Crime and Cyber-crime

Pieter Hartel

Cyber-crime Science2

Crime

Acts or missions forbidden by law that can be punished […], against:» persons (e.g. rape, assault, murder, suicide)» property (e.g. fraud, arson, theft, vandalism)» the state (e.g. riot, treason, sabotage, terrorism)» morality (e.g. gambling, drugs, obscenity)

Disorder is broader than crime, e.g.» Littering, graffiti, loitering, etc.

[Wil98] J. Q. Wilson and R. J. Herrnstein. Crime & Human Nature: The Definitive Study of the Causes of Crime. Free Press, Jan 1998.

Cyber-crime Science3

Example

Burglars steal, destroy Molalla water system computer Published: Thursday, March 25, 2010

By Rick Bella, The Oregonian MOLALLA -- Police are looking for burglars who broke into the city's water-treatment plant and stole the system's computer.

Cyber-crime Science4

Cyber-crime

Crime where computers are used as a tool, target or place:» Computer assisted crime

(e.g. Advance fee fraud)» Computer integrity crime

(e.g. DDoS attack)» Computer content crime

(e.g. Software piracy)

[New09] G. R. Newman. Cybercrime. In M. D. Krohn, et al, editors, Handbook on Crime and Deviance. Springer, Nov 2009. http://dx.doi.org/10.1007/978-1-4419-0245-0_25

Cyber-crime Science

Technology and crime

5

Which of these are “virtual”? Which of these promote anonymity?

Technology Problem Solution WhenSailing ships Privateering Treaties 1856Paper money Counterfeiting Laws,

Technology17th 20th

Revolver Genocide ? ?Cars Theft Locks 20thPhone Nuisance calls Caller-ID 20thInternet Fraud, Theft ? ?

Cyber-crime Science

Cyber space vs “meat” space

“virtual” but that’s nothing new (why?) More easily automated (why?) Harder to police (why?)

6

Cyber-crime Science7

Some examples

Cyber-crime Science8

Computer assisted crime

Murder» 13-year old US girl bullied into suicide in 2006» 3-month old Korean child dies from neglect in 2010

Extortion» Virginia DHP ransom demand 10 M $ in 2009» BetCris hacker sentenced to 8 years in 2006» (New business http://www.prolexic.com/ )

Cyber-crime Science9

Computer integrity crime

Distributed denial of service (DDoS) » Estonian Cyber war in 2007» Operation Payback end 2010 – mid 2011

Hacking» Comcast hackers sentenced to 18 months in 2008» Sarah Palin email hacker sentenced to 1 year in 2010

Cyber-crime Science10

Computer content crime

Piracy» Pirate Bay four sentenced to 1 year in 2009» US Software pirate sentenced to 2 years in 2011

Data base theft» Sony Play station network hack in 2011 exposed

77M accounts, cost 171M$» Sonypictures.com exposed 1M passwords» TJX Hacker sentenced to 20 years in 2011

Cyber-crime Science15

Differences

Old Crime» Serial» Labour intensive» Local» Geographical place

Cyber-crime» Can be Simultaneous» Can be automated» Global» Effort?» Requires conversion to

meat space

Cyber-crime Science16

Similarities

Most Cyber-crime a variant of old crime» Advance fee fraud via email vs letters» Click fraud vs Replying to junk mail with bricks

Technology used for new crime before» Printing press for counterfeiting» Telegraph for books by Charles Dickens

Cyber-crime Science18

Cyber-crime triangle

A motivated offender “attacks” a suitable target in the absence of a capable guardian:» Attacks via vulnerabilities of the users» Attacks via vulnerabilities of the systems» Propagating attacks» Exploiting attacks

Cyber-crime Science19

Attack vulnerable user

Social engineer a user» 2001 SPAM with AnnaKournikova.jpg.vbs» Phishing (More later)

Hacking into server» Password cracker» Intelligence from OSN as in the Palin email hack

Cyber-crime Science20

Attack vulnerable system

Exploit known vulnerability and install malware on a client» Trojan like Zeus for key logging» Physical access via USB sticks and autorun

Find & exploit vulnerable system» Vulnerability scanner like Acunetix» SQL injection

Cyber-crime Science21

Propagating attacks

Change the web site on the server» Create a drive by download to infect a client

Create a botnet out of infected clients to:» Send spam» Perpetrate a DDoS attack» Evade detection

Cyber-crime Science22

Exploiting attacks

Carding» CC theft (skimming, hacking)» trade (forum)» cashing (online auctions, counterfeit cards at ATM)

Online banking fraud» Credential theft (phishing)» trade (forum)» Cashing (money mules)

Cyber crime needs meat space…

Cyber-crime Science24

Conclusions

Increasing specialisation of offenders Increasing sophistication of the tools Key crime opportunities: social engineering,

vulnerable systems, and software issues Motive is now mostly money How to prevent all this?