On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, and other cross-border attacks sometimes referred to as cyber warfare.
A fabrication is the “creation of some deception in order to deceive some unsuspecting user”; an interception is the “process of intruding into some transmission and redirecting it for some unauthorized use”; an interruption is the “break in a communication channel, which inhibits the transmission of data”; and a modification is “the alteration of the data contained in the transmissions.”[6] Attacks can be classified as either being active or passive.
Common forms of network attacks include Denial of Service (Dos) and Distributed Denial of Service(DDoS), Man-in-the-middle attack, packet sniffing, TCP SYN Flood, ICMP Flood, IP spoofing, and even simple web defacement.
SPAM is one of the most common forms of network abuse, where an individual will email list of users usually with unsolicited advertisements or phishing attacks attempting to use social engineering to acquire sensitive information such any information useful in identity theft, usernames, passwords, and so on by posing as a trustworthy individual.
Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques.
[11] This method of deception is commonly used by individuals attempting to break into computer systems, by posing as an authoritative or trusted party and capturing access information from the naive target.
Virus definitions should be regularly updated in addition to applying operating system hotfixes, service packs, and patches to keep computers on a network secure.
[18] Another deterrent is to use a bootable bastion host that executes a web browser in a known clean and secure operating environment.
[19] Unlike other proposed methods, CT-SNAIR constantly interacts with the user, who uses the system both to investigate and to refine hypotheses.
[20] The weights within these graphs are determined by the content-extraction algorithm, in which each type of link is thought of as a separate graph and “is fed into social network algorithms in part or as a whole.”[20] Links between two individuals can be determined by the existence of (or lack of) the two people being mentioned within the same sentence in the compiled multimedia data or in relation to the same group or event.
[22] Intent Recognition breaks down into three subcategories: detection of “known or hypothetical target scenarios,” prioritization of these target scenarios, and interpretation “of the resulting detection.”[22] The optimal level of cyber-security depends largely on the incentives facing providers and the incentives facing perpetrators.
[24] The 2002 update on the Computer Fraud and Abuse Act expands the act to include the protection of “information from any protected computer if the conduct involved an interstate or foreign communication.”[8] The Digital Millennium Copyright Act passed in 1998 is a United States copyright law that criminalizes the production and dissemination of technology, devices, or services intended circumvent digital rights management (DRM), and circumvention of access control.
Criminals knowingly transferring or using, without lawful authority, “a means of identification of another person with the intent to commit, or to aid abet, any unlawful activity that constitutes a violation of federal law, or that constitutes a felony under any applicable State or local law.”[29] Penalties of the ITADA include up to 15 years in prison and a maximum fine of $250,000 and directly reflect the amount of damage caused by the criminal’s actions and their amount of planning and intent.
[8] The Gramm-Leach-Bliley Act (GLBA) requires that financial institutions and credit agencies increase the security of systems that contain their customers’ personal information.
These offenses include: [32] The CAN-SPAM Act of 2003 establishes the United States' first national standards for the sending of commercial e-mail and requires the Federal Trade Commission (FTC) to enforce its provisions.
§ 1362 defines a number of acts under which and individual can be charged with a telecommunications related crime including: [36] Behavioral countermeasures can also be an effective tool in combating cyber-crime.
Once registered, people can request law enforcement officers call a number staffed 24 hours, year round, to "verify they are telling the truth about their innocence.”[38] In Virginia and Ohio, victims of identity theft are issued a special passport to prove their innocence.
[38] Financial agencies such as banks and credit bureaus are starting to require verification of data that identity thieves cannot easily obtain.
The First Financial Credit Union has already implemented biometrics in the form of fingerprint authentication in their automated teller machines to combat identity theft.
With a similar purpose, Great Britain has announced plans to incorporate computer chips with biometric data into their passports.