1 / 31

COMPUTER CRIMES - THE LAW ENFORCMENT PERSPECTIVE

COMPUTER CRIMES - THE LAW ENFORCMENT PERSPECTIVE. BLACK HAT BRIEFINGS SINGAPORE - 3-4 APR 2000. By: Wilfred A Nathan Computer Forensic Branch Criminal Investigation Department Singapore Police Force. Computer Crime Trends Definition of Computer Crime Case Studies Computer Misuse Act.

mimir
Download Presentation

COMPUTER CRIMES - THE LAW ENFORCMENT PERSPECTIVE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. COMPUTER CRIMES -THE LAW ENFORCMENT PERSPECTIVE BLACK HAT BRIEFINGS SINGAPORE - 3-4 APR 2000 By: Wilfred A Nathan Computer Forensic Branch Criminal Investigation Department Singapore Police Force

  2. Computer Crime Trends Definition of Computer Crime Case Studies Computer Misuse Act SCOPE

  3. Computer Crime Branch & Computer Forensic Branch IT Crime Investigation Procedures Computer Crime Prevention & Incident Management Conclusion INTRODUCTION

  4. INTRODUCTION Computer Crimes Trend No. of reported cases relatively low Increasing trend 1993/1994 - 1 1995 - 3 1996 - 7 1997 - 37 1998 - 116 1999 - 185

  5. INTRODUCTION Definition of Computer Crime When there is unauthorised access into a computer system in order to : Destroy data or programs Commit other offences

  6. CASE STUDY ONE The Perfect Computer CrimeSystem Analyst used Trojan horse program to capture colleagues password and used it to modify the Lucky Draw Program. Also gained root access whilst auditing computer system and replaced Lucky Program with fake program that allowed 3 friends to ‘win’ $485,000

  7. CASE STUDY TWO Crashing of Factory Computer SystemDisgruntled system administrator inserted logic bomb that replaced system files with damaged files during backup process. Also used another logic bomb to time backing up process while he was on holiday. Caused entire company’s system to crash and halted production lines. After his dismissal, he asked a computer illiterate colleague to crash system files.

  8. CASE STUDY THREE Smart Card Scam - Managers of Cinema Chain modified Daily Cashiers’ Reports on computer system and siphoned off cash. Also topped up used Smart cards illegally and sold them to cinema touts. Enlisted help of a computer service engineer to load program into a branch so as to further the crime.

  9. CASE STUDY FOUR Distribution of user-ids and passwords - Two youths stole user-ids and passwords of unsuspecting users of an ISP during IRC sessions and displayed the user-ids and passwords on a web site stating that the ISP’s system security had been breached.

  10. CASE STUDY FOUR Hacking of Television's Stations web-site Two teenagers obtained illegal access to a Television Station web-site by accident and modify several of the web pages with “hacker slogans”.

  11. Lack of Physical Security Electronic Security Good Security Practices Regular System Audit Computer Incident Management LESSONS LEARNT

  12. Section 3 - Unauthorised Access to Computer Material Section 4 - Access with Intent to Commit or Facilitate Commission of Further Offence Section 5 - Unauthorised Modification of Contents of Computer COMPUTER MISUSE ACT

  13. Section 6 - Unauthorised Use/Interception of Computer Service Section 7 - Unauthorised obstruction of Use of Computer Section 8 - Unauthorised Disclosure of Access Code Section 9 - Enhanced punishments - Territorial Scope COMPUTER MISUSE ACT

  14. Computer Crime Investigation Computer Related Crime Investigation Telecommunication Frauds Investigation Training Computer Searches Computer Seizures Computer Forensic Examination Training CCB & CFB

  15. COMPUTER CRIME BRANCH Head, Computer Crime Branch OC Investigation Teams Senior Investigators Investigators

  16. COMPUTER FORENSIC BRANCH • Head Computer Forensics • OC Computer Forensics Team • Computer Forensics Examiners

  17. Asian Working Party (Computer Crime) Links with FBI, USSS AFP Hong Kong Malaysia Taiwan Sweden U.K. International Co-operation

  18. Report Lodging What to prepare? Who should do the reporting? COMPUTER CRIME INVESTIGATIONS

  19. Preliminary Investigation Interviews (Facts gathering) Complainant / Victims System Administrators Customer Service Engineer Other Witnesses COMPUTER CRIME INVESTIGATIONS

  20. Preliminary Investigation Evidence Collection Physical evidence (eg computer system, storage media) Supporting evidence (eg system logs, callerID records) COMPUTER CRIME INVESTIGATIONS

  21. Preliminary Investigation Evidence Analysis Forensic laboratory and staff for examination of storage media Technical Support from Industry experts Vendors’ information COMPUTER CRIME INVESTIGATIONS

  22. Implications of Police Investigation’ Evidence in police custody till conclusion of the case Commitment of time and resources Adverse publicity COMPUTER CRIME INVESTIGATIONS

  23. PREVENTION & INCIDENT MANAGEMENT Setting up a Security Team Implement Preventive Measures Incident Management

  24. PREVENTION & INCIDENT MANAGEMENT Preventive Measures Installation and maintenance of Intrusion Detection applications, e.g., Firewall, Intrusion Detection System Proper documentation of computer systems Conduct regular system audit Password management

  25. PREVENTION & INCIDENT MANAGEMENT Preventive Measures Establish links with SingCERT, etc Simulation Excercises Tracking software/hardware for bugs & vulnerabilities

  26. PREVENTION & INCIDENT MANAGEMENT Incident Management - Respond swiftly Collation of essential information and facts Gathering of evidence caller id records, system access logs

  27. PREVENTION & INCIDENT MANAGEMENT Incident Management Ensure system and storage media not tampered document any tampering Report fast to Computer Crime Branch

  28. Report the incident as early as possible Record all irregularities Do not allow anyone to meddle with the computer Do not restore the affected system CONCLUSION

  29. THANK YOU THE END

More Related