Uploaded by Tya Hayes

mod03

advertisement
M3: Cyber Crime and Laws
Investigate a Cybercrime
1. Using the Internet, search for a news article, press release from an organization, or technical
article pertaining to a recent cybercrime incident. The incident you choose could be of any
type covered in the module, or because the world of cybercrime moves so quickly, a new
category of crime using the Internet or technology.
The news media is one source to research cybercrimes, but news stories may not always give
details about the technology aspects of an incident. Along with using traditional media, it may
help to use sources specializing in technology or cybersecurity. Some helpful resources
include:





Krebs on Security
ARS Technica
Wired: Cybersecurity
The Hacker
CSO
Once you have chosen and researched your incident, write a brief summary of the incident
and circumstances surrounding it. (10 points)
Your write-up should include:





A description of the targeted organization or person(s)
The category of cybercrime for the incident
The likely threat source (bad actor) that committed the crime
Particular motivations law enforcement or security professionals have associated with
the perpetrator (or potential motivations based on the threat source or targeted person
or organization)
How the Internet or technology enabled the perpetrator(s) to carry out the crime
Make sure to include links to the site(s) where you found the information. (2 points)
The incident I chose to research is the cyberattack on SolarWinds, a software company that
provides network management tools to numerous organizations. This incident, which occurred in
December 2020, is categorized as a supply chain attack. The threat behind this cybercrime is a
sophisticated state-sponsored hacking group known as APT29, also referred to as Cozy Bear or
The Dukes. This group is believed to be associated with the Russian government. Law
enforcement and security professionals have associated various motivations with APT29,
including espionage, intellectual property theft, and gaining strategic advantages in geopolitical
conflicts. In the case of the SolarWinds attack, the primary motivation appears to be intelligence
gathering, as the hackers targeted government agencies and major corporations. The Internet
and technology played a crucial role in enabling the perpetrators to carry out this cybercrime.
The hackers infiltrated SolarWinds' software development process and injected malicious code
into software updates. These updates were then distributed to SolarWinds' customers, including
government agencies and Fortune 500 companies. The compromised software allowed the
hackers to gain unauthorized access to the networks of these organizations, giving them the
ability to monitor and exfiltrate sensitive information.
Sources:
 Krebs on Security: https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-deptshacked-through-solarwinds-compromise/
 ARS Technica: https://arstechnica.com/information-technology/2020/12/solarwindshackers-broke-into-us-cable-giant-and-government-networks/
 Wired: Cybersecurity: https://www.wired.com/story/solarwinds-hack-apt29-cozy-bearrussia/
Examine a Cybercrime Law
Review sections 752.794, 752.795 and 752.796 of Michigan’s Act 53 of 1979 and answer the
questions that follow.
2. According to the “History” at the bottom of these pages, what was the last year each of these
sections was updated? (3 points)
a. 752.794 Last updated in 2018.
b. 752.795 Last updated in 2018.
c. 752.796 Last updated in 2018.
3. List at least two categories of cybercrime covered in this module that would seem to be
prohibited under these sections. (4 points)
Unauthorized access to computer systems: Section 752.794 prohibits unauthorized access to
computer systems and networks.
Computer fraud: Section 752.795 prohibits computer fraud, including unauthorized use of
computer systems or data.
4. Are there any categories of cybercrime covered in the module that don’t seem to be covered
by these sections? Explain. (2 points)
Click to enter text
5. Based on the pace of technology, would you consider either the categories of cybercrime or
the technologies listed in these laws to be “up to date”? Explain. (2 points)
Based on the pace of technology, the categories of cybercrime and the technologies listed in
these laws may not be considered "up to date." These laws were last updated in 2018, and
technology evolves rapidly. New forms of cybercrime and emerging technologies may not be
explicitly covered by these sections.
6. Outline at least one addition you would recommend to state lawmakers to make this law
better suited for the modern cybersecurity environment. (2 points)
One addition that could be recommended to state lawmakers to make this law better suited for
the modern cybersecurity environment is the inclusion of provisions related to data breaches and
the protection of personal information. With the increasing frequency and impact of data
breaches, it is important to have laws that address the unauthorized access, acquisition, or
disclosure of personal data. This addition would help protect individuals and organizations from
the consequences of data breaches and enhance the overall cybersecurity framework.
Download