Transaction Search Form: please type in any of the fields below.
Date: April 29, 2024 Mon
Time: 10:21 pm
Time: 10:21 pm
Results for computer security
28 results foundAuthor: Choo, Kim-Kwang Raymond Title: Cloud Computing: Challenges and Future Directions Summary: Cloud computing can be defined as a pool of virtualised computing resources that allows users to gain access to applications and data in a web-based environment on demand. This paper explains the various cloud architecture and usage models that exist and some of the benefits in using cloud services. It seeks to contribute to a better understanding of the emerging threat landscape created by cloud computing, with a view to identifying avenues for risk reduction. Three avenues for action are identified, in particular, the need for a culture of cyber security to be created through the development of effective public-private partnerships; the need for Australia’s privacy regime to be reformed to deal with the issues created by cloud computing and the need for cyber-security researchers to find ways in which to mitigate existing and new security risks in the cloud computing environment. Cloud computing is now firmly established in the information technology landscape and its security risks need to be mapped and addressed at this critical stage in its development. Details: Canberra: Australian Institute of Criminology, 2010. 6p. Source: Internet Resource: Trends & Issues in Crime and Criminal Justice, No. 400: Accessed October 26, 2010 at: http://www.aic.gov.au/documents/C/4/D/%7BC4D887F9-7D3B-4CFE-9D88-567C01AB8CA0%7Dtandi400.pdf Year: 2010 Country: International URL: http://www.aic.gov.au/documents/C/4/D/%7BC4D887F9-7D3B-4CFE-9D88-567C01AB8CA0%7Dtandi400.pdf Shelf Number: 120097 Keywords: Computer CrimesComputer SecurityCybercrime |
Author: Ford, Jess T. Title: Border Security: DHS’s Visa Security Program Needs to Improve Performance Evaluation and Better Address Visa Risk Worldwide Summary: Since 2003, the Department of Homeland Security's (DHS) Visa Security Program (VSP) has participated in the visa process by reviewing applications at some embassies and consulates, with the intention of preventing individuals who pose a threat from entering the United States. The attempted bombing of an airline on December 25, 2009, renewed concerns about the security of the visa process and the effectiveness of the VSP. For this report GAO assessed (1) the ability of DHS's Immigration and Customs Enforcement (ICE) to measure the program's objectives and performance, (2) challenges to VSP operations, and (3) ICE efforts to expand the VSP program. To evaluate the VSP, we reviewed VSP data, guidance, and the ICE's 5-year expansion plan. We also interviewed ICE officials, and observed VSP operations at 6 posts overseas. ICE cannot accurately assess progress toward its VSP objectives. ICE outlined three primary objectives of the VSP--identifying and counteracting potential terrorist threats from entering the United States, identifying not-yet-known threats, and maximizing law enforcement and counterterrorism value of the visa process--and established performance measures intended to assess VSP performance, including situations where VSP agents provide information that results in a consular officer's decision to deny a visa. ICE's VSP tracking system, used to collect data on VSP activities, does not gather comprehensive data on all the performance measures needed to evaluate VSP mission objectives. In addition, data collected by ICE on VSP activities were limited by inconsistencies. ICE upgraded its VSP tracking system in April 2010 to collect additional performance data, but the system still does not collect data on all the performance measures. Therefore, ICE's ability to comprehensively evaluate the performance of the VSP remains limited. While ICE can provide some examples demonstrating the success of VSP operations, ICE has not reported on the progress made toward achieving all VSP objectives. Several challenges to the implementation of the VSP affected operations overseas. DHS and the Department of State (State) have issued some guidance, including several memorandums of understanding, to govern VSP operations. However, some posts experienced difficulties because of the limited guidance regarding interactions between State officials and VSP agents, which has led to tensions between the VSP agents and State officials at some posts. In addition, most VSP posts have not developed standard operating procedures for VSP operations, leading to inconsistency among posts. Additionally, the mandated advising and training of consular officers by VSP agents varies from post to post, and at some posts consular officers received no training. Finally, VSP agents perform a variety of investigative and administrative functions beyond their visa security responsibilities that sometimes slow or limit visa security activities, and ICE does not track this information in the VSP tracking system, making it unable to identify the time spent on these activities. In 2007, ICE developed a 5-year expansion plan for the VSP, but ICE has not fully followed or updated the plan. For instance, ICE did not establish 9 posts identified for expansion in 2009 and 2010. Furthermore, the expansion plan states that risk analysis is the primary input to VSP site selection, and ICE, with input from State, ranked visa-issuing posts by visa risk, which includes factors such as the terrorist threat and vulnerabilities present at each post. However, 11 of the top 20 high-risk posts identified in the expansion plan are not covered by the VSP. Furthermore, ICE has not taken steps to address visa risk in high-risk posts that do not have a VSP presence. Although the expansion of the VSP is limited by a number of factors, such as budgetary limitations or limited embassy space, ICE has not identified possible alternatives that would provide the additional security of VSP review at those posts that do not have a VSP presence. GAO made several recommendations designed to address weaknesses we identified in the VSP. DHS concurred with the recommendations that the VSP provide consular officer training and develop a plan to provide more VSP coverage at high-risk posts. DHS did not concur with the recommendations that the VSP collect comprehensive data on all performance measures and track the time spent on visa security activities. GAO continues to maintain that these recommendations are necessary to accurately assess VSP performance. Details: Washington, DC: GAO, 2011. 41p. Source: Internet Resource: GAO-11-315: Accessed April 22, 2011 at: http://www.gao.gov/new.items/d11315.pdf Year: 2011 Country: United States URL: http://www.gao.gov/new.items/d11315.pdf Shelf Number: 121478 Keywords: Border SecurityComputer SecurityHomeland SecurityImmigrationTerrorismVisa Security |
Author: Lemieux, Frederic Title: Investigating Cyber Security Threats: Exploring National Security and Law Enforcement Perspectives Summary: This report focuses on how federal agencies define success in computer crime investigations and how they can facilitate the development and refinement of a comprehensive law enforcement strategy for addressing cyber threats. Through interviews with experienced computer crime investigators from the Federal Bureau of Investigation, the U.S. Secret Service, and the Air Force Office of Special Investigations, this project aims to identify how federal agencies conduct investigations related to cyber security and how they define operational success. Our findings show a clear emphasis on threat mitigation, instead of quantitative valuation of prosecutions, as the goal of the investigation. Strategies employ the use of intelligence gathering and sharing to fortify potential targets and identify prolific offenders. These observations are consistent with the current trends in traditional investigation which include the use of an intelligence-led policing model to combat the top national security risks to the United States. Details: Washington, DC: George Washington University, Cyber Security Policy and Research Institute, 2011. 10p. Source: Internet Resource: Report GW-CSPRI-2011-2: Accessed April 26, 2011 at: http://www.cspri.seas.gwu.edu/Seminar%20Abstracts%20and%20Papers/2011-2%20Investigating%20Cyber%20Security%20Threats%20Lemieux.pdf Year: 2011 Country: United States URL: http://www.cspri.seas.gwu.edu/Seminar%20Abstracts%20and%20Papers/2011-2%20Investigating%20Cyber%20Security%20Threats%20Lemieux.pdf Shelf Number: 121496 Keywords: Computer CrimeComputer SecurityCybercrime |
Author: Hutchings, Alice Title: Review of Computer Chip Identification Systems Summary: This paper reviews the key literature relating to embedded computer chip identification systems such as those used in smartcards and ePassports. It identifies social, policy and legal issues associated with their use, particularly as they relate to the Australian context. Computer chip identification systems, while offering many benefits, may contain valuable personal data and/or provide access to restricted areas. Therefore, the use of this technology has potential implications for the commission of offences such as identity theft, identify fraud and even terrorism. Embedded computer chip identification systems are considered to be a countermeasure against identity theft as they include additional security measures compared to their predecessors (e.g. magnetic strip cards). However, due to the nature of the records that may be stored on the chip, including identification information and biometric data, they are valuable to offenders and breaches of their security may actually facilitate this type of offence. Choo, Smith and McCusker (2007, p. xiii) predict that “the future will also see new hardware devices and software programs that seek to compromise the quality of data-protection mechanisms used in smartcards”. This paper provides an overview of computer chip identification systems, discusses potential vulnerabilities relating to the misuse of this technology, and the regimes for data protection and privacy, including the technical standards that apply in Australia and internationally. Details: Nathan, QLD: ARC Centre of Excellence in Policing and Security, 2010. 8p. Source: Internet Resource: Briefing Paper, Issue 1: Accessed July 20, 2011 at: http://www.ceps.edu.au/files/file/No_%201%20Alice%20Hutchings.pdf Year: 2010 Country: Australia URL: http://www.ceps.edu.au/files/file/No_%201%20Alice%20Hutchings.pdf Shelf Number: 122117 Keywords: Computer Crimes (Australia)Computer SecurityIdentity FraudIdentity TheftTerrorism |
Author: Hutchings, Alice Title: Computer Security Threats Faced by Small Businesses in Australia Summary: The internet is an affordable and effective place for small businesses to sell and promote their goods and services. However, the internet also provides opportunities for fraudulent behaviour and unauthorised access to business and client data. Attacks on the computer system of a business can have immediate and ongoing effects, such as targeting customers for identity crimes or infecting website visitors with malicious software. It is contended that small businesses in Australia have been slow to implement security technology and policies that may protect their information systems, making them vulnerable to current and future threats. In this paper, an attempt is made to educate small business owners about the risks that they face and the mitigation strategies they could employ to make their organisation safer. Details: Canberra: Australian Institute of Criminology, 2011. 6p. Source: Internet Resource: Trends & Issues in Crime and Criminal Justice, No. 433: Accessed February 7, 2012 at: http://www.aic.gov.au/documents/F/1/0/%7BF1072721-F83E-4D19-9100-95E539507A70%7Dtandi433_001.pdf Year: 2011 Country: Australia URL: http://www.aic.gov.au/documents/F/1/0/%7BF1072721-F83E-4D19-9100-95E539507A70%7Dtandi433_001.pdf Shelf Number: 124001 Keywords: Computer Crime (Australia)Computer SecurityInternet |
Author: Rantala, Ramona R. Title: Cybercrime against Businesses, 2005 Summary: Presents the nature and prevalence of computer security incidents among 7,818 businesses in 2005. This is the first report to provide data on monetary loss and system downtime resulting from cyber incidents. It examines details on types of offenders, reporting of incidents to law enforcement, reasons for not reporting incidents, types of systems affected, and the most common security vulnerabilities. The report also compares in-house security to outsourced security in terms of prevalence of cyber attacks. Details: Washington, DC: U.S. Department of Justice, Office of Justice Programs, Bureau of Justice Statistics, 2008. 20p. Source: Internet Resource: Bureau of Justice Statistics Special Report: Accessed April 11, 2012 at: http://bjs.ojp.usdoj.gov/content/pub/pdf/cb05.pdf Year: 2008 Country: United States URL: http://bjs.ojp.usdoj.gov/content/pub/pdf/cb05.pdf Shelf Number: 124921 Keywords: Business SecurityiComputer SecurityCrimes Against BusinessCybercrime (U.S.)Internet Crimes |
Author: Insurance Council of Australia Title: E-Commerce Crime and Vandalism - Defence Plan for the General Insurance Industry Summary: Industry groups and individual insurance companies generally have risk management processes and operational contingency plans in place. The recommended approach for e-commerce crime and vandalism is to review and, where appropriate, strengthen these plans for specific issues related to e-commerce. This document provides key points on a framework for an e-commerce crime and vandalism defence plan. It is structured to: • Raise awareness of e-commerce crime in the general insurance industry. • Provide a general overview relating to e-commerce crime issues. • Provide a general risk management model and to refer insurers to useful sources of information on security management. Information in this document is relevant as at 3 July 2001. Details: Sydney: Insurance Council of Australia, 2011. 44p. Source: Internet Resource: Accessed September 27, 2012 at: http://www.imia.com/downloads/external_papers/EP01_2002.pdf Year: 2011 Country: Australia URL: http://www.imia.com/downloads/external_papers/EP01_2002.pdf Shelf Number: 126487 Keywords: Computer CrimesComputer SecurityE-Commerce (Australia)Internet Security |
Author: Poolen, W.J. Title: Intentional Disintegration of Cybercriminal Networks: Approaches in Network Strategic Security Modeling Summary: This thesis assesses whether network strategic security models can be used for disintegration of cybercriminal networks. Strategic models are conceptualized as methods for security intervention that use network mathematical algorithms to define sets of targets in a hostile network that seem crucial to attack in order to disintegrate a cybercriminal network. Two strategic models are constructed that are associated with different types of targets in cybercriminal networks. One model focusses on hubs (computer devices, human operators and other nodes that interact within a network); the other model focusses on the exchange connections between clusters of interacting nodes. After elaboration of the strategic models a set of cases of cybercriminal interventions is invoked to investigate how the theoretical models contribute to real life intervention. In reflection on the cases and theory the main issue that becomes apparent is that the strategic models do not adequately take in account the ability of targeted networks to react to disintegration attempts. The notion of network resilience is considered and a subsequent theoretical attempt interprets network resilience as an effect of the relations that a network maintains with its resource networks. Networks are perceived to be embedded and interconnected in a network environment in which they exchange resources. Finally, a broadening of the theoretical understanding towards the multilayered aspects of a network is suggested to gain a more adequate perspective for network strategic security interventions. Details: Amsterdam: Vrije Universiteit,, 2012. 69p. Source: Internet Resource: Thesis: Accessed November 9, 2012 at: http://www.screenwork.nl/PDF/20120910_masterthesis_webversie.pdf Year: 2012 Country: International URL: http://www.screenwork.nl/PDF/20120910_masterthesis_webversie.pdf Shelf Number: 126899 Keywords: Computer CrimeComputer SecurityCriminal NetworksCyber SecurityCybercrimesCybercriminal Networks |
Author: Wormeli, Paul Title: Mitigating Risks in the Application of Cloud Computing in Law Enforcement Summary: This report comes at an opportune time as the law enforcement community is undergoing a major transformation. Traditionally, communication within law enforcement was often linear and hierarchical. Today, communication happens in real time across jurisdictional boundaries. Because of improved communication and real-time information, the law enforcement community can plan where to place resources ahead of time, instead of only reacting to events after they have occurred. One potential key to this is the advent of cloud computing. Cloud computing can be a cost-effective way to enable improved communication. Cloud computing also provides a potential for cost-savings for law enforcement, since law enforcement organizations don’t have to use their tight budgets to build their own information technology infrastructure. According to Steve Ambrosini, executive director of IJIS, there has been a constant search for “emerging and disruptive technology that might positively affect the productivity and efficiency of justice and public safety agencies, and promote better information-sharing in support of their missions.” Ambrosini continues, “Cloud computing has been one of the technologies with potential, but executives in justice and public safety have some general skepticism for concepts embedded in this powerful new infrastructure.” Based on a survey of leaders in the law enforcement community about cloud computing, Wormeli gained an increased understanding of their major issues, which include concerns about reliability and availability, performance requirements, cost of migration, and the recovery of data. In response to these concerns, Wormeli explains how the law enforcement community can effectively respond. The report concludes with six recommendations on how law enforcement organizations can successfully implement a move to cloud computing. Details: Washington, DC: IBM Center for The Business of Government, 2012. 45p. Source: Internet Resource: Accessed November 29, 2012 at: http://www.businessofgovernment.org/sites/default/files/Mitigating%20Risks%20in%20the%20Application%20of%20Cloud%20Computing%20in%20Law%20Enforcement_1.pdf Year: 2012 Country: United States URL: http://www.businessofgovernment.org/sites/default/files/Mitigating%20Risks%20in%20the%20Application%20of%20Cloud%20Computing%20in%20Law%20Enforcement_1.pdf Shelf Number: 127039 Keywords: Cloud ComputingComputer CrimeComputer Security |
Author: U.S. Government Accountability Office' Wilhausen, Gregory C. Title: Cybersecurity: National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented Summary: Cyber attacks could have a potentially devastating impact on the nation’s computer systems and networks, disrupting the operations of government and businesses and the lives of private individuals. Increasingly sophisticated cyber threats have underscored the need to manage and bolster the cybersecurity of key government systems as well as the nation’s critical infrastructure. GAO has designated federal information security as a government-wide high-risk area since 1997, and in 2003 expanded it to include cyber critical infrastructure. GAO has issued numerous reports since that time making recommendations to address weaknesses in federal information security programs as well as efforts to improve critical infrastructure protection. Over that same period, the executive branch has issued strategy documents that have outlined a variety of approaches for dealing with persistent cybersecurity issues. GAO’s objectives were to (1) identify challenges faced by the federal government in addressing a strategic approach to cybersecurity, and (2) determine the extent to which the national cybersecurity strategy adheres to desirable characteristics for such a strategy. To address these objectives, GAO analyzed previous reports and updated information obtained from officials at federal agencies with key cybersecurity responsibilities. GAO also obtained the views of experts in information technology management and cybersecurity and conducted a survey of chief information officers at major federal agencies. Details: Washington, DC: GAO, 2013. 112p. Source: Internet Resource: GAO-13-187: Accessed February 16, 2013 at: http://www.gao.gov/assets/660/652170.pdf Year: 2013 Country: United States URL: http://www.gao.gov/assets/660/652170.pdf Shelf Number: 127647 Keywords: Computer CrimesComputer SecurityCritical Infrastructure SecurityCyber SecurityCybercrime (U.S.)Internet Crimes |
Author: Hutchings, Alice Title: Cloud Computing for Small Business: Criminal and security threats and prevention measures Summary: Compared with large organisations, small businesses operate in a distinct and highly resource-constrained operating and technical environment. Their proprietors are often time poor, have minimal bargaining power and have limited financial, technical, legal and personnel resources. It is therefore unsurprising that cloud computing and its promise of smoothing cash flows and dramatically reducing ICT overheads is attractive to small business. Cloud computing shifts the delivery and maintenance of software, databases and storage to the internet, transforming them into Pay-As-You-Go services accessed through a web browser. While providing many benefits, cloud computing also brings many risks for small business, including potential computer security and criminal, regulatory and civil liability issues. This paper, undertaken as a collaborative partnership with the ARC Centre of Excellence in Policing and Security at Griffith University, identifies these risks and offers a perspective on how they might be contained so that the benefits of cloud computing do not outweigh the risks for small businesses in the 21st century. Details: Canberra: Australian Institute of Criminology, 2013. 8p. Source: Internet Resource: Trends & Issues in criminal and Criminal Justice No. 456: Accessed May 29, 2013 at: http://www.aic.gov.au/publications/current%20series/tandi/441-460/tandi456.html Year: 2013 Country: Australia URL: http://www.aic.gov.au/publications/current%20series/tandi/441-460/tandi456.html Shelf Number: 128842 Keywords: Cloud Computing (Australia)Computer CrimesComputer SecurityFinancial Crimes |
Author: James, Lachlan Title: Final Report - Cloud Computing Threat Assessment for Small Business Summary: Small businesses are not simply scaled-down versions of big business. Compared with larger organisations, small businesses operate in a distinct and highly resource constrained operating and technical environment. They are time-poor, have minimal bargaining power, and limited or inconsistent financial, technical, legal and personnel resources. Above all, small businesses are typically focused on one thing: survival. It is therefore unsurprising that cloud computing—and its promise of smoothing cash flows and dramatically reducing IT overhead—is attractive to small business. Cloud computing shifts the delivery and maintenance of software, databases and storage to the internet, transforming them into Pay-As-You-Go (PAYG) services accessed through a small business user’s web-browser. Cloud computing often comes with zero upfront costs, and scales (up and down) with the demands of the small business. Cloud computing services demand minimal technical skills: they are easy to setup and require little if any maintenance. Accessed via a secure login, for the small business, cloud computing typically represents increased standards of security. However, along with the benefits, cloud computing also embodies many risks for small business, including potential computer security, criminal, regulatory and civil liability issues. Cloud computing—like other new information technologies— challenges the application and understanding of many pre-existing areas of law. Examples of key criminal, regulatory and legal threats for small business adopting cloud computing include: • Cloud Providers are the Target, But Small Business is the Victim – While cloud service providers themselves hold much greater appeal to cybercriminals, it is the cloud service provider’s small business tenants— experiencing disrupted services and hence disruption to their already fragile revenues—that are the real victims. Lacking policies, procedures and training relating to cyber and network security, small businesses are particularly vulnerable to having account details stolen, and their cloud services hijacked. • Ever Changing Sea of International, National & Local Regulation – Where personal information—including financial and credit details—is stored in the cloud, a routine international commercial transaction may require a small business to comply with a myriad of ever changing international, national and state-level regulations and industry-specific standards. • Practical Benefits of Cloud Computing Potentially Non-Compliant – Even some simple, practical benefits of using the cloud—such as storing MYOB files on a cloud storage service (such as DropBox)—may render the small business non-compliant. • Inequality of Bargaining Power: “Take It or Leave It” Service Agreements – With almost no bargaining power and faced with industry-wide boilerplate terms and conditions, small business has little choice but to accept one-sided cloud agreements on a “take it or leave it” basis, leaving vendors absolved of substantially all liability. • Service Credits Inconsistent with Potential Damage to Small Business – Despite the potentially devastating impact of even relatively short service outages, small business is typically left with “service credits” (based on a proportion of monthly subscription fees) as their “sole and exclusive remedy.” • Overseas Legal Jurisdiction & Choice-of-Law – With cloud service agreements frequently setting the legal jurisdiction and choice-of-law to the vendor’s overseas headquarters, even the most simple legal action immediately becomes prohibitively expensive for all but the most successful small business. • Unilateral Termination of Accounts & Data Loss – Cloud service providers, particularly in relation to free accounts, often reserve the right to unilaterally terminate accounts with or without notice, potentially devastating the small business. Absolved of substantially all liability, the cloud service provider leaves the aggrieved small business with no cause of action and no right to recover. Findings – Responding to the Criminal, Regulatory & Legal Threats Technical & Commercial Practices to Reduce Risks – The research has found that there are technical and commercial practices that can be implemented today by small businesses to reduce at least some of the security and commercial risks: • Policies & Training – Small businesses can provide computer security training to personnel, and institute simple policies setting out (for example) how computer resources should be used, how often passwords should be changed, access rights for staff, and how and when employees may bring in and use their own devices. • Industry Education – Industry bodies can provide education and training to small businesses about appropriate practices and regulatory requirements. • Cyber & Cloud Insurance – Existing cyber liability insurance holds out some limited hope of compensating for losses as a result of cybercrime. However, the best hope for broader coverage rests with contingent business interruption insurance adapted to the unique circumstances of cloud computing (“cloud insurance”) being developed by new entrepreneurial ventures such as CloudInsure. Opportunities for Legislative Intervention – The research also identified the likely need for legislative intervention. The near-term future of cloud computing shows signs of bifurcation into budget solutions (much like existing offerings) and premium services with increased security and regulatory compliance, and greater acceptance of liability. But without a change in relative bargaining power between the cloud service provider and small business, it is unclear if competitive forces alone will be sufficient to bring about quality premium services at a price affordable to cost-conscious small business. To encourage cloud service providers to deliver more attractive, secure and cost effective solutions, inequality of bargaining power between cloud service providers and small business clients will need to be addressed. In this respect, there is significant opportunity for judiciously applied legislative intervention. Opportunities for such carefully considered intervention include: a refined doctrine of unconscionability; possible introduction of legal principles broadly akin to “contracts of adhesion” in the United States; and new regulatory powers—possibly adapted from the Communications Alliance (formerly the Australian Communications Industry Forum, Industry Code for Consumer Contracts, ACIF C620:2005)—to police the cloud computing industry. Acting in concert, a combination of technical and commercial solutions—including improved cybersecurity practices, industry education programs, and new species of “cloud insurance”—together with legislative programs may serve to place small business on substantially the same footing as larger businesses, enabling them to fully capture the true benefits of cloud computing while enduring a more equitable share of the risks. Details: Canberra: Australian Institute of Criminology, 2012. 81p. Source: Internet Resource: Accessed July 19, 2013 at: http://www.aic.gov.au/media_library/publications/special/002/Cloud-Computing-DBCDE.pdf Year: 2012 Country: Australia URL: http://www.aic.gov.au/media_library/publications/special/002/Cloud-Computing-DBCDE.pdf Shelf Number: 129472 Keywords: Cloud Computing (Australia)Computer CrimesComputer SecurityCrimes Against BusinessFinancial Crimes |
Author: Poullet, Yves Title: Cloud Computing and Its Implications on Data Protection Summary: 1. The Council of Europe requested the CRID to prepare a preliminary report identifying the main privacy issues related to cloud computing and the questions to be addressed in the future, in particular in the light of Council of Europe data protection standards. As set by the contract, the work is to identify and underline the main cloud computing privacy issues. This first draft is definitively to be further elaborated and to be completed. It does not aim at giving answers which would have to be elaborated in the context of another mandate. 2. This report is structured as follows. It starts with a brief technical introduction illustrating the variety of services covered by the concept of “Cloud computing”. As defined by NIST1, “cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” 3. Cloud computing services include a large diversity of services going from those offered at the benefit of individuals as the services offered by social networks to those proposed at the benefit of companies in sharing a common software or by using shared information infrastructures. To establish a typology of cloud computing services is quite important since legal problems raised by each kind of computer services might be different to a certain extent. The second point is dedicated to the analysis of the adequacy of the CoE Convention 108 (referred hereinafter as ETS 108) definitions with the cloud computing reality. In particular, the status of the actors involved into the operations will be analyzed. Thereinafter, our report analyses the duties of the persons subscribing to the cloud computing services or offering these services. The crucial question of the security is then addressed. Finally, the report envisages the delicate questions of transborder data flows and international private law, which are inherent to most of the cloud computing services. Details: Strasbourg: Council of Europe, 2010. 28p. Source: Internet Resource: Discussion Paper: Accessed August 5, 2013 at: http://www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/Documents/Reports-Presentations/2079_reps_IF10_yvespoullet1b.pdf Year: 2010 Country: Europe URL: http://www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/Documents/Reports-Presentations/2079_reps_IF10_yvespoullet1b.pdf Shelf Number: 129533 Keywords: Cloud ComputingComputer CrimesComputer SecurityInternet Crimes |
Author: Lawrenson, Tim Title: Cyberattacks -The Significance of the Threat and the Resulting Impact on Strategic Security Summary: Cyberspace is now so intrinsic to a modern state's economy that it is vital to protect it as part of that state's national security. However certain features of cyberspace make it an increasingly attractive attack domain. Despite some rather hysterical press headlines, this analysis shows that cybercrime is the principal threat, rather than cyberterror or cyberwarfare; albeit the growing scale of state-sponsored cybercrime is a concern because it carries an inherent risk of escalation into cyber (or conventional) warfare. A comprehensive, layered cyber-security strategy is needed to overcome some of the more problematic attractions of cyberspace as an attack domain. This strategy must improve actual system security as well as enhancing people's confidence in the resilience of the cyber-enabled world. Details: London: Royal College of Defence Studies, 2011. 31p. Source: Internet Resource: Thesis: Seaford House Paper 2010/11: Accessed August 22, 2014 at: http://www.da.mod.uk/colleges/rcds/publications/seaford-house-papers/2011-seaford-house-papers/shp11lawrenson.pdf/view Year: 2011 Country: International URL: http://www.da.mod.uk/colleges/rcds/publications/seaford-house-papers/2011-seaford-house-papers/shp11lawrenson.pdf/view Shelf Number: 131353 Keywords: Computer SecurityCyber SecurityCybercrimeInternet Crimes |
Author: NetNames Title: Behind the Cyberlocker Door: A Report on How Shadowy Cyberlocker Businesses Use Credit Card Companies to Make Millions Summary: Digital theft of copyrighted content, has surged as for-profit pirate sites continue making money by illegally distributing movies, music, TV shows and other content. Cyberlockers are among the most profitable content theft sites, but very little research has been conducted to determine how much money they are pocketing by illegally distributing the work of content creators. As a society, we can no longer shrug off content theft as the isolated activity of high school and college students who want to watch a movie or listen to music for free. Recent reports, this one by NetNames and one earlier this year by MediaLink, lay bare the truth that content theft is big business, raking in hundreds of millions of dollars a year - essentially bleeding the Internet for profit while making it less attractive for generations to come. Content theft harms not only creators whose products are stolen and legitimate distributors that are forced to compete with cyberlockers who pay nothing for the content that drives their business. It also hurts consumers who pay the price for "free" content in a reduction of quality choices as revenues are reduced, and may be subjected to identity theft and malware that cyberlockers are associated with. New research by NetNames has demonstrated that: - It's easy to profit on the Internet when you leverage other people's creative works. In fact, it is possible you could make millions of dollars doing so. - There is a compelling difference between the business models of rogue cyberlockers that peddle in content theft and legitimate cloud storage services. - Malware is a serious issue when it comes to content theft. - Major brands are victimized by content thieves who leverage these brands to make their own rogue sites seem legitimate. - That all it takes for bad operators to succeed is for the facilitators of commerce - payment processors and the advertising industry, among other stakeholders- to do nothing. In the NetNames research, for example, MasterCard and Visa could be used to buy subscriptions on almost all the cyberlockers. The question is what we do about it. It's going to take concerted action by the Internet and the payment processors, advertising industries, consumers, public interest groups, Internet safety organizations and responsible government officials to address this corrosive issue that threatens our basic trust in our online world. Details: London: Digital Citizens Alliance, 2014. 50p. Source: Internet Resource: Accessed October 30, 2014 at: http://www2.itif.org/2014-netnames-profitability.pdf Year: 2014 Country: International URL: http://www2.itif.org/2014-netnames-profitability.pdf Shelf Number: 133832 Keywords: Computer CrimesComputer SecurityCredit CardsCyber SecurityCybercrimesDigital PiracyIntellectual Property TheftInternet Crimes |
Author: Panda Security Title: The Cyber-Crime Black Market: Uncovered Summary: Many of us in the team at Panda Security spend a lot of time traveling and attending all types of events: from specialized IT industry fairs and congresses, to those aimed at businesses, end-users, etc. Yet even though it is becoming more common to hear about the arrest of hackers that steal information and profit from it in many different ways, there are still many members of the public, not necessarily dedicated to IT security, who ask us: "Why would anyone want to steal information from me? I don't have anything of interest..." Another factor to bear in mind is that today's profit-oriented malware is designed to steal data surreptitiously, so the first indication that you have been a victim is when you get your bank or Paypal account statement. Moreover, there is a general perception that this problem only affects home users, and that businesses are immune. The result of our research, as you will read below, shows that this is not the case: Today nobody - neither home users nor businesses- is safe from confidential data theft (and the consequent fraud). This is despite the increased effort in recent years to improve awareness and education in IT security, initiated by governmental agencies in many countries, and of course, thanks to the security industry as a whole, along with other institutions, organizations, media, blogs, etc., who have been assisting with the task for some time now. Although we don't have precise data, we believe that this nefarious business has expanded with the economic crisis. Previously it was in no way easy to locate sites or individuals dedicated to this type of business, yet now it's relatively simple to come across these types of offers on underground forums. Details: Madrid: Panda Security, 2011. 44p. Source: Internet Resource: Accessed February 18, 2015 at: http://www.wgains.com/Assets/Attachments/The-Cyber-Crime-Black-Market.pdf Year: 2011 Country: International URL: http://www.wgains.com/Assets/Attachments/The-Cyber-Crime-Black-Market.pdf Shelf Number: 134636 Keywords: Computer CrimeComputer SecurityCyber SecurityCybercrimeInternet CrimeInternet Security |
Author: Financial Industry Regulatory Authority Title: Report on Cybersecurity Practices Summary: Like many organizations in the financial services and other sectors, broker-dealers (firms) are the target of cyberattacks. The frequency and sophistication of these attacks is increasing and individual broker-dealers, and the industry as a whole, must make responding to these threats a high priority. This report is intended to assist firms in that effort. Based on FINRA's 2014 targeted examination of firms and other related initiatives, the report presents FINRA's latest work in this critical area. Given the rapidly evolving nature and pervasiveness of cyberattacks, it is unlikely to be our last. A variety of factors are driving firms' exposure to cybersecurity threats. The interplay between advances in technology, changes in firms' business models, and changes in how firms and their customers use technology create vulnerabilities in firms' information technology systems. For example, firms' Web-based activities can create opportunities for attackers to disrupt or gain access to firm and customer information. Similarly, employees and customers are using mobile devices to access information at broker-dealers that create a variety of new avenues for attack. The landscape of threat actors includes cybercriminals whose objective may be to steal money or information for commercial gain, nation states that may acquire information to advance national objectives, and hacktivists whose objectives may be to disrupt and embarrass an entity. Attackers, and the tools available to them, are increasingly sophisticated. Insiders, too, can pose significant threats. This report presents an approach to cybersecurity grounded in risk management to address these threats. It identifies principles and effective practices for firms to consider, while recognizing that there is no one-size-fits-all approach to cybersecurity. Key points in the report include: 00 A sound governance framework with strong leadership is essential. Numerous firms made the point that board- and senior-level engagement on cybersecurity issues is critical to the success of firms' cybersecurity programs. 00 Risk assessments serve as foundational tools for firms to understand the cybersecurity risks they face acrosacross the range of the firm's activities and assets-no matter the firm's size or business model. 00 Technical controls, a central component in a firm's cybersecurity program, are highly contingent on firms' individual situations. Because the number of potential control measures is large and situation dependent, FINRA discusses only a few representative controls here. Nonetheless, at a more general level, a defense-in-depth strategy can provide an effective approach to conceptualize control implementation. 00 Firms should develop, implement and test incident response plans. Key elements of such plans include containment and mitigation, eradication and recovery, investigation, notification and making customers whole. 00 Broker-dealers typically use vendors for services that provide the vendor with access to sensitive firm or client information or access to firm systems. Firms should manage cybersecurity risk exposures that arise from these relationships by exercising strong due diligence across the lifecycle of their vendor relationships. 00 A well-trained staff is an important defense against cyberattacks. Even well-intentioned staff can become inadvertent vectors for successful cyberattacks through, for example, the unintentional downloading of malware. Effective training helps reduce the likelihood that such attacks will be successful. 00 Firms should take advantage of intelligence-sharing opportunities to protect themselves from cyber threats. FINRA believes there are significant opportunities for broker-dealers to engage in collaborative self defense through such sharing. Details: Washington, DC: FINRA, 2015. 46p. Source: Internet Resource: Accessed March 18, 2015 at: https://www.finra.org/sites/default/files/p602363%20Report%20on%20Cybersecurity%20Practices_0.pdf Year: 2015 Country: International URL: https://www.finra.org/sites/default/files/p602363%20Report%20on%20Cybersecurity%20Practices_0.pdf Shelf Number: 134961 Keywords: Computer SecurityCybercrimeCybersecurityFinancial CrimesInternet CrimeRisk Assessment |
Author: McFarland, Charles Title: The Hidden Data Economy: The Marketplace for Stolen Digital Information Summary: Data is the "oil" of the digital economy. The commercial market for personal data is booming, with large databases of subscriber information driving up the enormous valuations of those companies that own it, even though many have yet to turn a profit. As the commercial value of personal data grows, cybercriminals have long since built an economy selling stolen data to anybody with a computer browser and the means to pay. In the 2013 McAfee Labs report Cybercrime Exposed: Cybercrime-as-a-Service, we demonstrated how current tools, products, and services can allow anyone to become a cybercriminal, regardless of technical ability. We followed up with the report Digital Laundry: An analysis of online currencies, and their use in cybercrime, which explained virtual currencies in detail and how they are used to convert stolen data into cash. By the time Digital Laundry was published in 2013, the publicity following the law enforcement action against the Silk Road let the world know that illegal products could easily be acquired online. Such actions have demonstrated just how much traditional crime has evolved with the help of the cyber world. Cybercrime Exposed and Digital Laundry focused on tools that aid an attack. This report will attempt to answer the question: What happens after a successful breach? Details: Santa Clara, CA: Intel Security/McAfee, 2015. 19p. Source: Internet Resource: Accessed November 6, 2015 at: http://www.mcafee.com/us/resources/reports/rp-hidden-data-economy.pdf Year: 2015 Country: International URL: http://www.mcafee.com/us/resources/reports/rp-hidden-data-economy.pdf Shelf Number: 137217 Keywords: Computer CrimesComputer SecurityCybercrime |
Author: McAfee Title: McAfee Labs Threats Report Summary: Our McAfee Labs 2016 Threats Predictions Report, published in late November, has been widely read and quoted in the media. Some of the most interesting media coverage comes from The Wall Street Journal, Good Morning America, Silicon Valley Business Journal, and CXO Today. The report includes both near- and long-term views of our cyber security future. And now, as winter's storms have passed, we have published the McAfee Labs Threats Report: March 2016. In this quarterly threats report, we highlight two Key Topics: Intel Security interviewed almost 500 security professionals to understand their views and expectations about the sharing of cyber threat intelligence. We learned that awareness is very high and that 97% of those who share cyber threat intelligence see value in it. We explore how the Adwind Java-based backdoor Trojan attacks systems through increasingly clever spam campaigns, leading to a rapid increase in the number of Adwind .jar file submissions to McAfee Labs. These two Key Topics are followed by our usual set of quarterly threat statistics. Details: Santa Clara, CA: McAfee Labs, 2016. 46p. Source: Internet Resource: Accessed March 31, 2016 at: http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2016.pdf Year: 2015 Country: International URL: http://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2016.pdf Shelf Number: 138504 Keywords: Computer CrimeComputer SecurityCybercrimeCybersecurityInternet Crime |
Author: Davis, John S., II Title: A Framework for Programming and Budgeting for Cybersecurity Summary: When defending an organization against cyberattacks, cybersecurity professionals are faced with the dilemma of selecting from a large set of cybersecurity defensive measures while operating with a limited set of resources with which to employ the measures. Engaging in this selection process is not easy and can be overwhelming. Furthermore, the challenge is exacerbated by the fact that many cybersecurity strategies are presented as itemized lists, with few hints at how to position a given action within the space of alternative actions. This report aims to address these difficulties by explaining the menu of actions for defending an organization against cyberattack and recommending an approach for organizing the range of actions and evaluating cybersecurity defensive activities. Details: Santa Monica, CA: RAND, 2016. 75p. Source: Internet Resource: Accessed May 6, 2016 at: http://www.rand.org/content/dam/rand/pubs/tools/TL100/TL186/RAND_TL186.pdf Year: 2016 Country: United States URL: http://www.rand.org/content/dam/rand/pubs/tools/TL100/TL186/RAND_TL186.pdf Shelf Number: 138963 Keywords: Computer Crime Computer SecurityCyber-security Cybercrime Internet Crime |
Author: Ponemon Institute Title: Closing Security Gaps to Protect Corporate Data: A Study of US and European Organizations Summary: Closing Security Gaps to Protect Corporate Data: A Study of US and European Organizations sponsored by Varonis, was conducted to determine the security gaps within organizations that can lead to data breaches and security incidents such as ransomware. The study surveyed a total of 3,027 employees in US and European organizations (United Kingdom, Germany and France), including 1,371 individuals (hereafter referred to as end users) who work in such areas as sales, finance and accounting, corporate IT, and business operations, and 1,656 individuals who work in IT and IT security (hereafter referred to as IT). This report includes Key Findings, Conclusions, Methods, and an Appendix with detailed survey questions and results. Details: Traverse City, MI: Ponemon Institute, 2016. 26p. Source: Internet Resource: Accessed October 12, 2016 at: https://info.varonis.com/hubfs/docs/research_reports/Varonis_Ponemon_2016_Report.pdf Year: 2016 Country: International URL: https://info.varonis.com/hubfs/docs/research_reports/Varonis_Ponemon_2016_Report.pdf Shelf Number: 147899 Keywords: Computer SecurityCrimes Against BusinessesCybercrimeData BreachesData Security |
Author: Collins, Brian Title: Cyber Trust and Crime Prevention: A Synthesis of the State-of-the-Art Science Reviews Summary: This report provides a synthesis of theoretical and empirical work in the sciences and social sciences that indicates the drivers, opportunities, threats, and barriers to the future evolution of cyberspace and the feasibility of crime prevention measures. It is based on 10 state-of-the-art science reviews commissioned by the Foresight Project. Each of the papers highlights the current state of knowledge in selected areas as well as gaps in the evidence base needed to address issues of cyber trust and crime prevention in the future. Complexity and System Behaviour The analysis in this report shows that the whole of cyberspace is subject to unpredictable and emergent system behaviour. This gives rise to considerable uncertainty about future developments and this is especially at the interfaces between the components of the system. This review of developments in cyberspace technologies and the social system demonstrates that there will be new opportunities for crime and that strategies to minimise these will involve numerous choices. The solutions for improving cyber trust and crime prevention in a pervasive computing environment will differ from those in use today. New paradigms for cyberspace security, privacy protection, risk assessment and crime prevention will be needed, together with a stronger cross-disciplinary research effort. Details: London: Home Office, 2004. 101p. Source: Internet Resource: Accessed February 4, 2017 at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/299219/04-1147-cyber-trust-reviews.pdf Year: 2004 Country: United Kingdom URL: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/299219/04-1147-cyber-trust-reviews.pdf Shelf Number: 145875 Keywords: Computer CrimeComputer SecurityCrime PreventionCybercrime |
Author: Verleysen, Cindy Title: Preventing Cybercrime: Policies & Practices Summary: Cybercrime is a borderless problem, consisting of criminal acts that are committed online by using electronic communications networks and information systems - such as crimes specific to the Internet, online fraud and forgery and illegal online content. Whilst the value of the cyber-criminal economy as a whole is not precisely known, the losses are thought to represent billions of euros per year. The scale of the problem is itself a threat to law enforcement response capability – with more than 150,000 viruses and other types of malicious code in circulation and a million people victims of cybercrime every day. The toolbox is primarily written for local policy-makers and practitioners who may be confronted with this in their daily work. In the third part some examples of practices implemented in various Member States are further explored. By doing this, the toolbox aims to build up and exchange practical knowledge and know-how and to inspire people working in the field of preventing cybercrime to learn from each other. Details: Brussels: European Crime Prevention Network, 2016. 116p. Source: Internet Resource: EUCPN Tool Box Series, No. 8: Accessed February 16, 2017 at: http://eucpn.org/sites/default/files/content/download/files/toolbox_8.pdf Year: 2016 Country: Europe URL: http://eucpn.org/sites/default/files/content/download/files/toolbox_8.pdf Shelf Number: 141042 Keywords: Computer Crimes Computer SecurityCrime Prevention Cybercrime |
Author: Bulanova-Hristova, Gerganga, ed. Title: Cyber-OC-Scope and Manifestations in Selected EU Member States Summary: The threats arising from different types of cybercrime are real and constantly evolving, as the internet with its anonymity and borderless reach provides new opportunities for physical and virtual criminal activities. We can see complex cybercriminal networks connecting subgroups and also single individuals that are active on, through and against the internet. At the same time there are also 'offline' criminal organisations using the internet to facilitate their activities and to increase their profit. Even so-called 'traditional' organised crime groups are widening their criminal portfolios by committing cybercrime. By constantly evolving online opportunities, their acts of 'traditional crimes' become even more far-reaching and damaging, thus benefiting the criminal organisation. It is not only the involvement of organised crime in cybercrime that is dangerous, but also cybercrime committed in an organised manner. Cyber-OC represents the convergence of these two phenomena. Despite the huge threat arising from its cumulative character, Cyber-OC is frequently underestimated and differently defined even by law enforcement authorities. Details: Wiesbaden: Bundeskriminalamt, 2016. 298p. Source: Internet Resource: Accessed February 16, 2017 at: http://eucpn.org/sites/default/files/content/download/files/52._cyber-oc_-_scope_and_manifestations_in_selected_eu_member_states.pdf Year: 2016 Country: Europe URL: http://eucpn.org/sites/default/files/content/download/files/52._cyber-oc_-_scope_and_manifestations_in_selected_eu_member_states.pdf Shelf Number: 141043 Keywords: Computer CrimeComputer SecurityCybercrimeOrganized Crime |
Author: Moura, Giovane Cesar Moreira Title: Internet Bad Neighborhoods Summary: A significant part of current Internet attacks originates from hosts that are distributed all over the Internet. However, there is evidence that most of these hosts are, in fact, concentrated in certain parts of the Internet. This behavior resembles the crime distribution in the real world: it occurs in most places, but it tends to be concentrated in certain areas. In the real world, high crime areas are usually labeled as "bad neighborhoods". The goal of this dissertation is to investigate Bad Neighborhoods on the Internet. The idea behind the Internet Bad Neighborhood concept is that the probability of a host in behaving badly increases if its neighboring hosts (i.e., hosts within the same subnetwork) also behave badly. This idea, in turn, can be exploited to improve current Internet security solutions, since it provides an indirect approach to predict new sources of attacks (neighboring hosts of malicious ones). In this context, the main contribution of this dissertation is to present the first systematic and multifaceted study on the concentration of malicious hosts on the Internet. We have organized our study according to two main research questions. In the first research question, we have focused on the intrinsic characteristics of the Internet Bad Neighborhoods, whereas in the second research question we have focused on how Bad Neighborhood blacklists can be employed to better protect networks against attacks. The approach employed to answer both questions consists in monitoring and analyzing network data (traces, blacklists, etc.) obtained from various real world production networks. One of the most important findings of this dissertation is the verification that Internet Bad Neighborhoods are a real phenomenon, which can be observed not only as network prefixes (e.g., /24, in CIDR notation), but also at different and coarser aggregation levels, such as Internet Service Providers (ISPs) and countries. For example, we found that 20 ISPs (out of 42,201 observed in our data sets) concentrated almost half of all spamming IP addresses. In addition, a single ISP was found having 62% of its IP addresses involved with spam. This suggests that ISP-based Bad Neighborhood security mechanisms can be employed when evaluating e-mail from unknown sources. This dissertation also shows that Bad Neighborhoods are mostly application specific and that they might be located in neighborhoods one would not immediately expect. For example, we found that phishing Bad Neighborhoods are mostly located in the United States and other developed nations - since these nations hosts the majority of data centers and cloud computing providers - while spam comes from mostly Southern Asia. This implies that Bad Neighborhood based security tools should be application-tailored. Another finding of this dissertation is that Internet Bad Neighborhoods are much less stealthy than individual hosts, since they are more likely to strike again a target previously attacked. We found that, in a one-week period, nearly 50% of the individual IP addresses attack only once a particular target, while up to 90% of the Bad Neighborhoods attacked more than once. Consequently, this implies that historical data of Bad Neighborhoods attacks can potentially be successfully employed to predict future attacks. Overall, we have put the Internet Bad Neighborhoods under scrutiny from the point of view of the network administrator. We expect that the findings provided in this dissertation can serve as a guide for the design of new algorithms and solutions to better secure networks. Details: Twente, NETH: University of Twente, 2013. 245p. Source: Internet Resource: Dissertation: Accessed April 11, 2017 at: http://doc.utwente.nl/84507/1/thesis_G_Moura.pdf Year: 2013 Country: International URL: http://doc.utwente.nl/84507/1/thesis_G_Moura.pdf Shelf Number: 144779 Keywords: Computer CrimeComputer SecurityInternet CrimesInternet SafetyInternet SecuritySpam |
Author: Biancotti, Claudia Title: Cyber attacks: Preliminary evidence from the Bank of Italy's business surveys Summary: This paper presents preliminary evidence on cyber risk in the Italian private sector based on the Bank of Italy's annual surveys of Italian industrial and service firms. The information collected, albeit only covering the incidence of cyber attacks and some aspects of security governance, is the first of its kind for Italy. The results are striking: even though a mere 1.5 per cent of businesses do not deploy any cyber-security measures, 30.3 per cent - corresponding to 35.6 per cent of total employees - report at least some damage from a cyber attack between September 2015 and September 2016. Once data are corrected to account for unwillingness to report or inability to detect attacks on the part of some respondents, these figures climb to 45.2 and 56 per cent respectively, with large, high-tech and internationally exposed businesses faring worse than average. The economy-wide risk level is likely to be higher still; the financial sector, healthcare, education and social care are excluded from the sample, but they are known from other sources to be particularly appealing to attackers. Details: Rome: Bank of Italy, 2017. 32p. Source: Internet Resource: Occasional Paper, no. 373: Accessed May 10, 2017 at: https://www.bancaditalia.it/pubblicazioni/qef/2017-0373/QEF_373.pdf?language_id=1 Year: 2017 Country: Italy URL: https://www.bancaditalia.it/pubblicazioni/qef/2017-0373/QEF_373.pdf?language_id=1 Shelf Number: 145393 Keywords: Computer CrimesComputer SecurityCrime Against BusinessesCyber SecurityCybercrime |
Author: U.S. Department of Justice. Office of the Deputy Attorney General Title: Report of the Attorney General's Cyber Digital Task Force Summary: In February 2018, the Attorney General established a Cyber-Digital Task Force within the Department and directed the Task Force to answer two basic, foundational questions: How is the Department responding to cyber threats? And how can federal law enforcement more efectively accomplish its mission in this important and rapidly evolving area? Tis report addresses the frst question. It begins by focusing on one of the most pressing cyber-enabled threats our Nation faces: the threat posed by malign foreign infuence operations. Chapter 1 explains what foreign infuence operations are, and how hostile foreign actors have used these operations to target our Nation's democratic processes, including our elections. Tis chapter concludes by describing the Department's protective efforts with respect to the upcoming 2018 midterm elections, and announces a new Department policy-grounded in our longstanding principles of political neutrality, adherence to the rule of law, and safeguarding the public trust-that governs the disclosure of foreign infuence operations. Chapters 2 and 3 discuss other cyber-enabled threats our Nation faces, particularly those connected with cybercrimes. Tese chapters describe the resources the Department is deploying to confront those threats, and how our eforts further the rule of law in this country and around the world. Chapter 4 focuses on a critical aspect of the Department's mission, in which the Federal Bureau of Investigation plays a lead role: responding to cyber incidents. Chapter 5 then turns the lens inward, focusing on the Department's eforts to recruit and train our own personnel on cyber matters. Finally, the report concludes in Chapter 6 with thoughts and observations about certain priority policy matters, and charts a path for the Task Forces future work. Over the next few months, the Department will build upon this initial report's fndings, and will provide recommendations to the Attorney General for how the Department can even more efciently manage the growing global cyber challenge. Details: Washington, DC; office of the Deputy Attorney General, 2018. 156p. Source: Internet Resource: Accessed August 7, 2018 at: https://www.justice.gov/ag/page/file/1076696/download Year: 2018 Country: United States URL: https://www.justice.gov/ag/page/file/1076696/download Shelf Number: 151039 Keywords: Computer Crime Computer SecurityCybercrime Cybersecurity Internet Crime |
Author: Center for Cyber and Homeland Security Title: Into the Gray Zone: The Private Sector and Active Defense Against Cyber Threats Summary: OVER THE PAST SEVERAL DECADES, the private sector in the United States has embraced the computer revolution and the growth of the Internet, and migrated its business activities and operations into an information technology environment. This transition to the online domain has provided tremendous benefits to the private sector, enabling business efficiencies, lowering transaction costs, establishing new products and markets, enhancing internal collaboration, and improving the ability of companies to measure and assess their performance. But as the online domain has developed over the past several decades, new risks have accompanied these benefits; companies have become increasingly vulnerable to the theft of online intellectual property or customer data and the disruption of business operations. These cyber risks and dependencies have grown in recent years due to the activities of hostile state and non-state actors in cyberspace, who have attacked private sector entities for both political and economic reasons. Companies have enhanced their defenses, and the federal government has placed a higher priority on assisting the private sector, but such measures are not commensurate with the nature of the cyber threat today. This paper examines a set of capabilities that can help to address this gap, collectively defined under the term active defense: Active defense is a term that captures a spectrum of proactive cybersecurity measures that fall between traditional passive defense and offense. These activities fall into two general categories, the first covering technical interactions between a defender and an attacker. The second category of active defense includes those operations that enable defenders to collect intelligence on threat actors and indicators on the Internet, as well as other policy tools (e.g. sanctions, indictments, trade remedies) that can modify the behavior of malicious actors. The term active defense is not synonymous with "hacking back" and the two should not be used interchangeably. The policy discussion on active defense measures in recent years has largely fallen into one of two camps: those who believe that active defense activities are appropriately prohibited under current U.S. law, and those who believe that more active tools should be available to the private sector. What has been missing is a more nuanced discussion of this issue: What measures fall within the scope of active defense, and what are the benefits and risks of each? What measures may be appropriate to use by certain actors, and under what circumstances? What is the role of the federal government in developing a framework and set of norms that can inform such action? And how should policy and law be updated to support private sector active defense in a way that is consistent with both our values and interests, and that can evolve as new technologies are developed? In other words, how do we move beyond the current policy stalemate of inaction vs. hacking back, and develop appropriate and risk-driven policies for active defense? This paper attempts to go "into the gray zone" and answer these questions. It proposes a normative framework for operationalizing active defense and puts forward a set of policy recommendations that support the implementation of such a framework. The initial sections of the report provide background and context to this discussion. It begins with a very brief overview of current cyber threats to the private sector, and what is being done by private entities and government agencies to counter these threats. This discussion of the threat is followed by an articulation of U.S. interests in cyberspace and an explanation of the strategic context of active defense, in particular its relation to the issue of cyber deterrence. The next section of the report provides a historical perspective on the evolution of the term "active defense," initially in a general national security context and later with respect to cybersecurity. These historical definitions inform the report's own definition.The report then discusses the upper and lower boundaries of active defense and examines the spectrum of activities that fall within it, including honeypots, beacons, and sink-holing malicious traffic. It makes clear that certain types of high-risk active defense activity by the private sector should be impermissible due to risks of collateral damage and privacy-related concerns, but pushes for greater clarity on whether and how the private sector can utilize lower-risk active defense measures. Next, the paper provides additional policy context to the issue of active defense, examining the impact of current U.S. laws (e.g. the Computer Fraud and Abuse Act), assessing the policy impact of evolving technologies such as cloud computing and the Internet of Things, and outlining the nascent international framework for active defense. The final sections of the report lay out the proposed framework for active defense by the private sector. The core of this framework is the spectrum of active defense measures defined earlier in the report, embedded within a broader set of policy, legal, technical, and governance-related considerations, which provision-making both within companies and between the government and the private sector on active defense. Details: Washington, DC: Center for Cyber and Homeland Security, 2016. 86p. Source: Internet Resource: Accessed November 7, 2018 at: https://cchs.gwu.edu/sites/g/files/zaxdzs2371/f/downloads/CCHS-ActiveDefenseReportFINAL.pdf Year: 2016 Country: United States URL: https://cchs.gwu.edu/sites/g/files/zaxdzs2371/f/downloads/CCHS-ActiveDefenseReportFINAL.pdf Shelf Number: 153348 Keywords: Computer SecurityCybercrime Cybersecurity Homeland Security Internet Crime National Security Private Sector |