Cyber Crime Information, Study notes of Cyberlaw and Internet Law

You can learn a lot for this topic

Typology: Study notes

2018/2019

Available from 11/27/2021

carlojohnracho11
carlojohnracho11 🇵🇭

18 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Cyber Crime?
Cybercrime is broadly defined as any illegal activity that involves a computer, another digital
device or a computer network. Cybercrime includes common cybersecurity threats like social
engineering, software vulnerability exploits and network attacks. But it also includes criminal
acts like hacktivist protests, harassment and extortion, money laundering, and more.
Cybercrime targets both individuals and companies. Typically, attackers target businesses for
direct financial gain or to sabotage or disrupt operations. They target individuals as part of large-
scale scams, or to compromise their devices and use them as a platform for nefarious activity.
Types of Cyber Crime
The US Department of Justice identifies three types of cybercrime in situations where:
1. A computer is the target of the attack—for example, a data breach on a corporate
network
2. A computer is the weapon for an attack—for example, a denial of service (DoS) attack
3. A computer is an accessory to a criminal act—for example, digital identity theft which
leads to theft of funds from a bank account
Four Major Examples of Cyber Crime
In 2013-2016, Yahoo experienced a data breach which resulted in the theft of 3 billion user
accounts. For some of these accounts, the attackers got hold of private information and
passwords, which could be used to access user accounts in other online services. Much of this
data is available today, either free or for a price, on the dark web.
In 2014, US retailer Home Depot’s point of sale systems were breached. Attackers stole 50
million personal credit cards, and for some time any credit card swiped at Home Depot stores
was captured and its details compromised by the attackers.
In 2016, the largest ever distributed denial of service (DDoS) attack took place, which used over
1 million connected devices in the Internet of Things, which were compromised by the attackers
due to software vulnerabilities. The attack caused outages in the global domain name system
(DNS) and popular services including Twitter, Netflix and PayPal.
In 2017, the WannaCry attack, allegedly launched by North Korea, unleashed a type of
ransomware which not only locks down content on user devices, but also rapidly spreads itself.
WannaCry infected 300,000 computers around the world, and users were asked to pay hundreds
of dollars to decrypt and restore their data.
pf3

Partial preview of the text

Download Cyber Crime Information and more Study notes Cyberlaw and Internet Law in PDF only on Docsity!

Cyber Crime?

Cybercrime is broadly defined as any illegal activity that involves a computer, another digital device or a computer network. Cybercrime includes common cybersecurity threats like social engineering, software vulnerability exploits and network attacks. But it also includes criminal acts like hacktivist protests, harassment and extortion, money laundering, and more. Cybercrime targets both individuals and companies. Typically, attackers target businesses for direct financial gain or to sabotage or disrupt operations. They target individuals as part of large- scale scams, or to compromise their devices and use them as a platform for nefarious activity.

Types of Cyber Crime

The US Department of Justice identifies three types of cybercrime in situations where:

  1. A computer is the target of the attack —for example, a data breach on a corporate network
  2. A computer is the weapon for an attack —for example, a denial of service (DoS) attack
  3. A computer is an accessory to a criminal act —for example, digital identity theft which leads to theft of funds from a bank account

Four Major Examples of Cyber Crime

In 2013-2016 , Yahoo experienced a data breach which resulted in the theft of 3 billion user accounts. For some of these accounts, the attackers got hold of private information and passwords, which could be used to access user accounts in other online services. Much of this data is available today, either free or for a price, on the dark web. In 2014 , US retailer Home Depot’s point of sale systems were breached. Attackers stole 50 million personal credit cards, and for some time any credit card swiped at Home Depot stores was captured and its details compromised by the attackers. In 2016 , the largest ever distributed denial of service (DDoS) attack took place, which used over 1 million connected devices in the Internet of Things, which were compromised by the attackers due to software vulnerabilities. The attack caused outages in the global domain name system (DNS) and popular services including Twitter, Netflix and PayPal. In 2017 , the WannaCry attack, allegedly launched by North Korea, unleashed a type of ransomware which not only locks down content on user devices, but also rapidly spreads itself. WannaCry infected 300,000 computers around the world, and users were asked to pay hundreds of dollars to decrypt and restore their data.

Cyber Crime Attack Vectors

The following vectors are the primary methods cyber criminals use to conduct criminal activity:  o Botnets —a botnet is a network of computers that attackers infected with malware, compromised and connected them to a central command & control center. The attackers enlist more and more devices into their botnet, and use them to send spam emails, conduct DDoS attacks, click fraud, and crypto mining. Users are often unaware their computer is being used as a platform for cybercrime. o Ransomware and other malware —Ransomware is malware that encrypts data on a local machine and demands a ransom to unlock it. There are hundreds of millions of other types of malwares that can cause damage to end-user devices and result in data exfiltration. o Phishing and other social engineering attacks —phishing involves sending misleading messages via email or other channels, that cause internet users to provide personal information, access malicious websites or download malicious payloads. o Fraud and identity theft —fraud is the theft of funds by an attacker pretending to be the owner of an account, or using stolen cards or credentials. Identity theft is a related concept, and involves compromising a user’s online accounts to enable an attacker to perform actions in their name. o Flood attacks —most modern flood attacks are DDoS attacks, which leverage a botnet to hit a website or organization with massive amounts of fake traffic. Flood attacks can be targeted at the network layer, choking an organization’s bandwidth and server resources, or at the application layer, bringing down a database or email server for example.  Browser hijacking —attacks like cross site scripting (XSS) can cause malicious code to run in a user’s browser. This can result in session hijacking, drive-by downloads and other illicit activity carried out in the user’s browser without their consent.

A Business Response to Cyber Crime

As a business, your best bet against cybercrime is to prepare a solid incident response plan. Often planning is not enough — you should have the security staff and tools in place to execute it. An incident response plan, according to the SANS framework, includes:

  1. Preparation —codifying your security policy, identify types of critical security incidents, prepare a communication plan and document roles, responsibilities and processes for each one. Recruit members to your computer security incident response team (CSIRT) and train them.
  2. Identification —use security tools to accurately detect anomalous behavior in network traffic, endpoints, applications or user accounts, and rapidly collect evidence to decide what to do about the incident.