Investigating Computer-Related Crime

9780849319730

Image retrieved from CPC Press

As mentioned in the last post there is not much difference between a physical crime scene and a digital one. The main difference is the type of evidence that is collected. There are several types of investigations that are specific to computer crimes. These investigations are single-scene, multiple-scene, and network investigations. Each of the three rely on specific skills from the people who are involved. Single-scene investigations are tailored towards skills that are found from law enforcement investigators, whereas multiple-scene investigations require coordination and networking skills. According to Taylor et al. (2015), “networking skills may be provided by a subject matter expert (e.g., a computer consultant)” (p. 273). The last of the three, network investigations require the skills of both multiple-scene personnel and outside experts. Like with any crime scene, everyone who responds has a specific role to abide by. Those who are often involved with crime scenes include, first responders, investigators, forensic analysts, private police, and subject matter experts. These actors coordinate with each other to collect and analyze evidence in order to prepare it for trial if necessary.

Single-scene investigations are a little less complicated than multiple-scene and network investigations, but it is important to understand what counts as digital evidence and what must be done to collect evidence legally. Like all investigations, law enforcement officials must have proof of probable cause and complete an affidavit to be granted a search warrant. The affidavit must “specify that a crime has been committed, evidence of the crime exists, and the evidence presently exists in the place to be searched” (Taylor et al., p. 277, 2015). Digital evidence often consists of computer systems, external storage media, handheld devices, and networking equipment. Once law enforcement has access to the scene, they begin to look for the evidence that fits the crime committed. Documenting any visible evidence is the first step they do prior to collecting anything. Once the scene has been properly documented, law enforcement can begin collecting and preserving the evidence that is present at the scene. Some evidence have specific rules to follow when collecting it. For example, evidence such as computers, it is extremely important to either leave it on if the computer is on or collect it and submit it for further analysis. Like at a physical crime scene, analysts fill out a form called the computer evidence worksheet. This sheet contains crucial information that pertains to case number and all computer information that is available.

Unlike single-scene investigations, multiple-scene and network investigations are a lot more complicated by a number of factors. These networked environments may “contain evidence on multiple machines using multiple operating systems, in multiple physical and/or network locations, and in multiple jurisdictions” (Taylor et al., p. 285, 2015). Having to maneuver multiple networks can become quite complicated for the analysts. Collecting evidence can be challenging due to the fact that there can be minimal intrusion into the network by law enforcement officials. Collecting digital evidence is becoming more challenging because while technology continues to advance, law enforcement is struggling to keep up with it. In order for law enforcement to fight computer crimes, there needs to be more training by experts who specialize in digital crime scenes.

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Investigation of computer-related crime. In Digital crime and digital terrorism (Third e., pp. 297-320). Upper Saddle River, New Jersey: Pearson.

Advertisements

What is Digital Forensics?

forensics

Image retrieved from Adam Erickson’s blog Digital Forensics

Forensics plays a huge role in the criminal justice system, whether the evidence obtained is physical or digital. Collecting enough evidence is necessary for law enforcement to have a trial against the suspect. Digital forensics can vary on many types of levels in the criminal justice field. Taylor et al (2015) state, “Civil court applications of digital forensics can include any aspect of computer science or information science” (p. 297). Digital forensics should be handled and processed with the proper care physical evidence is. Once the evidence is collected it should be analyzed by forensic scientists who specialize in digital forensics.

When an analyst is given the evidence, they attempt to discover the truth. They search for evidence in order “to find information that is in itself incriminating (e.g. child pornography) or evidence that helps establish the elements of a crime (e.g., paper trail for a fraud case)” (Taylor et al., p. 306, 2015). Analysts follow guidelines published by the National Institute of Justice. In Electronic Crime Scene Investigation: A Guide for First Responders, law enforcement agencies are instructed on how to preserve digital evidence from an electronic crime scene. After all the evidence is collected, the analyst writes up a report “describing what evidence was identified, what elements of the crime it proposes to establish, how the evidence was identified, and finally how and why any summaries of evidence were created” (Taylor et al., p. 308, 2015). Though the guidelines seem easy to follow, unfortunately there have been complications with how digital forensic evidence is used when in court.

Challenges have seemed to arise in court for evidence that encompass digital forensics. Technology is always changing on a daily basis and this can have some major impacts for the field of digital forensics. When producing digital evidence in court, it often gets overlooked compared to physical evidence. An article on the website The Conversation, states “digital evidence tendered in court often fails to meet the same high standards expected of more established forensics practices, particularly in ensuring the evidence is what it purports to be” (Boddington, R.). Even though the evidence is not “physical” like in many cases, it is important for the court system to hold digital evidence to the same level.

Digital forensics is still relatively new and forensic scientists continue to work out the problems that encompass the field. Forensic scientists who focus on this specialty are encouraged to obtain better forensic practices and tools to collect digital evidence. This is an important factor because of the “increasing size of data storage on some personal computing devices, let alone cloud and network storage, which presents greater recovery and jurisdictional challenges to practitioners” (Boddington, R.). Technology is only going to keep on advancing and it is crucial for the forensic scientists to stay up to date on digital crimes and technology. It is going to be interesting to see what the future of digital forensics holds as computer crimes improve over the next few years.

References:

Boddington, R. (n.d.). Cyber CSI: the challenges of digital forensics. The Conversation. Retrieved from http://theconversation.com/cyber-csi-the-challenges-of-digital-forensics-37902

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Digital forensics. In Digital crime and digital terrorism (Third e., pp. 297-320). Upper Saddle River, New Jersey: Pearson.

Federal Law Enforcement and Cybercrime

Print

Image retrieved from the FBI

With the advancement of cybercrime, new challenges have arisen that have made it difficult for law enforcement to combat it. All levels of law enforcement have increased training to recognize and strategize against cybercriminals. Federal agencies that focus on cybercrimes include:

Department of Justice,

Federal Bureau of Investigation,

National Security Agency,

Federal Trade Commission,

Postal Service,

Department of Energy,

Department of Homeland Security,

U.S. Immigration and Customs Enforcement,

And Secret Service.

Each of the organizations listed have a specific role that they do when investigating cybercrimes. With the advancements of cyberattacks, “agencies have increasingly reorganized in an effort to channel resources directly at preventing digital crimes and apprehending computer criminals” (Taylor et al., p. 257, 2015). Making sure federal agencies are up-to-date is important due to the fact that technology will never stop advancing, making the fight on cybercrime a top priority. A cyberattack can take out critical infrastructure which can affect many people if the federal agencies are not aware of it. In addition to apprehending computer criminals, federal agencies have developed more departments specialized in specific areas pertaining to cybercrime. Also several of the agencies have developed partnerships with other agencies whether it is law enforcement, private industry or the public to “improve collaboration and cooperation to thwart digital criminals” (Taylor et al., p. 258, 2015). The FBI has a huge role in cybercrime, they have a cyber division that coherently works with its criminal investigative division. The FBI studies and alerts localities about cybercrime. In a recent article in the Miami Herald, talks about how the FBI notified Florida about recent cybercrimes occurring all throughout the state. They warned Florida citizens about strange emails that were being sent out which allowed hackers to retrieve the recipient’s information. The article mentioned the FBI’s Internet Crime Complaint Center or IC3. According to the article “the mission of IC3 is to provide the public with a reliable and convenient method to submit information about Internet-facilitated criminal activity to the FBI” (Caldwell, C., 2015). Though there are new laws being created to stop cybercrimes, it is difficult for law enforcement to enforce them.

There are some issues law enforcement can run into when dealing with cybercrime. So why are laws pertaining to cybercrimes so much more difficult to enforce than for regular crimes? According to the website TechRepublic, these issues include: branch of law (criminal, civil, and regulatory), geographic location, type of evidence, and anonymity of identity. Due to the advancement of technology law enforcement agencies are becoming better equipped to handle cybercrimes and can now better locate suspects. In order to fix the jurisdictional issue of cybercrime, law enforcement in the United States and around the world are “cooperating to adopt consistent laws, and forming interjurisdictional task forces to deal with cybercrime that crosses state and national boundaries” (Shinder, D., 2011). Therefore as technology advances law enforcement must be able to step up and prevent as much cybercrime as possible. There may be no way to completely end cybercrime, but having the tools to combat it is a step in the right direction for law enforcement agencies.

References:

Caldwell, C. (2015, November 2). Crime watch: Florida is no. 2 in nation for internet-based criminal activity, reports FBI. Miami Herald. Retrieved from: http://www.miamiherald.com/news/local/community/miami-dade/community-voices/article42210816.html

Shinder, D. (2011, January 26). What makes cybercrime laws so difficult to enforce. TechRepublic. Retrieved from http://www.techrepublic.com/blog/it-security/what-makes-cybercrime-laws-so-difficult-to-enforce/

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Law enforcement roles and responses. In Digital crime and digital terrorism (Third e., pp. 257-272). Upper Saddle River, New Jersey: Pearson.

Search and Seizure Law for Digital Evidence

s55

Image retrieved from Nassr Al-Saifi’s Blog: Web Trends and Culture

When a crime occurs online, how exactly does law enforcement agencies handle the evidence since it is digital rather than physical? Well the answer is actually quite simple. Even though it is not a physical crime scene, law enforcement still follow search and seizure laws when collecting digital evidence. Unfortunately, according to Taylor et al. (2015), “much search and seizure law has failed to keep up with the changes brought about by increases in digital crimes and the increasing need to collect digital evidence” (240). Therefore like obtaining any evidence whether it is digital or physical, law enforcement must obtain it lawfully.

In order to obtain evidence lawfully, law enforcement must conduct searches with warrants, searches without warrants, stop and frisks, consent searches, exigent circumstances, search incident to arrest, plain view, and searchers by private citizens. An officer must have probable cause in order to obtain a search warrant from the magistrate’s office. Therefore the officer must “particularly describe the place to be searched and the evidence to be seized” (Taylor et al., p. 241, 2015). Though it seems strange searches can also take place without having a search warrant present. As mentioned briefly warrantless searches consist of stop and frisk, consent, plain view, and etc. Consent searches are the most common search method when looking for digital evidence without a warrant. Though when a person withdraws consent the search must stop and law enforcement must obtain a search warrant to continue with the search lawfully. These ways for obtaining evidence lawfully does not only pertain to physical evidence from crime scenes, but they also pertain to digital evidence from cybercrimes.

Cybercrimes are increasing rapidly and it is important for law enforcement to search and seize digital evidence lawfully. According to Forensic Magazine, an article written by Barbara, J (2013), states that “when a computer is going to be seized, the investigator would clearly explain in the supporting affidavit that after its seizure and removal from the scene, it is going to be searched for evidence.” There is not much difference between searching for both physical and digital evidence. Search and seizure laws have developed more prominently due to Congress and the court system. Due to the increase of criminal activity that involves electronic communication, these new laws have “built upon past concepts rather than attempting comprehensively to address the rapidly changing world of digital communication” (Taylor et al., p. 245, 2015). Some statutes that have been created by Congress and the courts include, the Pen/Trap Statute, Wiretap Statute, Electronic Communications Privacy Act, and USA PATRIOT Act. These acts and many others were created to help assist law enforcement to obtain and seize evidence that are related to digital crimes. Most laws created had dual functions “besides finding evidence of digital crime, but the laws have been adapted to include such actions by law enforcement” (Taylor et al., p. 246, 2015). Collecting digital evidence might be a little harder than collecting physical evidence, but law enforcement and the federal government making progress in countering cybercrime.

 

References:

Barbara, J. (2013, October 29). Executing a warrant for digital evidence. Forensic Magazine. Retrieved from http://www.forensicmag.com/articles/2013/10/executing-warrant-digital-evidence

 

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Digital laws and legislation. In Digital crime and digital terrorism (Third e., pp. 240-256). Upper Saddle River, New Jersey: Pearson.

Domestic Terrorism in Cyberspace

45935865

Image retrieved from The Times of India

Not only do terrorist groups inflict fear in the real world, but they also turn to the internet to inflict fear throughout cyberspace. This especially relates to domestic terrorist organizations in the United States. According to Taylor et al. (2015), “Neo-Nazis, animal rights groups, militias, Black Blocs, and hate mongers all have not only Web sites but clubs, posting boards, news groups, and all other types of Internet communities” (224). With the advancement of the internet, these groups can now recruit people a lot easier and now allows a certain level of communications between these groups. In order to entice new recruits these extremist organizations typically use games, music, or images to spread the idea of what they stand for.

According to the book, there are three D’s that play a role in enticing new members. The three D’s mentioned are dehumanize, desensitize, and demonize. The purpose of the three D’s is that they tend to dehumanize the enemy and desensitize the consumer who is participating in the computer games. Due to some of the racial propaganda in these games, it is believed that being exposed to this kind of propaganda will come “into the mind under the cover of the action will serve to desensitize individuals to the horrors of hate that these groups preach” (Taylor et al., 2015, 224). When a game called Ethnic Cleansing was released, people were outraged over the idea of killing what the game referred to as “subhumans.” There are many more propaganda games like Ethnic Cleansing out there that deliver extremist groups beliefs. With the popularity of the internet, these propaganda games make it easier for domestic terrorist groups to get there ideology out to people. These groups then begin to gain followers who start believing in the same ideologies.

The Federal Bureau of Investigation have noticed how much of a role the internet plays in the promotion of domestic terrorist groups. Current FBI Director James Comey believes that another attack like 9/11 will not occur on US soil and believes attacks like 9/11 will occur in other countries. When he was testifying to the Senate homeland security and government affairs committee, he stated that he believed domestic cyber terrorism was the new topic to be looked at. In the newspaper, The Guardian, it reports him saying “cyber-attacks were likely to eclipse terrorism as a domestic danger over the next decade” (Ackerman, S., 2013). Domestic terrorists can cause a lot of harm if they can access the right tools on the internet. An example are the two domestic liberal activist groups, ALF and ELF. ALF focuses on animal rights and exploitation and ELF focuses on environmental issues. These two groups could pose a major threat to critical infrastructure if they were able to enable an attack on the internet. The idea of a cyberattack caused by a group like ALF and ELF has many officials worried. They “remain fearful that domestic terrorist groups will crack into important systems and create severe damage or steal classified information” (Taylor et al., 2015, 223). It is important for the US government to turn its attention to domestic terrorists in cyberspace. Terrorist attacks don’t just happen physically anymore, they occur all throughout cyberspace and that poses a new issue.

References:

Ackerman, S. (2013, November 14). Cyber-attacks eclipsing terrorism as gravest domestic threat- FBI. Guardian. Retrieved from: http://www.theguardian.com/world/2013/nov/14/cyber-attacks-terrorism-domestic-threat-fbi

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Anarchy and hate on the world wide web. In Digital crime and digital terrorism (Third e., pp. 219-239). Upper Saddle River, New Jersey: Pearson.

Chat Rooms and Pedophilia on the Internet

pedophile-online-predator

Image retrieved from Paper Masters

With today’s technology it is not uncommon to meet new people over the internet. There are many sites developed to meet people, such as dating sites, chat rooms, social networking sites, and many others. These sites may make it a lot easier to meet people, but who really is the person you are talking to? Most of the time these sites seem safe and you only hear bad things that occur from them every once in a while. Now as an adult if I am aware of my surroundings both in the physical and virtual world. If someone I do not know tries to start a conversation with me via a social media site I typically will not respond. Now when I was younger it was a different story when chat rooms were a big thing to be a part of. Even with the popularity of them I stayed away from chat rooms, but had quite a few friends who did. Chat rooms have never really had a respectable following which being a criminal justice major I can see why that is.

Typically with chat rooms you don’t know who the other person is, you just know their screen name. This is a common way for pedophiles to meet their victims. Social sites according to Taylor et al. (2015), “provide a way for pedophiles to come together to validate their sexual interests, share information about their habits, and find support for their behaviors” (197). Cases that involve pedophiles meeting under aged children over chat rooms go unnoticed by the parents until it is too late. When it comes to arresting the pedophiles, police investigators do a really good job at creating false chat room profiles that are most often portraying young girls. One of the reasons police investigators often disguise themselves as young girls, is because they are “targeted at almost twice the rate of boys” (Taylor et al, 2015, p. 180). Even though it is great that police officials are cracking down on pedophiles in chat rooms, the job can be real daunting. According to an article by NBC News, FBI agents who are specialized in online pedophilia stated “that they can get discouraged by the volume of images and the number of people who appear eager to see them.  Bradley, the FBI supervisor, estimated that 80 percent of the customers for child pornography are in the United States.” Chat room pedophiles are not only in the United States, but they are located all over the world.

In London, England a few years back a pedophile was busted and thirty-one kids were rescued as a result. According to D’Arcy Doran, who writes for U-T San Diego, reported that a “team of international investigators infiltrated an Internet chat room used by pedophiles who streamed live videos of children being raped, rescuing 31 children and identifying more than 700 suspects worldwide.” Seeing cases like what was discovered in London are real disheartening to know people are doing this to innocent children. Luckily there are state and federal legislature that deals with pedophiles. The Child Protection and Sexual Predator Punishment Act of 1998 was passed and it “prohibits the transfer of obscene material to minors, and increases penalties for offenses against children and for repeat offenders” (Taylor et al., 2015, p. 189). With laws like this, it is good to know that pedophiles who some children meet on chat rooms or other social networking sites get rightly punished and hopefully serve time for their crimes.

References:

Chat rooms help FBI hunt for pedophiles. NBC News. Retrieved from http://www.nbcnews.com/id/12796965/ns/technology_and_science-security/t/chat-rooms-help-fbi-hunt-pedophiles/#.VhbIIHpViko

Doran, D. (2007, June 19). Pedophile chat room busted; 31 kids rescued. U-T San Diego. Retrieved from http://www.utsandiego.com/uniontrib/20070619/news_1n19ring.html

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Sex crimes, victimization, and obscenity on the world wide web. In Digital crime and digital terrorism (Third e., pp. 175-218). Upper Saddle River, New Jersey: Pearson.

Types of Viruses

14xdvueImage retrieved from Michael Pekker’s Blog 27 Malware Types and Their Characteristics

In the last post I talked about the different types of cyberattacks that anyone can fall victim to. In this week’s post I am going to focus more on the types of viruses and malicious codes that can attack your computer. As previously mentioned in the last post according to Pennsylvania State University’s blog, “Viruses replicate themselves, and they survive by attaching to other programs or files.” Since the viruses are able to replicate themselves, this can allow them to remain dormant until they actually cause harm to one’s computer software. Viruses that disguise themselves as harmless files tend to be hard to detect. A virus that is good at disguising itself as a harmless file is the Trojan horse. The Trojan horse virus is well known with computer users, but there are many other viruses that can affect ones computer.

There are a lot of computer viruses out there can harm your computer and can steal important information if they are not taken care of quickly. The common types of viruses are boot sector, program, multipartite, stealth, macro, etc. Some of the mentioned viruses are common with the average computer user, but others typically have not been detected. To go into more detail with the viruses mentioned, boot sector viruses “often spread to other computers by the use of shared infected disks and pirated software applications” (Spamlaws). The most common way to rid a computer of the boot sector virus is having an anti-virus program installed on a computer. The program virus is like the common computer virus. Once it is open it will duplicate itself and begin infecting programs on a computer. Other forms of viruses are when two separate viruses come together and form a new one like the multipartite. The multipartite virus is made up of both the boot sector virus and program virus. The main objective of the multipartite virus is that it “infects program files and when the infected program is active it will affect the boot record” (Spamlaws). The stealth virus does exactly what it sounds like. It disguises itself so it is not detected by anti-virus software. The first computer virus referred to as “Brain” was a stealth virus. Therefore the stealth virus is a very common computer virus. The final virus is the macro virus. With the macro virus, it can become embedded into a document. This type of virus is relatively new so one must make sure that their anti-virus software is up-to-date, so the virus can be detected.

Once your computer becomes infected with a virus it is relatively easy to start seeing symptoms. Typically anti-virus programs help detect and sweep to eliminate them but the ones who are not detected by the spyware programs can cause harm to your computer. Some of the common symptoms one starts to see if their computer has been affected by a virus are computer functions begin to slow down or freeze, the frequent restarting of your computer by itself, and error messages start to show up while using the computer. There are a lot of viruses that can possible harm ones computer, therefore it is important for people to be aware of the different types of viruses out there. In order to protect a computer from the threat of viruses it is important to obtain the proper anti-virus software to defend the computer from future attacks.

References:

Types of attacks. Pennsylvania State University. Retrieved from http://www.personal.psu.edu/users/j/m/jms6423/Engproj/Types%20of%20Attacks.xhtml

Computer viruses: The types of viruses out there. Spamlaws. Retrieved from http://www.spamlaws.com/virus-types.html

Types of Cyberattacks

Today being a victim of a cyberattack is not uncommon. Cyberattacks can come in many forms over the internet, and every time you’re on, your chances of being attacked increases. The different kinds of cyberattacks one can be susceptible to are malware, password, denial-of-service, and many more. Malware is simply any computer code that has “malicious intent.” Malware typically consists of viruses, spyware, and worms. According to Pennsylvania State University’s blog, “Viruses replicate themselves, and they survive by attaching to other programs or files.” Since the viruses are able to replicate themselves, this can allow them to remain dormant until they actually cause harm to one’s computer software. Like viruses, spyware,  remains in hiding, but t can still cause some damage while doing so. Spyware is known for stealing people’s confidential information, and it is also smart enough as to where it “can log the various activities performed by a user” (Pennsylvania State University). Lastly, worms are like viruses because they can also replicate themselves. The worms are considered more dangerous than viruses because they “can also replicate across an entire network of computers” (Pennsylvania State University). Another type of cyberattacks are password attacks. Password attacks consist of brute-force attacks and dictionary attacks. Password attacks are typically used by hackers and focus on trying to hack into a victim’s password in order to gain access to a secured system. A brute-force attack is “executed when an attacker tries to use all possible combinations of letters, numbers, and symbols to enter a correct password” (Pennsylvania State University). The dictionary attack involves the use of a dictionary in order to hack into the victim’s password. The last attack is denial-of-service attack, which tends to focus on interrupting a network service. There are four ways a criminal can issue a denial-of-service attack. The four ways are teardrop, buffer overflow, smurf, and physical. There are many incidents of denial-in-service attacks, some of the victims have been MasterCard, Twitter, and Estonia. Typically bigger companies are victims of cyberattacks, but the average person can be a victim as well. An article on InfoWorld mentioned the five cyberattacks that a person will encounter. The five cyberattacks are 1. Socially engineered Trojans, 2. Unpatched software, 3. Phishing attacks, 4. Networks-traveling worms, and 5. Advanced persistent threats. It is important for people to be aware of what they receive in their inbox, because it is estimated that about 70 percent of email is spam (Grimes, R.A., 2012). These are just a few of the cyberattacks that can occur to one’s computer, and if they are not recognized and fixed, these cyberattacks can cause harm to the victim’s computer. Since cyberattacks are becoming more popular, it is important for people to gain more information about these attacks and better prepare themselves from becoming a victim of a cyberattack.

References

Types of attacks. Pennsylvania State University. Retrieved from http://www.personal.psu.edu/users/j/m/jms6423/Engproj/Types%20of%20Attacks.xhtml

Grimes, R.A. (2012, December 04). The five cyber attacks you are most likely to face. InfoWorld. Retrieved from http://www.infoworld.com/article/2616316/security/the-5-cyber-attacks-the-most-liekly-to-face.html

Hackers

hackers-omar-santosImage retrieved from Omar Santos’ Blog Internet Security, Technology, Science, Math, and Tech Stuff 

When the subject of cybercrime comes up, many people refer to hackers as the root of it all. While being portrayed in movies and television, hackers have become the main focal point in cybercrime. The definition of a hacker can sometimes be difficult to explain, but Taylor et al. (2015) states that a hacker is an “individual with a profound interest in computers and technology that has used this knowledge to access computer systems with or without authorization from the system owners” (p. 70). This definition does a great job at explaining what the job of a hacker is. Hackers are commonly referred to as criminals, but in actuality not all hackers are. There are people who are professional hackers, but the main difference between them and those who are actually committing a crime is authorization. Authorization is key because the individual doing the hacking must have permission to do so.

There are several types of hackers, which includes crackers, script kiddies, white hat, gray hat, and black hat hackers, and hacktivists. The first type of hacker mentioned are crackers. These types of hackers are malicious hackers. Script kiddies often try to exploit and show whoever they hacked, that the company’s website is vulnerable to being hacked. A perfect example of script kiddies are those who troll social media sites. White hat hackers are referred to as ethical hackers. They often test software by manufacturers and training. A gray hat hacker is “someone who typically behaves in an ethical manner, but sometimes violates accepted ethics” (Taylor et al., 2015, p. 78). One way that they could violate ethics is to hack for profit. Black hat hackers are normally crackers. These hackers typically avoid ethics. Lastly, hacktivists are individuals who use the skills of a hacker to express messages.

Hacking has been no stranger to the different news outlets. Recently it has been found that hackers are able to break into baby monitors that are connected to the internet, which is very frightening to parents. Baby monitors that are connected to the internet are becoming easy targets for hackers because of the lack of security. Many baby monitors that are able to connect to the internet do not require passwords to access them, which makes them vulnerable to being hacked. According to Herb Scribner, who writes for Desert News National, reported “Several parents across the United States have seen their baby monitors hacked in the last five years.” It is scary to know that while you are able to view your child online a hacker could be watching the child too. A solution for this could be to get new monitors that only allow you to hear your child and also child monitoring systems to be securely protected.

Hackers are both interesting and important to understand when it comes to cybercrime. Their can either play a positive or negative role in today’s society. Those who are authorized to hack, such as the government can help gain information which could better protect the United States from future attacks whether it is physical or cyberterrorism. If a hacker who is not authorized to accessing that information, the company can only learn from their security mistakes. They then can learn how to make their security protocols better and prevent future attacks from occurring.

References:

Scribner, H. (2015, September 4). Baby monitors are easy targets for hackers. Desert News National. Retrieved from http://national.deseretnews.com/article/5756/baby-monitors-are-easy-targets-for-hackers.html

Taylor, R., Fritsch, E., & Liederbach, J. (2015). Hackers. In Digital crime and digital terrorism (Third e., pp. 69-96). Upper Saddle River, New Jersey: Pearson.

The Next Big Threat: Cyberterrorism

It should not come as a surprise that cybercrime is becoming a huge epidemic. Today it is hard to find really anything that is not digitalized, which can have both positive and negative outcomes. Having personal information in a digital format allows people to be more susceptible of being a victim of cybercrime. The United States and the rest of the world have come a long way in trying to defend their citizens from cyberattacks. Recently there have been stories on the news about hackers getting information about federal employees. It is scary to know that millions of federal employee’s information could have been stolen as a result from the hack. After hearing about this incident, it is important for the United States government to become more proactive in the fight against cybercrime. Some of the past attacks that have occurred in the United States have been minor compared to the scale of what could happen. There could be a cyberattack that could completely shut down the United States critical infrastructure, such as power grids, water, transportation systems, and etc.

Former CIA counter-intelligence director, Barry Royden is not a stranger to cybercrime, or cyberterrorism as he refers to the topic. Royden, who was interview by John Hayward on Breitbart, stated that the threat of cyberterrorism is “pervasive, evasive, and so damned invasive that, sooner or later, someone will give into temptation, pull the trigger, and unleash chaos.” With the advancement of today’s technology it is crucial for the United States government to come up with any preventive strategies against cyberterrorism. With this being said the government itself have been the target of cyberterrorism, including the State Department and even the White House. Unfortunately there is currently no way to be 100% protected from cyberattacks. The only protection we have today according to Royden are “firewalls, but every firewall is potentially defeatable.” Typically with cyberterrorism there is no warning about what is going to happen, meaning that a cyberattack typically happens out of nowhere. That is the scary thing about everything being digitalized. I get that we live in a digital world now, but if we want to protect ourselves from having crucial information stolen or critical infrastructures being targeted, the government must have a more proactive approach to this topic. Technology is only going to keep on advancing, so if nothing is done now to prevent cyberterrorism, then the attacks are only just going to harm us even more.

As mentioned previously, a country’s critical infrastructure is a vulnerable target. In Holly Ellyatt’s article who writes for CNBC, interviewee Eugene Kaspersky states “there are concerns that the next big attack will be against national critical infrastructure and could cripple a country’s ability to function.” In order to protect the United States from a major critical infrastructure attack, we need to look at previous hacking jobs and learn from them. The U.S. government can only learn from their previous security downfalls to better prepare for future cyberattacks. Kaspersky recommends “that governments needed to allocate a good part of their budgets over the next decade to making critical infrastructure systems more secure.” Cyberterrorism is a rising threat to the United States and around the world since an attack can originate in one country and occur in another. Research and resources are benefactors to understanding past incidents and protecting all countries from future attacks as a result of cyberterrorism.

Hayword, J. (2015, May 20). Cyberterrorism is the next ‘big threat,’ says former CIA chief. Breitbart. Retrieved from http://www.breitbart.com/national-security/2015/05/20/cyberterrorism-is-the-next-big-threat-says-former-cia-chief/

Ellyatt, H. (2015, January 27). Cyberterrorists to target critical infrastructure. CNBC. Retrieved from http://www.cnbc.com/2015/01/27/cyberterrorists-to-target-critical-infrastructure.html