Cybercrimes: A Multidisciplinary Analysis

Transcription

1 Sumit Ghosh Elliot Turrini Editors Cybercrimes: A Multidisciplinary Analysis fyj Springer

2 Part I Introducing Cybercrimes 1 A Pragmatic, Experiential Definition of Computer Crimes Introducing Computer Crimes The Melissa Virus: The Turning Point Cybercrimes in Early Defining Technical Cybercrime The Battle to Control the Computing Process The Nature of the Battle The Cyberbattlefield Tools for Fighting the Battle to Control the Computing Process Defining Tools The Attacker's Technical Tools The Attacker's Social Tools The Defender's Tools The Convenience Overshoot Warning 22 References 23 Part II Computing and Networking Technology and Cybercrimes 2 Unauthorized Intrusions and Denial of Service Unauthorized Intrusions Tools to Exploit Unauthorized Intrusions Deployment of Toolkits for Unauthorized Intrusions Denial of Service Different Manifestations of DDoS Attacks Toolkits for DDoS 43 References 44 3 Malicious Code Introduction Trends that Facilitate Malicious Code to Thrive 47

3 3.2 The Nature of Malicious Code Operational Phases of Malicious Code Categories of Malicious Code Viruses Worms Trojan Horse Programs Zombies Adware Malicious Mobile Code A Closer Look into the Inner Workings of Malicious Code Code Red Nimda Slammer Malicious Code Creation Process Techniques to Defeat Malicious Code Host-Based Protection Network-Based Protection Vulnerability Management and Patching The Future of Malicious Code and New Mitigation Approaches The Future of Malicious Code The Future of Mitigation Approaches 69 References 71 Restricting Anti-Circumvention Devices Background: The Difference Between Digital and Analog Law is Inadequate and Technology is Necessitated Content Protection Efforts Copy Prevention Licenses and Legal Agreements Data Format as Barriers Software-Based Copy-Protection Systems Digital Millennium Copyright Act Conditional Access The Nature of the Threat Casual Copiers Peer-to-Peer Pirates Professional Pirates Who Profit from Distributing Large Volumes What Can and Cannot be Protected? The Price Point Cheaper to Buy than to Steal Logical Consequences Closed Architecture Open Architecture 84

4 xi 4.7 A Primer on Encryption Nomenclature Ciphers, Keys, and Security Secret-Key Encryption Public-Key Encryption Content-Protection Approaches Systems Providing Read Access to Content System-Level Content Protection Microsoft's and Intel's Directions Summary and Conclusions 93 References 93 5 Information Security Introduction Current Technological Threats Trusted Computing Software Weaknesses: A Root Cause Malicious Code: Viruses and Worms Mobile Code Illicit Connections Eavesdropping Network-Based Attacks Denial of Service (DoS) Patchwork Quilt Technical Approaches to Solving Security Problems Antivirus Software Demobilizing Code Encryption Firewalls Intrusion Detection Systems Virtual Private Networks (VPNs) Physical Security Measures People Problems Failure to Report Security Problems Policy Summary 124 References 124 Part III Economic Impact of Cybercrimes 6 Economic Consequences Introduction Societal Benefits of Measuring Economic Impact of Cybercrimes Allocation of Funding and Expenses 131

5 xii Contents 6.3 Malicious Code Attacks Proposed Methodology to Measure Economic Impact Data Acquisition and Computing Economic Impact Incident Report to Facilitate Data Acquisition 138 References Infosecurity Funding The INFOSEC Research Council The Current State of Infosec Research Data Collection Projects and the List of "Hard Problems" How Much Money is Being Spend and Where? Research Goals Recommendations 147 References Information and Computer Security Risk Management Private Industry Effectiveness: The Need for a Risk Management Perspective Definitions of Risk and Enterprise Risk Risk Management and the Risk Management Process Risk Management Analysis Risk Prevention Risk Mitigation The Need for a Security Breach Incident Response Plan Risk Financing Summary 162 References Trend Analysis for Digital Risk Management 165 References 170 Part IV Critical Infrastructure Protection and Cybercrimes 10 Evolutionary History of Critical Infrastructure Protection in the USA What is "Critical Infrastructure"? US CIP Policy The Threat The Structure and Evolution of US CIP Efforts Criminal and Intelligence Authorities and CIP CIP and National Security Identifying whether a Cyberattack Poses a National Security Concern 185

6 xiii The Criminal Law Enforcement and National Intelligence Divide U.S. Military CIP and Cyber Activities Changes in Federal Law in Support of CIP 194 References Critical Infrastructure Protection Policy in the US Scientific and Technological Nature of Critical Infrastructure Vulnerabilities The Electric Power Grid Other Critical Infrastructures 207 References Internet Infrastructure Attacks Internet Router Attacks Domain Name Services (DNS) Attacks 211 Part V Psycho-Social Impact of Cybercrimes 14 The Psyche of Cybercriminals: A Psycho-Social Perspective Introduction Who is Drawn to Cybercrimes Taxonomy Limitations Why are Cybercriminals Attracted to Commit Crimes Social Learning Theory Moral Disengagement Anonymity Strategies to Contain Cybercriminal Behaviors: Deterrence and Rehabilitation Cybercrime Laws Social Sanctions Education Conclusions 234 References 235 Part VI Cybercrime Regulation Through Civil and Criminal Penalties 15 Spurring the Private Sector: Indirect Federal Regulation of Cybersecurity in the US Introduction Indirect Regulation Through Law Intellectual Property Law Financial and Medical Privacy Law 243

7 xiv Contents Identity Theft Law Indirect Regulation Through Laws Imposing Liability and Through the Establishment of Best Practices and Standards Best Practices Federal Cybersecurity Standards Indirect Regulation Through Market Forces Cyberinsurance Markets Public-Private Information Sharing Initiatives Federally-Funded Research and Development Federally-Funded Educational Programs Indirect Regulation Through Social Norms Cybercitizen Partnership Conclusions 262 References Criminal Regulations Substantive Laws Addressing Digital Crimes Computer and Network Crimes Intellectual Property Violations Crimes Against Persons & Other Unlawful Digital Conduct Wiretap Act Challenges Created by Computer and Network Crimes Jurisdiction Masking Techniques Reporting Procedural Laws Addressing Computer and Network Crimes Computer and Network Crimes Real Time Transmission and Interception Stored Electronic Communications Investigatory Challenges Jurisdiction Venue Operational Challenges Technological Challenges Diverse Business Environments Wireless Satellite-Based Telephony 306 References 307

8 xv Part VII International Character of Cybercrimes 17 International Dimensions of Cybercrime A Global Perspective on Cybercrime The Globalization of Crime A New Way to View Crime in the Global Village The Networked World The Love Bug and International Cybercrime: A Case Study International Law and Cybercrime Jurisdiction Extradition and Potential Conflict of Nations' Laws Search and Seizure International Efforts to Combat Cybercrime The Organization for Economic Cooperation and Development (OECD) The United Nations The Group of 8 (G-8) The Council of Europe Other Fora and Interpol The Importance of Building International Consensus on Cybercrimes Conclusion 334 References Formidable Challenges Posed by Cybercrimes Electronic Medical Records and Cybercrimes Vulnerability of EMRs Consequences of EMRs Compromises Far-Reaching Benefits of EMRs? A Formidable Challenge to EMRs and EMBs? EM-Money and Cybercrimes The Origin of Money The Evolution of Money Characteristics of Future Money EM-Money: A New Manifestation of Money Formidable Challenges to EM-Money Student Academic Records, Online Education, and Cybercrimes Relocating Universities into Cyberspace The Vulnerabilities of Education and Learning in Cyberspace Summary The Concept of Witnesses and Cybercrimes The Scope and Gravity of Cybercrimes 360 References 361

9 xvi Contents Part VIII Mitigation of Cybercrimes 19 Increasing Attack Costs & Risks and Reducing Attack Motivations Behavioral Science Research and Traditional Deterrence The Criminal Justice System, by itself, does not Adequately Prevent Crime Why Does Anyone Obey the Law: Social Stigma and Conscience? Need for a Holistic Crime Prevention Approach Need to Target Cost, Risk, and Motivation Summary Impact of Traditional Deterrence on Cybercrimes Research into Traditional Deterrence Low Apprehension Probability for Cybercrimes Minimal Social Stigma from Computing Crimes Abundance of Vulnerable Targets Summary Relative Effectiveness of Raising Attack Costs and Attack Risks and Reducing Attack Motivation 374 References 375 Part IX Future of Cybercrimes: Who Will Have the Last Word? 20 Nature of Cyberattacks in the Future The Engineering Fundamentals of Networked Systems Potential Advances in Networked System Stemming from its Fundamental Nature Long-Term Innovations in Networked Systems Generalized Networks Strictly Inanimate Networked Systems Highly Interlinked Networked Systems Quantum Entanglement Technology for Packet Transport? Fundamental Insight into the Nature of Security New Approaches to Secure Networked System Design for the Future Who Will Have the Last Word in Cybercrimes? 397 References 398 Introducing the Authors 401 Index 411