The past several decades brought many new challenges to law enforcement, particularly due to the emergence of new technology. One such issue is cyber crime, which has been a challenge for law enforcement in both establishing laws against the activity, as well as providing tools for law enforcement officers to combat cyber crime. This article will review some difficulties for law enforcement officers at the state and local level in litigating cyber crimes affecting businesses and private citizens.
By: Danielle Citron, Lois K. Macht Research Professor of Law, University of Maryland
California’s Attorney General Kamala Harris has created a first-of-its-kind online resource designed to assist law enforcement in understanding and investigating crimes related to the cyber exploitation of a person’s nude images in violation of privacy and without consent (also known as nonconsensual pornography). Before discussing the resources created by AG Harris’s Task Force, let me first briefly explain the destruction caused by nonconsensual pornography,
Below is the content provided in the newsletter published by CIS:
From the Desk of Desk of Thomas F. Duffy, Chair
Every day malicious cyber actors compromise websites and post lists of usernames, email addresses, and passwords online.
It used to be that hijacking was something only done in person, but as we discuss in this blog post, online hijacking—where someone or some service takes over an individual’s online account—is now a growing occurrence. Not all forms of online hijacking are “criminal”; for example, browser hijacking— when your Internet search function is diverted to websites you never intended to visit or when advertisements are misleading and redirect you from the main website—may be a nuisance,
Much of the data individuals provide is assumed to be protected because it is anonymized—stripped of any information that identifies who those individuals are. Such anonymized data is everywhere. But how safe is the underlying assumption that individuals can’t be reidentified through such data? Unfortunately, as we discuss in this blog post, there is repeated evidence that this underlying assumption is not holding up—something that raises real concerns that people can be victimized through information they release that can be traced back to them and that makes this an emerging law enforcement issue.
What are bots, and why should lawyers be concerned about them? For this blog topic of discussion, bots are considered “a device or piece of software that can execute commands, reply to messages, or perform routine tasks, as online searches, either automatically or with minimal human intervention.” For law enforcement, such bots are an emerging threat because they are being programmed to carry out online tasks that sometimes can cross the line into illegal activities.
Cyber crime is a global threat to the economic and physical security of all nations. It is the leading crime problem facing the world today and law enforcement organizations must be prepared to recognize and investigate these crimes. The International Association of Chief of Police (IACP) in collaboration with Bureau of Justice Assistance, at the U.S. Department of Justice’s Office of Justice Programs, RAND Corporation, the Police Executive Research Forum (PERF), and other partners, developed the Law Enforcement Cyber Center.
Cryptolocker is financially-motivated ransomware that encrypts a user’s computer files and demands payment in either an anonymous currency (Bitcoin), or Moneypak payment cards. Propagation & Exploit is typically via spam email purporting to come from shipping companies or regarding business processes, dropped by other malware, thumb drives, and Yahoo! Messenger. Upon infection, Cryptolocker contacts the command and control (C2) server for a public RSA-2048 encryption key, which is downloaded and used to encrypt typical enterprise files types,
CryptoWall is a digital ransomware that encrypts files on the infected machine and any connected file shares or drives. CryptoWall is distributed through phishing emails, malicious advertisements, compromised web sites, and as fake updates for applications such as Adobe Reader, Adobe Flash, and Java. In June 2014, this malware spread through the RIG exploit kit. Malicious actors use compromised websites to host the RIG exploit kit, which then exploits vulnerabilities in Java, Silverlight, and Flash to deliver the CryptoWall payload to the victim.
TDoS attacks overload the telephone network, preventing legitimate telephone calls from being placed or received. Attacks against SLTT emergency lines, primarily at public safety answering points (PSAP) such as 9-1-1 centers, but also including utility department emergency numbers and other emergency numbers, remain a continuing threat. There is a relatively low risk of TDOSes occurring, however an attack against a PSAP could endanger emergency responders and citizens if the TDOS prevents them from contacting the PSAP.