05-04-2012, 11:21 AM
A Succinct Cyber Crime Tour Meant To Illustrate By Way of Assorted Examples The Sort of Online Crimes Which Are Occurring -- And Why We Need More Cyber Crime-Trained Attorneys
A Succinct Cyber Crime Tour Meant To Illustrate By Way of ....ppt (Size: 2.96 MB / Downloads: 37)
Cyber Crime As An Area of Legal Specialization
Somewhere along the line, unless you're planning on having a general law practice, you'll need to decide on an area of specialization. What should you choose?
While each area of law has its own appeal and all are important, I'd like to spend a little time with you tonight explaining why I believe you should specialize in prosecuting cyber crimes.
The fact that you're in Sean's class leads me to believe you already have at least a passing interest in cyber crime, but by go-home time tonight, I hope you'll decide that prosecuting cyber crime should be the center of your legal career.
Perhaps the easiest way for me to do this is by giving you a tour of some online crimes, so you can see:-- the magnitude of the cyber crime problem we face as a society, -- the diversity of cyber crime topics involved,-- some of the challenges which make prosecuting these cases difficult, and-- some of the cases currently being brought against some online miscreants.
But you may wonder, "Why did Sean ask this guy to talk with us? What's his background?"
My Background and A Disclaimer
My Ph.D. is in Production and Operations Management from the University of Oregon School of Business, and I've been at the UO Computing Center (now Information Services) for over twenty year. I'm currently on contract with Internet2 through Information Services as a Security Programs Manager.
I'm active in the higher education cyber security community, including serving on the Research and Education Network Information Sharing and Analysis Center (REN-ISAC) Technical Advisory Group, participating in the Educause/Internet2 Security Task Force, and this past summer I was invited to co-lead one of four breakout sessions for the Department of Energy Cyber Security Research Needs for Open Science Meeting. I routinely present at national and international events, and many of my talks are available in the form of detailed slide sets (like this one) from http://www.uoregon.edu/~joe/
I also serve as one of half a dozen Senior Technical Advisors for MAAWG (the Messaging Anti-Abuse Working Group). MAAWG's an anti-spam group which represents carriers with over 600 million consumer mailboxes worldwide (as well as leading legitimate senders, anti-spam technology vendors, etc.)
I don't have a J.D., I'm not member of the Oregon Bar, I'm not a prosecutor and I'm not a cop, so nothing I say tonight should be taken as legal advice.
Finally, no one is responsible for any of my statements except me.
Format
Sean told me to plan on having about an hour to talk, which for me generally means building roughly 120 slides. If that sounds like a lot, relax! When Sean tells me I'm out of time, I will stop. I won't run us late!
Even though my slides may appear visually dense, I also promise I'm not going to read from them – they're really just meant to:-- keep me on track, -- free you from the need to take notes as we cover this material, -- give you links to items for further study (if you're interested),-- memorialize this session for those of your classmates who may not be able to be here with us tonight, and-- improve the accessibility of this material for those of you who may be hearing impaired (I know I sometimes talk too fast, or some of you may think I have a funny accent)
While I'd prefer to have this be a seminar-style dialog, since I don't know your backgrounds and haven't had the chance to give you any preparatory readings, I've built this session as a lecture, but you should feel free to jump in and ask any questions you have as they come up.
Before we dive in, though, is cybercrime really a national LE priority?
Federal Law Enforcement Priorities
"After counterterrorism and counterintelligence, cyber crime is our next priority. Cyber investigations used to be done on an ad hoc basis in many different divisions and programs. Last year, we created a Cyber Division which consolidated responsibility for investigations involving cyber viruses, privacy invasions, child pornography on the Internet and fraudulent e-commerce. From February to May of this year alone, we have opened over 90 cybercrime investigations involving 84 thousand victims worldwide and losses exceeding $162 million. These cases have resulted in 97 arrests and 64 separate indictments for cybercrime offenses."Robert S. Mueller, III, Director, FBI, June 20, 2003
http://www.fbi.gov/pressrel/speeches/npc062003.htm
More recently, see also Robert Mueller's November 2007 speech, "The FBI: Stopping Real Enemies at the Virtual Gates"http://www.fbi.gov/pressrel/speeches/mueller110607.htm
Based on everything I can see, cyber crime is DEFINITELY a LE priority.
Sorting Through a Big Pile of Badness
When it comes to looking at a topic as broad as cyber crime, it's helpful to have some structure. For me, the organization that makes the most sense is:
1. "Classic" Cybercrimes: Focus Is On the Hardware/Network Itself 2. Internet Fraud: Crimes of Deception 3. Content/Substance-Oriented Online Crimes 4. Cyber Incidents Gone Awry – Why We Need Cyber Savvy Defense Attorneys, Too
That list should catch most of the major cyber crimes that folks are worried about, EXCEPT for cyber terrorism (which I'm defining as being out of scope for this talk except as it may come up incidentally in connection with other cyber crimes)
1. (a) Theft of Services
Theft of services is, in many ways, the first "cyber" or "network-oriented" crime (albeit one which was originally committed against a phone network or a cable TV network rather than a modern packet-switched computer network)
Phone phreaking involved things such as toll fraud, the "creative routing" of calls in non-optimal ways (e.g., call next door, but do so over long distance circuits nailed up literally around the world), and other things that folks weren't supposed to be doing
Cable TV theft of service typically involved unauthorized reception of basic or premium channel traffic, or the interception of microwave TV signals, w/o payment to the TV company
Some of these crimes, or their Internet analogs, continue today, although the world is a vastly different place today, and most theft-of-service crimes have evolved over time…