1 / 25

Cyber Crime & Cyber Ethics

Cyber Crime & Cyber Ethics. Agenda. Cybercrime 2010 Current issues in computer forensics Legal, practical and ethical issues in the digital age. Cybercrime 2010. Increasing sophistication of cyber attacks Encryption ACH frauds Well coordinated international rings of hackers

tyler
Télécharger la présentation

Cyber Crime & Cyber Ethics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Crime & Cyber Ethics

  2. Agenda • Cybercrime 2010 • Current issues in computer forensics • Legal, practical and ethical issues in the digital age

  3. Cybercrime 2010 • Increasing sophistication of cyber attacks • Encryption • ACH frauds • Well coordinated international rings of hackers • Many located in Eastern Europe or Asia • Increasingly focused on stealing data that can be turned into money • Data thefts now routinely deal with thefts of thousands of identities

  4. US v. “The Get Rich or Die Trying Crew” • US v. Albert Gonzalez, et al • Largest computer fraud/identity theft case ever prosecuted

  5. Meet the Crew - US • Albert “Segvec,”“Soup Nazi” Gonzalez • Resident of Miami • USSS CI • Hacker, ring leader • Damon Patrick Toey • Gonzalez’s roommate in Miami

  6. Meet the Crew – US • Jonathan James • Miami hacker previously convicted for hacking into NASA • Stephen Watt • NY based coder

  7. Meet the Crew – Europe & Asia • Maxim “Maksik” Yastrzemski • Ukrainian casher ring operator • Aleksandr “Johnny Hell” Suvorov • Estonian coder • Sergey “Fidel” Storchak • Ukrainian casher • Gooi “Delpiero” Kokseng • Malaysian casher

  8. The Hacks • TJX (D. MA) (40 million credit cards stolen) • TJX companies (TJ Max, Marshall’s) • BJ’s Wholesale • Barnes & Noble • Office Max • Boston Market • Sports Authority • Forever 21 • DSW • Dave & Buster’s Restaurant Chain (ED NY) • Heartland (D NJ) (130 million accounts) • Heartland data processors • 7- Eleven • Hannaford Brothers

  9. The Hunt • First hack detected 12/2006 • Three loosely coordinated groups • Coder ring • Hacker ring • Casher ring • The problem of encryption • International cooperation • Traditional skills & hi-tech techniques

  10. The Hunt • July 2007 arrest in Turkey • May 2008 Miami warrants • Gonzalez’s apartment • Gonzalez’s parents’ home • (We missed $1.1m in the backyard!) • James’ home • James’ suicide • Gonzalez’s South Beach hotel room • May 2008 arrest

  11. Bringing Down the Curtain – US Crew • March 2010 Boston • Gonzalez - 20 year sentence • Internet addiction & Asperger’s Syndrome • Toey – 5 year sentence • Watt – 2 year sentence • General deterrence • US v. Watt, 2010 WL 1676439 (D. MA)

  12. Bringing Down the Curtain – Foreign Crew • Suvorov – pre trial incarceration in ED NY • Still faces charges in SD CA • Maksik – 30 years in Turkey • Pending extradition to US on charges in ED NY & SD CA • Fidel • 2010 - picked up on vacation in India • Pending extradition to SD CA • Delpiero • 2010 – picked up in Thailand • Pending extradition to SD CA

  13. Royal Bank of Scotland Hack • November 2008 hack • Rechargeable debit cards • Hacking ring is entirely outside of the US • Loose network • Hacking ring • Cashing ring • Result: • $9 million + is stolen over one weekend • 14,000 transactions from 2100 ATMs in 280 cities worldwide

  14. Results • 2009 arrests in Estonia • November 2009 indictment of Estonians and Russians in ND GA • August 2010 extradition from Estonia to US • September 2010 conviction in Russia

  15. Deterrence • Capture in US • US v Poo • Catch them when they travel • Maksik – Turkey • Suvorov – Germany • Fidel – India • DelPietro- Thailand

  16. US v. Vladimir “BadB” Horohoin • Sometimes they advertise

  17. Current Issues in Computer Forensics

  18. Legal, Practical & Ethical Issues in the Digital Age • The ongoing challenge of US v. CDT, 621 F.3d 1162 (9th. Cir. 2010) • Background • Current legal status

  19. Technical issues in US v. CDT • Co-mingled data • Giving back parts of a hard drive • Plain view and computer forensic tools

  20. Legal issues in US v. CDT • Reasonable expectation of privacy • House • Multiple residents • Sensitive information • Destruction of evidence during search • Computer • Multiple users • Sensitive information • Massive volume of information • Destruction of evidence

  21. Computers at the Border • Basic issues of scope of border search • General scope • Searches based upon “reasonable suspicion” • Searches based upon probable cause • How does a computer at the border change the paradigm? • US v. Cotterman, 2009 WL 465028 (D AZ)

  22. Discovery & Electronic evidence • Government has a Constitutional (Brady/Giglio) and statutory (Jencks, FRCrP 16) obligation to provide information to defense • Recent DoJ initiatives • AG Direction • Training

  23. Adequacy of Forensic Resources • Government challenge • Defense challenge • DoJ criminal discovery coordinator • Dialogue with FPD on electronic discovery issues

  24. Special Ethical Issues • Discovery issues and hard drives • Discovery issues and electronic messages • US v. Suarez, 2010 WL 4226524 (D NJ)

  25. Contact • Phone: 202-514-1026 • Web: www.cybercrime.gov Howard W. Cox Computer Crime and Intellectual Property Section United States Department of Justice

More Related