1 / 19

Cyber Crime I

2. Roles of Computers. Crimes directed against a computerCrimes where the computer contains evidenceCrimes where the computer is used to commit the crime. 3. Searching and Seizing by the Organization that Owns the Computer. May be governed by the Electronic Communications Privacy Act and other pri

amiel
Télécharger la présentation

Cyber Crime I

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Cyber Crime I Search & Seizure, Human Factors

    2. 2 Roles of Computers Crimes directed against a computer Crimes where the computer contains evidence Crimes where the computer is used to commit the crime

    3. 3 Searching and Seizing by the Organization that Owns the Computer May be governed by the Electronic Communications Privacy Act and other privacy acts and regulations Reasonable expectation of privacy Not governed by the Fourth Amendment May not be acting as an agent of law enforcement Organizations should have explicit policy that permits such searches

    4. 4 Expectation of Privacy

    5. 5 DoJ Manuals Types of Search and Seizure Search the computer and print out a hard copy of particular files at that time Avoid at all costs can pollute the evidence Search the computer and make an electronic copy of particular files at that time Avoid at all costs Create a duplicate electronic copy of the entire storage device on-site, and then later recreate a working copy of the storage device off-site for review A good approach if limited by operational constraints Seize the equipment, remove it from the premises, and review its contents off-site Best approach where possible

    6. 6 Computer Records as Evidence - Fed. R. Evid. 803(6): The Business Records Exception

    7. 7 Types of Computer Records Under Rule 803(6) Computer-stored records Email Document files Spreadsheets Computer-generated files Logs Both stored and generated Files that are created by users but require processing by the computer Some parts may be covered, some may not

    8. 8 Aspects of Evidence Authenticity Best evidence Probative Fruit of the poisoned tree Computer records as summaries

    9. 9

    10. 10 Key Issues Motive Means Opportunity

    11. 11 Relate to the Notion of Threat Agents

    12. 12 Jones Motivation Taxonomy Political Secular Crime Personal gain Revenge Financial Knowledge or information Peer recognition Power Curiosity Religion Terrorism Competitive advantage Belief

    13. 13 Means Relates to Access and Methods How did the attacker enter the target system? What were the access paths? Internal External Jones Capability Taxonomy Software Scripts Technology Facilities Education and training Methods Books and manuals

    14. 14 Opportunity Taken with means helps determine if the suspect is a credible attacker Education/training Tools/scripts Knowledge of the victim system Assistance Associates Groups Insider help

    15. 15 FBI Adversarial Matrix - Organizational

    16. 16 FBI Adversarial Matrix - Operational

    17. 17 FBI Adversarial Matrix - Behavioral

    18. 18 FBI Adversarial Matrix - Resource

    19. 19

More Related