Cyber Security Versus Digital Forensics Presentation for the E-Commerce Network’s Cyber Security Seminar at University of Massachusetts Dartmouth Suzanne Mello Stark, PhD March 30, 2012 Cyber Security Facts •In 2006, 8.3 million Americans were victims of Identity Theft •In first ½ of 2009, 40,000 cyber attacks were launched against the Department of Defense (Pentagon Costs: $100 million) •So far this year, cyber criminals have stolen $100 million from US banks •There are more than 3 million indications of malicious activity per year in civilian networks •It is estimated that 1/3 or more of this activity originates outside the US March 30, 2012 (Langevin, 2012) Stuxnet • • • • • • • • • • • First Computer Worm to Cross into the Physical World Doesn’t want to be detected Affected Countries (so far) according to Symantec: Iran (over 50%) Indonesia (~18%) India (~8%) Azerbaijan (~2%) United States (~1%) Pakistan (~1%) Others (~9.2%) Son of Stuxnet? (CBS News, 2012) March 30, 2012 The Great Cyber Heist • • • • Alberto Gonzalez, 14 years old hacker Caught by police detective at an ATM machine “cashing out” Part of a large hacker network called Shadowcrew Stolen over 180 million payment card accounts • • • OfficeMax, TJ Max, Marshalls, BJs Wholesale Club, Target, Barnes and Noble, etc Used a technique called “SQL Injection” to fool databases into giving information Then created fake cards to take money from ATM machines all over the world (Verdini, 2010) March 30, 2012 WikiLeaks • Founder - Julian Assange • Australian Internet Activist • Bring Important News to the Public • Free Speech • Whistleblower/Journalis t not jailed • Released Significant Documents • • • • March 30, 2012 Afghanistan War Corruption in Kenya Baghdad Airstrike US State Dept. Cables (CBS News, 2012) (Worthington, 2011)(Grier, 2010) Anonymous • • • • • • Hactivist Group Launch Distributed Denial of Service Attacks against companies/entities that violate their ethical principles Freedom of the Internet Retaliated against companies that dropped WikiLeaks Many are being arrested around the world Low Orbit Ion Cannon (botnet) – the application to join the group. Your computer becomes part of the DDOS attacks. (Neal, 2012) March 30, 2012 Cyberextortion Internet Criminal Gangs asking for Protection Money Will launch DDoS attack if you don’t pay up Ransomware March 30, 2012 (Koerner, 2008) (Ratliff, 2005) Internet Tax Fraud •IRS allows tax refunds to be filed on line and refunds downloaded to a debit card •Tax Fraud is out of Control! •Steal your SS# •Make up info •Get Refund before you! •Tax Filing has been put online for convenience •Was the IRS ready? March 30, 2012 (Zamost & Kaye, 2012) Are We Ready for E-voting? • Computer Scientists say NO! • But the world IS putting voting online regardless of the security threats • IPad voting in Oregon (CBS News, 2011), (Kar, 2011) March 30, 2012 Digital Forensics – Who did it? The application of forensic science techniques to the discovery, collection and analysis of digital evidence. March 30, 2012 Who Uses Digital Evidence? Criminal law enforcement Criminal defense attorneys Corporate law Civil law Organization Information Technology (IT) personnel E.g. American Power Conversion E.g. URI Homeland security Military March 30, 2012 What Digital Evidence Can Be Found? Files listed in standard directory search Hidden files Deleted files Email Deleted email Certain Instant Messaging Passwords Logs March 30, 2012 Windows Registry Windows Meta Files Login IDs Encrypted Files Intentionally embedded (steganographic) files Web sites visited Searches performed Cookies Network traces Owners of servers TIME Cyber Security Caucus Congressman Jim Langevin (D-RI), cofounder of the Congressional Cyber Security Caucus, introduced a bill to strengthen cyber security and prevent attacks. Southern New England will Play a Big Role (Langevin, 2012) March 30, 2012 March 30, 2012 Works Cited CBS News. (2012, March 4). Stuxnet: Computer worm opens new era of warfare. (G. Messick, Producer) Retrieved March 28, 2012, from 60 Minutes: http://www.cbsnews.com/video/watch/?id=7400904n CBS News. (2011, November 8). Voting with IPads: idea whose time is coming? Retrieved March 28, 2012, from CBSNEWS: http://www.cbsnews.com/8301-502303_162-57320358/voting-with-ipadsidea-whose-time-is-coming/ CBS News. (n.d.). WikiLeaks' Julian Assange, Pt. 1. Retrieved from 60 Minutes: http://www.cbsnews.com/video/watch/?id=7300034n Greenhalgh, E. (2012, March 28). Cyber Challenge Games are On. Retrieved March 28, 2012, from Providence Business News: http://www.pbn.com/Cyber-challenge-games-are-on,66381 March 30, 2012 Works Cited (continued) Grier, P. (2010, April 6). Video of Iraqi journalists' killings: Is WikiLeaks a security threat? Retrieved March 28, 2012, from The Christian Science Monitor: http://www.csmonitor.com/USA/Military/2010/0406/Video-of-Iraqijournalists-killings-Is-WikiLeaks-a-security-threat Kar, S. (2011, November 8). State of Oregon Counties First to Introduce iPad Voting for the Disabled. Retrieved March 28, 2012, from Silicon Angle: http://www.google.com/imgres?q=Voting+with+Ipads&hl=en&client=safari&s a=X&rls=en&biw=1237&bih=866&tbm=isch&prmd=imvns&tbnid=LV2lCytGaS_ LPM:&imgrefurl=http://siliconangle.com/blog/2011/11/08/state-of-oregoncounties-first-to-introduce-ipad-voting-for-thedisabled/&docid=C_GSFEHvXOOF6M&imgurl=http://siliconangle.com/files/2 011/11/ipad-your-vote-counts-inoregon.jpg&w=300&h=300&ei=bBJzT7buHKrg0QH67di0AQ&zoom=1&iact=hc &vpx=269&vpy=152&dur=307&hovh=164&hovw=157&tx=100&ty=84&sig=102187 905883335174659&page=1&tbnh=155&tbnw=146&start=0&ndsp=21&ved=1t:429,r :1,s:0 March 30, 2012 Works Cited (continued) Koerner, B. (2008, July 21). Mr. Know-It-All: Cyberextortion, Your Kid's Cell Phone, Online Degrees. Retrieved March 28, 2012, from Wired: http://www.wired.com/techbiz/people/magazine/16-08/st_kia Langevin, C. J. (2012, March 27). Cybersecurity. Retrieved March 28, 2012, from US Congressman Jim Langevin: http://langevin.house.gov/issues/cybersecurity-1/ Neal, D. (2012, March 28). Anonymous suspects are arrest in the Dominican Republic. Retrieved March 28, 2012, from The Inquirer: http://www.theinquirer.net/inquirer/news/2164273/anonymoussuspects-arrested-dominican-republic Ratliff, E. (2005, October 10). The New Yorker. Retrieved March 28, 2012, from The Zombie Hunters, On the trail of cyberextortionists: http://www.newyorker.com/archive/2005/10/10/051010fa_fact March 30, 2012 Works Cited (continued) Verini, J. (2010, November 10). The Great Cyberheist. Retrieved March 28, 2012, from The New York Times Magazine: http://www.nytimes.com/2010/11/14/magazine/14Hackert.html?pagewanted=all Worthington, P. (2011, December 28). Wikileaks Wasn't a Threat. Retrieved March 28, 2012, from FrumForum: http://www.frumforum.com/wikileaks-wasnt-a-threat Zamost, S., & Kaye, R. (2012, March 20). 10news/CNN Special Investigations Unit. Retrieved March 28, 2012, from Criminals May be Pocketing Your Tax Refund: http://www.10news.com/money/30720937/detail.html March 30, 2012