11-09-2013, 02:32 PM
COUNTER MEASURES: INFORMATION WARFARE
COUNTER MEASURES.ppt (Size: 575.5 KB / Downloads: 13)
Objectives
Identify tactics and digital media used in the preparation and planning of devastating crimes or large-scale attacks and the cybertrails they leave
Understand how the Internet is used as a tool for terrorism or virtual warfare
Explain the objectives of hackers and those involved in criminal commerce
Explain the process of collecting e-evidence in computer hacking cases
Introduction
This chapter examines cyberplanning, terrorist, and virtual warfare activities and then explores the characteristics of hacker attacks. The legal, technical, and investigative knowledge you have will help in understanding criminal activities on a large scale, ones that are geographically widespread or highly destructive .
Large-Scale Investigations
Computer forensics experts may be called to assist in large-scale investigations by:
Corporations, industry, or national security agencies
Two actual situations:
Hosting the al Qaeda Web site
Hijacking computers and launching a DoS attack
Terrorism, Virtual Warfare, and Other Types of Internet-Based Hostilities
Features of the Internet that appeal to criminals:
Anonymity
Command and control resources
Chat rooms
Web sites with stego resources
These features are used as cyberplanning tools to coordinate and integrate attacks
Terrorism and the Internet
Activities associated with terrorism and the Internet
Intelligence collection and propaganda purposes
Al Qaeda operatives fight for the “hearts and minds” of Islamic faithful worldwide
Captured al Qaeda computer contained engineering and structural architecture features of a dam that could be used to plan catastrophic failures
Spoofed Sites Used for Identity Theft
In 2006, a Chinese bank’s server hosted spoofed Web sites that phishers were using to steal identities of American bank clients
First instance where one bank’s infrastructure used to attack another bank
A phishing kit was used to phish for the Chase account numbers
Military Espionage
Evidence suggests that Chinese hackers are hacking into U.S. government computers
In 2002, 40,000 attacks were launched against Pentagon networks from Chinese Web sites
In 2004, there were 79,000 attacks
The risk is that hackers will gain access to Pentagon systems that control encryption and other military data
Botnets and Criminal Commerce
Detecting and investigating hacker attacks require investigators to:
Understand the vocabulary
Learn how the attacks are orchestrated and executed
Know the signs and symptoms of an attack
Understand the motives and tactics of attackers
Monitor chat rooms where hackers advertise or recruit
Summary
When investigating terrorists, cyberextortionists, hackers, and botmasters, many types of forensics come into play:
Network
Data
Cell phone
IRC (chat rooms)
It is critical to understand the motives and methods, intelligence activities, and concealment tactics of hackers
A coordinated effort is required by FBI, other federal agencies, and foreign governments in order to track down cybercriminals
Computer forensics experts can aid these agencies in the fight against cybercrime and criminal commerce