Cyber Crime Task Force 1).
"Are computer vulnerabilities growing faster than measures to reduce them? Carelessness in protecting oneself, tolerance of bug-filled software, vendors selling inadequately tested products, or the unappreciated complexity of network connectivity has led to…abuse…" (Lukasik, 2011).
The evidence is overwhelming that cyber crimes are not only increasing each year, but the sophistication of the attacks is greater each year and the impacts of attacks are more severe each year as well. While cyber criminals' activities are taking a greater toll around the world -- and in St. Louis -- there is a great need to organize a Cyber Crime Task Force that incorporates appropriate private and public agencies, including law enforcement, the FBI, the U.S. Attorney's Office in St. Louis, and other relevant organizations. Thesis: Cyber crimes are happening at a faster rate than ever before and the attacks are taking a greater impact each year. Unless strategies and policies are put in place, cyber criminals will continue to severely impact web-based organizations, businesses, and governments as well.
Current Cyber Crime Threats in the United States -- Update
"The Internet has turned reputation on its head. What was once private is now public. What was once local is now global. What was once fleeting is now permanent. And what was once trustworthy is now unreliable" (Lipton, 2001).
According to a 2013 study referenced by the news channel CNBC.com, one-third of businesses and private organizations saw an increase in cyber attacks in 2013. The report cited by CNBC.com -- presented by the consultancy EY -- reports that thirty-one percent of the senior executives (in 64 countries) that responded to EY's survey had increases in cyber security incidents of at least 5% over the previous dozen months. That said, some 83% of the 1,900 executives surveyed indicated that their security preventative measures "…do not meet their needs" (CNBC.com, 2014).
About half of the 1,900 companies surveyed indicated that they suffered from a "…lack of skilled resources toward innovating solutions that can protect them against the great unknown" (CNBC.com, p. 1). Eleven percent of the 1,900 global companies polled indicated that their companies suffered from "…a lack of executive awareness or support for fighting cyber security" (CNBC.com, p. 1).
The list of companies and organizations that have been compromised by cyber crime is long and the damage is severe. The Reuters' sources that were referenced by RT.com indicate that besides Target "…at least three other well-known national retailers" were attacked by the same virus.
In fact, the same virus that attacked Target's servers also attacked Neiman Marcus group (and stole personal data from Neiman Marcus customers); that virus is named KARTOKHA (means "potato" in Russian) and hence there is a strong suspicion at the U.S. Department of Homeland Security -- and its "National Cybersecurity and Communications Integration Center" -- that "Russian speaking codeheads from the former Soviet Union" were responsible (RT.com).
The Biggest Cybersecurity Threats of 2013 and 2014 for St. Louis
Security "evangelist and researcher" Tomer Teller asserts that cyber criminals are using "social engineering" tactics to steal information from citizens. That is, users of Facebook and Linked In and other social media sites are being targeted because their personal information is so readily available. The second kind of cybersecurity threats Teller warns about involved "Advanced Persistent Threats" (APTs); these are highly sophisticated and "carefully constructed" threats to corporations and governments in which a "low-and-slow" approach is used so they are difficult to detect (Teller, 2013). These APTs offer a chance for criminals to steal information quietly -- and not all APT attacks are used against giants like Microsoft Word, Teller continues. The APTs attack embedded systems as well, that have Internet protocol addresses, which means that "building security into these systems has never been more important" (Teller, p. 2).
Internal threats are also considered dangerous by Teller; they can be "…the most devastating" of all security threats because an insider can obtain a tremendous amount of data in preparation for the attack. The CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute -- and the U.S. Secret Service -- believe that "malicious insiders" in the banking and financial industry can "typically" get away with ...
The fourth ongoing threat to citizens of St. Louis and elsewhere is the opportunity for criminals to hack into personal devices. In fact the huge growth in the use of iPhones, Android Phones and other personal devices open the door as a "potential gateway for attackers" (Teller, p. 2). Web-based attacks can hit personal devices the same way they can access personal desktop computers, Teller goes on; and because smart phones are now used in the workplace, the criminals can likely circumvent the "detection mechanisms mobile vendors use") (p. 2).
The fifth threat that Teller talks about is "cloud security," the trend that companies use to store information in public cloud services; the cloud services are "juicy targets" for criminals, and can easily represent "…a single point of failure for the enterprise" (p. 3). Also, the author warns that the growth of HTML5 -- the sixth serious threat he presents -- is very real in 2014. HTML5 is the system that allows for "…the integration of various technologies" in cross-platform services, and no doubt as developers of HTML5 systems "a bound to make mistakes" attackers will surely "take advantage" (Teller, p. 3). The author also warns that botnets can be compromised and attackers are creating software that allows their malware attacks harder to detect. Malware appears disguised as a form of code, scripts, or active content but it is malicious software; it may be a virus, a worm, a Trojan horse, spyware, adware or simply rouge software disguised as security software. "Millions of malicious URLs are used as distribution channels to propagate malware all over the web… [and] victim systems fall in the control of the attackers" (Chang, et al., 2013). Firewalls and other digital security technologies "have only limited capability to mitigate this new problem," Chang explains.
What are the Greatest Cyber Crime Threats in St. Louis County?
"We need to abandon the belief that better defenses alone will be sufficient. Instead of just building better defenses, we must build better relationships. If we do these things, and if we bring to these tasks the sense of urgency that this threat demands, I am confident that we can and will defeat cyber threats, now and in the years to come…" (FBI Director Robert S. Muller).
The cyber crime threats in St. Louis County in a very real way mirror the cyber crime threats elsewhere in the United States. It is likely that the most prolific cyber crime in the St. Louis area is child pornography, "obscenity toward children," and "enticement of children for sexual conduct" (Gilbreth, 2012).
Meanwhile, the St. Louis Chapter of InfraGard -- an information sharing and analysis organization that combines knowledge of cyber threats with hands-on experience in criminal detection -- is a partnership between the Federal Bureau of Investigation and businesses, academic institutions, law enforcement groups and other private organizations. The role of the St. Louis Chapter of InfraGard is to acknowledge and response to denial of service attacks, network intrusions, and state-sponsored hackers that are "bent on compromising national security" and on stealing personal data of consumers from corporate websites (InfraGard, 2013).
Monitoring the training / seminar sessions that the St. Louis Chapter of InfraGard has provided to private industry and other members of the organization gives the researcher an idea of the greatest threats to St. Louis County.
For example, in 2013 the Chapter brought in two fraud investigators from MasterCard to review the need to protect citizens' credit cards in St. Louis County. The Chapter has also zeroed in on the vulnerability of mobile devices (smartphones), on social network vulnerabilities (due to personal and professional information being readily available).
Which three types of cyber crime should the task force prioritize?
First, child pornography and solicitation of children for sexual acts (over the Internet) should be at or near the top of the list. Second, Internet criminals who hack into company and government websites to steal personal data (where a person lives; where a person works; what activities the person engages in) is a vitally important component of a future task force in the St. Louis area. And third, credit card fraud -- which includes those criminals that hack into commercial websites and steal debit and credit card information -- is a big problem in St. Louis and should be an important part of the business of a task force for this area.
As to the child pornography and solicitation issue, there are so many instances of inappropriate behaviors vis-a-vis children online that Missouri was obliged to pass a new law in 2012 (statute 565.090). That legislation includes a "…new criminal provision for recklessly frightening, intimidating, or causing emotional distress to another…" who is seventeen or younger (Gilbreth, p. 16).
Part of the problem is that America's national crime reporting systems, such as the National Incident-Based Crime Reporting System and the Uniform Crime Report Program managed by the Federal Bureau of Investigation (FBI) in cooperation with thousands of U.S. law enforcement agencies, do not specifically identify or distinguish between many forms of online crimes. Nor do they effectively distinguish between traditional in-person forms of crime that are substantially facilitated
In this scenario, "if a bad guy wants to take over an account, he'll have someone else speak in a different language in a different location, and that's all they do. Their expertise is calling financial institutions for social engineering" (Piazza 2006). According to Piazza (2006), cybercrime consists of any crime a person commits by using a computer or computer technology. He classifies various types of cybercrime into four
GIS and mapping software, once available only to agencies possessing mainframe computers, can now be easily loaded on the laptops carried in patrol vehicles and therefore can be used by even small and budget-constrained police departments. The innovations demanded by community and problem-oriented policing require that departments incorporate a geographic, spatial, or local focus, and emphasize the importance of integrating crime-mapping techniques into departmental management, analysis, and enforcement practices."
Cyber Threats: Executive Summary It is important to note, from the onset, that even before the personal computer became as popular and as widely used as it is today, vandals still compromised computerized phone systems either for fun or for economic benefit. During the very early decades of IT, computer attacks were mostly committed by insiders, i.e. disgruntled employees of an entity (de Leeuw and Bergstra, 2007). The said attacks in
Justification of a Forensic Unit Our Agency has just received $3 million grant from the federal government because of the efficient method that the unit employs in running the department. Additionally, the City Council has agreed to continue assisting the unit with additional funding at the end of the three years provided the department is productive and serve the citizens well. However, the department requires presenting a different budget from the
XYZ Company Tasking The plan for processing the potential crime/incident scene depends upon maintaining the integrity of the scene as well as the integrity of the data. That means the first step is to prevent the scene from contamination. Preparing for the search is an important step, therefore, in this process. The team should have the legal authority to proceed with the seizure of evidence and this should be shown upon arrival. Likewise,