Law Online: An Introduction

Download Report

Transcript Law Online: An Introduction

Introduction to Technology Controls & Technology Law Implications:
Computer Crime and Economic
Espionage
Sharon O’Bryan
Chicago-Kent College of Law
[email protected]
Week 3: October 19, 2004
1
Computer Crime

Performing an act of crime to, or through, the
use of technology










Hacking
Computer Espionage
Theft of Data/Fraud
Unauthorized Disclosure of Data
Theft of Computer Processing
Theft of Computing Device
Denial of Service
Malicious Code
Web page vandalism/Sabotage
Internal Threats and External Threats
2
Hacking

Unauthorized
attempt to
access/
accessing of a
computing
system





Industrial
Espionage
Identity Theft
Malicious code
change
Fraud
Denial of Service
Terrorism
3
Espionage



Using spies/spy devices to collect
information, not generally available
to the public, about what another
government or company is doing
Computer Espionage is spying with
the assistance of, and/or utilizing,
technology
Why you should be concerned about
spies
4
Spying

Business Spies – Economic Espionage

2002 Study by American Society for Industrial
Security/U.S. Chamber of Commerce & PWC

Fortune 1000 and 600 mid-sized U.S. businesses




Perpetrators


40% know or suspect loss of proprietary data
$53 - $59 Billion in IP losses
Only 55% indicated management concern
Former employees, domestic and international competitors and
contractors
Government

ECHELON


Data surveillance system
Exposed but program denied by U.S. Government
5
Microsoft

2000


Hackers broke into Microsoft
Corporation’s computer network and
stole blueprints to the latest versions of
the company’s Windows and Office
Software
Software being sent from network in
Redmond, WA to an e-mail account in
St. Petersburg, Russia
6
Theft of Data/Fraud - Internal

Wells Fargo Bank -1985

Boxing promoter and bank employee



$21.3 embezzled
Rollover period in computer program
used


Harold Rossfields Smith and Sammie
Marshall
Credit then 10 days later debit
Software NOT TESTED
Phrack 23, p.46
7
Theft of Data/Fraud - External

RAVEN





Hacker that used his computer to access credit data
bases
Illegal access to a credit data base and obtained the
credit history of local residents
Has “bragged” that he has used the residents names
and credit information to apply for 24 Mastercards and
Visa cards
He has also stated that he used the cards to issue
himself at least $40,000 in cash from a number of
automatic teller machines
Caught once but was only withdrawing $200 (a minor
larceny)

Authorities could not prove that he was the one who
committed other crimes so he was put on probation
8
October 12, 2004

Memphis, Tn – October 12, 2004

Shelby County Grand Jury indicted a former Shelby
County Sheriff’s deputy (Gregory Jackson, 45)


allegedly selling information from a secured website
which provides law enforcement personnel investigative
information
According to an affidavit of complaint



Jackson met with a confidential informant who agreed to
pay Jackson for information regarding eight individuals
3 counts of official misconduct
4 counts of computer crime

2 Class A and 2 Class C Misdemeanors
9
Theft of a Computing Device





Laptops pose significant threat
Laptops of execs stolen at
conference
Employee laptops stolen out of cars
in parking lot
Many cases are system engineers
PDAs being used by Mortgage Cos.
10
“Bungling crime fighter to get ‘trashed’ computer back”
8 October 2004 AMSTERDAM — Crime reporter Peter R. de Vries has promised to return a computer
to Amsterdam's public prosecutor's office, having already gained access to its sensitive crimefighting data after it was unwittingly thrown in the trash.
De Vries received a fax on Friday from the Amsterdam chief prosecutor, Leo de Wit, requesting the
return of the computer and he has agreed to the request, newspaper De Volkskrant reported.The
public prosecutor's office (OM) wants to examine the computer to determine exactly what data was
stored in the machine. The OM can then evaluate whether existing investigations have been
damaged. A specialist prosecutor in white collar crime, Joost Tonino was left red faced on Thursday
after it emerged he had put his computer out with the trash, believing it was defective. A taxi driver
found the PC, got it working and accessed "extremely sensitive" information about criminal
investigations in Amsterdam.
The taxi driver then took the computer to television crime reporter Peter R. de Vries, who featured
the unusual find on his television programme on SBS 6 on Thursday night.
The data revealed that Tonino was investigating alleged financial links between the murdered real
estate magnate Willem Endstra — described as the "banker of the underworld" — and Amsterdam
crime figures.
Inquiries were focused on alleged links between Endstra and Freddie Heineken-kidnapper Willem
Holleeder, murdered criminals Jan Femer and Sam Klepper and ecstasy dealer Ronald van Essen.
Memos on the computer indicated Tonino really wanted to have Endstra arrested, but the
investigation was frustrated due to mistakes by detectives, news agency nu.nl reported.
Sensitive information about investigations into the actions of former Philips boss Cor Boonstra, who
was accused of insider dealing, Amsterdam taxi firm TCA and Amsterdam football club Ajax were
also found on the computer.
Dutch MPs reacted with amazement to the news during an emergency debate in Parliament on
Thursday night. But Dutch Justice Minister Piet Hein Donner said he did not intend to prosecute
Tonino, despite the fact he should have had the computer destroyed by the OM.
Copyright Expatica News 2004]
http://www.expatica.com
11
Computer Crime Attribute



After crime committed, code can
erase itself leaving little, if any,
evidence
Same code can be used multiple
times by same or different
people/countries
Think about Microsoft/Russia
12
Other Considerations




Theft of work time
Storing inappropriate material on
company computers
Using company computers to run a
personal company
Critical infrastructure impact and
industry responsibility
13
Malicious Code





Alters the way an application works
Creates unusual traffic on the
internal network
Deletes log files
Adjust parameters in log file
retention
Etc. etc. etc.
14
Denial of Service



Takes advantage of a “hole” in
program code then…
Overloads the “doors of the network”
so that authorized activities can not
occur
Patches are SO important


Few organizations have effective patch
management
Intrusion detection/prevention
15
Security Tools: A 2-edged Sword



War dialers
Keystroke monitoring/recording
Security Tools like

Security Administrator’s Tool for
Analyzing Networks (SATAN)
16
Espionage Products?

Spector Pro 5.0

Spector Pro is the world's best selling software for
monitoring and recording every detail of PC and
Internet activity - in your home or in your office.
Selected as the Editors' Choice by the experts at PC
Magazine, Spector Pro contains seven integrated tools
that record: chats, instant messages, emails sent and
received, web sites visited, keystrokes typed,
programs launched, peer to peer file searching and
swapping - plus, Spector Pro provides the equivalent
of a digital surveillance tape so that you can see the
EXACT sequence of EVERYTHING your family members
or employees are doing on the computer. All seven
tools work together at the same time, secretly saving
all the recordings in a hidden location only you know
about.

http://www.spectorsoft.com/products/SpectorPro_Windows/index.html
17
Laws

Federal






Banking Modernization Act
HIPAA
GLB
SOX
USA Patriot Act of 2001
National Information Infrastructure
Protection Act of 1996
18
Challenges & Opportunities


Jurisdiction
Evidence




Gathering
Handling
Chain of custody
Gaps in the “Security Organization’s”
skill, capability, involvement in
projects, interpretation of
regulations
19