Exercise #2 Midterm Report
Exercise #2 Midterm Report IST 454
Popular in Cyber Forensics
Popular in Department
This 10 page Study Guide was uploaded by Matt Curtis on Thursday March 5, 2015. The Study Guide belongs to IST 454 at Pennsylvania State University taught by Chao Chu in Spring2015. Since its upload, it has received 186 views.
Reviews for Exercise #2 Midterm Report
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 03/05/15
Exercise 2Internet Crimes and Forensics A Cyber Threat Report Submitted by Matt Curtis Submitted to ChaoHsien Chu Professor IST 454 Penn State University Table of Contents Executive Summary 3 Introduction 3 Assignment 3 The FBI s Fight against Cyber Crime by Robert Mueller 46 Nature 4 Scope 4 Types 45 Challenges of InternetCyber Threats and Investigation 56 Possible Solutions 6 Appendix 9 Executive Summary This exercise assignment requires students in IST 454 to understand the scope of cyber threats and gain a better insight into the consequences as well as the impacts these threats have on our lives The FBI help illustrate this by sharing their experiences and viewpoints on the situation All of these cyber threats provide a better understanding of the nature scope types problems challenges and investigation All of which suggest we can create some possible solutions Introduction Cyber threats are in rising You can hear and read news regarding cyber threats cyber crime identify thefts phishing etc almost on a daily basis But it is hard for us to image the scope and types of cyber threats are broader than what we know and the consequenceimpact of cyber threats is bigger than what we thought In these talks below the FBI director and a FBI agent share their experience and view about cyber threats Assignment Please write a professional report no more than 10 pages to summarize the talks in terms of the nature scope types problems challenges of Internetcyber threats and investigation and suggest your possible solutions The FBl39s Fight against Cyber Crimeby Robert Mueller Nature Robert Mueller talks about the globalization of the Internet Age and how it has changed the way society has learned work as well as even communicate with one another via technology Robert explains how information is power and in today s world our security is compromised and leaves us vulnerable to widespread attack from foreign powers hackers spies and even terrorists There are many adversaries that seek our protected information and in nite amount of criminals who use the web looking to harm consumers corporations and private citizens Scope Robert Mueller will address the issues of cybersecurity in the ongoing globalization of society in the Internet Age and what the FBI is doing to meet these diverse challenges He will explain how what may appear as a cybercrime can turn into a national security threat Also he puts in perspective the nature of cyber threats and how global attacks are extremely challenging when it comes to prosecuting There are some investigative challenges that make cyber threats extremely dif cult but one advantage the FBI has our partnerships These partnerships will help bridge both national and international investigations that will provide better solutions to these challenging cyber threats Types There are many cyber threats both local national and international that pose as major risks to security 0 Phishing scam attacks that created the world s largest international cybercrime in history causing the US to work with Egypt for the rst time in a partnership Criminal hacks into local computers or corporations pose as a risk to corrupting con dential information to both users as well as national security Cyberattacks used by terrorists to weaken nation s economy and government power leaving them vulnerable to physical attacks ie invasion Nigerian Email Scam offers users millions of dollars if they help in the illegal act of moving some money It s a scam that poses to be someone you may or may not know and can create viruses that steal your information andor damage your computer Denial of service virus attack Problems Cybercrimes originated in Eastern Europe and pose as a major cyber threat to not only the US but the whole international world Egypt and US are working together for the rst time ever in a partnership to solve the world s largest phishing case in history problem is the fact that even after arrests and the case is still ongoing Any halfdecent hacker is able to jump around from countryto country or institutionto institution in order to cover their tracks which makes it very difficult to discover the point of origin of the attacks Teenage hackers provide dangers to users because they can still create a major cyberattack such as a denial of service attack ChaHenges Working with many partners both local and international can create tensions as well as inef cient investigations Partnering with countries for the rst time on major cyber threats can be a challenging experience that leaves either a positive or negative mark for both sides Everyone is a citizen of the intemet and must be stewards of the intemet We all have a responsibility to protect the infrastructure that protects the world This is a large and daunting task which will be very dif cult to maintain American citizens are worried about intelligence agencies reading their emails or personal information This poses as a challenge of trust because there are always conspiracy rumors oating around about what government agencies really do but in fact they can and only read someone s personal digital information with court written warrant Without this warrant the government agencies would be violating the citizens 4th amendment constitutional right Investigation FBI has an advantage against cyber threats because of something called partnerships These partnerships help the government agency with data analysis warrants arrests and prosecutions that help their investigations both nationally as well as internationally FBI runs a program called infraguar that acts as one of the important links to the private sector They use it to exchange information with a host of industries ranging from computer software companies to chemicallyrun corporations They are the experts on our critical infrastructure energy grids and public utilities that rely on computer networks 32000 members that help reduce risk from becoming reality Possible Solutions 0 Imbedded FBI agents in several police agencies in Eastern Europe to assist with cybercrime investigations 0 If you are a Basic user make sure to enable basic protection for your networks Things like rewalls antivirus software strong passwords and security patches 0 If you are part of a large corporation or academic network start thinking of cybersecurity as a mission critical component and not an afterthought 0 Provide the FBI and government teams with as much information as possible in order to help protect you in a more effective way against cybercrimes 0 Internet can be used to help detect and even protect against cyber threats FBI gives a talk to Oklahoma State Institute of Technology Information Technology students Nature FBI comes to Oklahoma State Institute of Technology to present to students about the dangers of the intemet and how they can be at risk They even illustrate from an intelligence viewpoint the agencies top priorities in battling this cyber threat Each priority the FBI has poses as a challenge especially as technology grows and becomes even more advanced each year Scope FBI will come to Oklahoma State Institute of Technology to talk to students about the dangers posed by the Internet They will talk about many types of cyber threats ranging from scams to Trojan virus attacks The Agency will even explain its top ten priorities and the problemschallenges they face in resolving them Also they highlight a few examples of attacks against the nation from countries like Russia and China who view themselves as strategic competitors of the US in both military and economy Plus the FBI informs us about the dangers of social media from ourselves hackers and criminals as well as the bene ts of being socially active Lastly the government talks about a few possible solutions they have to slow down the threats to cybersecurity but are open to some of the student s possible solutions Types There are many cyber threats both local national and international that pose as major risks to security Phishingremains primary way to intrude on a network Spyware attack Infection virusTend to be malware that are custom and undetectable Trojan BankingHackers steal users banking information and launder money ACH Fraud work at home component BotnetsRent per hour DDoS sDenial of service attacks that can be rented per hour Underground marketsfacilitate the sale and trade of illegal things like credit cards personal information money laundering etc Internet FraudTheft of personal identifying informationPII Identity theftHacking or spamming users to steal their personal information and sell it in an underground market ExtortionCyber criminals use their stolen money and send it to an offshore account via money mules Auction or Sales FraudE Bay Craig s list Autotradercom Problems Computers and intemet used to stop terrorists but now they are using that to spread propaganda recruit communicate and share information and tactics Foreign espionage isn t caused by just the traditional foreign spies but also from cyberattacks in the cyber world Hactivism skilled computer hackers express ideological messages through disruptive and vocal activity Cyber Crime produce 10 s of billions in pro t per year which happens to be larger than international drug trade Hackers use ransomware to get people s money to unlock computers that were blocked by government agencies for various reasons ironically this service is a phishing scam All computers are useful in the criminal world and if it has value criminals can sell it Line between government and private sector is getting very blurred according to 2011 Industrial Espionage report by Congress Your free time isn t always free People including your company can see everything you post Social Media can insinuate lower productivity 0 Create addiction 0 Cyber Stalking O Compromise of sensitive networks through malware and other various cyberattacks O Scams ChaHenges Stop terrorists from planning and carrying out terrorist attacks against the US Prevent foreign espionage against government and private sectors Preventing the large amount of ACH Fraud cyber criminals create using malicious emails to capture everything from a user Money Mules allow hackers to forward their stolen money overseas at a xed price that way they can keep the stolen money from being found Russia issues international travel advisory to its hackers which makes partnerships extremely problematic Advanced persistent threat API Foreign governments with the capability to maintain long term access into your systems China has been discovered to be the main cyber intrusion threat against the US which can be considered a declaration of war Ironically they are the United States biggest trading partner and would economically ruin the nation Investigation The FBI has a set of top ten priorities they face in the threat of global cyberattacks which pose as a riskchallenge to their investigations Some of their priorities range from Counterterrorism Cyber Intrusions white collar crime to Upgrading FBI technology Cybercrime is such a large threat that investigating it causes a lot of work time money and manpower to make arrests Its pro ts are signi cantly higher than international drug trading which causes corruption in government agencies due to the wealth of power and diminishes the success of cyber investigations Possible Solutions To prevent cybercrime it s wise to have teams set up to work on counter terrorism and counter intelligence in order to protect the nation as well as work more ef ciently with international partners FBI blocks computers that have been investigated and found guilty for containing things like stolen information child pornography etc Use API on foreign powers who consider themselves competitors or enemies of the US in order to keep a watchful eye on them Use Access Paths and Payloads to nd ways into a closed system or attack a system when a vulnerability is exploited As a user there are several things we can do to defend ourselves 0 Don t be quick to trust unknown people 0 Use long passwords with symbols and passwords 0 Use only sites that show they are protected like HTTPS or SSL 0 Separate computer for sensitive tasks 0 2Factor Authentication 0 Defense for an admin in the private or educational sector 0 Update everything I OS security patches I Business software patches I Antivirus de nitions 0 Secure the network I Firewalls and routers I Intrusion detection systems 0 Restrict and audit who is Admin 0 Educate yourself on network security 0 Monitor and sensor what you postshare on your social media sites 0 Your boss and potential hackers can see everything Don t search for a new job while employed Don t like a competitor Don t divulge with others in sensitive company information Truth in application Security ClearancePolygraph Be careful with using location on social media I Geotagging I Twitter tracking Phone Screens and ringtones can be problematic Voicemail greetings should be professional Email names shouldn t be unprofessional or degrading 0 Resume should show attention to detail 0 Google yourself 0 View your pro les as public member to monitor what people can see 000000 000 0 Monitor who are your friends on social networks 0 Assume all employers graduate schools medical schools and colleagues review your online presence Appendix References I Mueller Robert quotFBI39s Fight Against CyberCrimequot CommonWealth Club DC 7 Oct 2009 Web 5 Mar 2015 lthttpswwwyoutubecomwatchvp5fsCyMk6QampNR1gt 0 Soldier Cyber quotFBI gives a talk to Oklahoma State Instiquot Youtube Oklahoma 24 Feb 2014 Web 6 Mar 2015 lthttpswwwyoutubecomwatchvgTstAplgAMgt 10
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'