Скачать презентацию The Wild West Cyber Security Versus Digital Forensics Скачать презентацию The Wild West Cyber Security Versus Digital Forensics

35e2c2241369643ba7aab4418b533874.ppt

  • Количество слайдов: 18

The Wild West Cyber Security Versus Digital Forensics Presentation for the E-Commerce Network’s Cyber The Wild West Cyber Security Versus Digital Forensics Presentation for the E-Commerce Network’s Cyber Security Seminar at University of Massachusetts Dartmouth March 30, 2012 Suzanne Mello Stark, Ph. D

Cyber Security Facts • In 2006, 8. 3 million Americans were victims of Identity Cyber Security Facts • In 2006, 8. 3 million Americans were victims of Identity Theft • In first ½ of 2009, 40, 000 cyber attacks were launched against the Department of Defense (Pentagon Costs: $100 million) • So far this year, cyber criminals have stolen $100 million from US banks • There are more than 3 million indications of malicious activity per year in civilian networks • It is estimated that 1/3 or more of this activity originates outside the US March 30, 2012 (Langevin, 2012)

Stuxnet • • • First Computer Worm to Cross into the Physical World Doesn’t Stuxnet • • • First Computer Worm to Cross into the Physical World Doesn’t want to be detected Affected Countries (so far) according to Symantec: Iran (over 50%) Indonesia (~18%) India (~8%) Azerbaijan (~2%) United States (~1%) Pakistan (~1%) Others (~9. 2%) Son of Stuxnet? (CBS News, 2012) March 30, 2012

The Great Cyber Heist • • Alberto Gonzalez, 14 years old hacker Caught by The Great Cyber Heist • • Alberto Gonzalez, 14 years old hacker Caught by police detective at an ATM machine “cashing out” Part of a large hacker network called Shadowcrew Stolen over 180 million payment card accounts • • • Office. Max, TJ Max, Marshalls, BJs Wholesale Club, Target, Barnes and Noble, etc Used a technique called “SQL Injection” to fool databases into giving information Then created fake cards to take money from ATM machines all over the world March 30, 2012 (Verdini, 2010)

Wiki. Leaks • Founder - Julian Assange • Australian Internet Activist • Bring Important Wiki. Leaks • Founder - Julian Assange • Australian Internet Activist • Bring Important News to the Public • Free Speech • Whistleblower/Journali st not jailed • Released Significant Documents • • March 30, 2012 Afghanistan War Corruption in Kenya Baghdad Airstrike US State Dept. Cables (CBS News, 2012) (Worthington, 2011)(Grier, 2010)

Anonymous • • • Hactivist Group Launch Distributed Denial of Service Attacks against companies/entities Anonymous • • • Hactivist Group Launch Distributed Denial of Service Attacks against companies/entities that violate their ethical principles Freedom of the Internet Retaliated against companies that dropped Wiki. Leaks Many are being arrested around the world Low Orbit Ion Cannon (botnet) – the application to join the group. Your computer becomes part of the DDOS attacks. (Neal, 2012) March 30, 2012

Cyberextortion Internet Criminal Gangs asking for Protection Money Will launch DDo. S attack if Cyberextortion Internet Criminal Gangs asking for Protection Money Will launch DDo. S attack if you don’t pay up Ransomware March 30, 2012 (Koerner, 2008) (Ratliff, 2005)

Internet Tax Fraud • IRS allows tax refunds to be filed on line and Internet Tax Fraud • IRS allows tax refunds to be filed on line and refunds downloaded to a debit card • Tax Fraud is out of Control! • Steal your SS# • Make up info • Get Refund before you! • Tax Filing has been put online for convenience • Was the IRS ready? March 30, 2012 (Zamost & Kaye, 2012)

Are We Ready for E-voting? • Computer Scientists say NO! • But the world Are We Ready for E-voting? • Computer Scientists say NO! • But the world IS putting voting online regardless of the security threats • IPad voting in Oregon (CBS News, 2011), (Kar, 2011) March 30, 2012

Digital Forensics – Who did it? The application of forensic science techniques to the Digital Forensics – Who did it? The application of forensic science techniques to the discovery, collection and analysis of digital evidence. March 30, 2012

Who Uses Digital Evidence? Criminal law enforcement Criminal defense attorneys Corporate law Civil law Who Uses Digital Evidence? Criminal law enforcement Criminal defense attorneys Corporate law Civil law Organization Information Technology (IT) personnel E. g. American Power Conversion E. g. URI Homeland security Military March 30, 2012

What Digital Evidence Can Be Found? Files listed in standard directory search Hidden files What Digital Evidence Can Be Found? Files listed in standard directory search Hidden files Deleted files Email Deleted email Certain Instant Messaging Passwords Logs March 30, 2012 Windows Registry Windows Meta Files Login IDs Encrypted Files Intentionally embedded (steganographic) files Web sites visited Searches performed Cookies Network traces Owners of servers TIME

Cyber Security Caucus Congressman Jim Langevin (D-RI), cofounder of the Congressional Cyber Security Caucus, Cyber Security Caucus Congressman Jim Langevin (D-RI), cofounder of the Congressional Cyber Security Caucus, introduced a bill to strengthen cyber security and prevent attacks. Southern New England will Play a Big Role (Langevin, 2012) March 30, 2012

Thank you! March 30, 2012 Thank you! March 30, 2012

Works Cited CBS News. (2012, March 4). Stuxnet: Computer worm opens new era of Works Cited CBS News. (2012, March 4). Stuxnet: Computer worm opens new era of warfare. (G. Messick, Producer) Retrieved March 28, 2012, from 60 Minutes: http: //www. cbsnews. com/video/watch/? id=7400904 n CBS News. (2011, November 8). Voting with IPads: idea whose time is coming? Retrieved March 28, 2012, from CBSNEWS: http: //www. cbsnews. com/8301 -502303_162 -57320358/voting-with-ipadsidea-whose-time-is-coming/ CBS News. (n. d. ). Wiki. Leaks' Julian Assange, Pt. 1. Retrieved from 60 Minutes: http: //www. cbsnews. com/video/watch/? id=7300034 n Greenhalgh, E. (2012, March 28). Cyber Challenge Games are On. Retrieved March 28, 2012, from Providence Business News: http: //www. pbn. com/Cyber-challenge-games-are-on, 66381 March 30, 2012

Works Cited (continued) Grier, P. (2010, April 6). Video of Iraqi journalists' killings: Is Works Cited (continued) Grier, P. (2010, April 6). Video of Iraqi journalists' killings: Is Wiki. Leaks a security threat? Retrieved March 28, 2012, from The Christian Science Monitor: http: //www. csmonitor. com/USA/Military/2010/0406/Video-of-Iraqijournalists-killings-Is-Wiki. Leaks-a-security-threat Kar, S. (2011, November 8). State of Oregon Counties First to Introduce i. Pad Voting for the Disabled. Retrieved March 28, 2012, from Silicon Angle: http: //www. google. com/imgres? q=Voting+with+Ipads&hl=en&client=safari&s a=X&rls=en&biw=1237&bih=866&tbm=isch&prmd=imvns&tbnid=LV 2 l. Cyt. Ga. S _LPM: &imgrefurl=http: //siliconangle. com/blog/2011/11/08/state-of-oregoncounties-first-to-introduce-ipad-voting-for-thedisabled/&docid=C_GSFEHv. XOOF 6 M&imgurl=http: //siliconangle. com/files/ 2011/11/ipad-your-vote-counts-inoregon. jpg&w=300&h=300&ei=b. BJz. T 7 bu. HKrg 0 QH 67 di 0 AQ&zoom=1&iact=hc &vpx=269&vpy=152&dur=307&hovh=164&hovw=157&tx=100&ty=84&sig=102187 905883335174659&page=1&tbnh=155&tbnw=146&start=0&ndsp=21&ved=1 t: 429, r: 1, s: 0 March 30, 2012

Works Cited (continued) Koerner, B. (2008, July 21). Mr. Know-It-All: Cyberextortion, Your Kid's Cell Works Cited (continued) Koerner, B. (2008, July 21). Mr. Know-It-All: Cyberextortion, Your Kid's Cell Phone, Online Degrees. Retrieved March 28, 2012, from Wired: http: //www. wired. com/techbiz/people/magazine/16 -08/st_kia Langevin, C. J. (2012, March 27). Cybersecurity. Retrieved March 28, 2012, from US Congressman Jim Langevin: http: //langevin. house. gov/issues/cybersecurity-1/ Neal, D. (2012, March 28). Anonymous suspects are arrest in the Dominican Republic. Retrieved March 28, 2012, from The Inquirer: http: //www. theinquirer. net/inquirer/news/2164273/anonymoussuspects-arrested-dominican-republic Ratliff, E. (2005, October 10). The New Yorker. Retrieved March 28, 2012, from The Zombie Hunters, On the trail of cyberextortionists: http: //www. newyorker. com/archive/2005/10/10/051010 fa_fact March 30, 2012

Works Cited (continued) Verini, J. (2010, November 10). The Great Cyberheist. Retrieved March 28, Works Cited (continued) Verini, J. (2010, November 10). The Great Cyberheist. Retrieved March 28, 2012, from The New York Times Magazine: http: //www. nytimes. com/2010/11/14/magazine/14 Hackert. html? pagewanted=all Worthington, P. (2011, December 28). Wikileaks Wasn't a Threat. Retrieved March 28, 2012, from Frum. Forum: http: //www. frumforum. com/wikileaks-wasnt-a-threat Zamost, S. , & Kaye, R. (2012, March 20). 10 news/CNN Special Investigations Unit. Retrieved March 28, 2012, from Criminals May be Pocketing Your Tax Refund: http: //www. 10 news. com/money/30720937/detail. html March 30, 2012