DOCSLIB.ORG

Leveraging the Multi-Disciplinary Approach to Countering Organised Crime

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Leveraging the Multi-Disciplinary Approach to Countering Organised Crime Leveraging The Multi-Disciplinary Approach to Countering Organised Crime Anna Cevidalli Technical Report RHUL{MA{2010{06 31st March 2010 Department of Mathematics Royal Holloway, University of London Egham, Surrey TW20 0EX, England http://www.rhul.ac.uk/mathematics/techreports ROYAL HOLLOWAY MSc PROJECT Anna Cevidalli Student Number: 100630541 Supervisor: John Austen Leveraging The Multi-Disciplinary Approach to Countering Organised Crime An Evaluation for Information Security and Business Professionals SEPTEMBER 2009 Submitted as part of the requirements for the award of the MSc in Information Security at Royal Holloway, University of London. I declare that this assignment is all my own work and that I have acknowledged all quotations from the published or unpublished works of other people. I declare that I have also read the statements on plagiarism in Section 1 of the Regulations Governing Examination and Assessment Offences and in accordance with it I submit this project report as my own work. Signature Date ACKNOWLEDGEMENTS I would like to thank the staff at Royal Holloway and especially John Austen, my Project Supervisor, for their invaluable support and assistance in completing this project. ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- Anna Cevidalli RHUL MSc Project – September 2009 (Main Document) TABLE OF CONTENTS 1 INTRODUCTION.....................................................................................................................1 1.1 OVERALL PURPOSE ..................................................................................................................2 1.2 SPECIFIC OBJECTIVES ..............................................................................................................2 1.3 SCOPE ........................................................................................................................................3 1.4 METHODOLOGY .........................................................................................................................3 2 EXECUTIVE SUMMARY........................................................................................................5 3 OVERVIEW OF ORGANISED CRIME ..................................................................................7 3.1 DIFFERENT PERCEPTIONS ABOUT ORGANISED CRIME ..........................................................7 3.1.1 The International Perspective....................................................................................7 3.1.2 The Public/ Media Perspectives................................................................................8 3.1.3 The Government/ Law Enforcement Perspectives...................................................9 3.1.4 The Academic Perspective......................................................................................10 3.1.5 The Victim’s Perspective .........................................................................................10 3.1.6 The Economic Perspective......................................................................................11 3.1.7 The Corporate Perspective .....................................................................................11 3.1.8 The Information Security Perspective .....................................................................13 3.1.9 The Challenge of Synthesising Divergent Views....................................................15 3.1.10 The Multi-Disciplinary Perspective..........................................................................16 3.2 DISPELLING THE MYTHS .........................................................................................................18 3.2.1 The Limitations of Public Pronouncements and Statistics .....................................18 3.3 DEFINING THE REALITIES ........................................................................................................25 3.3.1 Organised Crime Groups ........................................................................................26 3.3.2 Technology-oriented and Online Organised Crime Groups...................................30 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- Anna Cevidalli RHUL MSc Project – September 2009 (Main Document) 4 TECHNOLOGY AND ORGANISED CRIME .......................................................................32 4.1 ONLINE ORGANISED CRIME GROUPS AND INFORMATION TECHNOLOGY ............................32 4.1.1 Specific Threats Posed by Online Organised Crime Groups.................................33 4.1.2 Key Attributes of Information and Technology exploited by OOCGs.....................34 4.2 THE PROBLEM OF CRIMEWARE ..............................................................................................40 4.3 THE INTERNET AND THE WEB AS ATTACK VECTORS ............................................................43 5 THE BUSINESS OF ORGANISED CRIME.........................................................................45 5.1 THE IMPORTANCE OF ONLINE ORGANISED CRIME BUSINESS MODELS ..............................45 5.2 STRATEGIC ANALYSIS AND ONLINE ORGANISED CRIME GROUPS ......................................55 5.2.1 Employing Morphological Analysis within a Multi-Disciplinary Context .................56 6 CONCLUSION ......................................................................................................................59 7 REFERENCES......................................................................................................................62 8 KEY TERMS..........................................................................................................................93 8.1 DEFINITIONS OF KEY TERMS AS USED WITHIN THIS PAPER AND ITS APPENDICES ...........93 9 GLOSSARIES.......................................................................................................................95 9.1 GLOSSARY OF ACRONYMS ............................................................................................95 9.2 GLOSSARY OF INFORMATION SECURITY AND TECHNICAL TERMS USED WITHIN THIS PAPER AND THE APPENDICES ............................................................97 APPENDICES Appendix A Tables of organised crime characteristics (1 – 6) Appendix B Real-life online organised crime case studies Appendix C Morphological Analysis (MA) Methodology and Matrices Appendix D Information and IT Attributes Exploited by Offenders ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- Anna Cevidalli RHUL MSc Project – September 2009 (Main Document) 1 INTRODUCTION “The key to formulating effective responsive strategies to cybercrime is to understand the different perspectives that the different actors in the field of cybercrime bring to the subject rather than see them in binary terms as either right or wrong... See, for example, the different, but real, experiences of the business community and the individual user. It is also crucial to hold realistic expectations of what the police can and cannot do.” David Wall, ‘Cybercrime, Media and Insecurity: The Shaping of Public Perceptions of Cybercrime’ 1 If the warnings are to be believed, organised crime is rapidly taking over criminal activity on the Internet, cynically exploiting legitimate business models in the pursuit of huge profit. At the same time, some critics remain doubtful whether such statements can be taken to be authoritative or are merely ‘hype’. They highlight the issue that ‘organised crime’ is an imprecise concept which is very susceptible to subjective interpretation. A substantial academic literature has developed over half a century to answer the question, ‘What is organised crime?’ and still the concept remains elusive, complicated by the recent emergence of the online criminal groups. These groups share many characteristics with their terrestrial counterparts yet they are also, due to their sophisticated exploitation of the benefits and vulnerabilities of the Internet, said to be evolving new characteristics whereby they are more educated, innovative and collaborative than the crime groups that came before them. 2 For governments, law enforcement, Information Security (IS) professionals and others who are tasked with protecting the valuable assets accessible stored on the Internet, ‘tried and trusted’ resources such as technical countermeasures and the international Information Security Standards, the 27000 series, have existed for some time to combat all types of online threat, including those from organised crime. In the last few years, professionals from all disciplines have recognised that they can no longer work in ‘silos’ and must collaborate to manage the problem. Considerable progress is being made in this area, for instance with the publication of national cybersecurity and organised crime strategies in the US and UK. However, if it is true that there is a close correlation between online organised crime and business, perhaps there is another resource available which remains largely ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- Anna Cevidalli RHUL MSc Project – September 2009 (Main Document) 1/103
Load more

Recommended publications
  • Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress
    Order Code RL32114 Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress Updated January 29, 2008 Clay Wilson Specialist in Technology and National Security Foreign Affairs, Defense, and Trade Division Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress Summary Cybercrime is becoming more organized and established as a transnational business. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that could secretly represent terrorist groups. The increased use of automated attack tools by cybercriminals has overwhelmed some current methodologies used for tracking Internet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which are acknowledged openly in publications, could possibly attract cyberattacks to extort money, or damage the U.S. economy to affect national security. In April and May 2007, NATO and the United States sent computer security experts to Estonia to help that nation recover from cyberattacks directed against government computer systems, and to analyze the methods used and determine the source of the attacks.1 Some security experts suspect that political protestors may have rented the services of cybercriminals, possibly a large network of infected PCs, called a “botnet,” to help disrupt the computer systems of the Estonian government. DOD officials have also indicated that similar cyberattacks from individuals and countries targeting economic,
    [Show full text]
  • What Every CEO Needs to Know About Cybersecurity
    What Every CEO Needs to Know About Cybersecurity Decoding the Adversary AT&T Cybersecurity Insights Volume 1 AT&T Cybersecurity Insights: Decoding the Adversary 1 Contents 03 Letter from John Donovan Senior Executive Vice President AT&T Technology and Operations 04 Executive Summary 05 Introduction 07 Outsider Threats 15 Looking Ahead: Outsider Threats 16 Best Practices: Outsiders 18 Insider Threats 24 Looking Ahead: New Potential Threats 25 Looking Ahead: Emerging Risks 26 Best Practices: Malicious Insiders 27 Best Practices: Unintentional Insiders 28 Moving Forward 32 Conclusion 33 Know the Terms For more information: Follow us on Twitter @attsecurity 35 End Notes and Sources Visit us at: Securityresourcecenter.att.com © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T Globe logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change. 2 ATT.com/network-security Business leader, Welcome to the inaugural issue of AT&T Cybersecurity Insights, a comprehensive look at our analysis and findings from deep inside AT&T’s network operations groups, outside research firms, and network partners. This first issue, “Decoding the Adversary,” focuses on whether or not you and your board of directors are doing enough to protect against cyber threats. Security is not simply a CIO, CSO, or IT department issue. Breaches, leaked documents, and cybersecurity attacks impact stock prices and competitive edge. It is a responsibility that must be shared amongst all employees, and CEOs and board members must proactively mitigate future challenges.
    [Show full text]
  • Asia-Europe Meeting
    Asia-Europe Meeting Topic A: Identifying, Sharing and Remediating Faults in Cybersecurity Topic B: Tackling Local, Regional and Global Hunger MUNUC 32 TABLE OF CONTENTS ______________________________________________________ Letter from the Chair………………………………………………………….. 3 Topic A ………………………………………………………………………..… 4 Statement of the Problem…………………………………………….. 4 History of the Problem……………………………………….…..…….. 9 Past Actions…………………………………………………………….. 14 Possible Solutions………………………………………………………. 18 Bloc Positions…………………………………………………………… 20 Glossary…………………………………………………………………. 22 Topic B ………………………………………………………………...………. 23 Statement of the Problem…………………………………………….23 History of the Problem………………………………………………… 28 Past Actions…………………………………………………………….. 31 Possible Solutions………………………………………………………. 33 Bloc Positions…………………………………………………………… 35 Glossary…………………………………………………………………. 37 Bibliography……………………………………….…………………………. 38 2 Asia-Europe Meeting | MUNUC 32 LETTER FROM THE CHAIR ______________________________________________________ Dear Delegates, Welcome to the Asia-Europe Meeting Forum, or ASEM, at MUNUC 32! My name is Randolph Ramirez, and I usually go by Randy. I am a third year here at The University of Chicago studying Statistics and Political Science. I was born and raised in Wilton, Connecticut, and coming out to attend UChicago was my first trip out to Illinois! All throughout high school I was heavily involved in Model Congress, and partaking in MUNUC my first year here helped transition me into the world of Model UN! I am certain that this conference and committee will be a success, and I cannot wait to experience it with you all! The Asia-Europe Meeting Forum will offer a multitude of experiences, problems, solutions, and overall will hopefully give a descriptive look into the affairs of the two regions. Throughout this experience, I hope delegates learn the various factors that make solving the issues of cybersecurity and huger instability a difficult endeavor, and how best to go about solving them.
    [Show full text]
  • Is the Mafia Taking Over Cybercrime?*
    Is the Mafia Taking Over Cybercrime?* Jonathan Lusthaus Director of the Human Cybercriminal Project Department of Sociology University of Oxford * This paper is adapted from Jonathan Lusthaus, Industry of Anonymity: Inside the Business of Cybercrime (Cambridge, Mass. & London: Harvard University Press, 2018). 1. Introduction Claims abound that the Mafia is not only getting involved in cybercrime, but taking a leading role in the enterprise. One can find such arguments regularly in media articles and on blogs, with a number of broad quotes on this subject, including that: the “Mafia, which has been using the internet as a communication vehicle for some time, is using it increasingly as a resource for carrying out mass identity theft and financial fraud”.1 Others prescribe a central role to the Russian mafia in particular: “The Russian Mafia are the most prolific cybercriminals in the world”.2 Discussions and interviews with members of the information security industry suggest such views are commonly held. But strong empirical evidence is rarely provided on these points. Unfortunately, the issue is not dealt with in a much better fashion by the academic literature with a distinct lack of data.3 In some sense, the view that mafias and organised crime groups (OCGs) play an important role in cybercrime has become a relatively mainstream position. But what evidence actually exists to support such claims? Drawing on a broader 7-year study into the organisation of cybercrime, this paper evaluates whether the Mafia is in fact taking over cybercrime, or whether the structure of the cybercriminal underground is something new. It brings serious empirical rigor to a question where such evidence is often lacking.
    [Show full text]
  • Web Warriors – CBC Documentary
    Cyber Crime Unit The federal government has suffered a nearly 680 percent increase in cyber security breaches in the past six years. 1 Computer Security Risks • A computer security risk is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability • A cybercrime is an online or Internet-based illegal act Hackers Crackers Script Kiddies Corporate Spies Unethical Cyberextortionists Cyberterrorists Employees Pages 556 - 557 Discovering Computers 2011: Living in a Digital World 2 Chapter 11 3 HACKER Someone who gets into another persons computer or network ILLEGALLY. Say their intent is to improve SECURITY. Have advanced COMPUTER and NETWORK skills. CRACKER 4 Someone who gets into another persons computer or network ILLEGALLY. Their intent is to: 1. GET RID OF data 2. STEAL information 3.Other SPITEFUL acts. Have advanced COMPUTER and NETWORK skills. 5 SCRIPT KIDDIE Not as knowledgeable as a cracker but has the SAME intent. Often use PREWRITTEN hacking and cracking software packages to crack into computers. 6 CYBEREXTORTIONIST Uses EMAIL as a channel for BLACKMAIL. If they are not paid a sum of money, they threaten to: 1. REVEAL confidential material 2. TAKE ADVANTAGE OF a safety flaw 3. BEGIN an attack that will compromise a organization’s network 7 CYBERTERRORIST They use the INTERNET or NETWORK to destroy or damage computers for GOVERNMENTAL motives. Targets may be: 1. Nation’s AIR TRAFFIC system 2. ELECTRICITY-generating companies 3. TELECOMMUNICATION infrastructure 8 CORPORATE SPYS Have OUTSTANDING computer and networking skills and are hired to break into a specific computer and ROB its exclusive FILES and information or to help identify SAFETY risks in their own ORGANIZATION.
    [Show full text]
  • Financial Fraud and Internet Banking: Threats and Countermeasures
    Report Financial Fraud and Internet Banking: Threats and Countermeasures By François Paget, McAfee® Avert® Labs Report Financial Fraud and Internet Banking: Threats and Countermeasures Table of Contents Some Figures 3 U.S. Federal Trade Commission Statistics 3 CyberSource 4 Internet Crime Complaint Center 4 In Europe 5 The Many Faces of Fraud 6 Small- and large-scale identity theft 7 Carding and skimming 8 Phishing and pharming 8 Crimeware 9 Money laundering 10 Mules 10 Virtual casinos 11 Pump and dump 12 Nigerian advance fee fraud (419 fraud) 12 Auctions 14 Online shopping 16 Anonymous payment methods 17 Protective Measures 18 Scoring 18 Europay, MasterCard, and Visa (EMV) standard 18 PCI-DSS 19 Secure Sockets Layer (SSL) and Transport Secured Layer (TLS) protocols 19 SSL extended validation 20 3-D Secure technology 21 Strong authentication and one-time password devices 22 Knowledge-based authentication 23 Email authentication 23 Conclusion 24 About McAfee, Inc. 26 Report Financial Fraud and Internet Banking: Threats and Countermeasures Financial fraud has many faces. Whether it involves swindling, debit or credit card fraud, real estate fraud, drug trafficking, identity theft, deceptive telemarketing, or money laundering, the goal of cybercriminals is to make as much money as possible within a short time and to do so inconspicuously. This paper will introduce you to an array of threats facing banks and their customers. It includes some statistics and descriptions of solutions that should give readers—whether they are responsible for security in a financial organization or a customer—an overview of the current situation. Some Figures U.S.
    [Show full text]
  • Technological Crime Advisory Board
    TECHNOLOGICAL CRIME ADVISORY BOARD CATHERINE 100 North Carson Street JAMES D.EARL CORTEZ MASTO Carson City, Nevada 89701-4717 Executive Director Attorney General Telephone (775) 684-1115 Fax (775) 684-1108 Chair E-Mail: [email protected] ADVISORY BOARD Bill: SB 267 CATHERINE Position: Support CORTEZ MASTO Attorney General, Chair Tech Crime Board Statutory Missions (2 of 7) – NRS 205A VALERIE WIENER o Recommend changes to civil and criminal statutes in light of tech change. Nevada State Senator, Vice o Assist in securing government information systems. Chair TRAY ABNEY Background: Security Issues Associated with Multi-functional Devices (MFDs) Reno / Sparks Chamber of Commerce o CBS News “Copy Machines, a Security Risk?” April 19, 2010 at http://www.cbsnews.com/video/watch/?id=6412572n&tag=mncol;lst;8 DANIEL G. BOGDEN o Board meeting on July 22, 2010: Technological background and concerns United States Attorney, District of Nevada regarding State systems (minutes attached, see pages 26 to 30). DOUGLAS C. GILLESPIE Sheriff, Clark County Risk Analysis Leads in Different Directions for Public and Private Sectors Las Vegas Metropolitan o Nevada State Standard on MFDs (draft attached) is more proscriptive than Police Department SB 267 since State agencies, generally, have IT personnel who can evaluate MIKE HALEY and limit risks associated with some functions of MFDs. Sheriff, Washoe County o Private sector users of MFDs purchase them specifically to connect to a network, which is a risk State IT personnel seek to prevent or mitigate. KEVIN FAVREAU Special Agent in Charge, o Conclusion: SB 267 mitigates the most significant risk to data stored on or Federal Bureau of copied by MFDs; State agencies are required to take additional precautions Investigation (as of finalization of standard); private sector enterprises with IT personnel DALE NORTON should consider State standards in their MFD implementations.
    [Show full text]
  • ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL Facultad De
    ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL Facultad de Ingeniería en Electricidad y Computación Maestría en Seguridad Informática Aplicada “DISEÑO E IMPLEMENTACIÓN DE UN SISTEMA DE DEFENSA CONTRA ATAQUES DE DENEGACIÓN DE SERVICIO DISTRIBUIDO EN LA RED PARA UNA EMPRESA DE SERVICIOS.” TESIS DE GRADO PREVIA A LA OBTENCIÓN DEL TÍTULO DE: MAGISTER EN SEGURIDAD INFORMÁTICA APLICADA KAROL PAMELA BRIONES FUENTES OMAR ANTONIO CÓRDOVA BALÓN GUAYAQUIL – ECUADOR 2015 ii AGRADECIMIENTO A Dios, A nuestras familias. iii DEDICATORIA A nuestras familias. iv TRIBUNAL DE SUSTENTACIÓN MSIG. LENIN FREIRE COBO DIRECTOR DEL MSIA MSIG. ROKY BARBOSA DIRECTOR DE TESIS MSIG. ALBERT ESPINAL SANTANA MIEMBRO PRINCIPAL v DECLARACIÓN EXPRESA “La responsabilidad del contenido de esta Tesis de Grado, me corresponde exclusivamente; y, el patrimonio intelectual de la misma, a la ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL” ING. KAROL BRIONES FUENTES CI 0921279162 vi DECLARACIÓN EXPRESA “La responsabilidad del contenido de esta Tesis de Grado, me corresponde exclusivamente; y, el patrimonio intelectual de la misma, a la ESCUELA SUPERIOR POLITÉCNICA DEL LITORAL” ING. OMAR CORDOVA CI 0922892161 vii RESUMEN Internet ha revolucionado la forma en que operan los negocios en la actualidad. Gran cantidad de datos son transmitidos a nivel mundial en tiempo real, como es el caso de las compañías en línea, las cuales dependen de la disponibilidad de sus servicios las veinticuatro horas del día, los trescientos sesenta y cinco días del año para que sus clientes se mantengan conectados de diversas maneras y sin interrupciones. Pero, este nuevo mundo de mayores velocidades, grandes volúmenes de datos y alta disponibilidad de los servicios, trae consigo oportunidades para los criminales cibernéticos, cuyo objetivo es aprovechar el mínimo fallo en los sistemas que operan dentro de la gran red mundial.
    [Show full text]
  • Analisis Y Diagnostico De La Seguridad Informatica De Indeportes Boyaca
    ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA “UNAD” ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 ANALISIS Y DIAGNOSTICO DE LA SEGURIDAD INFORMATICA DE INDEPORTES BOYACA ANA MARIA RODRIGUEZ CARRILLO 53070244 Trabajo de grado como requisito para optar el título de Especialista En Seguridad informática Ingeniero SERGIO CONTRERAS Director de Proyecto UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA UNAD ESPECIALIZACION EN SEGURIDAD INFORMATICA TUNJA 2014 _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ _____________________________________ Firma del presidente del jurado _____________________________________ Firma del jurado _____________________________________ Firma del jurado Tunja, 06 de Octubre de 2014. DEDICATORIA El presente trabajo es dedicado en primera instancia a Dios quien día a día bendice mi profesión y me ayuda con cada uno de los retos que se me presentan a lo largo del camino de mi vida. A mi fiel compañero, amigo, cómplice y esposo, quien es la ayuda idónea diaria y mi fortaleza constante para seguir en el camino del conocimiento, quien no deja que me rinda y me apoya incondicionalmente para que día a día logre ser mejor persona. A mis familiares y compañeros de trabajo, por todo su amor, confianza y apoyo incondicional, a nuestros compañeros y profesores gracias por la amistad, la comprensión, los conocimientos y dedicación a lo largo de todo este camino recorrido que empieza a dar indudablemente los primeros frutos que celebramos. AGRADECIMIENTOS La vida está llena de metas y retos, que por lo general van de la mano con grandes sacrificios, por eso hoy podemos decir que gracias a Dios y nuestras familias esta meta se ha cumplido y seguramente vendrá muchas metas que harán parte de nuestro gran triunfo personal como familiar.
    [Show full text]
  • King Mob Echo: from Gordon Riots to Situationists & Sex Pistols
    KING MOB ECHO FROM 1780 GORDON RIOTS TO SITUATIONISTS SEX PISTOLS AND BEYOND BY TOM VAGUE INCOMPLETE WORKS OF KING MOB WITH ILLUSTRATIONS IN TWO VOLUMES DARK STAR LONDON ·- - � --- Printed by Polestar AUP Aberdeen Limited, Rareness Rd., Altens Industrial Estate, Aberdeen AB12 3LE § 11JJJDJJDILIEJMIIENf1r 1f(Q) KIINCGr JMI(Q)IB3 JECCIHI(Q) ENGLISH SECTION OF THE SITUATIONIST INTERNATIONAL IF([J)IF ffiIE V ([J) IL lUilII ([J) W §IFIEIEIIJ) IHIII§il([J) ffiY ADDITIONAL RESEARCH BY DEREK HARRIS AND MALCOLM HOPKINS Illustrations: 'The Riots in Moorfields' (cover), 'The London Riots', 'at Langdale's' by 'Phiz' Hablot K. Browne, Horwood's 1792-9 'Plan of London', 'The Great Rock'n'Roll Swindle', 'Oliver Twist Manifesto' by Malcolm McLaren. Vagrants and historical shout outs: Sandra Belgrave, Stewart Home, Mark Jackson, Mark Saunders, Joe D. Stevens at NDTC, Boz & Phiz, J. Paul de Castro, Blue Bredren, Cockney Visionaries, Dempsey, Boss Goodman, Lord George Gordon, Chris Gray, Jonathon Green, Jefferson Hack, Christopher Hibbert, Hoppy, Ian Gilmour, Ish, Dzifa & Simone at The Grape, Barry Jennings, Joe Jones, Shaun Kerr, Layla, Lucas, Malcolm McLaren, John Mead, Simon Morrissey, Don Nicholson-Smith, Michel Prigent (pre-publicity), Charlie Radcliffe, Jamie Reid, George Robertson & Melinda Mash, Dragan Rad, George Rude, Naveen Saleh, Jon Savage, Valerie Solanas, Carolyn Starren & co at Kensington Library, Mark Stewart, Toko, Alex Trocchi, Fred & Judy Vermorel, Warren, Dr. Watson, Viv Westwood, Jack Wilkes, Dave & Stuart Wise Soundtrack: 'It's a London Thing' Scott Garcia, 'Going Mobile' The Who, 'Living for the City' Stevie Wonder, 'Boston Tea Party' Alex Harvey, 'Catholic Day' Adam and the Ants, 'Do the Strand' Roxy Music', 'Rev.
    [Show full text]
  • The President's Identity Theft Task Force
    The President’s Identity Theft Task Force Combating IDENTITY THEFT A Strategic Plan April 2007 COMBATING IDENTITY THEFT A Strategic Plan Table of Contents Glossary of Acronyms .................................................................v Identity Theft Task Force Members ............................................... vii Letter to the President .............................................................. viii I. Executive Summary .............................................................. 1 A. Introduction .................................................................................. 1 B. The Strategy .................................................................................. 2 II. The Contours of the Identity Theft Problem ............................. 10 A. Prevalence and Costs of Identity Theft ......................................... 11 B. Identity Thieves: Who They Are .................................................. 12 C. How Identity Theft Happens: The Tools of the Trade ................... 13 D. What Identity Thieves Do With the Information They Steal: The Different Forms of Identity Theft ........................ 18 III. A Strategy to Combat Identity Theft ....................................... 22 A. Prevention: Keeping Consumer Data out of the Hands of Criminals ..................................................................... 22 1. Decreasing the Unnecessary Use of Social Security Numbers ........................................................ 23 2. Data Security in the Public Sector .........................................
    [Show full text]
  • The Economics of Online Crime
    Journal of Economic Perspectives—Volume 23, Number 3—Summer 2009—Pages 3–20 The Economics of Online Crime Tyler Moore, Richard Clayton, and Ross Anderson he economics of information security has recently become a thriving and fast-moving discipline. This field was kick-started in 2001 by the observa- T tion that poorly aligned incentives explain the failure of security systems at least as often as technical factors (Anderson, 2001). As distributed computing systems are assembled from machines controlled by principals with divergent interests, microeconomic analysis and game-theoretic analysis become just as im- portant for dependability as protocol analysis or cryptanalysis. The economic approach not only provides a more effective way of analyzing straightforward information-security problems such as privacy, spam, and phishing, but also gives insights to scholars of system dependability, conflict, and crime. An annual Work- shop on the Economics of Information Security (WEIS) was established in 2002. The field now involves over 100 active researchers; the subject has drawn together security engineers, economists, and even lawyers and psychologists. For a survey of security economics in general, see Anderson and Moore (2006). This paper will focus on the subject of online crime, which has taken off as a serious industry since about 2004. Until then, much of the online nuisance came from amateur hackers who defaced websites and wrote malicious software in pursuit of bragging rights. In the old days, electronic fraud was largely a cottage y Tyler Moore is a Postdoctoral Fellow, Center for Research on Computation and Society (CRCS), Harvard University, Cambridge, Massachusetts. Richard Clayton is an Industrial Research Fellow and Ross Anderson is Professor of Security Engineering, both at the Computer Laboratory, University of Cambridge, Cambridge, England.
    [Show full text]