page 1 battling botnets: implications for a cybercrime strategy july 8, 2010
TRANSCRIPT
![Page 1: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/1.jpg)
Page 1
Battling Botnets: Implications for a Cybercrime Strategy
July 8, 2010
![Page 2: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/2.jpg)
Page 2
Is it a game, or is it real?
![Page 3: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/3.jpg)
Page 3
Times have changed!
![Page 4: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/4.jpg)
Page 4
The botnets
![Page 5: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/5.jpg)
Page 5
The threat is real
• 1.5 million infected machines/ day
• 21 million botnet connections per month
• 44 billion bad e‐mails/month
• 200 Petabytes of malicious traffic / year
![Page 6: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/6.jpg)
Page 6
Victims are clueless
![Page 7: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/7.jpg)
Page 7
Agenda
• the nature of cybercrime
• different regulatory modalities
• examples from the Canadian Criminal Code
• implications for a cybercrime strategy
![Page 8: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/8.jpg)
Page 8
Question:
Can we apply general rules of law, and specifically, criminal law, to the Internet context?
![Page 9: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/9.jpg)
Page 9
Take one
“…the best way to learn the law applicable to specialized endeavors is to study general rules.... Any effort to collect these strands into a course on "The Law of the Horse" is doomed to be shallow and to miss unifying principles.”
- F. Easterbrook “Cyberspace and the Law of the Horse” (1996)
![Page 10: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/10.jpg)
Page 10
Take two
“… there is an important general point that comes from thinking in particular about how the law and cyberspace connect.
This general point is about the limits on law as a regulator and about the techniques for escaping those limits. This escape in both real space and in cyberspace comes from recognizing the collection of tools that society has at hand for affecting constraints upon behavior.”
- Lawrence Lessig, “The Law of the Horse: What Cyberlaw Might Teach” (1999)
![Page 11: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/11.jpg)
Page 11
Cybercrimes
In the Canadian Criminal Code
![Page 12: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/12.jpg)
Page 12
Section 342.1(2)
“computer system” means a device that, or a group of interconnected or related devices one or more of which,(a) contains computer programs or other data, and(b) pursuant to computer programs,
(i) performs logic and control, and(ii)may perform any other function;
![Page 13: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/13.jpg)
Page 13
Categories of cybercrimes
1. child exploitation
2. hate crimes
3. fraud
4. identity theft
![Page 14: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/14.jpg)
Page 14
The headlines
![Page 15: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/15.jpg)
Page 15
Regulatory modalities: an example
![Page 16: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/16.jpg)
Page 16
Legal
![Page 17: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/17.jpg)
Page 17
Social
![Page 18: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/18.jpg)
Page 18
Market forces
![Page 19: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/19.jpg)
Page 19
Architecture
![Page 20: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/20.jpg)
Page 20
Modal Interplay
recognizing the interplay of all four modalities will enhance our ability to contend with cybercrimes
![Page 21: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/21.jpg)
Page 21
“thou shall not use the Internet to prey on minors”
The law is clear
![Page 22: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/22.jpg)
Page 22
Ok, but is the same true online?
Are other constraints we have on predators in real space effective in cyberspace?
![Page 23: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/23.jpg)
Page 23
A chatroom isn’t like a classroom
![Page 24: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/24.jpg)
Page 24
Social modality is different
• victims are aware they are conversing online with adults
• only 5% of offenders pretended to be teens when they met potential victims online
• rarely deceive victims about their sexual interests
Source: Wolak et al., 2004
![Page 25: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/25.jpg)
Page 25
Market forces seemingly absent
• some child friendly sites
• some emphasizing parental controls
![Page 26: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/26.jpg)
Page 26
Architecture modality is largely untouched
• physical layers (cable, wireline, etc)
• logical layers (software and standards)
• content layer (text, images, etc.)
![Page 27: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/27.jpg)
Page 27
The challenge of cyberspace
• the regulatory modalities change
• changes need to be noted
![Page 28: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/28.jpg)
Page 28
Proactive defence
• discover, infiltrate and disrupt activity before an attack
• involves a multi-pronged approach that leverages technology
![Page 29: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/29.jpg)
Page 29
Bill C-28
• Fighting Internet and Wireless Spam Act (FISA)
• considers the technology
• promotes a holistic
• reflecting the regulatory modalities
![Page 30: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/30.jpg)
Page 30
FISA law
• recognizes nature of the technology
• facilitates consultation, referral and information sharing
• implicates foreign states
![Page 31: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/31.jpg)
Page 31
FISA social
• recognizes impact on the individual and privacy issues
• promotes the transparency and openness of practices
![Page 32: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/32.jpg)
Page 32
FISA architecture
• prohibits the altering of a data transmission
• exempts service providers for the purposes of “network management”
• promotes the use of systems to help identify and intercept activities
![Page 33: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/33.jpg)
Page 33
FISA market forces
• part of a general Canadian trend
• service provider intervention is permissible if not necessary
![Page 34: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/34.jpg)
Page 34
What does this mean?
Implications for a cybercrime strategy
![Page 35: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/35.jpg)
Page 35
Law: strategic implications
• recognize the different modalities and how they work in cyberspace
• design with technology in mind
![Page 36: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/36.jpg)
Page 36
Social: strategic implications
• public awareness campaign
• individuals need to know about the risks associated with these crimes and how to mitigate these risks.
![Page 37: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/37.jpg)
Page 37
Market forces: strategic implications
• incent players to participate
• better risk management capabilities should provide competitive advantage
• law enforcement agencies should outsource functions where more efficient to do so
![Page 38: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/38.jpg)
Page 38
Architecture: strategic implications
• consider all layers of the technology form
• “sector networks” or “associations” to promote strategic partnerships among relevant players in cyber security
• establish standards for infrastructure protocols and procedures.
![Page 39: Page 1 Battling Botnets: Implications for a Cybercrime Strategy July 8, 2010](https://reader035.vdocuments.net/reader035/viewer/2022062518/56649ec65503460f94bd1afe/html5/thumbnails/39.jpg)
Page 39
Conclusion
• cybercrimes are substantively different from real space crimes - regulatory modalities may not function the same way
• no longer be a case of using old laws to adapt to new technology
• bolster proactive defences and take into account all regulatory modalities