BINARY 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101

0111 1000 1001 1010 1011 1100 1101 1110 1111

CREDIT CARD ENCRYPTION – LUHN CHECK – double every other number after the check digit, add numbers up, divisible by 10 = valid. Not divisible by 10 = not valid.
CEASAR CYPHER ABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789 – to decipher do the opposite of the cipher (to decode do opposite of the key code given). Trudy Jones = 0-9.
e.g. Caesar cipher: first 3 to the right by 2, then 2 to the left by 3. To decode, do the opposite: first 3 to the left by 2, then 2 to the right by 3.
COMPUTER ENCRYPTION – symmetric – one key, works on bit level. Use ASCII table ! hex ! binary. Either can rotate bits or apply XOR. Rotate bits left or right. XOR is a logic operator
that returns a 1 if and only if exactly one of the two values operated on is a 1.
ADDING HEX – 0 1 2 3 4 5 6 7 8 9 A B C D E F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F

QUIZES
Wetware – humans operating computers
Worm – Self-contained program that may spread functional copies of itself to other computers
Boot sequence – tells the computer in which order to access drives
Ransomware are successful when the victim lacks knowledge of system security, succeeds when level of data destruction caused by sabotage cant be recovered using commercially
available software, there is a secure method of payment, and the compromised data must have worth for the victim.
Skimming – steal credit card info by installing devices on card readers located at ATMs, gas pumps, restaurants, stores etc.
Erotomaniacs – stalkers who are delusional and believe that their victim is in love with them or has had a previous relationship with them
According to the OJJDP and NCMEC most possessors of child porn are white males older than 25. Motivations include pedophilia/hebephilia, miscreants, curiosity seeker, +
opportunists.
The classical era is when a system anomaly occurs accidentally or bc of pranks. The floppy era of computer viruses is characterized by infection of DOS machines spread by removable
media. The macro era was when macro viruses emerged. The internet era (now) began with intro of a group of publicized infections.
E-fencing – sale of stolen good through technological means
Data diddling – deliberate manipulation of an existing program to redirect or reroute data representing monies or economic exchanges (e.g. salami technique – redirect slices of
accounts)
Internet casinos, INC launched the first online casino in 1995 with 18 games
Zombie – computer that has been compromised by some form of malware, enabling the criminal to remotely control that computer
Tsfati and Weimann defined terrorism as an attempt to communicate messages through the use of orchestrated violence
Johns friend is a career criminal claiming johns ID, this is reverse criminal record ID theft.
Bag operation – person enters hotel room to download info from suspect’s laptop computer
Disadvantage of using SpyBuddy to steal passwords – it is attached to local machine
The Visa Waiver Pilot Program caused the most recent surge in immigration benefit fraud.
Criminal gangs serve as the basis of formation of organized crime groups.
Skimming – illegal duplication of credit cards achieved by running the card through a reader that captures info stored in the magnetic strip on the back
He created a fictitious profile on social networking so to facilitate an extramarital affair - this is virtual identity theft/fraud.
Capturing the investigative process on videotape and other such documentation is especially important in cases where violations of the Electronic Communication Privacy Act are
alleged.
Volatile memory – area of a computer that holds data during processing and is erased when the power is shut down
ByteBack and Safeback are the most popular and stand-alone imaging utilities employed for forensic investigators.
Physical and logical are the two types of data extraction.
Probable cause that needs to be articulated to magistrate in order to secure a warrant: probable cause that crime is committed, evidence exists and extant evidence resides in location.
Traditional problems in computer investigations: inadequate resources, lack on communication and co-operation among agencies and evidence corruption.
File viewer software: conversion plus, compuPic, and thumbs plus.
Social engineering – investigators try to develop a profile of the suspect/suspects computer and manually attempt password cracking
Computer forensics involves the collection, preservation and analysis of computer related evidence.
Write blocking is a mechanism that prevents the destruction, contamination, or corruption of original media and that can be accomplished with many of the popular imaging programs,
disk management software, or simple DOS commands.
Packet sniffing and data mining have proved to be favorite targets of organizations like EPIC and the ACLU.
Legislatures struggling with issues of state sovereignty must ensure that the federal government takes the role of mediator, not dictator.

TEXTBOOK
1) Computer crime - a general term that has been used to denote any criminal act which has been facilitated by computer use. Such generalization has included both Internet and
non-Internet activity. Examples include theft of components, counterfeiting, digital piracy or copyright infringement, hacking, and child pornography. Computer-related crime - a
broad term used to encompass those criminal activities in which a computer was peripherally involved. Examples include traditional book- making and theft. Digital crime - a term
used to refer to any criminal activity which involves the unauthorized access, dissemination, manipulation, destruction, or corruption of electronically stored data. Cybercrime - a
specific term used to refer to any criminal activity, which has been committed through or facilitated by the Internet. Digital forensics - the methodological, scientific, and legally sound
process of examining computer media and networks for the identification, extraction, authentication, examination, interpretation, preservation, and analysis of evidence. Problems
with associated computer crime: physicality and jurisdictional concerns, perceived insignificance, stereotypes and incompetence, prosecutorial reluctance, lack of reporting, lack of
resources and jurisprudential inconsistency. Three categories of computer crimes: computer as target, as an instrument and as an incidental. Phreaking - activity in which
telecommunications systems are manipulated and ultimately compromised. Limited purpose or closed system cards may be used only for a finite number of purposes, and are issued
by a particular merchant, telecommunications provider, or transit company. Multipurpose or open system cards, on the other hand, may be used for a wide range of purposes, may
cross geographic boundaries, and may be used by any user. Electronic purses - cards whose value is stored electronically on the device via an integrated circuit chip. Internet
payment services may rely on the bank or the Internet.

2) Back door - a hole in security deliberately left within a program or software, which enables nonauthorized access. Banner grabbing - practice of gathering information like
operating system, version, and patch level from target systems by obtaining logon banners. Banner grabbers use service ports like File Transfer Protocol (FTP), Simple Mail Transfer
Protocol (SMTP), and Hyper Text Transfer Protocol (HTTP)—ports 21, 25, and 80 respectively—to exploit vulnerable systems. Bit bucket - final destination of discarded, lost, or
destroyed data. Black hat hacker - evil crackers. Brute force - method of cracking passwords by manually entering all possible key combinations. Buffer overflow - an anomaly where
a program exceeds the boundary of a buffer resulting in data leakage into adjacent memory. Buffer overflows represent a significant security concern and are the basis of many
software vulnerabilities. Clickjacking - a system vulnerability in which compromised systems allow attackers to collect an infected user’s clicks. Cracker - a term coined by hackers,
which usually refers to those individuals violating secure systems for illicit purposes rather than fun. (Hackers claim to be motivated purely by intellectual pursuits, while “crackers”
exploit systems for economic reasons or other forms of personal gain. Crackers are often referred to as “cyberpunks.”) DDoS attack - Distributed Denial of Service attack. DDoS
attacks involve the use of multiple compromised systems to inundate a single system with useless traffic. When successful, DDoS attacks effectively shut down the targeted site. Logic
bomb - a piece of code intentionally inserted into software that performs a malicious function when programmed conditions are met. Phreaking - art and science of cracking the
phone network (i.e., making illegal phone calls). Red hat hacker - tongue-in-cheek reference to a flavor of the Linux operating systems. Sneaker - individual hired by a company to test
its security systems by attempting to violate them. Spoofing - the impersonation of a host on a network by exploitation of a host’s IP or MAC address. Spaghetti or kangaroo code -
complex or tangled code. Time bomb - subspecies of logic bomb that is triggered by reaching some predetermined time or is set to go off in the event that a programmer is fired and
not available to suppress action. Trojan horse - malicious, security-breaking program designed to appear benign. Like the historical Trojan horse, these programs effectively hide
something quite dangerous. Vulcan nerve pinch - keyboard combination that forces a soft-boot or jump to ROM monitor. In many microcomputers, the combination is Ctrl-Alt-Del,
sometimes called the “three-finger salute.” Wedged - often mistakenly synonymized with crashes - refers to the inability of a computer to make progress. Unlike a crash, a computer,
which is wedged, is not totally nonfunctional. White hat hackers - “good” hackers. Hacking – project undertaken to fulfill some constructive goal, but with some wild pleasure taken in
mere involvement.
Boot system, operating system (software that runs user applications and provides an interface to the hardware) and application software (prepackaged instructions that allow users
to perform a variety of functions). Malware – code that causes damage to computer system. Data mining – analysis of large data sets designed to uncover patterns and relationships.
The three C’s of hacking – curiosity, control and conscious intent.
Routers – special-purpose computers that handle the connection between two or more networks. Hubs – central-switching devices for communication lines in a star topology.
Packets – units of data exchanged between host computers. Packet sniffer – program designed to capture data from transitory packets across a network. Cookies – small pieces of info
that an HTTP server sends to the individual browser upon initial connection. Domains – tells browser which host names that cookies should be returned to. P2P networking –
personal computers are connected to one another allowing participants to serve as a client/server. Cloud computing – system in which set of services enable the delivery of
computing as a service vs. a product. Intranets – small local networks connecting computers, which are within one organization and controlled by a common system administrator.
Internets connect to several networks. Probe – unusual/unauthorized attempt to gain access to or discover information about a system.
5 general categories of cybercriminals: script kiddies (lowest form, inexperienced), cyber punks (wreaking havoc on the internet, no gain), hackers/crackers (sophisticated, capable
of programming, coding and breaching), cybercriminal organizations (use internet to communicate) and hacktivits (use of computers for a political agenda).

4) Implications of computer crime are financial losses, personal security, industrial espionage, international security and public safety. Six categories of online crime: interference
with lawful use of computers, theft of info and copyright infringement, dissemination of contraband or offensive material, threatening communications, fraud and ancillary crimes.
Keyloggers - a software program or hardware device, which records all keystrokes of a compromised computer. Bundlers - malware, which is hidden inside what, appears to be
legitimate software or download. Rootkits - a compilation of tools, which are employed by hackers on a compromised machine. Allow criminals to maintain access, prevent detection,
build in hidden back doors, and collect information from the compromised system. Spyware - software, which covertly collects information from a compromised system. It is often
bundled with legitimate software and can transmit the information collected to a designated site or user. Scripts - short programs or lists of command, which can be copied, remotely
inserted, and used to attack a local computer or network. Phishing - an e-mail or document that attempts to persuade the recipient to divulge specific information, like passwords,
account numbers, etc. Viruses - programs or pieces of malicious code that are intended to infect or compromise random systems or machines. Spamming – abuse of electronic msging
systems to randomly or indiscriminately send unsolicited bulk msgs. Shoulder surfing – watching someone input his or her password to steal it. Cyberterrorism – deliberate,
politically or religiously motivated attack against data compilations, computer programs and info systems to disrupt service and the infrastructure of a target. Obsessional stalkers –
re-establish relationship with unwilling partner and are most dangerous. Love-obsession stalker – low self-esteem and target victim they hold in high regard. Vengeance or terrorist
stalker – motivated by gain or revenge. Cyberharassment – actual harm suffered (i.e. character) due to activity of stalker. Fraud – intentional deception, misrepresentation or
falsehood made with intention of compensation/gratification. Counterfeiting/forgery – act of creating a fraudulent document with criminal intent. Money laundering – the cleaning of
money, deliberate transactions to conceal the source of income.

5) ID THEFT- use of stolen personal information. ID FRAUD - use of a vast array of illegal activities based on fraudulent use of identifying information of a real or fictitious person. 5
types of ID theft/fraud – assumption of ID (individual assumes the ID of his or her victim), theft for employment and/or boarder entry (fraudulent use of stolen information to
obtain employment or to gain entry to the US), criminal record ID theft/fraud (someone arrested for crime uses another’s ID so record is in their name), virtual ID theft/fraud
(use of ID towards the development of a fraudulent virtual personality), credit or financial theft (use of stolen personal/financial info to facilitate the creation of fraudulent
accounts). Reverse criminal record identity theft - uses a victim’s identity not to engage in any criminal activity but to seek gainful employment. Physical methods of ID theft: mail
theft, dumpster diving, theft of computers, bag operations – entry into hotel room to steal info from laptop, child ID theft, insiders (company employees), fake companies,
card skimming – the reading and recording of personal info encoded on the magnetic strip of an ATM. Virtual methods: phishing (spoofing – use company trademarks, pharming –
redirects the connection between IP address, redirectors – redirect users’ network traffic to undesired sites, 419 fraud), spyware/crimeware, keyloggers/password stealers,
trojans.

6) Terrorism motivation: individual, nationalistic, religious, political, environmental, and state-sponsored. Cyberterrorism - premeditated, methodological, and ideologically
motivated dissemination of info, at communication, or attack against digital info, computer systems/computer programs, which requires advanced planning and is intended to result
in social, financial, physical, or psychological harm to noncombatant targets and audiences. Three types of cyberterrorist attack – physical (transmission lines), electromagnetic
(energy is employed as weapon) and computer network attacks (involve malware, intrusion etc.). Organized crime – structure/hierarchy, violence, recognizability, longevity,
recruitment, innovative, entrepreneurial and opportunistic, exclusive members, strict rules, ritualistic, profitability, infiltration of legitimate business, corruption of political officials,
monopolistic, and criminal activity.

10) Problems in Computer investigations: inadequate resources, lack of communication, over-reliance on automated programs, lack of reporting, evidence corruption. Three rules:
work from a copy, document, and maintain chain of custody. Static memory – on hard drive where data/programs are stored. Volatile memory – holds data but is erased when
computer is shut down. Data tools required for preservation, recovery, and analysis, reporting and networking. Overt files – things not hidden. Encrypted files – convert msg to
indecipherable cope (hide with cipher text). Steganography – securing info by manipulating the data (hide from view). Planning Prep: At minimum plans should follow the five-
paragraph military order SMEAC: Situation, Mission, Execution, Avenues of approach and escape, and Communication.

FUTURE OF COMPUTER CRIME ! establish technology neutral legislation (uniformity of law), establish accountability for internet
users (confidentiality for those who seek it for legitimate purposes but that denies blanket anonymity), increase public awareness and
research capabilities, increase interagency and intradepartmental cooperation (for alliances), develop relationships between
investigative agencies (law enforcement agencies remain overworked, understaffed, poorly funded but tech corporations are the
opposite), develop international cooperation, standardization of accreditation or expertise (solve the inconsistency of judicial
authorities), law enforcement must establish a visible presence on the web.
WEB ATTACKS KNOCK BBS WEBSITES OFFLINE – error msg when visiting site, due to DDoS attack (swamping website with more traffic than it can handle. They traced the fault to a
database that sits behind catch-up TV service. AVGs WEB TUNEUP PUT MILLIONS OF CHROME USERS AT RISK - software is meant to ward off malware (free), but it put personal
data, Internet history, at risk. It was “force installing” a plug in. Could let hackers spy on email etc. MICROSOFT TO WARN OF NATION-STATE HACKS – warns people if it suspects
government is hacking their online accounts. ONE MILLION CYBERSECURITY JOB OPENINGS IN 2016 – market will grow to $170 billion by 2020. Demand will rise. Top IT jobs
include: lead software security engineer, chief security officer, global info security director, chief info security officer and director of security. THE BOGUS BOSS EMAIL SCAM COSTING
FIRMS MILLIONS – Etna Industrie had thousands of $$ moved out of company accounts. Victim of specialized email phishing attack aka CEO fraud (high in france). Accountant moved
money by instructions of attacker through email. CONFIRMATION OF A COORDINATED ATTACK ON THE UKRANIAN POWER GRID – malware, DoS attacks lead to power outage for
customers. Malware likely enabled attack but was not the cause. AN EASY WAY FOR HACKERS TO REMOTELY BURN INDUSTRIAL MOTORS – hacks causing physical destruction are
rare. Hack focuses on variable-frequency drives to control motors. They both read and write and don’t require authentication to re-set the speed. Critical speed (readable by anyone) –
motor vibrates and causes damage. FDA OUTLINES CYBERSECURITY RECOMMENDATIONS FOR MEDICAL DEVICE MANUFACTURERS – watch cyber security to keep public health
safe, safety of medical devices. Identify, protect, detect, respond and recover, create policy and address risk early. ReCRED PROJECT TAKES DEVICE-CENTRIC ACCESS CONTROL
INTO THE FUTURE – Real-world identities a=to privacy-preserving and attribute-based CREDentials, research project that improves user end Internet security using mobile as
authentication and authorization proxy. It addresses security and privacy issues. APPLE AT CENTER STAGE – US govnt must step up national security effords. IPhones are encrypted to
protect users, but gives criminals a safe haven for communication. National security vs. encryption. NEW BILL TARGETS STRONG ENCRYPTION – New York bill to eliminate strong
smartphone encryption = more exposure to hacks. Hope to contain terrorist threats and criminal activity. HYATT HACKERS HIT PAYMENT PROCESSING SYSTEMS, SCOOPED CARDS
USED AT 250 LOCATIONS – company’s payment processing systems were infected with malware. Malware was to get private information from cards. CANADIAN CENTER FOR
CHILD PROTECTION MANITOBA – CCCP supports the intimate images protection act. Non-consensual distribution of images. ROGERS NOT CONCERNED ABOUT COURT GUIDELINE
REQUIRING IT TO PRODUCE CELLPHONE DATA FOR POLICE - argues the laws ability to snoop customers data for the police. WORST PASSWORDS LIST – it highlights insecure
passwords “123456” “password” (top two). Commonly sports and pop culture themes. Three tips: use 12 characters of more (mixed types), avoid using the same passwords, and avoid
password managers. LARGEST KNOWN PRIME NUMBER DISCOVERED IN MISSOURI – new one is > 22 mill digits long than the previous. Important in computer encryption, online
banking, shopping, and PM are secure. HOW WE FOUGHT BAD ADS IN 2015 – some ads carry malware, cover up content or promote fake goods. Google counteracted counterfeiters,
pharmaceuticals, weight loss scams, phishing, unwanted software and trick to click. They’re working on accidental mobile clicks and want to put us in control (ad settings). IF YOUR
WEBSITE OFFERS LIVE CHAT, BE PREPARED FOR HACKERS – hackers attempt to social engineer live chat operators to gain access. FAKE ISIS ENCRYPTION SHOULD BE IGNORED,
SNOWDEN SAYS – ISIS propaganda includes encrypted msgs being sent and decrypted by the right person. HALF-MEASURES ON ENCRYPTION SINCE SNOWDEN – no attention to
privacy and data security at major web companies bc data wasn’t encrypted as it flowed. Caused movement among companies to encrypt users data. So far, results are mixed. SPAM
TEXT PROGRAMMER SPARED JAIL – text said people won gift cards for electric retail and claimed by visiting a website. Attempt to gather personal info. CBC ADOPTS SECUREDROP
TO ALLOW FOR ANONYMOUS LEAKS – encrypted technology allows users to anonymously share files and messages online without being tracked. Protects data of people who want to
leak a story to the news. UK AND US HACKED INTO ISRAELI DRONES AND PLANES – gathered intelligence in an operation dating from late 1990s. IS LAW ENFORCEMENT GOING
DARK BECAUSE OF ENCRYPTION – they believe they don’t need to worry about unbreakable encryption (prevents easy surveillance of digital communications). They say that the
technology isn’t universally marketable/many other spying options. Not all companies incorporate encryption. RUSSIAN HACKERS MOVED RUBLE RATE WITH MALWARE, GROUP-
IB SAYS – more than 15% in mins. They used Corkow Trojan virus to place $500 mill in orders. Prompted bank investigation of potential market manipulation. Hacked ATMs to steal
money without balance going down on account. HACKER PLANS TO DUMP ALLEGED DETAILS OF 20,000 FBI, 9,000 DHS EMPLOYEES – private info of FBI and DHS employees.
Hacker also claims to have downloaded 100s of GB of data. IRS STATEMENT ON E-FILING PIN – ID’d and stopped attack on PIN application. Identity thieves used malware in attempt
to generate E-file PINs for stolen SSN. HARVARD STUDY SAYS APPLES TIM COOK WAS RIGHT: ENCRYPTION BANS, BACKDOORS WOULDN’T WORK - FBI cant ban companies
from selling encrypted products. Hackers will encrypt anyway, privacy is a right for us. THE MALWARE MUSEUM – Collection of malware programs (viruses) that were distributed in
1980s and 1990s on home computers. Once infected, they show animation or msgs of infection. HACKERS ARE HOLDING AN LA HOSPITALS COMPUTERS HOSTAGE – Ransomware
attacks where hacker lock your computer or keyboard until you pay. ANROID MAZAR MALWARE THAN CAN WIPE PHONES SPREAD VIA SMS – can wipe handsets, make calls or
read texts. Text with a link to multimedia msg, then link downloads malware. Cant be installed on phones in Russian language. HANGING OUT WITH THE SCRIPT KIDDIES – made
friends with hackers on online web discussion forums. Get to know the culture of teens in cyber crime aka “script kiddies” (as young as 12). SEX ATTACK REPORT SYSTEM FOR
STUDENTS LAUNCHED – online platform for college students of sexual assault. attempt to increase the rate of reported sexual assaults. TOO DANGEROUS TO CREATE: APPLE
OPPOSES COURT ORDER TO UNLOCK IPHONE – judge ruled to remove IPhone encryption feature, following Syed farook case. This threatens security of customers. Possibility of
backdoor software into the IPhone. HACKERS DID INDEED CAUSE UKRAINIAN POWER OUTAGE – hack cut power to 255,000 people. Black energy is the malware package used and
Killdisk wiped data. CYBER BULLYING CREATING DIFFICULT QUESTIONS FOR LEGAL SYSTEM – how to tackle cyber bullying without breaching peoples freedom. Need to narrow
definition of cyber bullying (problem with cyber safety act). EX-HACKERS ON LIST OF BILLIONAIRES – Bill Gates was a reformed hacker at age 15 and now works for Microsoft. Mark
Zuckerberg (Facebook) hacked email of Harvard reporters. Steve Jobs (apple) was a telephone hacker. ARE ARTIFICIALLY INTELLIGENT HACKERS THE NEW THING – teams
compete to find vulnerabilities in the computer so that they are fixed before manipulated hackers. PENTAGON LAUNCHES THE FEDS FIRST BUG BOUNTY FOR HACKERS –
companies like Google + Facebook pay cash to hackers who disclose vulnerabilities in their code (bounty hunting hackers). Now they are being paid to hack the pentagon (feds). Must
work with hacker community to avoid shut down of system. THE CYBER KIDNAPPERS – ransom ware is on the rise. Computer virus locks u out of computer/phone and demands
money for return. ONLINE BREAK IN FORCES BANK TO TIGHTEN SECURITY – criminal divert mobile accounts (SIM swap fraud) to steal money. AFTER AN EASY BREACH,
HACKERS LEAVE TIPS WHEN RUNNING A SECURITY COMPANY – DDoS attack released private info. Sarcastic tips. GOV AGAIN LAYS INTO APPLE – FBI accessing phone against
apples objections. Court order to make apple oblige. HOW CBCS REAL NAME COMMENTING POLICY COULD WORK – requires full name for any comments on online articles to deter
violations. IDs can be faked. TESLACRYPT 4 RANSOMWARE UNBREAKABLE ENCRYPTION IS DANGEROUS FOR VICTIMS – encryption used as a weapon on victim. Threatens to
share victims’ files online. Targets computer games to infect those computers. It encrypts the game. APPLE ENCRYPTION ENGINEERS, IF ORDERED TO UNLOCK IPHONE, MIGHT
RESIST – people rather quit that undermine security of software they created. Don’t want to make users less safe. POOR FIREWALL MAINTENANCE LEAVES USPS EXPOSED –
examining deficiencies in the firewalls protecting mail-processing systems. They wanted the system up and running instead of focusing on security. DOD SEEKS TO STRENGTHEN
CYBERSECURITY – hackers probe vulnerabilities of military networks. Defenders are always playing catch up. Following hackers they increased security. MOTOR VEHICLES
INCREASINGLY VULNERABLE TO REMOTE EXPLOITS – motor vehicles have technology to improve driving but have potential for cyber threats. Attacker may take control of vehicle.
BANK OF ENGLAND TO WORK WITH NEW CYBERSECURITY BODY – set standards for financial sector against cyber threat. National Cyber Security Centre (NCSC) is the new body –
bring UK cyber expertise together. CROOKS STEAL, SELL VERIZON ENTERPRISE CUSTOMER DATA – contains customer info. noted security vulnerability. CRACKED IPHONE:
SHOULD YOU BE WORRIED? – Accessed the data on criminals IPhone. FBI accessed phone without help from apple. How? Risk for all apple users?