Introduction to Technology Controls Technology Law Implications

Introduction to Technology Controls & Technology Law Implications: Computer Crime and Economic Espionage Sharon O’Bryan Chicago-Kent College of Law skobryan@obbi. com Week 3: October 19, 2004 1

Computer Crime q Performing an act of crime to, or through, the use of technology n n n n n q Hacking Computer Espionage Theft of Data/Fraud Unauthorized Disclosure of Data Theft of Computer Processing Theft of Computing Device Denial of Service Malicious Code Web page vandalism/Sabotage Internal Threats and External Threats 2

Hacking q Unauthorized attempt to access/ accessing of a computing system q q q Industrial Espionage Identity Theft Malicious code change Fraud Denial of Service Terrorism 3

Espionage q q q Using spies/spy devices to collect information, not generally available to the public, about what another government or company is doing Computer Espionage is spying with the assistance of, and/or utilizing, technology Why you should be concerned about spies 4

Spying q Business Spies – Economic Espionage n 2002 Study by American Society for Industrial Security/U. S. Chamber of Commerce & PWC o Fortune 1000 and 600 mid-sized U. S. businesses n n n o Perpetrators n q 40% know or suspect loss of proprietary data $53 - $59 Billion in IP losses Only 55% indicated management concern Former employees, domestic and international competitors and contractors Government n ECHELON o o Data surveillance system Exposed but program denied by U. S. Government 5

Microsoft q 2000 n n Hackers broke into Microsoft Corporation’s computer network and stole blueprints to the latest versions of the company’s Windows and Office Software being sent from network in Redmond, WA to an e-mail account in St. Petersburg, Russia 6

Theft of Data/Fraud - Internal q Wells Fargo Bank -1985 n Boxing promoter and bank employee o n n $21. 3 embezzled Rollover period in computer program used o n Harold Rossfields Smith and Sammie Marshall Credit then 10 days later debit Software NOT TESTED Phrack 23, p. 46 7

Theft of Data/Fraud - External q RAVEN n n n Hacker that used his computer to access credit data bases Illegal access to a credit data base and obtained the credit history of local residents Has “bragged” that he has used the residents names and credit information to apply for 24 Mastercards and Visa cards He has also stated that he used the cards to issue himself at least $40, 000 in cash from a number of automatic teller machines Caught once but was only withdrawing $200 (a minor larceny) o Authorities could not prove that he was the one who committed other crimes so he was put on probation 8

October 12, 2004 q Memphis, Tn – October 12, 2004 n Shelby County Grand Jury indicted a former Shelby County Sheriff’s deputy (Gregory Jackson, 45) o n allegedly selling information from a secured website which provides law enforcement personnel investigative information According to an affidavit of complaint o o o Jackson met with a confidential informant who agreed to pay Jackson for information regarding eight individuals 3 counts of official misconduct 4 counts of computer crime n 2 Class A and 2 Class C Misdemeanors 9

Theft of a Computing Device q q q Laptops pose significant threat Laptops of execs stolen at conference Employee laptops stolen out of cars in parking lot Many cases are system engineers PDAs being used by Mortgage Cos. 10

“Bungling crime fighter to get ‘trashed’ computer back” 8 October 2004 AMSTERDAM — Crime reporter Peter R. de Vries has promised to return a computer to Amsterdam's public prosecutor's office, having already gained access to its sensitive crimefighting data after it was unwittingly thrown in the trash. De Vries received a fax on Friday from the Amsterdam chief prosecutor, Leo de Wit, requesting the return of the computer and he has agreed to the request, newspaper De Volkskrant reported. The public prosecutor's office (OM) wants to examine the computer to determine exactly what data was stored in the machine. The OM can then evaluate whether existing investigations have been damaged. A specialist prosecutor in white collar crime, Joost Tonino was left red faced on Thursday after it emerged he had put his computer out with the trash, believing it was defective. A taxi driver found the PC, got it working and accessed "extremely sensitive" information about criminal investigations in Amsterdam. The taxi driver then took the computer to television crime reporter Peter R. de Vries, who featured the unusual find on his television programme on SBS 6 on Thursday night. The data revealed that Tonino was investigating alleged financial links between the murdered real estate magnate Willem Endstra — described as the "banker of the underworld" — and Amsterdam crime figures. Inquiries were focused on alleged links between Endstra and Freddie Heineken-kidnapper Willem Holleeder, murdered criminals Jan Femer and Sam Klepper and ecstasy dealer Ronald van Essen. Memos on the computer indicated Tonino really wanted to have Endstra arrested, but the investigation was frustrated due to mistakes by detectives, news agency nu. nl reported. Sensitive information about investigations into the actions of former Philips boss Cor Boonstra, who was accused of insider dealing, Amsterdam taxi firm TCA and Amsterdam football club Ajax were also found on the computer. Dutch MPs reacted with amazement to the news during an emergency debate in Parliament on Thursday night. But Dutch Justice Minister Piet Hein Donner said he did not intend to prosecute Tonino, despite the fact he should have had the computer destroyed by the OM. Copyright Expatica News 2004] http: //www. expatica. com 11

Computer Crime Attribute q q q After crime committed, code can erase itself leaving little, if any, evidence Same code can be used multiple times by same or different people/countries Think about Microsoft/Russia 12

Other Considerations q q Theft of work time Storing inappropriate material on company computers Using company computers to run a personal company Critical infrastructure impact and industry responsibility 13

Malicious Code q q q Alters the way an application works Creates unusual traffic on the internal network Deletes log files Adjust parameters in log file retention Etc. etc. 14

Denial of Service q q q Takes advantage of a “hole” in program code then… Overloads the “doors of the network” so that authorized activities can not occur Patches are SO important n q Few organizations have effective patch management Intrusion detection/prevention 15

Security Tools: A 2 -edged Sword q q q War dialers Keystroke monitoring/recording Security Tools like n Security Administrator’s Tool for Analyzing Networks (SATAN) 16

Espionage Products? q Spector Pro 5. 0 n Spector Pro is the world's best selling software for monitoring and recording every detail of PC and Internet activity - in your home or in your office. Selected as the Editors' Choice by the experts at PC Magazine, Spector Pro contains seven integrated tools that record: chats, instant messages, emails sent and received, web sites visited, keystrokes typed, programs launched, peer to peer file searching and swapping - plus, Spector Pro provides the equivalent of a digital surveillance tape so that you can see the EXACT sequence of EVERYTHING your family members or employees are doing on the computer. All seven tools work together at the same time, secretly saving all the recordings in a hidden location only you know about. o http: //www. spectorsoft. com/products/Spector. Pro_Windows/index. html 17

Laws q Federal n n n Banking Modernization Act HIPAA GLB SOX USA Patriot Act of 2001 National Information Infrastructure Protection Act of 1996 18

Challenges & Opportunities q q Jurisdiction Evidence n n n q Gathering Handling Chain of custody Gaps in the “Security Organization’s” skill, capability, involvement in projects, interpretation of regulations 19