunately not all viruses increase the size of the file they infect Hard disk reformatting commands Rewriting of the boot sector of a hard disk

The moment it detects an infected file, it can automatically inoculate it, or failing that, erase it

13

Other Virus-Like Programs

1. 2. There are other computer programs that are similar to viruses in some ways but different in some others Three types: 1. 2. 3. Trojan horses Logic- or time-bombs Worms

Trojan Horses
1. 2. 3. Unlike viruses, they are stand-alone programs The look like what they are not They appear to be something interesting and harmless (e.g. a game) but when they are executed, destruction results

Logic- or Time-Bombs
1. 2. It executes its payload when a predetermined event occurs Example events: 1. A particular word or phrase is typed A particular date or time is reached

2. Worms
1.

Harmless in the sense that they only make copies of themselves on the infected computer Harmful in the sense that it can use up available computer resources (i.e. memory, storage, processing), making it slow or even completely useless

2.