M6D1: Cybercrime Question After completing the assigned readings for the module, please respond to the following question in your initial post: · In a few sentences describe your current work
Module 6: Learning & Assessment Activities
During this module you will:
Read:
Required
Module Notes: Cybercrime and Cyberespionage
Ablon, L., & Libicki, M. (2015). Hackers' Bazaar: The Markets for Cybercrime Tools and Stolen Data. Defense Counsel Journal, 82(2), 143-152. Retrieved from: http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=102363107&site=eds-live&scope=site
Fidler, D. P. (2012, March). Tinker, Tailor, Soldier, Duqu: Why cyberespionage is more dangerous than you think. International Journal on Critical Infrastructure Protection. page. 28. Retrieved from: http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edo&AN=73779199&site=eds-live&scope=site
Hyman, P. (2013). Cybercrime: It's serious, but exactly how serious?Communications of the ACM, 56(3), 18-20. Retrieved from: http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=89060848&site=eds-live&scope=site
Manky, D. (2013). Feature: Cybercrime as a service: a very modern business. Computer Fraud & Security, 20139-13. Retrieved from:http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edselp&AN=S1361372313700538&site=eds-live&scope=site
Moise, A. C. (2014). Some considerations on the phenomenon of cybercrime. Journal of Advanced Research in Law & Economics (De Gruyter Open), 5(1), 38-43. Retrieved from: http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=103712516&site=eds-live&scope=site
Ring, T. (2013). Feature: A breach too far?Computer Fraud & Security, 2013, 5-9. Retrieved from: http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edselp&AN=S1361372313700526&site=eds-live&scope=site
Optional
Clayton, M. (2014, May 19). US indicts five in China's secret 'Unit 61398' for cyber-spying on US firms. Christian Science Monitor. p. N.PAG
Mandiant Corporation (2013). APT1: Exposing one of China’s cyberespionage units. Retrieved from http://intelreport.mandiant.com/
This webpage provides links to the report and videos. It provides a deep dive into the efforts to discover the role of China’s military in cyberespionage.
View:
Required
Mandiant Corporation, (2013, February 18). APT1: Exposing 0ne of China's cyber espionage units. [Video file, 4:59 minutes]. Retrieved from: https://youtu.be/6p7FqSav6Ho
Transcript File
TedTalks: Mikko Hypponen—fighting viruses, defending the net. [Video file, 17:30 minutes]. (2011). In Films On Demand. Retrieved from http://vlib.excelsior.edu/login?url=http://fod.infobase.com/PortalPlaylists.aspx?wID=103647&xtid=48202
Heists: Cybercrimes with Ben Hammersley. [Video file, 25:13 minutes]. (2014). In Films On Demand. Retrieved from http://vlib.excelsior.edu/login?url=http://fod.infobase.com/PortalPlaylists.aspx?wID=103647&xtid=109729
Discuss:
M6D1: Cybercrime
M6D2: Cyberespionage
Note: Please contribute one original post in response to each discussion question. Response should be 2-3 paragraphs or 300 words minimum and include citations and references in APA format.
Use the EC Library resources for research assistance and to properly cite your work:
Military Leadership Research Guide (Links to an external site.)
National Security Research Guide (Links to an external site.) (Links to an external site.)
Plagiarism & Copyright (Links to an external site.)
Excelsior Library Writing Help (Links to an external site.)
APA Citation Help (Links to an external site.)
Excelsior College Online Writing Lab (OWL)
Module 6: Module Notes: Cybercrime and Cyberespionage
Cybercrime (https://search.ebscohost.com/login.aspx?direct=true&db=e000xna&AN=474364&scope=site.) and its close digital cousin, cyberespionage, have become frequent topics for newspaper articles, Hollywood movies, and diplomatic engagement. Leveraging weaknesses in digital protocols and human nature, cybercriminals have turned to computers to conduct the traditional crimes of theft, extortion, and fraud as well as new crimes such as attacks on critical infrastructure. Nation states are now turning to cyberspace to steal military and commercial secrets in a high speed, low risk attempt to gain an information advantage.
In this module, we will examine the growth and risk of cybercrime and cyberespionage, review a case study of an advanced persistent threat (APT), and develop an understanding of the tools and risk to national security of criminal activity in cyberspace.
| Challenges to Addressing Cybercrime | |
| Challenge | Description |
| Reporting cybercrime | Accurately reporting cybercrime to law enforcement |
| Ensuring adequate law enforcement analytical and technical capabilities | Obtaining and retaining investigators, prosecutors, and cyberforensics examiners Keeping up-to-date with current technology and criminal techniques |
| Working in borderless environment with laws and multiple jurisdictions | Investigating and prosecuting cybercrime that transcends borders with laws and legal procedures of multiple jurisdictions |
| Implementing information security practices and raising awareness | Protecting information and information systems Raising awareness about criminal behavior |
Source: GAO. Retrieved from http://search.ebscohost.com.vlib.excelsior.edu/login.aspx?direct=true&db=iqv&AN=3099024&site=eh
It is difficult to open the paper or watch television news and not see an article or segment that discusses some cyber incident. Be it the theft of a database, an online fraud, or a significant theft of credit card information from a retailer. Although the estimates vary widely (Hyman, 2013), cybercrime easily amounts to billions of dollars of direct and indirect losses to businesses around the world. The Federal Bureau of Investigation (FBI) received more than 3 million cybercrime reports since 2000 and is now receiving approximately 300,000 per year (FBI, n.d.). These are only the crimes that are reported. Businesses are often reluctant to announce their victimization for fear of market losses or even because they don’t even know they have been hacked (Hunt, 2016; Hyman, 2013). Defining and describing cybercrime is even a challenge (Moise, 2014).
Plain text
Cybercrime has now become big business. It is no longer just sending spam or defacing a website. Cybercriminals are organized and specialized in a vertically integrated business. Albon and Libicki (2015) provide a good description of how the black market for cybercrime tools and expertise developed over the past fifteen years or so. Communications on the dark web, the part that Google doesn’t index, allows for buyers and sellers of malware, stolen data, and specialized criminal services to meet and profit. Manky (2013) explains the “cybercrime as a service” model which allows even a novice to become a top-rate cybercriminal in a few easy steps. The barriers to entry in the world of cybercrime are low and the potential profits quite high. Coupled with weak legal regimes in many parts of the world it is easy to see that cybercrime is now the vehicle of choice for organized criminal groups.
One advantage of cybercrime is the ability to use the same exploit over and over again. Kaspersky (2016) discusses how the Carbanak hack has been updated and reused to penetrate multiple banks. The original Carbanak hack allowed cybercrimes to steal nearly a billion dollars in total from 100 different banks. Similarly known vulnerabilities in common software products such as Microsoft Office and Adobe Acrobat allow criminals to attack tens of thousands of unpatched computers. Even more dangerous, and more valuable, are zero-day exploits. Zero-days are unreported flaws in software that allow hackers to gain control of victim computers. As long as the flaw is unreported, the software developer is unaware of it and cannot write the corrective patch code. Greenberg (2012) described the marker for zero-day exploits. Selling it to the software company as a white hat might net a few thousand, selling it on the black market will likely yield much more. The FBI reportedly paid more than one million United States dollars to get the hack for the San Bernadino iPhone (Berman & Zapotsky, 2016).
Recently trends in cybercrime have seen a growth in ransomware (FBI, n.d.). Ransomware is an attack against an individual user or even big business where the criminals access the victim’s system via a phishing attack or by the victim visiting a compromised website. The malware then encrypts the victim’s data and locks out the victim until a ransom is paid. Usually the victim has to pay within a day or two or the data will be gone forever (Everett, 2016).
Turning to cyberespionage, the same exploits used in cybercrime are at the disposal of nation states for espionage purposes. Cyberespionage has taken on two forms. One the traditional aspect of espionage to steal a potential adversary’s information in order to better assess their intentions and potential weaknesses. The second is the world of commercial espionage. Commercial espionage involves the stealing of a private company’s intellectual property and the results of the company’s research and development activities to then gain a competitive advantage in the marketplace. While traditional espionage is illegal, it is an accepted practice among nations. Despite former Secretary of State Henry Stimson (https://history.state.gov/departmenthistory/people/stimson-henry-lewis.)’s statement, nation states do try to read each other’s mail and nowadays their email. Getting the plans for an opponent’s fighter plane allows one to determine its capabilities and potential vulnerabilities. Stealing the plans for a wind turbine however, allows one to avoid the expense and time of research and development and thus undercuts a competitor.
The Mandiant (2013) report on APT1 showed the alleged actions of the Chinese military in commercial espionage (Ring, 2013). Federal Bureau of Investigations (FBI) Director Comey (https://www.fbi.gov/about/leadership-and-structure/fbi-executives) has been quoted as saying all major United States (U.S.) companies have been hacked by the Chinese, some just don’t know it (Cook, 2014). These allegations have led to increased friction between the U.S. and China and we will look at this more in the Modules 7 & 8. Fidler (2012) pointed out several of the risks of an unconstrained global espionage campaign between cyber powers. It is doubtful that this will or even can be put back into the bottle.
In response to the rise in cybercrime and cyberespionage the White House has issued several Executive Orders on cybercrime and commercial espionage (Obama, 2015). The tools outlined in the Executive Order are an attempt to use economic leverage to deter malicious cyber activity. The effectiveness remains to be seen.
References:
Ablon, L., & Libicki, M. (2015). Hackers' bazaar: The markets for cybercrime tools and stolen data (Links to an external site.). Defense Counsel Journal, 82(2), 143-152. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=102363107&site=eds-live&scope=site
Berman, M. & Zapotsky, M. (2016, April 22). FBI chief indicates iPhone access in terror probe cost more than $1 million (Links to an external site.). Washington Post. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bwh&AN=wapo.fd063696-07fe-11e6-bdcb-0133da18418d&site=eds-live&scope=site
Cook, J. (2014, October 6). FBI Director: China has hacked every big US company (Links to an external site.). Retrieved from http://www.businessinsider.com/fbi-director-china-has-hacked-every-big-us-company-2014-10
Everett, C. (2016). Feature: Ransomware: to pay or not to pay (Links to an external site.)? Computer Fraud & Security, 2016, 8-12. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edselp&AN=S1361372316300367&site=eds-live&scope=site
FBI. (n.d.). 2015 Internet Crime Report (Links to an external site.). [PDF, File size 2.7 MB]. Retrieved from https://www.ic3.gov/media/annualreport/2015_IC3Report.pdf
Fidler, D. P. (2012, March). Tinker, tailor, soldier, Duqu: Why cyberespionage is more dangerous than you think (Links to an external site.). International Journal on Critical Infrastructure Protection. p. 28. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edo&AN=73779199&site=eds-live&scope=site
Greenberg, A. (2012). The Zero-Day Salesmen (Links to an external site.). Forbes, 189(6), 40-44. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=73905142&site=eds-live&scope=site
Hunt, T. (2016, May 20). Security Sense: There’s a lot of hacked companies we don’t even know about (Links to an external site.). Retrieved from http://windowsitpro.com/troy-hunts-security-sense/security-sense-theres-lot-hacked-companies-we-dont-even-know-about
Hyman, P. (2013). Cybercrime: It's serious, but exactly how serious (Links to an external site.)? [PDF, File Size 3.2MB]. Communications of the ACM, 56(3), 18-20. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=89060848&site=eds-live&scope=site
Kaspersky identifies new cyber attacks on banks (Links to an external site.). (2016). EquityBites (M2). Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=bwh&AN=86D5846516034&site=eds-live&scope=site
Mandiant Corporation, (2013, February 18). APT1: Exposing 0ne of China's cyber espionage units (Links to an external site.). [Video file, 4:59 minutes]. Retrieved from: https://youtu.be/6p7FqSav6Ho
Manky, D. (2013). Feature: Cybercrime as a service: a very modern business (Links to an external site.). Computer Fraud & Security, 20139-13. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edselp&AN=S1361372313700538&site=eds-live&scope=site
Moise, A. C. (2014). Some considerations on the phenomenon of cybercrime (Links to an external site.). [PDF, File size 765KB]. Journal of Advanced Research In Law & Economics (De Gruyter Open), 5(1), 38-43. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=a9h&AN=103712516&site=eds-live&scope=site
Obama, B. (2015, April 1). Executive Order -- “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities (Links to an external site.). Retrieved June 10, 2016, from https://www.whitehouse.gov/the-press-office/2015/04/01/executive-order-blocking-property-certain-persons-engaging-significant-m
Ring, T. (2013). Feature: A breach too far? (Links to an external site.). Computer Fraud & Security, 20135-9. Retrieved from http://vlib.excelsior.edu/login?url=http://search.ebscohost.com/login.aspx?direct=true&db=edselp&AN=S1361372313700526&site=eds-live&scope=site
As you watch/listen to the videos and digest the readings, keep track of the multiple responsibilities given to the Department of Homeland Security (DHS) in the realm of cybersecurity. The DHS Secretary must be mindful of a very diverse set of threats to security. Does cybersecurity suffer in comparison to terrorism and other threats? The discussion questions will offer the opportunity to comment on the organization of DHS and the challenges the Department faces.
