270 likes | 589 Vues
Computer Crime, Computer Fraud, and Cyber Terrorism. III. COMPUTER FORENSICS, ELECTRONIC EVIDENCE, FRAUD, AND COMPUTER CRIME LAWS. Chapter 10. Chapter 10 Learning Objectives. Computer crimes and punishments. Federal statutes for prosecuting computer crimes.
E N D
Computer Crime, Computer Fraud, and Cyber Terrorism III. COMPUTER FORENSICS, ELECTRONIC EVIDENCE, FRAUD, AND COMPUTER CRIME LAWS Chapter 10
Chapter 10 Learning Objectives • Computer crimes and punishments. • Federal statutes for prosecuting computer crimes. • Computers as targets of crime. • Computers as instruments of crime. • Computer fraud as white-collar crime (WCC). • Cyber terrorist threats • Incident response documentation and handling
Early cyber crime and laws • Prior to 1984, there were very few statutes that defined computer-related criminal offenses. • For example: When the Morris worm paralyzed half the Internet in 1988, the cost to recover was estimated at $186 million. But in 1988 there was no clearly defined law against computer viruses or worms that the government could use to prosecute Robert Morris Jr., the worms creator. • Instead, Morris was charged with illegal wiretapping.
Allied Irish Banks Trader Gets 7 ½ Years for fourth Largest Bank Fraud Scandal in the World • John M. Rusnak, a former currency trader for Allfirst Financial Inc., manipulated his company’s computer system, which allowed him to illegally collect over $850,000 in enhanced salary and bonuses. • Rusnak entered fictitiousoptions trades in Allfirst’s computer system in the late 1990s making it appear as if his $691 million in trading losses had been offset by the options positions, and to show millions of dollars in bogus profits. • Case on Point: Bank Fraud Scandal
Trusted Controller Commits $2.5 Million Fraud • A manufacturing firm blamed inefficiencies in their manufacturing process as the cause of cash flow problems. • Their new chief financial officer (CFO) realized that a manufacturing inefficiency was not the problem so he begun a forensics accounting investigation. • The investigation revealed that the controller had altered checks, which he then deposited into his own bank accounts. • The controller’s fraud scheme had cost the firm $2.5 million over 5 years. • Case on Point: Fraudsters are often long-time employees
U.S. Federal Statutes That Define Computer Crime, Fraud, and Terrorism
Computer Fraud and Abuse Act of 1986 • In the U.S., most computer hacking is penalized under one or more federal statutes. • The most commonly used federal statute for computer crime is the Computer Fraud and Abuse Act of 1986.
Electronic Communications Privacy Act, (ECPA) • In 1986, Congress passed the first version of the Electronic Communications Privacy Act, (ECPA). • This Act updated the Federal Wiretap Act so that it would apply to the illegal interception of electronic communications or the intentional, unauthorized access of electronically stored data.
Communications Assistance for Law Enforcement Act • On October 25, 1994, Congress amended the ECPA by enacting the Communications Assistance for Law Enforcement Act. • It noted that: “In the 8 years since the enactment of ECPA, society’s patterns of using electronic communications technology have changed dramatically.”
Key “Computer Fraud and Abuse” Terms • The DOJ defines computer crime as: • “Any violations of criminal law that involve knowledge of computer technology for their perpetration, investigation, or prosecution.” • Statutes must define terms precisely to be effective. • If the wording of any key term is ambiguous, crimes are extremely difficult to prosecute. • Definition
Specific Meanings of the Key Terms FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act
Specific Meanings of the Key Terms FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)
Specific Meanings of the Key Terms FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)
Specific Meanings of the Key Terms FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)
Specific Meanings of the Key Terms FIGURE 10.1 Key terms in the Computer Fraud and Abuse Act (continued)
Where does junk mail (spam) come from? • From software called Spam ware. • Spam wareis software that automatically searches the Web to collect what it recognizes as email addresses. • Definition
CyberBrief: Spam ware • The Center for Democracy and Technology (CDT) investigated how junk-mail spammers get hold of email addresses. • They created 100s of email addresses and used each one only once. • After 6 months, over 8,000 unsolicited emails arrived to these email addresses. How does it work?
What can you do to help prevent spam? • Spam ware software failed when an email address was obscured in some way • For example, writing “at” instead of the @ symbol. Obscured addresses can not be detected by spam ware
Computer as the Instrument of Crime: • Using a Computer tend to be traditional offenses, such as: • Theft • Fraud • Forgery • They differ from traditional crimes in that they are committed using either a: • Computer • Computer network or • Information or communications technology Definition
Computer Fraud • According to The Wells Report of 2000, computer fraud and abuse cost U.S. companies over $400 billion a year. • The Association of Certified Fraud Examiners (CFE), the largest antifraud organization, estimated that U.S. companies lost 6% of revenues, or $600 billion annually, to fraud in 2002. Defining the Problem
Computer Fraud as White-collar Crime (WCC) • White-collar Crime (WCC) • Any nonviolent crime. • These crimes are committed using deception for economic gain. Definition
Cyber Terrorist Threats Cyber Terrorism • The use of computers and the Internet to launch attacks and horrible acts that may directly or indirectly harm or kill people. Definition
Cyber Terrorist Threats • Computers control many important operations, such as: • Power plants • Telephone systems • Manufacturing activities • Airline traffic • Transportation systems • Energy Therefore, disruptions in any of these systems could cause loss of life or widespread panic.
Incident Response Documentation and Handling • Documenting incidentsof computer crime is a very important activity. • Also critical is to have documentation of what to do in case of an incident. • Documentation ensures that contact information is available so that attention can be focused on containing and documenting the incident.
Incident Response Documentation and Handling Incident Survey Form Forms may be posted on local Web server.
Incident Response Documentation and Handling • These forms alert people to suspicious events. • If the incident becomes a legal action, documentation that was captured during the incident may prove: • Proper care, • Control, and • Chain of custody of the evidence.