Cybercrime

From Blindside

Jump to: navigation, search

Contents

[edit] What is it

Of course any type of crime may involve communications or transactions in cyberspace, but this article focuses on crimes would not exist without computers or networking as a tool, target, or environment. Other types of computer misuse are also defined elsewhere, for example in the UK's Computer Misuse Act, first passed in 1990, and the international Cybercrime Convention, which has a broader remit.

Categories of cybercrime include but are not limited to:

  • Spam - unsolicited bulk email
  • Phishing - email asking recipients to reply with user names and passwords or to log into dummy Web pages set up for the purpose of collecting those (along with addresses and credit card information)
  • Malware - software that attacks a computer or uses its resources without its owner's consent. There are many types of malware, including Trojans (embed hostile functions inside legitimate software); Spyware (pops up ads or tracks computer usage such as Web browsing); Viruses (self-replicating computer programs that spread to other machines with which the host is in contact by attaching themselves to other software; they may also have a payload such as deleting files or acquiring financial information or keeping a particular port open for remote attackers); Logic bombs (malware carried inside other software that is coded to launch when a set of conditions is met); Time bombs (malware coded to launch at a specific date or time); and Worms (self-replicating programs that spread by copying themselves). According to New Zealand security expert Peter Gutmann, an Eastern European software programmer can earn as much as $200,000 a year for writing malware, and virus writers increasingly aim to make their software as stealthy and undetectable as possible, since the longer it remains undetected the more opportunity it has to steal credit card and other financial details. According to a 2007 study by Panda Security
  • Botnets - a collection of independently infected computers ("zombies") turned into a coordinated set of computing resources by malware, primarily viruses. Botnets can be used to attack specific domains, send out spam, or commit other cybercrimes. They are typically remotely controlled; one of the installed virus's functions is to maintain contact with the remote controller. According to malware expert Peter Guttman, the botnet created in 2007 by the Slammer worm was the largest supercomputer ever assembled.
  • Denial of service (DOS) and distributed denial of service (DDOS) attacks - a DOS attack is designed to deprive the owner of a system of the user of its resources. For example, flooding even a large ecommerce company's servers with millions of requests for Web pages can lock the server up, blocking legitimate business. DDOS attacks use botnets to create these attacks so that they can't be stopped by simply blocking one IP address or domain. The first notable DDOS attacks occurred in February 2000, and were aimed at Amazon.com, Yahoo!, CNN, eBay, Buy.com, E*Trade, and ZDNet. It's been reported that DOS and DDOS attacks are threats that form part of high-tech protection rackets in which businesses pay attackers to leave them alone. Making DOS and DDOS attacks illegal is one of the most significant proposed changes to the Computer Misuse Act.
  • Unauthorised access, which under the Computer Misuse Act (1990 and emendations in 2004) includes both accessing a computer or network without authorisation and exceeding the rights of access that have been granted.
  • Vandalism - sabotage or other intentional damage.

[edit] Impact & Maturity assessment

Impact: 3

Maturity: 3

[edit] Information Assurance issues

Of all the Blindside issues this one has probably had the most public discussion since the dawn of the computer age; cybercrimes pose a direct and clear threat to information assurance, and security experts constantly scramble to keep up with new techniques.

[edit] Timescale

Now and as long as computers and networks are in use, although the exact nature of cybercrimes will evolve.

[edit] Examples

Does antivirus have a future?, by Wendy M. Grossman (Guardian, September 20, 2007).

Defeating the Hacker, by Robert Schifreen (Wiley, 2005).

Thinking ahead of the spammers (interview with Scott Chasin, MX Logic).

Panda Security research blog

[edit] Comments (attributed)

"They have the upper hand. They have all the time in the world, and they have great motivation to spend their time and energy to avoid detection." - Salvatore Stolfo, professor of computer security at Columbia University.

[edit] Organisations

[edit] Documents & research papers

Complexities in Criminalising Denial of Service Attacks (PDF) by Richard Clayton

[edit] Experts (academic, practitioner)

Ross Anderson / Mike Bond / Bob Briscoe / Ian Brown / Richard Clayton / Lilian Edwards / Peter Gutmann / Angelos Keromytis / Chris Marsden / Steven Murdoch / Angela Sasse / Vern Paxson / Peter Sommer

Scott Chasin, CTO of MX Logic

Peter Gutmann, University of New Zealand

Pedro Bustamante, Panda Security

Graham Cluley, Sophos

Retrieved from "http://www.blindside.org.uk/wiki/Cybercrime"
Personal tools

Blindside wiki is the place to collect issues and opinions on future technologies that may have implications for information assurance. Opinions are fine, but need to be clearly shown as such, and referenced to the person or people who holds those views.