Presentation is loading. Please wait.

Presentation is loading. Please wait.

What is it and what does it do?

Published byJoel Barker Modified over 6 years ago

Similar presentations

Presentation on theme: "What is it and what does it do?"— Presentation transcript:

1 What is it and what does it do?
Government Malware What is it and what does it do? Malware is an abbreviation for “malicious software” specifically designed to gain access to or damage a computer without the owner’s consent.

2 Government Malware How is it delivered?
Software is defined as malware based on the intent of the creator rather than on any specific features of the software or code. A common vector for malware delivery is “spear phishing” – a highly targeted message, which attempts to trick a specific individual into revealing sensitive information or installing malware. For an example, see the AP lawsuit over CIPAV – the government’s “Computer and IP Address Verifier” malware (eff.org/GMCIPAV)

3 Government Malware What is a “NIT”?
“NIT” stands for “Network Investigative Technique”, a term used exclusively by the U.S. government to refer to the methods or tools it uses to access computers of individuals that have taken steps to obscure or mask certain identifying info, like an IP address.  “NIT” is a term coined by the FBI. It has no technical meaning. The FBI chose an acronym meant to minimize the appearance of intrusiveness of its tools.

4 Government Malware How does it work?
Malware is usually composed of at least two critical parts: the Exploit and the Payload.

5 Government Malware How does it work?
Exploit - a piece of software, a chunk of data, or a sequence of commands that takes advantage of a vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or some other electronic device. Such behavior frequently includes things like gaining control of a device, stealing private information, or a denial-of-service attack.

6 Government Malware How does it work?
Payload - the part of the malware that performs actions chosen by the author or operator – usually to spy on a specific target – producing effects on or through the affected systems.

7 The Playpen Case Example
Government Malware The Playpen Case Example FBI used malware that was surreptitiously disseminated through a Tor hidden service.

8 How Tor works:

9 How Tor works:

10 How Tor works:

11 The Playpen Case Example
Government Malware The Playpen Case Example The govt malware was designed to pierce the anonymity provided by the Tor network by exploiting a vulnerability in the Firefox web browser (running as part of the Tor Browser) to place computer code on users’ computers that would transmit private information back to a law enforcement server outside of the Tor network.

12 The Playpen Case Example
Government Malware The Playpen Case Example In the Playpen cases, the FBI indicated that the payload of the software that ran on users’ computers was designed and used to gather identifying information from those computers and transmit it back to the FBI unencrypted and unauthenticated via the Internet.

13 How do I challenge govt malware?
Government Malware How do I challenge govt malware? Some MTS arguments deployed by defense in the Playpen cases: Single warrant violated Rule 41 Warrant failed particularity requirement of 4th Amendment Move to compel the entire malware source code in order to evaluate for program flaws that could exculpate your client

14 Government Malware Cases
Helpful cases granting MTS, pre-FRE 41 change: SD IA: US v. Croghan (209 F.Sup.3d 1080 (Sept 19, 2016)) D. CO: US v. Workman (209 F.Supp.3d 1256 (Sept 6, 2016)) ND OK: US v. Arterbury, (No. 15-cr-182, No. 42 (Apr 25, 2016)) D. Minn: US v. Carlson (2017 WL (Mar 23, 2017)) D. Mass: US v. Levin (186 F. Supp.3d 26 (May 5, 2016)) SD TX: In re Warrant to Search a Target Computer at Premises Unknown (958 F.Supp.2d 753 (Apr 22, 2013))

15 Government Malware Cases
Cases finding Rule 41 violation, but upholding warrant: ED MI: US v. Kahler (2017 WL (Feb 14, 2017)) ED PA: US v. Werdene (188 F.Supp.3d 431 (May 18, 2016))

16 Government Malware Cases Harmful cases denying MTS:
D. SC: US v. Knowles (207 F.Supp.3d 585 (Sept 14, 2016)) ED VA: US v. Matish (193 F.Supp.3d 585 (June 23, 2016)) ED WI: US v. Epich (2016 WL (Mar 16, 2016)) WD WA: US v. Michaud (2016 WL (Jan 28, 2016))

17 Government Malware How do I learn more?
Review our joint report on how to challenge govt malware: eff.org/GMChallenge For more on Playpen: eff.org/GMPlaypen eff.org/GMPlaypenFAQ For why courts should disclose the exploit:

18 Stephanie Lacambra Criminal Defense Staff Attorney x130

Download ppt "What is it and what does it do?"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
PART THREE E-commerce in Action Norton University E-commerce in Action.

PART THREE E-commerce in Action Norton University E-commerce in Action.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
Packet Vaccine: Blackbox Exploit Detection and Signature Generation Authors: XiaoFeng Wang Zhuowei Li Jong Youl Choi School of Informatics, Indiana University.

Packet Vaccine: Blackbox Exploit Detection and Signature Generation Authors: XiaoFeng Wang Zhuowei Li Jong Youl Choi School of Informatics, Indiana University.
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation 07.02.2008 Christian Gruber.

W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation Christian Gruber.
Lecture 14 Page 1 CS 236 Online Worms Programs that seek to move from system to system –Making use of various vulnerabilities Other performs other malicious.

Lecture 14 Page 1 CS 236 Online Worms Programs that seek to move from system to system –Making use of various vulnerabilities Other performs other malicious.
C HAPTER 5 General Computer Topics. 5.1 Computer Crimes Computer crime refers to any crime that involves a computer and a network. Net crime refers to.

C HAPTER 5 General Computer Topics. 5.1 Computer Crimes Computer crime refers to any crime that involves a computer and a network. Net crime refers to.
C8- Securing Information Systems

C8- Securing Information Systems
COPYRIGHTS: In law, the exclusive right to produce copies and to control an original literary, musical, or artistic work, granted by law for a specified.

COPYRIGHTS: In law, the exclusive right to produce copies and to control an original literary, musical, or artistic work, granted by law for a specified.

Similar presentations

Ads by Google