The lure : the true story of how the Department of Justice brought down two of the world's most dangerous cyber criminals
معرفی کتاب «The lure : the true story of how the Department of Justice brought down two of the world's most dangerous cyber criminals» نوشتهٔ Schroeder, Steve، منتشرشده توسط نشر Course Technology PTR در سال 2011. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
Beginning in the fall of 1999, a number of Internet-related businesses and financial institutions in the United States suffered computer intrusions or "hacks" that originated from Russia. The hackers gained control of the victims' computers, copied and stole private data that included credit card information, and threatened to publish or use the stolen credit cards or inflict damage on the compromised computers unless the victims paid money or gave the hackers a job. Some of the companies gave in and paid off the hackers. Some decided not to. The hackers responded by shutting down parts of their networks and using stolen credit card numbers to order thousands of dollars' worth of computer equipment. THE LURE is the true, riveting story of how these Russian hackers, who bragged that the laws in their country offered them no threat, and who mocked the inability of the FBI to catch them, were caught by an FBI lure designed to appeal to their egos and their greed. The story of the sting operation and subsequent trial is told for the first time here by the Department of Justice's attorney for the prosecution. This fascinating story reads like a crime thriller, but also offers a wealth of information that can be used by IT professionals, business managers, lawyers and academics who wish to learn how to protect systems from abuse, and who want to respond appropriately to network incidents. They also provide insight into the hacker's world and explain how their own words and actions were used against them in a court of law - the evidence provided is in the raw, uncensored words of the hackers themselves. This is a multi-layered true crime story, a real-life law and order story that explains how hackers and computer thieves operate, how the FBI takes them down, and how the Department of Justice prosecutes them in the courtroom. Beginning in the fall of 1999, a number of Internet-related businesses and financial institutions in the United States suffered computer intrusions or "hacks" that originated from Russia. The hackers gained control of the victims' computers, copied and stole private data that included credit card information, and threatened to publish or use the stolen credit cards or inflict damage on the compromised computers unless the victims paid money or gave the hackers a job. Some of the companies gave in and paid off the hackers. Some decided not to. The hackers responded by shutting down parts of their networks and using stolen credit card numbers to order thousands of dollars' worth of computer equipment. THE LURE is the true, riveting story of how these Russian hackers, who bragged that the laws in their country offered them no threat, and who mocked the inability of the FBI to catch them, were caught by an FBI lure designed to appeal to their egos and their greed. The story of the sting operation and subsequent trial is told for the first time here by the Department of Justice's attorney for the prosecution. This fascinating story reads like a crime thriller, but also offers a wealth of information that can be used by IT professionals, business managers, lawyers, and academics who wish to learn how to protect systems from abuse, and who want to respond appropriately to network incidents. It also provides insight into the hacker's world and explains how their own words and actions were used against them in a court of law; the evidence provided is in the raw, uncensored words of the hackers themselves. This is a multi-layered true crime story, a real-life law and order story that explains how hackers and computer thieves operate, how the FBI takes them down, and how the Department of Justice prosecutes them in the courtroom. Amazon Exclusive: Q&A with Author Steve Schroeder Amazon.com: Steve Schroeder, author of The Lure Why did you write The Lure? Steve Schroeder: I wrote The Lure primarily because it is a great story. Had the events not actually happened, they would make the basis for a good novel. I worked hard to keep the language accessible so that non-techies could enjoy it. In addition, when the case was prosecuted, it generated a lot of publicity--most of it positive--and my colleagues and I who worked on it began to get invitations to speak about the investigation and trial. We appeared at universities and security conferences throughout the nation, and two of us, Phil Attfield and I, were even invited to Taipei to make presentations. Each time that we did so, the attendees would pester us for materials to use in their own training programs. There is, it seems, a dearth of real-world computer crime materials available for training. The reason for the short supply of real logs and other forensic evidence is simple. Computer intrusion cases are complex, and most of them are settled by means of a guilty plea prior to trial, as was the case in the [Kevin] Mitnick prosecution. Under Federal privacy laws governing criminal investigative files, those files are protected from public disclosure unless they are admitted into evidence at a trial or other court proceeding. Consequently, the logs and other forensic evidence in the vast majority of cases are not available for use in training and classroom settings. This book is an effort, among other things, to make much information available. Amazon.com: Your career as a prosecutor began before cybercrime became well known. What was it like to make the move into dealing with this new kind of crime? Steve Schroeder: I believe that learning is a lifelong process that helps to keep one engaged. About two-thirds of the way through my career, I had an opportunity to redefine myself when the agencies with which I was working on two major fraud cases began using databases to organize the evidence. I had to learn how to manipulate the databases from the command prompt in order to keep up. So, when two young hackers broke into the Unix-based computer system at the Federal Courthouse in the early '90s, I got the case. ("Didn't Schroeder work with computers?") I began working closely with the Computer Crime Unit in the Department of Justice, and was able to go to a number of weeklong computer and computer crime training sessions, including one at the FBI Academy. As I began to work almost exclusively on computer crime issues, my job was not to become a techie but to learn enough so that I could talk to and understand the techies. Because it was such a new field, one who concentrated on it could quickly rise above the pack. It was a lot of fun. Amazon.com: What's the most difficult problem that law enforcement faces when confronting computer crime? Steve Schroeder: Computer crimes, in many respects, are crimes without borders. In any event, computers do not recognize borders and computer crimes are commonly multi-jurisdictional. So simply figuring out how to obtain evidence from another state or nation is a constant problem. In addition, the difficulty in obtaining evidence from other legally constituted government entities compounds the ultimate problem in computer crime cases--attribution. While it is usually possible to identify the computer from which criminal acts are being committed by obtaining connectivity logs, law enforcement must also prove whose butt was in the chair in front of that computer at the relevant time. This is often not a technical problem, but one more familiar to traditional police work. Amazon.com: The two Russian hackers you helped capture and put away had cracked and manipulated systems around the world, while apparently untroubled by the laws of Russia. Are national borders a constant challenge when dealing with international cybercriminals? Do some countries provide havens for computer crime? Steve Schroeder: National borders are a constant challenge. Our multiple attempts to get help from the Russian authorities in the case which is the subject of The Lure went unanswered. The situation today is much better than it was then. The United States is working actively with nations all over the world, encouraging them to enact computer crime statutes and working out the procedures by which digitized evidence can be quickly preserved and exchanged between nations. Because international law often requires reciprocity (acts must be crimes in both jurisdictions), it is critical that as many nations as possible enact computer crime statutes. In the mid '90s I was unable to extradite a young scoundrel from New Zealand who had caused immense damage to the University of Washington network, because hacking was not a crime in his own country. (It is now.) There are certainly still countries in the world where attacks on computers located somewhere else are not prosecuted. Even at the state level in this country there are barriers. The states only have jurisdiction (legal authority) to compel evidence within their own borders. While they can get evidence from other states through cooperative agreements, the process can be cumbersome and expensive. Amazon.com: How well are governments and the law able to keep up with the rapid advances in technology? Steve Schroeder: Federal law has done surprisingly well in keeping up. The Federal Computer Fraud and Abuse Act was enacted in 1984, and has been amended a number of times, usually to expand its coverage. The Act's definitions (of "computer," for example) were broad enough to continue to apply even as the technology continued to evolve. Congress also enacted the Stored Communications Act in 1986, establishing privacy protections for email, nearly ten years before it was commonly used. Governments struggle to keep up with technology. Equipment and training are often given a low priority, especially in these days of declining revenues. This will continue to be a serious problem. Amazon.com: The two hackers exploited security holes that, at least in some cases, were relatively common at the time. What's your opinion on the state of credit card and computer security today? Steve Schroeder: The two hackers in the book exploited vulnerabilities that were known and for which patches had been published. One software package (SQL) installed with a user name of "sa" for system administrator and a blank password field. Approximately one-quarter of the packages were installed on business servers without those fields being changed. That made it trivially easy for hackers to break into those systems. The high incidence of system administrators' not keeping their networks current as to upgrades and security patches continues to be a problem. It is commonplace to read in the news about the compromise of a large database of credit card transactions. Many companies, however, especially the larger ones like Amazon.com and PayPal, do an excellent job of protecting the private financial information of their customers. Amazon.com: With your experience in combating computer crime, what advice would you offer to readers concerned for the security of their own accounts or businesses? Steve Schroeder: Keep your anti-virus software up to date. Anti-virus software that is out of date is only marginally better than no protection at all. Use a firewall. Use a complex password that is at least 12 characters long and does not consist of common words or names. It should contain upper- and lowercase letters as well as numbers and characters. You can use the first letters of words in a sentence, a phrase, or even a line of poetry as a memory aid. Make sure that your Wi-Fi hub has good security and can only be accessed by registered machines. Shred unsolicited credit card offers and other financial documents. Better yet, contact the credit reporting agencies and tell them not to release your information unless you actually apply for credit. Small business proprietors need to understand that the use of SSL encryption or other "secure" services such as "https" protect data from being compromised only while it is in transit, but do nothing to secure the information while it's in storage on their own servers. Small businesses often ignore the need for good, professional security measures because they are expensive for the business and inconvenient for the users, and do not generate revenue. A single system "incident," however, can cause catastrophic losses for a small or medium-sized business. Good security for your system is a wise and prudent investment. Transaction records should be strongly encrypted in storage, as well as in transmission, or removed entirely from machines that are accessible from the Internet as soon as they have cleared. Upgrades and security patches to operating systems and other software must constantly be kept up to date. And yes, I do use my credit card on the Internet. Contents 7 Introduction 14 Part I: The Investigation 22 Chapter 1: Speakeasy 24 The Birth and Evolution of the Internet 26 An Intruder Enters Speakeasy 28 Speakeasy Responds 33 An Important Customer Is Harmed 35 Chapter 2: The Investigation Begins 40 The Landmark Privacy Act Case 42 Chapter 3: The Lure 54 Multi-District Cooperation Begins 55 The Lure Begins 61 Chapter 4: The Sting 76 The Russian Hackers Arrive in Seattle 78 Gorshkov Continues to Display His Knowledge 87 The Take-Down 93 Chapter 5: In Custody 96 The Ivanov Interview 97 Gorshkov’s Interview 99 The Prosecutors Stand By 101 The Interviews Resume 102 The Russians Have Their First Appearance in Court 106 Chapter 6: PayPal 116 The National Infrastructure Protection Center Offers Its Help 117 PayPal and eBay 124 Chapter 7: A (Not So) Brief Primer on National Security Investigations 140 Technology Always Evolves Faster than the Law 141 How the Fourth Amendment Affects Foreign Intelligence Surveillance 151 Chapter 8: The Motion to Suppress and Preliminary Skirmishing 154 Privacy Laws and Precedent on the Internet 156 The Cross-Examination of Eliot Lim 185 Chapter 9: Preparing for Trial 198 The FBI’s Download of Data from Russia Had Not Run Afoul of the Fourth Amendment 200 A Final Continuance 202 The Case for CTS, eBay, and PayPal 205 The Case for Credit Cards and Banks 221 The National Infrastructure Protection Center at FBI Headquarters Issues an Advisory, Warning the IT Community of the Activities from Russia 224 Part II: The Trial 226 Chapter 10: The Trial Begins 228 Early Skirmishing 229 The Jury Is Empanelled 232 The Government’s Opening Statement 232 The Defense’s Opening Statement 236 The Trial Proper Begins 241 The Trial Day Was Over, but the Work Was Not 265 Chapter 11: The Download Revisited 278 The Trial Is Delayed 279 Mike Schuler Takes the Stand 290 Chapter 12: The Expert Speaks 334 At the Weekend Recess, Judge Coughenour Again Admonishes the Lawyers to Move More Rapidly 336 Phil Resumes His Testimony 339 The Cross-Examination of Phil 363 The Recovery 374 Things Get Off Track 376 Chapter 13: The Prosecution Wraps Up 380 The Guy from Lightrealm Was Stymied by the Young Hacker 382 Gorshkov’s Verio/Webcom.com Intrusion 384 Massive Inquiries at eBay Are Identified 389 A Representative Seller of Computer Components Tells His Story 396 The Reality of Trying Complex Cases 397 PayPal, the Primary Victim, Presents Its Evidence 399 Special Agent Marty Prewett Ties It All Together 402 Some Concerns Regarding the Defense Case 406 Cross-Examination of the Case Agent Concludes 408 The Prosecution Rests, but Was It Enough? 412 Chapter 14: The Defense Case and the Conclusion 418 Maxim Semenov’s Honest Answers During Cross-Examination Rendered His Testimony Harmless 421 Gorshkov’s Brother Tries to Help Him 422 The Defendant Takes the Witness Stand 424 The Cross-Examination of the Defendant 435 Ken Kanev Attempts to Mitigate the Damaging Testimony of His Client 441 Closing Arguments of Counsel 442 Closing Argument for the Defense 450 Floyd Argues in Rebuttal 452 The Prosecution Team Depressurizes 456 The Verdict 457 Chapter 15: Sentencing and Other Aftermath 460 Gorshkov Is Sentenced 462 Both Parties Forgo Their Appeal Rights 466 Rumblings from Russia 468 Alexey Ivanov’s Situation in Connecticut 470 A Close Approximation to Justice Had Been Achieved 476 Part III: Appendixes and Supplementary Materials 478 Appendix A: Superseding Indictment 480 Appendix B: Certification of Service 492 Appendix C: Government’s Response 500 Appendix D: Order 518 Appendix E: Exhibit List 526 Index 554 A 554 B 554 C 555 D 555 E 556 F 556 G 556 H 557 I 557 J 557 K 557 L 557 M 558 N 558 O 558 P 558 R 559 S 559 T 560 U 560 V 561 W 561 Annotation Beginning in the fall of 1999, a number of Internet-related businesses and financial institutions in the United States suffered computer intrusions or "hacks" that originated from Russia. The hackers gained control of the victims' computers, copied and stole private data that included credit card information, and threatened to publish or use the stolen credit cards or inflict damage on the compromised computers unless the victims paid money or gave the hackers a job. Some of the companies gave in and paid off the hackers. Some decided not to. The hackers responded by shutting down parts of their networks and using stolen credit card numbers to order thousands of dollars' worth of computer equipment. THE LURE is the true, riveting story of how these Russian hackers, who bragged that the laws in their country offered them no threat, and who mocked the inability of the FBI to catch them, were caught by an FBI lure designed to appeal to their egos and their greed. The story of the sting operation and subsequent trial is told for the first time here by the Department of Justice's attorney for the prosecution. This fascinating story reads like a crime thriller, but also offers a wealth of information that can be used by IT professionals, business managers, lawyers and academics who wish to learn how to protect systems from abuse, and who want to respond appropriately to network incidents. They also provide insight into the hacker's world and explain how their own words and actions were used against them in a court of law - the evidence provided is in the raw, uncensored words of the hackers themselves. This is a multi-layered true crime story, a real-life law and order story that explains how hackers and computer thieves operate, how the FBI takes them down, and how the Department of Justice prosecutes them in the courtroom Annotation The Lure: The True Story of How the Department of Justice Brought Down Two of the World's Most Dangerous Cyber Criminals provides a case study of a large, complex, and highly technical prosecution of two Russian hackers. The materials presented offer a wealth of information that can be used by IT professionals, business managers, and academics who wish to learn how to protect systems from abuse, and who wish to respond appropriately to network incidents. In addition to its value as a training tool, THE LURE is also the true, riveting story of how two Russian hackers, who bragged that the laws in their country offered them no threat, and who mocked the inability of the FBI to catch them, were caught by an FBI lure designed to appeal to their egos and their greed. The story of the sting operation and subsequent trial is told for the first time here by the Department of Justice's attorney for the prosecution Looks at the sting operation used by the Dept. of Justice to catch Russian hackers who were gaining control of computers and stealing private data from victims in the United States and the subsequent trial proceedings. Contents Introduction PART I. THE INVESTIGATION 1. Speakeasy 2. The investigation begins 3. The lure 4. The sting 5. In custody 6. PayPal 7. A (not so) brief primer on national security investigations 8. The motion to suppress and preliminary skirmishing 9. Preparing for trial PART II. THE TRIAL 10. The trial begins 11. The download revisited 12. The expert speaks 13. The prosecution wraps up 14. The defense case and the conclusion 15. Sentencing and other aftermath PART III. APPENDIXES AND SUPPLEMENTARY MATERIAL A. Superseding indictment B. Certification of service C. Governments response D. Order E. Exhibit list Index
دانلود کتاب The lure : the true story of how the Department of Justice brought down two of the world's most dangerous cyber criminals