|
|
Introduction
The Internet is a major arena for human life in society today. It provides an immense platform without physical barriers for every aspect of human interaction from businesses to social gatherings. However, information technology is now used for destructive and criminal purposes as well as for constructive work or social interaction. Over the past few years, many people will have witnessed a range of computer related crimes ranging from the defacement of websites to very sophisticated intrusion attacks. Some of these are far more significant than others e.g. the theft of national security information has great consequences for national security and public safety. In comparison to this, defacement of a website is not as important, but could still result in serious consequences for any business unlucky enough to be the victim of such an attack. Crimes of this sort can be financially disastrous for any business relying on customers' willingness to engage in online shopping, and could ultimately force it to shut down. Know the risks
There are many enormous economic and social benefits to be gained from information technology and the Internet. However, it is clear that there are also a number of dangers and risks involved when utilising the Internet and they include:
 |
Invasion of privacy, information and data
can be vulnerable to unauthorised searches and seizures. |
|
|
|
Fraud and theft, this includes the theft of credit card details by others to purchase goods and services, identify theft, bank fraud, etc. Other techniques include recent phishing attacks through emails in tricking customers to enter confidential information into fake websites. |
|
|
|
Harassment by computer, which can be sexual, racial, religious and abusive. Other harassment methods used include viruses and/or advertisements. |
|
|
|
Loss of business reputation, possibly due to intrusion attacks i.e. DDOS attacks and web defacement. |
|
|
|
Loss of data and damage to computer systems, through malicious code e.g. viruses and trojan horses embedded by "crackers" better known as "hackers". |
Criminal behaviour on the Internet, better known as cybercrime, is now presenting a major challenge and will eventually develop into a sophisticated method of committing crime in the future. As it becomes more pervasive, electronic crime will always feature in all forms of criminal activity, even those classified as traditional crimes such as money laundering, terrorism and trafficking of drugs and/or people through the use of emails, instant messaging, etc. Fortunately, digital evidence is becoming commonplace and such evidence can be gathered to support the identification and prosecution of criminal offenders.
E-crime
The computer has become an integral part of our everyday lives. However, as our connectivity and dependency on information technology increases, our vulnerability simultaneously increases. These vulnerabilities have already been demonstrated in recent times.
Unauthorised access
During the late 1990's, a former programmer initialised a series of intrusions to obtain the administrator passwords for a major computer system, and hundreds of files were downloaded including very sensitive data and programming files that were replied upon to keep the system running properly. The intrusion was a significant threat to public safety as it was used by doctors and medical professionals and also resulted in monetary loss. Due to the severity of this case, a search warrant was executed for the intruder's computers and he was arrested within a few days of the intrusion. A preliminary examination disclosed evidence of the intrusion together with possession of child pornography. He was later convicted of access violation and was found guilty of receiving obscene images through the Internet.
Viruses
Technically speaking, a virus is a self replicating reproducing automatic programme that can spread copies of itself into other computers known as "hosts". Viruses, are similar to human biological viruses e.g. a flu virus, which can spread by inserting itself into other human beings.
Today, virus writers are increasing the threat to networks and computer systems worldwide. In recent years we have seen the "Love Bug" virus (or ILOVEYOU worm), SirCam, Code Red and "Bugbear" (and others). The cost of virus attacks since 2001 is said to be more than US$10 billion. It is also known that the Melissa virus affected 1 million computer systems and caused US$80 million in damages alone.
Hackers
Hackers or the more serious "Crackers" are also a common threat and according to reports for large organisations in the UK, these attacks appear to exceed the number of company's affected by viruses. These are people who crack or technically hack in to networks for the thrill of the challenge and to gain access to particular computers to sabotage computer system. However, we are seeing more and more cases of hacking financial gain. In these cases, hackers do not need to have much computer knowledge as they can now download attack scripts and protocols from the Internet and target their victims selectively e.g. by running distributed denial of services (DDOS) attacks.
Terrorists
These groups are increasingly using information technology and the Internet to assist in the planning of activities, to raise funds and to communicate their messages securely. In one recent example, the mastermind behind the 911 World Trade Center bombing had stored detailed plans on how to destroy US airliners on encrypted files on his computer which was later found after his arrest. While this demonstrates technology and its use, these terrorist groups have not yet employed cyber tools as weapons to damage critical infrastructures e.g. by targeting government email servers, energy networks, transportation systems, financial networks, etc. These potential attacks have been labelled "Cyber-Terrorism", however we are yet to witness the implications of a truly catastrophic cyber terrorism attack. For these attacks, implications can be realised in monetary losses e.g. loss of data/information, loss of business and/or reputation, and cost of forensics for recovery and litigation. But the growing side effect will be loss of confidence and creditability in the people who use the Internet.
Catching the cyber criminals
Over the past few years, crimes involving computers and the Internet have increased dramatically. The technological nature of these crimes poses unique challenges to those involved in tracking down the perpetrators. With such technical challenges inherent in fighting crime in this vast arena, there is an extensive need to conduct forensic examinations to support/provide evidence in investigating network intrusion offences and denial of service attacks. These investigations alone require vast volumes of data analysis, storage space and state of the art technology.
While the nature of Internet crimes is complex and challenging, computer forensics can help investigate crimes by enabling the collection and analysis of data, and the production of evidence to help identify, apprehend and finally prosecute offenders.
matthew.chu@gthk.com.hk
|
