What is it and what does it do?

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Lecture 1: Overview modified from slides of Lawrie Brown.
Security Issues and Challenges in Cloud Computing
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Norman SecureSurf Protect your users when surfing the Internet.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Information Systems Security Computer System Life Cycle Security.
Packet Vaccine: Blackbox Exploit Detection and Signature Generation Authors: XiaoFeng Wang Zhuowei Li Jong Youl Choi School of Informatics, Indiana University.
BUSINESS B1 Information Security.
W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation Christian Gruber.
Lecture 14 Page 1 CS 236 Online Worms Programs that seek to move from system to system –Making use of various vulnerabilities Other performs other malicious.
C HAPTER 5 General Computer Topics. 5.1 Computer Crimes Computer crime refers to any crime that involves a computer and a network. Net crime refers to.
C8- Securing Information Systems
COPYRIGHTS: In law, the exclusive right to produce copies and to control an original literary, musical, or artistic work, granted by law for a specified.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.
Unclassified  1 Critical Infrastructure Protection Chuck Whitley EMS User’s Group June 9, 1999.
Topic 5: Basic Security.
What is Spam? d min.
COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
AQA A2 COMP 3: Internet Security. Lesson Aim By the end of the lesson: By the end of the lesson: Describe different security issues and recommend tools/techniques.
Understand Malware LESSON Security Fundamentals.
Lecture 14 Page 1 CS 236 Online Worms Programs that seek to move from system to system –Making use of various vulnerabilities Other performs other malicious.
Role Of Network IDS in Network Perimeter Defense.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.
By Alex Mayak.  What is spyware?  History of spyware.  What effect does spyware have on your computer?  What spreads spyware?
CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.
Exploitation Development and Implementation PRESENTER: BRADLEY GREEN.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Prepared for: Dr. Mokhairi Mokhtar Prepared by: Ana Syafiqah Binti Zahari Hazira Hamiza
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Securing Information Systems
Botnets A collection of compromised machines
Web Application Penetration Testing ‘17
IT Security  .
Instructor Materials Chapter 7 Network Security
Secure Software Confidentiality Integrity Data Security Authentication
Security Fundamentals
Worms Programs that seek to move from system to system
Cell Site Simulators (“CSSs”)
Facial Recognition What is it and how does it work? 1. LEAs collect photo mugshots of arrestees and ask other government agencies (like the DMV or the.
computer virus infection & symptoms
Botnets A collection of compromised machines
Security in Networking
Dangerous Types Of Malware. What is Malware Malware is a term used to denote the different types of intrusive software that are installed with the intent.
Stealing Credentials.
Intercept X for Server Early Access Program Sophos Tester
Malware, Phishing and Network Policies
Home Internet Vulnerabilities
Computer Security.
Lecture 3: Secure Network Architecture
Intrusion Detection system
Chapter # 3 COMPUTER AND INTERNET CRIME
WJEC GCSE Computer Science
Test 3 review FTP & Cybersecurity
Cloud and Database Security
Security Trends and Threats Affecting Innovations in Technology
Presentation transcript:

What is it and what does it do? Government Malware What is it and what does it do? Malware is an abbreviation for “malicious software” specifically designed to gain access to or damage a computer without the owner’s consent.

Government Malware How is it delivered? Software is defined as malware based on the intent of the creator rather than on any specific features of the software or code. A common vector for malware delivery is “spear phishing” – a highly targeted message, which attempts to trick a specific individual into revealing sensitive information or installing malware. For an example, see the AP lawsuit over CIPAV – the government’s “Computer and IP Address Verifier” malware (eff.org/GMCIPAV)

Government Malware What is a “NIT”? “NIT” stands for “Network Investigative Technique”, a term used exclusively by the U.S. government to refer to the methods or tools it uses to access computers of individuals that have taken steps to obscure or mask certain identifying info, like an IP address.  “NIT” is a term coined by the FBI. It has no technical meaning. The FBI chose an acronym meant to minimize the appearance of intrusiveness of its tools.

Government Malware How does it work? Malware is usually composed of at least two critical parts: the Exploit and the Payload.

Government Malware How does it work? Exploit - a piece of software, a chunk of data, or a sequence of commands that takes advantage of a vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or some other electronic device. Such behavior frequently includes things like gaining control of a device, stealing private information, or a denial-of-service attack.

Government Malware How does it work? Payload - the part of the malware that performs actions chosen by the author or operator – usually to spy on a specific target – producing effects on or through the affected systems.

The Playpen Case Example Government Malware The Playpen Case Example FBI used malware that was surreptitiously disseminated through a Tor hidden service.

How Tor works:

How Tor works:

How Tor works:

The Playpen Case Example Government Malware The Playpen Case Example The govt malware was designed to pierce the anonymity provided by the Tor network by exploiting a vulnerability in the Firefox web browser (running as part of the Tor Browser) to place computer code on users’ computers that would transmit private information back to a law enforcement server outside of the Tor network.

The Playpen Case Example Government Malware The Playpen Case Example In the Playpen cases, the FBI indicated that the payload of the software that ran on users’ computers was designed and used to gather identifying information from those computers and transmit it back to the FBI unencrypted and unauthenticated via the Internet.

How do I challenge govt malware? Government Malware How do I challenge govt malware? Some MTS arguments deployed by defense in the Playpen cases: Single warrant violated Rule 41 Warrant failed particularity requirement of 4th Amendment Move to compel the entire malware source code in order to evaluate for program flaws that could exculpate your client

Government Malware Cases Helpful cases granting MTS, pre-FRE 41 change: SD IA: US v. Croghan (209 F.Sup.3d 1080 (Sept 19, 2016)) D. CO: US v. Workman (209 F.Supp.3d 1256 (Sept 6, 2016)) ND OK: US v. Arterbury, (No. 15-cr-182, No. 42 (Apr 25, 2016)) https://eff.org/GMArterbury D. Minn: US v. Carlson (2017 WL 1535995 (Mar 23, 2017)) D. Mass: US v. Levin (186 F. Supp.3d 26 (May 5, 2016)) SD TX: In re Warrant to Search a Target Computer at Premises Unknown (958 F.Supp.2d 753 (Apr 22, 2013))

Government Malware Cases Cases finding Rule 41 violation, but upholding warrant: ED MI: US v. Kahler (2017 WL 5886707 (Feb 14, 2017)) ED PA: US v. Werdene (188 F.Supp.3d 431 (May 18, 2016))

Government Malware Cases Harmful cases denying MTS: D. SC: US v. Knowles (207 F.Supp.3d 585 (Sept 14, 2016)) ED VA: US v. Matish (193 F.Supp.3d 585 (June 23, 2016)) ED WI: US v. Epich (2016 WL 953269 (Mar 16, 2016)) WD WA: US v. Michaud (2016 WL 337263 (Jan 28, 2016))

Government Malware How do I learn more? Review our joint report on how to challenge govt malware: eff.org/GMChallenge For more on Playpen: eff.org/GMPlaypen eff.org/GMPlaypenFAQ For why courts should disclose the exploit: https://eff.org/GMDiscloseExploit

Stephanie Lacambra Criminal Defense Staff Attorney 415-436-9333 x130 stephanie@eff.org

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.