CYBERCRIME - PowerPoint PPT Presentation


PPT – CYBERCRIME PowerPoint presentation | free to download - id: 3ad95-MjkxN


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation



Vladimir Levin and the great 1994 Citibank online heist: ... No evidence of insider collusion; all fraud was external to Citibank ... – PowerPoint PPT presentation

Number of Views:449
Avg rating:3.0/5.0
Slides: 24
Provided by: dave50


Write a Comment
User Comments (0)
Transcript and Presenter's Notes


  • Cybercrimes reach everywhere and hurt everyone
  • Electronic commerce crime (like the theft of
    hundreds of thousands of credit card records)
    threatens the internet boom that has fueled the
    unprecedented economic growth in the U.S.
  • Economic espionage (like theft of biotech secrets
    stored in digital files) threatens U.S.
    competitiveness in the global marketplace.
  • Infrastructure attacks (like an assault against a
    nations power grid) threaten the safety and
    well-being of whole populations.

  • Types of Cybercriminals - defy stereotypes
  • Dishonest or disgruntled insiders (such as
    employees, ex-employees, contractors, temporary
    workers) who want to sell your trade secrets,
    commit financial fraud, or just destroy your data
    or networks for revenge.
  • Hackers, who break in simply to explore and
  • Crackers, who break in to steal or destroy
  • Professional spies and saboteurs the most
    elusive, who work for rival governments and
    competing corporations. They are paid and are
    very adept. They can bring down your company,
    your government, or crash your stock market.
    They are rarely caught.

  • Types of Cybercriminals - youthful hackers and
    other that demonstrate the following traits
  • Precociousness, curiosity and persistence
  • Habitual lying, cheating, stealing and
  • Juvenile idealism, e.g., power to the people,
    if it feels good, do it.
  • Hyperactivity.
  • Drug and alcohol abuse.
  • Behavioral characteristics listed on tables 2.1 -

  • Types of Cybercrime
  • Unauthorized access by insiders (such as
  • System penetration by outsiders (such as hackers)
  • Theft of proprietary information (whether a
    simple user ID and password or a trade secret
    worth millions of dollars)
  • Financial fraud using computers
  • Sabotage of data or networks
  • Disruption of network traffic (e.g., denial of
    service attacks)

  • Types of Cybercrime, continued
  • Creation and distribution of computer viruses
  • Software piracy
  • Identity theft
  • Hardware theft (e.g., laptop theft).
  • Terrorists that target critical infrastructures,
    such as the PSTN, power grid, and the air traffic
    control system.

CSI/FBI Computer Crime and Security Survey
Results Revealed
  • Organizations are under cyberattack from both
    inside and outside their electronic perimeters.
  • A wide range of cyberattacks have been declared.
  • Cyberattacks can result in serious financial
  • Defending successfully against such attacks
    requires more than just the use of information
    security technologies.

  • Types of Cyberattacks, by percentage (source-
  • Financial fraud 11
  • Sabotage of data/networks 17
  • Theft of proprietary information 20
  • System penetration from the outside 25
  • Denial of service 27
  • Unauthorized access by insiders 71
  • Employee abuse of internet privileges 79
  • Viruses 85

  • If you experienced computer system intrusions by
    someone from outside your organization, indicate
    the type of activity performed by the intruder.
  • Manipulate data integrity 6.8
  • Installed a sniffer 6.6
  • Stole password files 5.6
  • Proving/scanning systems 14.6
  • Trojan logons 5.8
  • IP spoofing 4.8
  • Introduced virus 10.6
  • Denied use of services 6.3

  • If you experienced computer system intrusions by
    someone from outside your organization, indicate
    the type of activity performed by the intruder.
  • Downloaded data 8.1
  • Compromised trade secrets 9.8
  • Stole/diverted money 0.3
  • Compromised e-mail/documents 12.6
  • Publicized intrusion 0.5
  • Harassed personnel 4.5
  • Other 3.0

  • What was done to insiders caught misusing company
  • Oral admonishment 54.3
  • Written admonishment 20.9
  • Suspended 5.4
  • Resigned 6.2
  • Fired 8.5
  • Referred to Law Enforcement 1.6
  • Out-of-Court settlement 0.0
  • No action 3.1
  • Other 0.0

  • Cost of Cybercrime during the year 2000
  • FBI statistics 273 reported incidents, for a
    total loss of 265,589,940.
  • Prominent news items
  • Kevin Mitnicks (Condor) hacking spree cost
    high-tech companies at least 291.8 million over
    a two-year span before his capture.
  • David L. Smith, a 31 year-old programmer, pleaded
    guilty to creating the Melissa virus and using an
    ex-rated web site to spread it through
    cyberspace, causing 80 million in damages.
  • 4 High School Kids hacked into a Bay Area
    internet server and used stolen credit card
    numbers to order computer equipment 200k.
  • A temporary employee broke into Forbes
    computers, caused a computer crash, that cost
    Forbes 100,000 to restore.

  • Calculating the Cost of Information Security
  • Capital costs, such as hardware, software,
    networks, servers and switches.
  • Administration costs, such as management of the
    assets, security monitoring and follow-up, legal
    assistance, and audit department
  • Technical support costs, when all the people call
    the help desk, documentation of the calls,
    end-user training, etc.
  • End user operational costs, such as the
    management of user data of resources breached,
    awareness training of users.

  • System Penetration from the Outside costs
  • Downtime/lost opportunity/ lost business
  • Staff time
  • Consultant fees
  • Legal time
  • Cost breakdown by information security steps
  • detection
  • response
  • repair
  • prosecution

Hackers, Crackers, and Virus Writers
  • Mischief Makers
  • The Morris Worm
  • In 1988, Robert Morris, Jr., a 23-year old
    graduate student in computer science at Cornell
    and the son of a NSA computer security expert,
    wrote an experimental, self-replicating,
    self-propagating program called a worm (99 lines
    of code) and injected it into the internet. He
    chose to release it from MIT, to disguise the
    fact that the worm came from Cornell.
  • 60,000 computer sites at universities, military
    sites, hospitals, research facilities,
    corporations and government institutions were
    affected the estimated cost of dealing with the
    worms ranged from 200 to 50,000 for each site
  • Morris was convicted of violating the Computer
    Fraud and Abuse Act he received 3 years
    probation, 400 hours of community service, and a
    fine of 10,050.

Hackers, Crackers, and Virus Writers
  • Mischief Makers, continued
  • Datastream Cowboy and Kuji attack USAFs Rome
  • 26 days of attacks 20 days of monitoring
  • 7 sniffers, over 150 intrusions from 10 points of
    origin from 8 different countries
  • Priceless cost to national security, but 211,722
    to undo damage to computer systems.
    Investigative costs also not included
  • Datastream 16-years old Richard Pryce (UK)
    pleaded guilty in British Court and paid a 1,200
    British pounds.
  • Kuji Matthew Bevan after 20 hearings, the
    charges were dropped.

Hackers, Crackers, and Virus Writers
  • Mischief Makers, continued
  • HotterthanMojaveinmyheart AKA El Griton,
    Julio Ardita
  • Hacked into NASA, DoD, U.S. colleges, and
    colleges in Korea, Mexico, Taiwan, Chile and
  • Hacked into the private telephone systems of
    companies in his native Argentina, dialed into
    Harvard Us computer system, and launched his
    U.S. hacking attacks through Harvard.
  • Caught USN San Diego detected that certain
    system files had been altered - they uncovered a
    sniffer file and a file that contained the
    passwords he was logging, and programs to gain
    root access and to cover tracks. Argentine
    officials arrested him for hacking into telephone
    company facilities, seized his computers.
  • 15K telephone service theft, millions in damaged
    files and investigative costs yielded a 5k fine
    and 3 years of probation.

Hackers, Crackers, and Virus Writers
  • Data Theft - Crackers
  • Carlos SMAK Salgado
  • Hacked several companies doing business on the
    WWW, including an ISP, gained unauthorized
    access, and harvested tens of thousands of credit
    card records.
  • Two of the companies involved had no knowledge of
    being hacked until they were contacted by the FBI
  • SMAK made about 200k from the sale of credit
    card information to other criminals, who in turn
    inflicted 10 million in damage upon the
    consuming public.
  • SMAK pleaded guilty on four of the five counts,
    and received 2 1/2 years in federal prison and
    five years of probation.

Hackers, Crackers, and Virus Writers
  • Cyber Bank Robbers
  • Vladimir Levin and the great 1994 Citibank online
  • Not an internet heist, per se Citibanks
    product, the Customer Cash Management Account
    (CCMA), was a dial-up telecom-based product.
  • Product tradeoff favored ease of use at the
    expense of security.
  • No evidence of insider collusion all fraud was
    external to Citibank
  • Series of fraudulent account transfers netted
    Levin 10 million U.S.
  • It took the FBI 30 months to convince the
    Russians to extradite Levin he was convicted,
    fined 240,015, and received a 3-year prison term.

Hackers, Crackers, and Virus Writers
  • The Phonemasters Case
  • Blacknet and the stolen information brokers
  • Toll fraud- downloaded scripts of telephone
    numbers, including toll-free numbers, and then
    loaded them onto public switched telephone
    network databases with phony billing addresses.
  • Credit card fraud stole identities, created
    identities, and cashed in on others credit.
  • 1.85 million stolen jail time was 41, 24 and 18
    months for the 3.
  • Knowledge of information security techniques
  • how to pull out sniffers
  • how to get around secure identification systems
  • how to install back doors.

Hackers, Crackers, and Virus Writers
  • Hackivists and Cybervandals
  • Defined
  • Hactivism is the marriage of hacking and
    activism. It covers operations that use hacking
    techniques against a target internet site with
    the intent of disrupting normal operations but
    not causing serious damage. Examples are web
    sit-ins and virtual blockades, and computer
    viruses and worms.
  • Cyberterrorism is the convergence of cyberspace
    and terroism. It covers politically motivated
    hacking operations intended to cause grave harm
    such as the loss of life or severe economic
    damage. Dorothy Denning , Georgetown U.
  • Who are the Internet Liberation Front and the

Hackers, Crackers, and Virus Writers
  • Hackivists and Cybervandals, continued
  • Attack of the Zombies the Distributed Denial of
    Service (DDOS) attack on Yahoo!, eBay, and during 2/2000.
  • DDOS tools Trinoo and Tribe Flood Network
    (TFN) hit on 7-9 February 2000.
  • Yahoo! Hit first lost about 20 of its page
  • eBay incapacitated for hours hit a low
    of 9.4 availability, and CNNs was 5. It took
    users 5 minutes to access
  • Several claims were made in hacker bulletin
    boards that the DDOS attacks were launched in
    retaliation for the commercialization of the
    internet. Damages estimated at 100 million to
    1.2 billion.
  • Many were questioned no one was charged.

  • Malicious Software
  • Melissa, CIH/Chernobyl, Happy99, ExploreZip
  • Chews up hard disks, corrupts files, disrupts
  • Transmitted through the internet via popular
    e-mail features to propagate itself
  • Melissa through MS Word 97 and 2000 applications
  • Happy99.exe Trojan Horse displays Happy99 and
    fireworks, and then mails itself to lots of
    people with addresses on the victims browser.
  • Melissa cost 93 - 385 million in damage!

  • The Virus Curve
  • Virus Year Type Reach Period Damages
  • Jerusalem, 1990 .exe file, 3 years 50 mill
  • Cascade boot sector
  • Concept 1995 Word macro 4 months 50 mill
  • Melissa 1999 E-mailed, 4 days

  • Word macro 385 mil
  • Love Bug 2000 E-mail and 5 hours gt700mil

  • enabled, VBS