Discussion 1 Flashcards
involves illegal activities conducted through digital devices or the internet. These acts can target individuals, organizations, or entire networks, and may include hacking, identity theff, fraud, or distributing harmful content. Unlike traditional crimes, cybercrimes often transcend physical borders, making them complex to investigate.
Cybercrime
Offenses where technology is the primary tool (e.g., online scams, phishing).
Digital-Facilitated Crimes:
Crimes aimed at compromising systems or data (e.g., malware, ransomware).
Targeted Cyber attacks:
Devices holding evidence of unrelated crimes (e.g., messages planning a robbery).
Incidental Use:
Republic Act No. 10175
(Cybercrime Prevention Act of 2012),
emerged in the 1990s as internet use expanded globally. In response, the G8 nations formed a task force (later known as the Lyon Group) to address growing online criminal activities. This group highlighted how falling technology costs enabled new forms of transnational crime.
“cybercrime”
Examples: Hacking, Denial-of-Service (DoS) attacks, data breaches.
Goal: Disrupt or steal from a specific system.
- Target-Based Attacks
• Examples: Identity theft, cyberstalking, financial fraud.
Goal: Use technology to enable traditional crimes.
- Tool-Based Crimes
• Examples: Call logs proving a suspect’s location, browser history revealing motives.
Goal: Devices act as passive evidence repositories.
- Incidental Evidence
Perpetrators can operate from any location, complicating jurisdiction.
Borderless Nature:
Requires specialized skills to trace digital footprints.
Technical Complexity:
Data can be easily altered or deleted if mishandled.
Evidence Fragility:
notes that organized groups increasingly exploit these factors, making cybercrime a global security threat.
The United Nations Office on Drugs and Crime (UNODC)
Secure devices to prevent data tarnpering.
- Preserve Evidence:
Extract clues from emails, logs, or financial records.
- Analyze Data:
Link digital evidence to suspects (e.g., IP addresses, transaction trails).
- Build Connections:
is a virtual environment where individuals communicate, transact, and interact using interconnected digital devices. It is not a physical place but a network of computers, servers, and other devices linked through the internet. It is an indefinite, non-physical space where people interact and conduct transactions. It is the network of interconnected computers, routers, and switches that form the backbone of digital infrastructure. It is viewed as an interactional environment created by linking computers into a communication network.
Cyberspace
is intangible and cannot be physically entered or exited like a traditional space.
cyberspace
was first coined in 1984 by science fiction writer William Gibson. However, the concept predates this, as traditional electronic communications (e.g., telephones) also operated across time and space. The exponential growth of internet users has expanded cyberspace, providing cybercriminals with opportunities to commit crimes remotely and evade detection.
“cyberspace”
Perpetrators can hide their identities, making it harder for law enforcement to track them.
Anonymity:
Digital data can be easily altered, deleted, or lost, complicating investigations.
Ephemeral Evidence:
refers to information stored, sent, or received by digital devices that can be used in legal cases. According to RA 10175 (Cybercrime Prevention Act of 2012), digital evidence includes data from computers, phones, and other electronic devices.
Digital evidence
is the scientific process of collecting, preserving, analyzing, and presenting digital evidence. It plays a crucial role in cybercrime investigations.
Digital Forensics: Uncovering the Truth
Digital forensics
The use of scientific methods to preserve, collect, validate, and analyze digital evidence for legal purposes.
Digital Forensics
A branch of forensic science focused on investigating digital media to uncover evidence for court cases.
Digital Forensics
The science of locating, extracting, and analyzing data from devices to serve as legal evidence.
Digital Forensics
- Using proven techniques to ensure accuracy.
- Scientific Methods
Safeguarding evidence to prevent tampering.
- Collection and Preservation -
- Ensuring the integrity of the data.
- Validation
Extracting meaningful insights from the evidence.
- Analysis and Interpretation:
Preparing evidence for legal proceedings.
- Documentation and Presentation:
Focuses on retrieving data from computers and storage devices.
Computer Forensics:
- Investigates how attackers access networks and what actions they take.
Examines log files, URLs accessed, and changes made to systems.
- Network Forensics
- Retrieves accidentally deleted or lost files, differing from forensics, which seeks hidden or deleted evidence for legal purposes.
- Data Recovery
- Investigators must analyze multiple devices (e.g., smartphones, tablets, cameras).
Complexity
- Requires specialized knowledge to handle diverse technologies..
Technical Skills
-Large amounts of data must be sifted through to find relevant evidence.
Volume of Data
Investigators must continuously update their skills to keep pace with new devices and software.
Evolving Technology:
uncovering hidden data and piecing together evidence to reconstruct events.
They:
Identify and interview “digital witnesses” (e.g., registry keys, log files).
Analyze data to corroborate findings and tell the story of what happened.
Differentiate between inculpatory (incriminating) and exculpatory (clearing) evidence.
Digital investigators act as “digital archaeologists,”
has evolved alongside technological advancements, often intertwined with organized crime and white-collar offenses. While pinpointing its exact origin is challenging, understanding its development helps us grasp its complexity and impact.
Cybercrime
is a modern challenge that has evolved alongside technology. Unlike traditional crimes, cyber offenses often exploit digital tools for financial gain, power, or personal satisfaction. Cybercriminals can be motivated by a variety of factors, including greed, thrill-seeking, revenge, and the desire to access restricted information.
Cybercrime
- Gaining unauthorized access to computer systems.
.
Hacking
-Stealing personal information for fraud.
Identity Theft
- Deceptive practices to obtain money or sensitive data.
Online Fraud
-Bullying or threatening individuals through digital platforms.
Cyber Harassment
- Stealing corporate or governmental secrets.
Espionage
vary in skill level, motivation, and the complexity of their attacks. They are generally classified into different groups based on their capabilities and objectives:
Cybercriminals
These are inexperienced individuals who use pre-written hacking programs to attack systems. They lack deep technical knowledge but can still cause damage by exploiting known vulnerabilities.
- Script Kiddies -
-A term sometimes used by law enforcement to describe individuals engaged in disruptive online activities. This group includes vandals who create viruses and malware for mischief rather than financial gain.
- Cyberpunks
identify security flaws in systems, often out of curiosity or for ethical reasons (e.g., white-hat hackers).
• Hackers
use their technical skills for illegal activities, such as stealing data or damaging systems.
Crackers
- These are structured groups that operate with financial, political, or ideological goals. Their attacks range from financial fraud to large-scale data breaches.
- Cybercriminal Organizations
These individuals or groups use hacking techniques to promote a political or social agenda. They often target government institutions, corporations, or influential figures to expose perceived injustices
- Hacktivists-
Just as law enforcement interviews witnesses at a crime scene, digital investigators analyze digital artifacts to uncover the truth.
Analogy:
-Disgruntled employees or individuals seek to harm an organization or person due to personal grievances.
Revenge
- An insider may not initially intend to commit a crime but exploits a discovered vulnerability for personal gain.
Opportunity
-The desire for financial gain drives many cybercriminals to commit fraud, data theft, or extortion.
Greed
-Some attackers engage in cybercrime for the excitement and challenge of bypassing security measures.
Thrill-Seeking
- Cybercriminals may use their skills to manipulate or dominate others, similar to traditional bullying but in a digital environment.
Power and Control
Cybercriminals, especially hacktivists and terrorist groups, use cyberattacks to spread propaganda, recruit members, disrupt government operations, or even cause fear through attacks on critical infrastructure.
Terrorism -
states engage in cyberwarfare, espionage, and sabotage to gain strategic advantages over rival countries. This includes hacking government systems, influencing elections, and stealing sensitive data.
Geopolitics-Nation-
- Ethical hackers who help organizations improve cybersecurity.
White-Hat Hackers
- Criminal hackers who engage in illegal activities, such as data breaches and financial fraud.
Black-Hat Hackers
- Individuals who operate between ethical and unethical hacking, sometimes exposing vulnerabilities without permission.
Gray-Hat Hackers
