Chapter7 Powerpoints

Chapter 7
Computer Forensics and Cyber Crime, 2

nd
ed.
Britz
2009 Pearson Education, Upper Saddle River, NJ 07458.
All Rights Reserved.
2
Lack of resources available to small agencies
Traditional apathy toward nonviolent crime
Snails pace of legislative action
Reliance of small agencies on state & federal
agencies
Overburdened state & federal agencies
nd
ed.
Britz
3
Title 15
Credit card
Fraud
Software
piracy
Title 17
Copyright
Infringement
Title 18
Fraud
Embezzlement
Terrorism & espionage
Child seduction, &
exploitation
Staling
Kidnapping
Forgery &
counterfeiting
Extortion
RICO
Access Device Fraud
Illegal Wiretapping
nd
ed.
Britz
4
Originally known as Counterfeit Access Device &
computer Fraud & Abuse Act of 1986 Section 1030
of title 18.
Known as the Hacking Statute
Criminalized the action of accessing a computer
without, or in excess of, authorization
Too vague, and overemphasized access to financial
information and government computers
Only one individual successfully prosecuted under
original act.
The Act has been regularly strengthened.
nd
ed.
Britz
5
The Morris Worm
Son of the former chief scientist at
the National Computer Security
Center
Robert
Morris
Most famous
Convicted of the theft of programs
valued at more than $1 million from
Digital Equipment corporation &
the illegal manipulation of MCI
service codes
Kevin
Mitnick
nd
ed.
Britz
6
Designed to fill holes left by the CFFA
More specifically used to prosecute cases in
which computer data is not the primary target
Extended protections to ALL computers attached
to the Internet (not just those with federal interest)
Criminalizes even accidental intrusion
Expanded to include:
Fraud
Hacking & malicious programming
Trafficking in passwords
Extortion
nd
ed.
Britz
7
Traditionally banned completely by
legislation and Supreme Court rulings
1
st
official statute Protection of Children against
Sexual Exploitation Act (1977)
Seminal Ruling: New York v. Ferber (1982)
Resulting Statutes:
Child Protection Act (1984)
Child Protection & Obscenity Act (1988)
Child Pornography Protection Act (CPPA) (1996)
nd
ed.
Britz
8
Heralded by Child Advocates
Criticized by Privacy Advocates
Struck down by the Supreme Court
Too vague and ambiguous
Specifically, objected to the possibility of
morphed or virtual images
nd
ed.
Britz
9
Passed in response to Ashcroft decision
Contained the following provisions:
Mandatory life sentences for repeat child molesters
Criminal history/background checks for volunteer
organizations
Electronic eavesdropping for cases of child abuse or
kidnapping
Prohibition against pretrial release for molesters
Elimination of statute of limitation for child abduction or
child abuse
National AMBER Alert Coordinator
Elimination of waiting periods for missing persons cases for
victims between 18-21.
Contd
nd
ed.
Britz
10
Prohibition against computer-generated child
pornographer
Application of the Miller standard of obscenity in
drawings, sculptures, and pictures depicting minors in
obscene situations or engaged in sexual activity
Sentencing enhancement for possession & distribution
of child pornography
Authorization of fines and imprisonment of up to 30
years for U.S. citizens or residents engaging in illicit
sexual conduct abroad
nd
ed.
Britz
11
First to make the possession of anothers personal
identifying information a crime.
Specifically, made it unlawful to:
Knowingly transfer or use, without lawful authority, a means
of identification of another person with the intent to commit, or
to aid or abet, any unlawful activity that constitutes a violation
of Federal law, or that constitutes a felony under any applicable
State or local law
Included both public and non-public information
Created a schematic for restitution
Designated the Federal Trade Commission (FTC)
as the repository for consumer complaints and
agents of dissemination
nd
ed.
Britz
12
Free Credit Report
Fraud & Active Duty Alerts
Truncation of Credit/Debit Account 3s
Truncation of SSNs
One-Call Fraud Alerts & Enhanced Victim Resolution
Mandate Issuer Investigation COA & additional cards
Requirement of CRA to issue Fraud Alert
Blocking or elimination of fraudulent information
Fraud alters for CRA
Limitation of Commingling Medical/Financial Information
Debt Collectors
Civil Action
nd
ed.
Britz
13
Drivers Privacy Protection Act
Prohibits use of SSNs and other personal information
from a motor vehicle record in any situation not
expressly permitted under the law

Health Insurance Portability & Accountability Act
Restricts health care organizations from disclosing of
social security numbers and health information
nd
ed.
Britz
14
National Infrastructure Protection Center
(NIPC) - Infragard
Presidents Working Group on Unlawful
Conduct on the Internet
Tasked with evaluating
1) whether existing federal laws are sufficient
2) the extent to which new technologies or legal
authorities may be needed to investigate and prosecute
Internet crime
3) the utility of education and empowerment tools to
minimize the risks associated with this behavior
nd
ed.
Britz
15
Packet Sniffers & key loggers
Dragonware suite (Carnivore, Packeteer, Coolminer)
CyberKnight
Includes the keylogger Magic Lantern
Pattern Analysis of Data Mining
Association
Sequence of path analysis
Classification
Clustering
Forecasting
Data Mining Terrorist Screening
Terrorism Information Awareness Program & Secure Flight
Computer-Assisted Passenger Prescreening System
Multi-State Anti-Terrorism Information Exchange Pilot Project (MATRIX)
Automated Targeting system (ATS)

nd
ed.
Britz
16
Operation WebSnare
CyberScience Laboratory
IACIS International Association for
Computer Investigation Specialists
HTCIA High Tech Computer Investigators
Association
The Training Company
nd
ed.
Britz
17
OECD & the Select Committee of Experts on Computer-
Related Crime of the Council of Europe
1
st
of its kind developed in early 1980s
Attempting to put together a criminal list and policy recommendations for
all member states
Council of Europes (CoE) Cybercrime Conventions
Four Titles of Criminal offenses
Financial Action Task Force G-7 Summit (1989)
40 + 9 Recommendations
Virtual Global Task Force (VGT)
Australian High Tech Centre, the UKs Child Exploitation and Online
Protection Centre, the RCMP, the U.S. DHS, and Interpol
United Nations Convention against Transnational
Organized Crime introduced in late 2000 in Palermo
Association of Southeast Asian Nations (ASEAN)
nd
ed.
Britz
18
Recognition has increased exponentially, but
much work is necessary
Traditional statutes should be utilized, while
technology specific legislation is pending.
Policymakers and administrators should
encourage legislatures to create technology
specific legislation
International cooperation is increasing, but
competing sovereignty hinders their efforts

Chapter7 Powerpoints

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter7 Powerpoints

Uploaded by

Copyright:

Available Formats

Chapter 7

Computer Forensics and Cyber Crime, 2

You might also like