1. Define target hardening in cyberspace, and define and explain SQL injection. Your response must be a minimum of 400 words. 2. Define and describe 18 U.S.C. 3771, the Crime Victims' Rights Act, and

Over ton whole, and replaced the funds taken from his savings account. One of the areas not mentioned to this point has been technological tools used to help victims, witnesses, and others regarding victim notification associated with all stages of a criminal proceeding. In 2004, Congress UNIT V STUDY GUIDE Technology and Protection of Citizens MCJ 5078, Computer Applications for Criminal Justice Administration 2 UNIT x STUDY GUIDE Title passed the Crime Victims’ Rights Act. Ordinarily, a summary of legislation would be sufficient, but this Crime Victim’s Rights Act is so important, it will be detailed here. Crime Victims’ Rights Act The victims of federal crimes enjoy certain rights to notice, attendance, and participation in the federal criminal justice process by virtue of 18 U.S.C. 3771. More specifically, the section assures victims that they have the rights identified below.  The right to be reasonably protected from the accused.  The right to reasonable, accurate, and timely notice of any public court proceeding, or any parole proceeding, involving the crime or of any release or escape of the accused.  The right not to be excluded from any such public co urt proceeding, unless the court, after receiving clear and convincing evidence, determines that testimony by the victim would be materially altered if the victim heard other testimony at that proceeding.  The right to be reasonably heard at any public proc eeding in the district court involving release, plea, sentencing, or any parole proceeding.  The reasonable right to confer with the attorney for the government in the case.  The right to full and timely restitution as provided in law.  The right to proceedings free from unreasonable delay.  The right to be treated with fairness and with respect for the victim’s dignity and privacy.  The right to be informed in a timely manner of any plea bargain or deferred prosecution agreement.  The right to be inform ed of the rights under this section and the services described in section 503(c) of the Victims’ Rights and Restitution Act of 1990 (42 U.S.C. 10607(c)) and provided contact information for the Office of the Victims’ Rights Ombudsman of the Department of J ustice. (Doyle, 2015, p. 1). All ten points in the original legislation are important to crime victims, but consider for a moment how important it is for victims of rape, sexual assault, domestic violence, and child abuse to be kept informed by the govern ment. Psychologically, these are very important measures that help victims to deal with the trauma they have suffered. Likewise, it is important that victims of crime be notified when a convicted offender is going before the Parole Board or other tribunal that could result in the offender being released. Additionally, there are several other programs at the state level that have become wonderful tools for victims such as the Automated Victim Notification (AVN) system initiated in 1994. Later, in 2005, Con gress passed the Statewide Automated Victim Information and Notification (SAVIN) program. This legislation provided for the funding for such notification programs (Irazola, Williamson, Niedzwlecki, Debus -Sherrill, & Stricker, 2013). Few objective America ns would argue that the protections afforded by the United States Constitution and the Bill of Rights, especially the Fourth, Fifth, Sixth, Eighth, Tenth, and Fourteenth Amendments to the Constitution, should not be applied to anyone alleged to have commit ted a crime; after all, any of us could be unjustly accused. But, for a long time, there seems to have been more attention paid to alleged offenders than to victims. The legislation previously mentioned has addressed some of the imbalance, but, still, vict ims need more. In mid -2006 the Adam Walsh Child Protection and Safety Act of 2006 was passed, and, in 2015, the Justice for Victims of Trafficking Act of 2015 was placed into law. Both these legislative enactments have been long overdue, especially with th e proliferation of transnational organized crime (Doyle, 2015). These are all some of the ways the government, your elected representatives, have been working to protect victims. But, the role and act of protection is not the sole responsibility of the loc al, state, and federal government; each of us have a responsibility to make sure that we are not acting and living carefree lives without any concern for becoming a victim. Target hardening is one way that people can reduce the likelihood they will become a victim of traditional crime and cybercrime too. Preventing Cyber -intrusion To implement a target hardening strategy, people must know what they are protecting or hardening themselves from. In the digital age, everyone who uses a smartphone, computer, notepad, smart television, or anything connected to the Internet must be aware of their opponent or victimizer/perpetrator. Some of the common vocabulary used to identify these nefarious characters includes hacker, script kiddie, spies, insiders, cybercrim inals, and cyberterrorists. Additionally, there are black -hats, grey -hats, and white -hats. Each of MCJ 5078, Computer Applications for Criminal Justice Administration 3 UNIT x STUDY GUIDE Title these refers to a certain type of hacker. Black -hats are criminals determined to disrupt Internet services, steal from unsuspecting victims, and, sometimes, use their knowledge and tools to create a social movement for or against a government, company, or policy. Grey -hats could be defined as those hackers who enter a system to reveal corruption, scandals, or unethical conduct. White -hats are those hackers who use their skills to find vulnerabilities in a computer or data -processing system and to assist the government or corporation in plugging holes in their systems (Ciampa, 2012). Of course, there are ethical issues associated with each type hacker, but that discussion is saved for another time. For now, it is important to understand some of the things each person can do to harden their computer systems or their physical dwelling. Regarding computer systems, some of the methods used are layering, limiting, d iversity, obscurity, and simplicity. Even when all five of these methods are used, a computer system, phone, or other technology may still not be fully protected; these five methods are known as fundamental security principles. Each of these independently or used together help prevent cyber -intrusion by criminals who use malware to infect computer systems. Cyber terrorism is increasing its technological prowess daily. Those initiating these crimes use a variety of tools, including web exploit kits, to ste al an individual’s personal information. More times than not, this ends in in financial loss for the victim. The Trojan Zeus is noted as one of the most damaging and, for a time, was considered the undisputed king of malware. In Greek Mythology, Zeus is w idely known as the king of the Olympian gods. In Greek religion, he was the supreme deity and “…referred to as the Father, as the god of thunder and the ’cloud -gatherer,’ he controlled the weather, offered signs and omens and generally dispensed justice, g uaranteeing order amongst both the gods and humanity from his seat high on Mt. Olympus” (Cartwright, 2013, para. 1).

Additionally, Zeus the Greek mythological god bore 40 offspring if you count the nine muses individually. Zeus the Trojan was reported by U S-CERT (2012) as having “26 different versions that have been identified, more than 3,500 unique Zeus URLs with more than 105,500 target URLs, 626 unique Zeus controllers, 763 Zeus configurations, and 257 unique Zeus keys that were extracted, all during 20 12” (US -CERT, 2012, p. 12). Many of these destructive tools are capable of circumventing two -factor authentication; that means the legal user has two -steps to complete before they can enter their system. Previously, it was mentioned that APTs are at the h eart of many of these intrusions. Some of the APTs are APT -1 the People’s Liberation Army Unit 81398 (China). APT -1 is mainly interested in economic espionage, and they focus on banks, credit card companies, and other financial institutions in the United S tates. Other APTs include Russia, Syria, North Korea, and Iran. These are known state actors who present additional security problems for everyday users. Yet, while these are the tools many use to intrude on computer systems, the methodologies are numerous . Some malware is used for profit by the attackers; they use keyloggers, adware, spyware, and botnets to enter systems via email. For instance, adware is advertising content that can infect a computer system if opened. This is likely the most widely used m ethod of intrusion, because the victims, especially Americans, are not trained or conditioned to resist opening email and clicking on cute cats, dogs, beautiful sailboats, and other interesting objects. Social engineering, psychological approaches, and phi shing, pharming, spear phishing, vishing, and whaling are all well -known methodologies used by hackers, and cyber -criminals. There are other more complicated ways these nefarious characters enter computer systems such as SQL attacks, but this is not a comp uter or cyber security course, so that must be left for another discussion. Conclusion During this lesson, legislation at the state and federal levels has been introduced to students as a way of showing that victims do have advocates and there are agenci es, individuals, non -profits, NGOs, and companies who work for and with victims daily. In the second part of the lesson, cyber -related protections and target hardening were introduced. Importantly, the United States is not the only country that experiences these type problems, and there are numerous entities dedicated to educating and protecting unsuspecting victims from this type of crime. Programs such as the Cybersecurity National Action Plan are a good start, but it must be remembered that the governmen t cannot do this alone. Others such as software and hardware developers, ISPs, and end -users are all responsible for remaining vigilant and for using common sense when using anything connected to the Internet, and to always be aware of one’s surroundings. MCJ 5078, Computer Applications for Criminal Justice Administration 4 UNIT x STUDY GUIDE Title References Cartwright, M. (2013). Zeus definition . Retrieved from http://www.ancient.eu/zeus/ Cerullo, M. (2018). Bank restores funds stolen from oldest living veteran’s account . Retrieved from https://www.military.com/daily -news/2018/07/05/bank -restores -funds -stolen -oldest -living -veterans - account.html Ciampa, M. (2012). Security + guide to network s ecurity fundamentals (4th ed.). Boston, MA: Cengage. Doyle, C. (2015). Crime victim’s rights act: A summary and legal analysis of 18 U.S.C. §3771 . Retrieved from https://fas.org/sgp/crs/misc/RL33679.pdf Irazola, S., W illiamson, E., Niedzwiecki, E., Debus -Sherrill, S., & Stricker, J. (2013). Evaluation of the statewide automated victim information notification program. Retrieved from https://www.ncjrs.gov/pdffiles1/nij/grants/243839.pdf U.S. CERT. (2012). US -CERT security trends report: 2012 in retrospect . Retrieved from https://www.us -cert.gov/sites/default/files/US -CERT_2012_Trends -In_Retrospect.pdf