Chapter 13 Flashcards
(25 cards)
What is Cybercrime?
Describes criminal activites in which a computer or network of computers is an integral part of the crime
Less back up exists today
The role of Digital Devices in Cybercrime
- Object: computer or network is target
- Subject: Computer used to commit crime
- Tool: Computer is integral to the act
- Symbol: Computer adds credibility or is used to deceive
Difference between Computer fraud and Computer Crime
Computer Fraud
- Accces occurs with intent to execute a fraudulent scheme
Computer crime
- hardware, software or data is destroyed or manipulated die to acts which are not intended
- computer assisted crimes
Economic vs Special loss Related to Computer Crime
Economic Loss
- responding to illegal acts
- conducting a damage assessment
- restoring data or program to OG condition
- Consequential Damages Occurred
Special Loss
- An actual effect on medical care
- Physical injury health or safety
- Threat to public health or safety
- Damage to a computer related to the administration of justice, national defense or national security
Digital Currency & Money movement
Where do transfers , why examinations hard, Digi currencies, blockchain
- Transfers of money from one party to another take place anywhere in digital space
- makes financial acitvity examination complicated due to hard to collect evidence
- Digital currencies: Bitcoin, Lite coin, Ethereium, Zcash, Dash, Ripple and Monero - Bitcoin leads
- Digital currencies grounded on Blockchain tech - distributed ledger tech in which each transaction digitallly signed to ensure authentiticity
How Block Chain Works
Each transaction digitallly signed to ensure authentiticity
* Digital ledger entries distributed among deployment or infrastructure - nodes and layers to provide consenseu
* When transaction enters blockchain, nodes must execute to eval and veify the history of indiv block chain proposed
* signature must be valid
What are Insider Threats?
Fraudster traits
Threats to infosystems coming from employees inside org with opportunity to commit
Traits: intelligent, hardworking, minimal absences, bored with the routine, egotistical
How to commit computer fraud?
- Alter of input
- Alter of output
- Data file manipulation
- Comminications systems Disruptions
- Operating Systems Modifications
- Computer ops policy violation
Indicators of Insider Computer Fraud
- Access privileges beyond those required to perform assigned job function
- Exception reports not reviewd
- Access logs not reviewed
- Production programs run at unusual hours
- Lack of Separation of duties in the data center
Digital Device Hacking
what is a hacker, how, most direct way
Hacker - someone seeking unauthorized acess to computer systems and the info contained
Use rogue sofware apps to penetrate a system
Most direct way of access digital device, use someone elses id & password
What is Social Enngineering?
Simple deception to gain access to info
- Pose as new or temp worker to gain info
- Pose as someone in a position of authority and intimidate employees into revealing confidential info
What is Viruses?
Attack software
- Hidden computer programs that shut or slow down system
- Can ruin data & destro computer
- Can overload e-mail netowrks
What are Virus Carriers?
- Iknown software
- Media brought in by employees
- Program downloaded with bullentin board
- Unsolicited emails
- Vendors with infected software
- Shared program Application
- Demonstration software
- Social media links
Indicators of Virus
- Dramataic decrease of free space
- Sudden slow down
- increase in size of some file
- unexpected number of disk acces
- unpredictable program behavior
- Unuaul messages and graphics
- Inability to boot
- Inability to access files
- Unexplained repairs System or data files disappear
- Unexplained changes in memory
Antivirus Software
Detect Viruses and malware
Traditional Scanners
- Look for known viruses
- Check for recognizable patterns
- Limited usefulness
Heuristic Scanners
- look for unknown viruses
- inspected executable files
Behavior blocking scanners
- Run continuosly
- look for behavior linked to virus activity
Check detection scanners
- check for changes
How to Investigate Virus Infections
- Isolate the system
- Run antivirus software
- Document findings
- Interview system custodian and all user
- Audit trail infection
- Determin the source
- Protection Policies
- Countermeasures
- Track costs/ damages
Common Internet Schemes
Old frauds adapted for digital devices and the internet - new threats for digi devices
1. Internet
2. fake check scames
3. prize/sweepstakes
4. Recovery / refund company
5. Advance fee loans
6. Phishing/spoofing
7. Cimputer: equipment/software
8. Scholarship and grants
9. Frienship and Sweethear swindles
10. Charitable Solicitations
How to combat Internet Fraud
- Encrypt confidential info
- user validation
- Do note store fin info and customer data on web server
- Firewalls: attempt to prevent unauthorized access and control interaction btw servers and internet
AI Contribution
- Extremely accurate, replacing human abilities
- Ability to sort through complex data and ambiguos situations
*
Biases in human decision making
- Availability and recency effect
- Confirmation bias
- Anchoring conclusion to prior belief
What are botnets?
Use of botnets
Collection of tens of thousands of computers put together by organized cybercriminal enterprises
Use:
- launch denial of service attacks on enterprise websites
- Extor companies
- Distribute scam, or malwayre in mass quantities
Unprotected computers can become a part of botnet
What makes the internet attractive for Criminal Enterprises?
- Profit by stealing and selling info
- Worldwide reach
- Internet is relatively anonymous
- Beyond the difficulty of catching cybercriminals is successfully prosecuting them
Money Laundering in Cyberspace
- Internet banking makes following money more difficult
- Enhanced by anonymity
- accessed any where in the world
- Monitoring is nearly impossible
- 500 billion annually
How to combat money laundering?
- Identify and reduce ability of anonymous fin transact
- Map global pmt systems
- Facilitate international info sharing
- Require know your customer policies
- Harmonize and coordinate international money movement regs
