Internet Vulnerabilities & Criminal Activity

advertisement
Internet Vulnerabilities &
Criminal Activity
Criminology Theories & Cyber Crime
11.1
4/19/10
Classifications of Cyber Crimes
 Cyber trespass
 Crossing boundaries into other people’s property &/or cause
damage
 Hacking, defacement, malware
 Cyber deceptions & thefts
 Stealing money or resources
 Credit card fraud, IP violations
 Cyber pornography
 Breach laws of obscenity
 Cyber violence
 Psychological or physical harm to others
 Hate speech, stalking
Cyber Criminals
 Broad range of persons
 Students, terrorists, amateurs, organized crime groups
 More likely to have affluent socioeconomic
backgrounds
 Has knowledge of computers & the Internet which
enables him/her to commit crime of choice
 Any technically oriented person has potential to
become cyber criminal
 Cyber criminal has changed since the ‘80’s and 90’s
when cyber crime was infiltration by hacking
FBI’s Definitions of Cyber Criminals
Crackers
Young offenders seeking intellectual stimulation
Criminals
Adult subgroups
Commit fraud, damage systems undertake
espionage
Vandals
Not pursuing intellectual stimulation
Motivated by revenge
Typology for Cyber Criminals
White-collar criminals
Vengeful criminals
Disgruntled employees
Patient criminals
Desire more than what they have
Negative state of mind not immediately obvious
Desperate criminals
Facing financial crisis
Easiest to catch
Typology for Cyber Criminals cont.
 Hackers
 Old School Hackers
 Computer experts
 Used technology in new, innovative ways
 Internals
 Disgruntled or ex-employees
 Cyber punks
 Antisocial, socially inept, angst toward the world
 Direct anger into cyberspace
 Professional criminals & cyber terrorists
 Guns for hire
 Good at espionage, leave no trace
 Newbies & Script Kiddies
 Want recognition but lack skills
 Usually teenagers looking for recoognition
Typology for Cyber Criminals cont.
 Crackers
 Obtain & use data illegally, IP violators
 Password crackers
 Concerned with cryptography & encoding
 Will use any means to discover passwords
 Executable program crackers
 Programs should obey humans
 Reverse engineer programs so changes can be made
 Have years of experience programming
 Can easily discover program weaknesses
 Hobbyists
 Cross between above 2 groups
 Cracks code for knowledge
 May release cracked code to the public
Typology for Cyber Criminals cont.
 Con artists
 Great actors
 Motivations
 Financial stress - need money
 Power - control over victims, smarter, better than victims
 Challenge - enjoy what they do, mastered the skill
 Punish the victim - victim deserves what they get
 Techniques used
 Familiarization - flatter victim, gain victims trust
 Risk free investments - con man will refund all victim’s money if
the plan fails
 Avoiding questions - talk a lot, vague answers, spout useless
jargon
 Pressurizing tactics - once in a lifetime chance, will regret it if
not done
Typology for Cyber Criminals cont.
 Psycho-criminals
 Mentally ill - need no external conditions to commit crimes
 Pedophiles
 Abnormal sexual attraction to children
 Larger pool of victims online
 Cyberstalkers
 Torment victims at a distance
 Usually have sexual motivations, power & control
 Serial Killers
 Internet used as tool to track down victims
 Disorganized - low IQ, social outcast, bad at covering tracks
 Organized - high IQ, Know what he/she wants & how too get
away with it. Most dangerous of all cyber criminals.
Crimes in Physical Space vs
Crimes in Cyber Space
Transnational nature and jurisdictional issues
Attacks can take place anywhere from anywhere
Multiple boundaries may be crossed
Physical constraints
Do not exist in cyber space
Crime can happen in milliseconds
Proximity
No physical proximity required
Crimes in Physical Space vs
Crimes in Cyber Space cont.
Scale & multiple victimization
Automated process
Multiple simultaneous victims for the same effort
Conduct at issue may not be illegal
Conduct may not be criminalized in country where
it originates
Cannot extradite criminal unless law of his/her
country is broken
Crimes in Physical Space vs
Crimes in Cyber Space
Perfect anonymity
Can disguise identity in ways impossible in the
physical world
Can achieve perfect pseudonymity
Velocity
Criminal activity can happen very rapidly
Slammer took down large part of the Internet in
15 minutes
Space Transition Theory
1) Persons with repressed criminal behavior (in
the physical space) have a propensity to
commit crime in cyberspace, which
otherwise they would not commit in physical
space, due to their status and position.
 Concern for status in physical space does
not transition to cyber space.
 Behavior repressed in physical space are not
in cyber space.
Space Transition Theory
2) Identity flexibility, dissociative anonymity, and lack of
deterrence factor in the cyberspace provides the
offenders the choice to commit cyber crime.
 Disinhibiting effect allows individuals:
 Open honesty about personal issues
 To act out on unpleasant needs
 Deinidividualization - inner restraints are lost when
individuals not seen as individuals
 Leads to behavior that is
 Less altruistic
 More selfish
 More aggressive
Space Transition Theory
2) Identity flexibility, dissociative anonymity,
and lack of deterrence factor in the
cyberspace provides the offenders the choice
to commit cyber crime.
 Deterrence factor changes
Attacks can be made from a remote location
Crime reslts not immediately apparent
Space Transition Theory
3) Criminal behavior of offenders in cyberspace is likely
to be imported to physical space which, in physical
space maybe exported to cyberspace as well.
 Cyber crime has moved from the single individual
acting for fame to professional criminals
 Huge financial gain with little risk
 Growth of e-commerce attracts criminals to the net
Space Transition Theory
4) Intermittent venture of offenders in to the
cyberspace and the dynamic spatiotemporal
nature of cyberspace provide the chance to
escape
Cyber space is transient
Cyber space is dynamic
Cyber crimes have do not have spatial temporal restrictions of traditional crimes
Space Transition Theory
5) (a)Strangers are likely too unite together in
cyberspace to commit crime in the physical space;
(b) Associates of physical space are likely to unite to
commit crime in cyberspace.
 Cyberspace allows for recruitment and dissemination
 Cyberspace is:
 Unmoderated
 Easy to access
 Cyberspace can pose an insider threat
 Spy / mole
 Disgruntled employee
Space Transition Theory
6) Persons from closed society are more likely
to commit crimes in cyberspace than persons
from open society.
Open society allows individuals to voice
opinions & vent feelings.
Cyberspace allows individuals from closed
societies to express anger & frustrations
through hate messages, web page vandalism,
up to cyber terrorism attacks
Space Transition Theory
7) The conflict of norms and values of physical
space with the norms and values of
cyberspace may lead to cyber crimes.
Cyberspace is international
Societal differences between individuals may
lead to cyber crime
Conflicts between nations carry over into
cyberspace
Routine Activity Theory
 Routine activities in conventional societies provide
opportunities for perpetrator to commit crime
 Three things must be present for crime to occur:
 Suitable target is available
 Motivated offender is present
 Lack of a suitable guardian to prevent crime from occurring
 Assessment of situation determines whether or not a
crime takes place.
Routine Activity Theory
 A suitable target can be:
 A person
 An object
 A place
 Target comes to the attention of a person searching
for a criminal opportunity
 Targets behavior may place target in contact with
perpetrator
 No significant deterring mechanism is present
Routine Activity Theory
Motivated Perpetrator
Predatory crime is a method for the
perpetrator to secure basic needs of desires
Actions of perpetrator are intentional and
illegal
Routine Activity Theory
A capable guardian
Police patrol, Security guards
Neighbors, neighborhood watch, dogs
Locks, fences, CCTV systems
Passwords, tokens, biometric measures
Guardians can be formal or informal
Guardians can be human or machine
Guardians MUST be capable of acting as a
deterrent
Opportunity Theory
Opportunity to commit a crime is a root cause
of crime
No crime can occur without the physical
opportunity
Opportunity plays a role in all crimes, not just
those involving physical property
Reducing opportunity reduces crime
Displacement Theory
Reductions in opportunity will not reduce
crime because crime will be displaced to
another location
Opportunity is so compelling that removing
perpetrators will not reduce crime because
other perpetrators will step in
Research on displacement theory has shown
crime is not always displaced
Routine Activity Theory & the Internet
Opportunity to commit crime is multiplied
Target and perpetrator are much more likely
to come in contact with each other
Victim has to keep returning to scene of the
crime
Deterrence comes shifting either events or
circumstances
Neither are easily altered
Routine Activity Theory & the Internet
Cybercrime has more to do with the
effectiveness of indirect guardianship
Internet is open & unmoderated
Mechanisms of the Internet designed to
transfer data, not to examine the data
Internet guardianships are all mechanical
Reactive, respond to some action - IDS
Cannot respond to new, previously untried activity
Hacker Neutralization Techniques
Allows for temporary neutralization of values,
beliefs, and attitudes so illegal behaviors can
be performed.
Justification of an act requires the need to
assert its positive values
Used by different types of deviants
Hacker Neutralization Techniques
Denial of Injury
No harm or insignificant harm done to victim
No physical information stolen, information in an
electronic form
Belief that downloading is copying not stealing
As long as no one knows their information is being
perused, no harm is done
Hacker Neutralization Techniques
Denial of Victim
Victim is deserving of punishment
Four categories of victims
Close enemies who have harmed offender directly
People who do not conform to normative social roles
Groups with tribal stigmas
Remote enemies who hold positions perceived as
questionable or corrupt
Offender may assume role of “avenger” or
“crusader for justice”
May justify actions as revenge
Hacker Neutralization Techniques
Condemnation of the Condemners
Divert attention from offenders actions to the
motives and behaviors of those condemning
offender’s actions
Mistrust of authority
Promote decentralization
Price charged by software companies too high and
unfair
Victim failed to protect their computer system
Hacker Neutralization Techniques
Appeal to higher loyalties
Offender doesn’t deny damage, act was done to
protect higher loyalties
Loyalty to group
Responsibility to family or spouse
Employer (Corporate crimes)
Claim actions were done to acquire knowledge
Hacker Neutralization Techniques
Self-fulfillment
Illegal activity done for
Fun
Excitement or thrill
Computer virtuosity
Offender achieves feelings of superiority & control
Voyeurism
Demonstration of ability
Hacker Neutralization Techniques
Hackers do not use all neutralization
techniques
Denial of responsibility
Sad story
Both external forms of neutralization
Only use techniques based on internal
neutralization
Hackers take pride in what they do
Hackers feel in shame or guilt
Computer Hackers & Social Organization
Mutual Association
Clear interpersonal relationship
No strong or deep interpersonal relationships on
or off line
Social connections relatively shallow
Multiple identities and multiple forum use may
limit ability to form interpersonal connections
Utilize social networks to exchange knowledge and
information
Computer Hackers & Social Organization
Mutual Participation
Groups are stratified rather than centrally
controlled
Participation in groups did not lead to group
attacks
Many do not want an group affiliation
Computer Hackers & Social Organization
Division of labor
Some specialization in group forums does exist
Stratification & division of labor
Small group of moderators
Larger group of users exchanging knowledge &
information
Loose set of rules
Give respect, get respect
No flaming
Large population of users enforcing the rules
Computer Hackers & Social Organization
Extended duration
No group with extended history
Relationships appear transitory
Relationships within forums weak & short-lived
Download