DOCSLIB.ORG

Crime and the Internet

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Crime and the Internet Crime and the Internet Is the Internet really powerful enough to enable a sixteen-year-old boy to become the biggest threat to world peace since Adolf Hitler? Are we all now susceptible to cybercriminals who can steal from us without ever having to leave the comfort of their own armchairs? These are fears which have been articulated since the popular development of the Internet, yet criminologists have been slow to respond to them. Consequently, questions about what cyber- crimes are, what their impacts will be and how we respond to them remain largely unanswered. Organised into three sections, this book engages with the various crimino- logical debates that are emerging over cybercrime. The first section looks at the general problem of crime and the internet; it then describes what is currently understood by the term ‘cybercrime’, before identifying some of the challenges that are presented for criminology. The second section explores the different types of cybercrime and their attendant problems. The final section contem- plates some of the challenges that cybercrimes give rise to for the criminal justice system. David Wall is Director of the Centre for Criminal Justice Studies, Department of Law, University of Leeds Crime and the Internet Edited by David S. Wall London and New York First published 2001 by Routledge 11 New Fetter Lane, London EC4P 4EE Simultaneously published in the USA and Canada by Routledge 29 West 35th Street, New York, NY 10001 Routledge is an imprint of the Taylor & Francis Group This edition published in the Taylor & Francis e-Library, 2004. © 2001 selection and editorial matter David S. Wall, individual chapters the contributors All rights reserved. No part of this book may be reprinted or reproduced or utilised in any form or by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying and recording, or in any information storage or retrieval system, without permission in writing from the publishers. British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging-in-Publication Data Crime and the internet/edited by David S. Wall. p. cm Includes bibliographical references and index 1. Computer crimes. 2. Internet. I. Wall, David, 1956 – HV6773 .C75 2001 ISBN 0-203-164504 Master e-book ISBN ISBN 0-203-258630 (Adobe eReader Format) ISBN 0–415–24428–5 (hbk) ISBN 0–415–24429–3 (pbk) Contents Notes on contributors vii Preface xi 1 Cybercrimes and the Internet 1 DAVID WALL 2 Crime futures and foresight: challenging criminal behaviour in the information age 18 KEN PEASE 3Telecommunication fraud in the digital age: the convergence of technologies 29 PETER GRABOSKY AND RUSSELL SMITH 4 “Between the risk and the reality falls the shadow”: evidence and urban legends in computer fraud 44 MICHAEL LEVI 5 Hacktivism: in search of lost ethics? 59 PAUL TAYLOR 6 Last of the rainmacs? Thinking about pornography in cyberspace 74 BELA BONITA CHATTERJEE 7 Criminalizing online speech to “protect” the young: what are the benefits and costs? 100 MARJORIE HEINS vi Contents 8 Controlling illegal and harmful content on the Internet 113 YAMAN AKDENIZ 9 Cyberstalking: tackling harassment on the Internet 141 LOUISE ELLISON 10 The language of cybercrime 152 MATTHEW WILLIAMS 11 Maintaining order and law on the Internet 167 DAVID WALL 12 Policing “hi-tech” crime within the global context: the role of transnational policy networks 184 PAUL NORMAN 13The criminal courts online 195 CLIVE WALKER Index 215 Contributors Yaman Akdeniz is a Lecturer in Cyberlaw at the University of Leeds where he teaches and writes about Internet related legal and policy issues. Yaman is also the founder and director of Cyber-Rights & Cyber-Liberties (UK), a non-profit civil liberties organization (http://www.cyber-rights.org/ yamancv.htm) (Checked 29 June, 2001). He has given written and oral evidence on a number of occasions to governmental bodies which include committees of the European Union and the United Nations. His publica- tions include Sex on the Net? The Dilemma of Policing Cyberspace (South Street Press, 1999) and The Internet, Law and Society (ed. with C. Walker and D. Wall, Longman, 2000). Bela Chatterjee is a Lecturer in Law at the University of Lancaster. She completed her undergraduate degree at the University of Leicester before taking a Master's degree in Child Law and Policy at Brunel University. She subsequently conducted research into cyberpornography, cyberidentity and law for her doctoral thesis. Louise Ellison is a Lecturer in Law at the University of Manchester and previously taught at the University of Reading. Her Ph.D., awarded in 1997 by the University of Leeds, was a comparative study of rape trials in England and Wales and the Netherlands. Her primary research and teaching interests are criminal law and evidence. Louise recently co-edited Feminist Perspectives on Evidence (with M. Childs, Cavendish, 2000) and is currently completing a monograph entitled The Adversarial Process and the Vulnerable Witness (Oxford University Press, forthcoming). Peter Grabosky is a Professor in the Research School of Social Sciences at the Australian National University. He was formerly the Deputy Director of the Australian Institute of Criminology. In addition to his broad port- folio of criminological publications, Peter has published a number of books and articles that are specifically related to crime and new technologies. These publications include Crime in the Digital Age: Controlling Telecommunications and Cyberspace Illegality (with R. Smith, Federation Press, 1998) and Electronic Theft: Crimes of Acquisition in the Digital Age viii Contributors (with R. Smith and G. Dempsey, Cambridge University Press, 2001). In July 1998, Peter was elected President of the Australian and New Zealand Society of Criminology. In 1999 he was elected to the Board of Directors and became Deputy Secretary General of the International Society of Criminology. Marjorie Heins is the Director of the Free Expression Policy Project at the National Coalition Against Censorship in New York City and was formerly director of the American Civil Liberties Union’s Arts Censorship Project, where she was counsel in a number of major Supreme Court cases, including Reno v. ACLU. She is the author of Not in Front of the Children: 'Indecency', Censorship, and the Innocence of Youth (Hill & Wang, 2001), Sex, Sin, and Blasphemy: A Guide to America's Censorship Wars (New Press, 1993), and Three Questions About Television Ratings, in The V-Chip Debate (Lawrence Erlbaum, 1998). In 1998-2000, Marjorie was a fellow of the Open Society Institute, which supported much of the research for Not in Front of the Children. Michael Levi is Professor of Criminology at Cardiff University. His major research contributions to criminology have been in the fields of white-collar crime and corruption, organized crime, money-laundering and violent crime, and his books include The Phantom Capitalists (Gower, 1981 originally Heinemann) and Regulating Fraud (Routledge, 1987). His new book, White-Collar Crime and its Victims (with A. Pithouse Oxford University Press, 2001), explores both the impact of fraud on individual and institutional victims and also their responses to it. Paul Norman is the Director of International Programmes at the Institute of Criminal Justice Studies, University of Portsmouth. Paul is an interdisciplinary political scientist researching regional cooperation, international organizations and international police policy-making. His current research focuses upon regional cooperation in the southern African region. Paul leads for the Institute on an EU-funded collaborative degree programme which forms part of a major police reform programme in Mauritius. Paul's recent publications include 'European Union Police Policy-Making and Co-operation', in Carr, F. & Massey, A. (eds) Public Policy in the New Europe (Edward Elgar, 1999) and 'The Terrorist Finance Unit and the Joint Action Group on Organised Crime' (Howard Journal of Criminal Justice, 1998, Vol. 27, No. 4). Ken Pease is a visiting Professor in the Jill Dando Institute at University College London. He was formerly the head of the Applied Criminology Group and Professor of Criminology in the School of Human and Health Sciences at the University of Huddersfield. He has worked on the issue of repeat victimisation for 12 years and on the British Crime Survey for 14 years. Ken's current work explores the anticipation of crime trends, and the results of all of his research have been published as Home Office Research Papers. Ken has acted as a consultant to the United Nations, the Council of Europe and the Customs Contributors ix Cooperation Council. He is the only academic to sit on the Home Office National Crime Prevention Agency. A former Parole Board member and committed supporter of the Victim Support organisation, Ken was awarded the OBE for services to crime prevention in June 1997. Russell Smith is the Deputy Director of Research at the Australian Institute of Criminology. Prior to becoming a Lecturer in Criminology at the University of Melbourne in 1990, Russell practised as a solicitor in Melbourne – he is a Barrister and Solicitor of the Supreme Court of Victoria and a Solicitor of the Supreme Court of England and Wales. Russell has written widely on various aspects of computer crime, fraud control, and professional regulation. His books include the following: Medical Discipline (Clarendon Press,
Load more

Recommended publications
  • Investigating Web Defacement Campaigns at Large
    Session 11: Malware and Web ASIACCS’18, June 4–8, 2018, Incheon, Republic of Korea Investigating Web Defacement Campaigns at Large Federico Maggi, Marco Balduzzi, Ryan Flores, Lion Gu, Vincenzo Ciancaglini Forward-Looking Threat Research Team - Trend Micro, Inc. ABSTRACT the attack, team affiliation of the defacer(s), or nicknames ofthe Website defacement is the practice of altering the web pages of a supporting actors. Over the years, defacers have abandoned their website after its compromise. The altered pages, called deface pages, interested in defacing for the mere purpose of advertising the com- can negatively affect the reputation and business of the victim site. promise, pursuing defacement more as a mean to broadcast strong Previous research has focused primarily on detection, rather than messages “to the World”—by compromising popular websites. exploring the defacement phenomenon in depth. While investigat- Despite several actors are still driven by the desire of promot- ing several defacements, we observed that the artifacts left by the ing their own reputation, an increasing number of defacers strive defacers allow an expert analyst to investigate the actors’ modus instead to promote their ideologies, religious orientation, political operandi and social structure, and expand from the single deface views, or other forms of activism, often closely following real-world page to a group of related defacements (i.e., a campaign). However, events (e.g., war, elections, crisis, terrorist attacks). We refer to this manually performing such analysis on millions of incidents is te- phenomenon as dark propaganda, to highlight that legitimate re- dious, and poses scalability challenges. From these observations, we sources are abused for pushing the actors’ viewpoints.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Introduction
    Introduction Toward a Radical Criminology of Hackers In the expansive Rio Hotel and Casino in Las Vegas, I stood in line for around an hour and a half to pay for my badge for admittance into DEF CON 21, one of the largest hacker conventions in the world. The wad of cash in my hand felt heavier than it should have as I approached the badge vendor. DEF CON is an extravagant affair and attendees pay for it (though, from my own readings, the conference administrators work to keep the costs reduced). The line slowly trickled down the ramp into the hotel con- vention area where the badge booths were arranged. As I laid eyes on the convention, my jaw dropped. It was packed. Attendees were already mov- ing hurriedly throughout the place, engaged in energetic conversations. Black t- shirts— a kind of hacker uniform— were everywhere. Las Vegas- and gambling- themed décor lined the walls and floors. Already, I could see a line forming at the DEF CON merchandise booth. Miles, a hacker I had gotten to know throughout my research, mentioned that if I wanted some of the “swag” or “loot” (the conference merchandise), I should go ahead and get in line, a potential three- to four-hour wait. Seemingly, everyone wanted to purchase merchandise to provide some evidence they were in attendance. Wait too long and the loot runs out. After winding through the serpentine line of conference attendees wait- ing for admittance, I approached the badge vendors and (dearly) departed with almost $200. Stepping into the convention area, I felt that loss in the pit of my stomach.
    [Show full text]
  • The Hacker Voice Telecomms Digest #2.00 LULU
    P3 … Connections. P5 … You Got Mail… Voicemail. P7 … Unexpected Hack? P8 … Rough Guide To No. Stations pt2. P12 … One Way/One Time Pads. P16 … Communications. Your Letters, Answered… Perhaps! P17 … The Hacker Voice Projects. P19 … Automating Network Enumeration. P22 … An Introduction to Backdoors. The Hackers Voice Digest Team P27 … Interesting Numbers. Editors: Demonix & Blue_Chimp. Staff Writers: Belial, Blue_Chimp, Naxxtor, Demonix, P28 … Phreaking Bloody Adverts! Hyper, & 10Nix. Pssst! Over Here… You want one of these?! Contributors: Skrye, Vesalius, Remz, Tsun, Alan, Desert Rose & Zinya. P29 … Intro to VoIP for Practical Phreaking Layout: Demonix. Cover Graphics : Belial & Demonix. P31 … Google Chips. Printing: Printed copies of this magazine (inc. back issues) are available from P32 … Debain Ubuntu A-Z of Administration. www.lulu.com. Thanks : To everyone who has input into this issue, especially the people who have P36 … DIY Tools. submitted an article and gave feedback on the first Issue. P38 … Beginners Guide to Pen Testing. Back Page: UV’s World War Poster Productions. P42 … The Old Gibson Phone System. What is The Hackers Voice? The Hackers Voice is a community designed to bring back hacking P43 … Introduction to R.F.I. and phreaking to the UK . Hacking is the exploration of Computer Science, Electronics, or anything that has been modified to P55 … Unexpected Hack – The Return! perform a function that it wasn't originally designed to perform. Hacking IS NOT EVIL, despite what the mainstream media says. We do not break into people / corporations' computer systems and P56 … Click, Print, 0wn! networks with the intent to steal information, software or intellectual property.
    [Show full text]
  • Index Images Download 2006 News Crack Serial Warez Full 12 Contact
    index images download 2006 news crack serial warez full 12 contact about search spacer privacy 11 logo blog new 10 cgi-bin faq rss home img default 2005 products sitemap archives 1 09 links 01 08 06 2 07 login articles support 05 keygen article 04 03 help events archive 02 register en forum software downloads 3 security 13 category 4 content 14 main 15 press media templates services icons resources info profile 16 2004 18 docs contactus files features html 20 21 5 22 page 6 misc 19 partners 24 terms 2007 23 17 i 27 top 26 9 legal 30 banners xml 29 28 7 tools projects 25 0 user feed themes linux forums jobs business 8 video email books banner reviews view graphics research feedback pdf print ads modules 2003 company blank pub games copyright common site comments people aboutus product sports logos buttons english story image uploads 31 subscribe blogs atom gallery newsletter stats careers music pages publications technology calendar stories photos papers community data history arrow submit www s web library wiki header education go internet b in advertise spam a nav mail users Images members topics disclaimer store clear feeds c awards 2002 Default general pics dir signup solutions map News public doc de weblog index2 shop contacts fr homepage travel button pixel list viewtopic documents overview tips adclick contact_us movies wp-content catalog us p staff hardware wireless global screenshots apps online version directory mobile other advertising tech welcome admin t policy faqs link 2001 training releases space member static join health
    [Show full text]
  • The Web Attacker Perspective – a Field Study
    20102010 IEEE 21st 21st International International Symposium Symposium on onSoftware Software Reliability Reliability Engineering Engineering The Web Attacker Perspective – A Field Study José Fonseca Marco Vieira, Henrique Madeira CISUC, University of Coimbra / CISUC, University of Coimbra Polytechnic Institute of Guarda, Portugal Coimbra, Portugal [email protected] [email protected], [email protected] Abstract—Web applications are a fundamental pillar of today’s corporations in recent years reflects the increasing concern globalized world. Society depends and relies on them for top managers now have about web security. However, there business and daily life. However, web applications are under are some significant factors that still make securing web constant attack by hackers that exploit their vulnerabilities to applications a task hard to fulfill. Some examples are the fast access valuable assets and disrupt business. Many studies and growing market, their high exposure to attacks and the reports on web application security problems analyze the general lack of knowledge or experience in the area of victim’s perspective by detailing the vulnerabilities publicly security from those who develop and manage these disclosed. In this paper we present a field study on the applications. attacker’s perspective by looking at over 300 real exploits used In spite of all security-related efforts, web applications by hackers to attack web applications. Results show that SQL are typically deployed with security vulnerabilities that make injection and Remote File Inclusion are the two most frequently used exploits and that hackers prefer easier rather them vulnerable to attacks. This suggests that web than complicated attack techniques.
    [Show full text]
  • Zero-Day Malware Project Assignment
    Zero-day Malware Project Assignment Trondheim, December 17, 2008 Norwegian University of Science and Technology Faculty of Information Technology, Mathematics and Electrical Engineering Department of Telematics Finn Michael Halvorsen, Rune Walsø Nerg˚ardand H˚avard Vegge NORWEGIAN UNIVERSITY OF SCIENCE AND TECHNOLOGY FACULTY OF INFORMATION TECHNOLOGY, MATHEMATICS AND ELECTRICAL ENGINEERING PROJECT ASSIGNMENT Students: Finn Michael Halvorsen, Rune Walsø Nerg˚ard and H˚avard Vegge Course: TTM4530 Title: Zero-day Malware Description: The current trend in malware is increased stealth for the purpose of creating large, undetected botnets. Coupled with the closing gap between time of vulnerability detection to time of available exploit, this leads to an increasing lag time for anti-malware vendors. The task is two-fold: 1. Design a laboratory testbed consisting of updated Microsoft Windows PCs, with updated anti-malware software installed, and then expose these systems to known suspicious sites, file-sharing systems, etc. 2. At a given time afterwards perform an offline malware search of the system with updated anti-malware tools to determine whether the system was infected with zero-day malware. Deadline: December 17, 2008 Submission date: December 17, 2008 Carried out at: Department of Telematics Supervisor: Martin Gilje Jaatun, SINTEF ICT Co-Supervisor: Jostein Jensen, SINTEF ICT Trondheim, December 11, 2008 Danilo Gligoroski Professor Abstract There has been an enormous increase in malware variants during the last year. This has made it even more difficult for the anti-malware vendors to maintain protection against the vast amount of threats. Various obfuscation techniques, such as polymorphism, con- tribute to this trend. The ongoing battle between malware creators and anti-virus vendors causes an increasing signature lag, which leads to vulnerable end-systems for home users as well as in corporate environments.
    [Show full text]
  • Cyber Warfare an Analysis of the Means and Motivations of Selected Nation States
    CYBER WARFARE AN ANALYSIS OF THE MEANS AND MOTIVATIONS OF SELECTED NATION STATES INSTITUTE FOR SECURITY TECHNOLOGY STUDIES AT DARTMOUTH COLLEGE November 2004 Charles Billo Revised December 2004 Welton Chang 45 Lyme Road Hanover, NH 03755 603-646-0700 INSTITUTE FOR SECURITY TECHNOLOGY STUDIES ___________________________________________________________ Authors of this report: Charles G. Billo Senior Research Associate, ISTS Welton Chang Research Intern, ISTS ACKNOWLEDGEMENTS We are grateful for the numerous comments received from our anonymous reviewers as well as ISTS reviewers. In particular, the substantive suggestions received from Professor David Kotz, Eric Goetz, and Colleen Hurd, were especially helpful. We would like to thank Sarah Brooks and Jocelyn Troy for their help. We would also like to thank George Bakos, Kathleen Cassedy, Amy Gannon, Robert Hillery, Dennis McGrath, and the Technical Analysis Group at ISTS. DISCLAIMERS All Internet links and citations contained within were active at the time of publication. We cannot guarantee that the links will remain active indefinitely, although an effort was made to ensure that each citation contained enough information for the cited source to be located in print or other forms of media. Information available prior to November 1, 2004 was used in this report. Copyright © 2004, Trustees of Dartmouth College. All rights reserved. This project was supported under Award No. 2000-DT-CX-K001 from the Office for Domestic Preparedness, U.S. Department of Homeland Security. Points of view in this document are those of the authors and do not necessarily represent the official position of the U.S.Department of Homeland Security. 2 INSTITUTE FOR SECURITY TECHNOLOGY STUDIES ___________________________________________________________ FOREWORD This study, written in response to a grant provided by the Department of Homeland Security, assesses potential foreign computer threats to information technology networks in the United States.
    [Show full text]
  • Committee: General Assembly 3 (Disarmament and Global Security
    Committee: General Assembly 3 (Disarmament and Global Security) Issue: Establishing International Methods of Combatting Cyber Warfare Student Officer: Alia ElKattan (President of General Assembly 3) I. Introduction Cyber warfare is using computers and electronic means to attack other networks and computers worldwide. Hackers are generally trained in software programming and knowing the details of computer networks, to form the attacks. The difficulty in combating cyber-attacks lies in the difficulty to identify the source of attacks, making it difficult to trace down the attackers. Hackers often are working under governments or organizations, attacking other governments for the aim of disruption or destroying their networks. It is one of the strongest current weapons, and is influenced by political aims and conflicts. Generally, cyber warfare can be used for both spying and destroying other networks. The most unique aspect of cyber warfare is that cyber space is the only warfare domain that is entirely man-made (unlike land, sea, air, and space). II. Key Vocabulary Stuxnet Trojan: [noun] Said to be one of the most sophisticated cyber weapon yet, developed by the US and Israel, and is used to demolish Iran's nuclear system. Cyber: [prefix] Electronic and internet technology. Infrastructure: [noun] Organizations and facilities needed for the operation of a society. Electronic Pearl Harbor: [noun] Pearl Harbor is the part that led the US to enter World War II. The term electronic Pearl Harbor is not used in this literal meaning, but to symbolize attacks or how cyber warfare can lead to wars or great losses to society. Malware: [noun] A software that intents to harm and disturb computers and networks.
    [Show full text]
  • Hack Attacks Revealed
    Hack Attacks Revealed A Complete Reference with Custom Security Hacking Toolkit John Chirillo This netLibrary eBook does not include the ancillary media that was packaged with the original printed version of the book. Publisher: Robert Ipsen Editor: Carol A. Long Assistant Editor: Adaobi Obi Managing Editor: Micheline Frederick New Media Editor: Brian Snapp Text Design & Composition: Thomark Design Designations used by companies to distinguish their products are often claimed as trademarks. In all instances where John Wiley & Sons, Inc., is aware of a claim, the product names appear in initial capital or ALL CAPITAL LETTERS. Readers, however, should contact the appropriate companies for more complete information regarding trademarks and registration. Copyright © 2001 by John Chirillo. All rights reserved. Published by John Wiley & Sons, Inc. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per- copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750- 8400, fax (978) 750-4744. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 605 Third Avenue, New York, NY 10158-0012, (212) 850-6011, fax (212) 850-6008, E-Mail: PERMREQ @ WILEY.COM. This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold with the understanding that the publisher is not engaged in professional services.
    [Show full text]
  • Anti-War and the Cyber Triangle Strategic Implications of Cyber Operations and Cyber Security for the State
    Anti-War and the Cyber Triangle Strategic Implications of Cyber Operations and Cyber Security for the State Sven Herpig ACKNOWLEDGEMENT I would like to thank my loving wife – source of inspiration, firmest believer and harshest critic. For without her, this research would have never progressed beyond the first few paragraphs. I am deeply grateful for having an amazing family. Their tireless encouragement and support allowed me to pursue my dreams. During the years of research, I was not able to spend as much time with them as I would have wanted, and only a tiny fraction of what they would have deserved. I would also like to acknowledge Doctor David Lonsdale, brilliant academic and amazing supervisor, without whom this work would have remained a body without soul. Last but not least, I want to give a shout-out to all the infosec people, cyber libertarians, strategists, hackers, academics and practitioners who helped me with their immense knowledge and vast networks over the last couple of years. Sven Herpig, January 2016 ____________________________ PhD Thesis, University of Hull Research: May 2011–March 2015 Approval: August 2015 Editing: January 2016 1 TABLE OF CONTENTS LIST OF ABBREVIATIONS .....................................................................................7 LIST OF FIGURES ................................................................................................... 10 LIST OF TABLES ..................................................................................................... 11 INTRODUCTION ....................................................................................................
    [Show full text]
  • 1. Introduction a Small Number of ‘Mass Market’ Software Infrastructures Now Support a Broad Range of Critical Systems
    Anti‐Social Networking: Crowdsourcing and the CyberDefence of National Critical Infrastructures Chris W. Johnson, School of Computing Science, University of Glasgow, Glasgow, Scotland, G12 8RZ. [email protected], http://www.dcs.gla.ac.uk/~johnson Abstract The last decade has seen a growing number of cyber‐attacks, for instance on Estonia, Belarus, Lithuania, Georgia, Pakistan and India. It has been difficult to determine whether or not these incidents were state‐sponsored. This paper identifies three different roles that social networking and social media have played in this ‘attribution problem’. Firstly, social networks have motivated individuals to participate in mass Denial of Service (DoS) attacks. They have disseminated information and provided access to resources, including botnets that were originally developed by cyber‐criminal groups. Secondly, we show how information about an individual’s social networks has supported targeted attacks, such as spear phishing, on opposition groups. Malware is, typically, disguised in a document that was intercepted from a colleague or friend. The recipient is more likely to open an attachment or link if it has been sent from a trusted source. Thirdly, we show how the development of Cloud infrastructures to support social networking applications has created disposable architectures for the Command and Control servers that coordinate malware attacks. The ubiquitous and distributed nature of these architectures makes it increasingly difficult to determine who owns and operates these systems. The closing sections of the paper identify a roadmap for the defensive measures that might be used to minimise the future threats from the ‘dark side’ of social networking1. Keywords: Cyber‐defence, National Critical Infrastructures, Software Security.
    [Show full text]