Cover image for Tangled web : tales of digital crime from the shadows of cyberspace
Tangled web : tales of digital crime from the shadows of cyberspace
Power, Richard, 1953-
Personal Author:
Publication Information:
Indianapolis, Ind. : Que [2000]

Physical Description:
x, 431 pages : illustrations ; 24 cm
Format :


Call Number
Material Type
Home Location
Item Holds
HV6773 .P683 2000 Adult Non-Fiction Non-Fiction Area

On Order



With the intense growth of e-business, we hear about an increase in hacking and technology-based criminal incidents. Institutions such as Citibank and Ebay have faced intrusions that have cost them millions of dollars in damages. With the onset of these criminal attacks, there is an increase in demand for products and services that provide more information for people. Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace portrays the shadow side of cyberspace by taking you into the lairs of hackers, crackers, researchers, private investigators, law enforcement agents and intelligence officers. The book covers what kinds of cyber-crimes are going to affect business on the Internet, their cost, how they are investigated, and the motivation of hackers and virus writers. Also covered are the problems faced by law enforcement, corporate cyber security professionals, and real-world examples of cyber crimes and lessons learned.

Author Notes

Richard Power is editorial director at the Computer Security Institute (CSI) in San Francisco.

Table of Contents

I Crime, War, and Terror in the Information Agep. 1
1 Welcome to the Shadow Side of Cyberspacep. 3
Types of Cybercrimep. 4
Types of Cybercriminalsp. 6
2 Inside the Mind of the Cybercriminalp. 9
"Stereotyping Can Be Dangerous"p. 10
"Intense Personal Problems" Are the Keyp. 13
3 Been Down So Long It Looks Like Up To Me: The Extent and Scope of the Cybercrime Problemp. 21
The CSI/FBI Computer Crime and Security Surveyp. 22
Whom We Askedp. 24
Outlaw Bluesp. 26
Types of Cyberattackp. 28
To Report or Not to Reportp. 28
The Truth Is Out Therep. 32
A Note on Methodologyp. 32
Relevant Data from Other Sourcesp. 33
CERT/CC Statisticsp. 33
Dan Farmer's Internet Security Surveyp. 35
WarRoom Research's Information Security Surveyp. 35
Conclusionsp. 38
4 Let It Bleed: The Cost of Computer Crime and Related Security Breachesp. 39
How Do You Quantify Financial Losses Due to Info Security Breaches?p. 44
You Can't Fully Quantify the Loss if You Haven't Valued the Resourcep. 44
System Penetration from the Outsidep. 47
Unauthorized Access from the Insidep. 47
Sabotage of Data or Network Operationsp. 48
Malicious Codep. 48
Don't Underestimate "Soft Costs"p. 48
If We Can Quantify Losses, We Can Calculate ROIp. 50
II Hackers, Crackers, and Virus Writersp. 53
5 Did the 1990s Begin with a Big Lie?p. 55
The First Serious Infrastructure Attack?p. 55
Public Cyberenemy No. 1?p. 57
The Worms Crawl In, the Worms Crawl Out...p. 60
What the Morris Worm Did to Systemsp. 61
What the Morris Worm Demonstratedp. 63
Conclusionp. 64
6 Joy Riders: Mischief That Leads to Mayhemp. 65
The Rome Labs Case: Datastream Cowboy and Kuji Mix It Up with the U.S. Air Forcep. 66
Investigators Wrestle with Legal Issues and Technical Limitationsp. 68
Datastream Cowboy's Biggest Mistakep. 69
Scotland Yard Closes in on Datastream Cowboyp. 71
Kuji Hacks into Goddard Space Flight Centerp. 72
Kuji Attempts to Hack NATO HQp. 72
Scotland Yard Knocks on Datastream Cowboy's Doorp. 73
Kuji's Identity Is Finally Revealedp. 74
Who Can Find the Bottom Line?p. 75
HotterthanMojaveinmyheart: The Case of Julio Cesar Arditap. 76
How the Search for "El Griton" Beganp. 77
Ardita's Biggest Mistakep. 79
No Ordinary Wiretapp. 80
Debriefing "El Griton"p. 80
The Solar Sunrise Case: Mak, Stimpy, and Analyzer Give the DoD a Run for Its Moneyp. 81
Conclusionp. 85
7 Grand Theft Data: Crackers and Cyber Bank Robbersp. 87
The Case of Carlos "SMAK" Salgadop. 88
Diary of a Computer Crime Investigationp. 88
Don't Underestimate Internet-Based Credit Card Theftp. 91
The Crest of an Electronic Commerce Crime Wave?p. 91
Citibankp. 92
Where Did It All Begin? How Did It Happen?p. 93
Misconceptions Dispelledp. 93
What It Took To Take Levin Downp. 95
You Don't Know How Lucky You Are, Boys...Back in the USSR: Unanswered Questions About Megazoid and the Russian Mafiap. 99
From Russia With Love: The Sad Tale of Ekaterina and Evygenyp. 100
The Phonemasters Casep. 102
How the Phonemasters Almost Blunder into Discovering the FBI's Surveillancep. 105
A "Dream Wiretap" Results in an Enormous Challengep. 105
Quantifying the Financial Losses Proved Essential in Courtp. 107
"The Number You Have Reached Has Been Disconnected..."p. 113
8 Hacktivists and Cybervandalsp. 115
Hackers Run Amok in "Cesspool of Greed"p. 116
Schanot Goes Undergroundp. 120
Schanot's Indictment and Capturep. 121
How Schanot Rang Southwestern's Bellp. 122
Attack of the Zombiesp. 124
Once Upon A Time, An Eerie Calm Descended on Cyberspace...p. 125
Blow by Blowp. 126
How DDoS Worksp. 127
Who Launched the Attacks and Whyp. 127
Aftermathp. 129
Calculating the Financial Impactp. 132
The Moral of the Talep. 133
9 The $80 Million Lap Dance and the $10 Billion Love Letterp. 141
The $80 Million Lap Dancep. 143
"My Baby, She Wrote Me a Letter..."p. 148
III Spies and Saboteursp. 157
10 Corporate Spies: Trade Secret Theft in Cyberspacep. 159
The Corporate World's Dirty, Little, Secret Warp. 160
Some Real-World Tales of Economic Espionagep. 166
Tit for Tat? State-Sponsored Economic Espionagep. 169
EEA Sinks Its Teeth Inp. 173
11 Insiders: The Wrath of the Disgruntled Employeep. 179
Types of Cyberattack by Insidersp. 179
Oracle Scorned: The Unauthorized Access of Adelyn Leep. 181
Omega Man: The Implosion of Tim Lloydp. 183
12 Infowar and Cyberterror: The Sky Is Not Falling, But...p. 191
Cyberwar in Kosovo?p. 196
China, U.S., and Taiwan: Has Code War Replaced Cold War?p. 200
Storming the Digital Bastillep. 203
Helter Skelter in Cyberspacep. 204
Digital Dirty Tricks and Cyber Plumbersp. 208
Defensive Information Warfarep. 209
IV Muggers and Molesters in Cyberspacep. 213
13 Identity Theftp. 215
14 Child Pornography on the Internetp. 223
Do You Have Your Priorities Straight?p. 225
V The Defense of Cyberspacep. 229
15 Inside Fortune 500 Corporationsp. 231
How to Structure Your Information Security Unitp. 232
Where Should Your Information Security Unit Report?p. 238
16 Inside Global Law Enforcementp. 249
National Infrastructure Protection Center (NIPC)p. 250
The Role of Computer Analysis Response Team (CART)p. 252
"Isn't It Good, Norwegian Wood..."p. 255
Case Study in the Struggle Over Subscriber Datap. 257
U.S. Law Versus Norwegian Lawp. 259
Council of Europe Floats a Cybercrime Treatyp. 260
17 Inside the U.S. Federal Governmentp. 263
Inside the Pentagonp. 265
What's Going On in the Murky Waters at Foggy Bottom?p. 268
FAA Secured on a Wing and a Prayer?p. 270
Lessons Learned from the NASA Probep. 272
Is Something Nasty Floating in Your Alphabet Soup?p. 273
Harold Nicholson, Traitorp. 273
Douglas Groat, Would-Be Traitorp. 274
John Deutch: A Good Man Blundersp. 274
King and Lipka, Traitorsp. 276
Conclusionp. 276
18 Countermeasuresp. 279
Organizational Issuesp. 279
Risk Analysisp. 280
Baseline Controls Versus Risk Analysisp. 283
Sound Practicesp. 284
Sixteen Sound Practices Learned from Leading Organizationsp. 284
Information Protection Assessment Kit (IPAK)p. 286
Policies and Proceduresp. 292
Net Abusep. 292
E-Mail Abusep. 294
Security Awarenessp. 298
Frontlinep. 299
Security Technologies: Few Solutions, Lots of Snake Oil, and No Silver Bulletsp. 304
Outsourcing? Yes and Nop. 310
Epilogue: The Human Factorp. 313
One Term I Never Heard In Silicon Valleyp. 314
Infosec du Soleilp. 315
Joseph's Robe of Many Colors Was Made of Patchesp. 317
Another Patsy Named Lee?p. 317
From the Red-Eye to the Russell Office Buildingp. 322
VI Appendicesp. 325
Glossaryp. 327
A U.S. Laws and International Treatiesp. 339
Computer Fraud and Misuse Actp. 339
Economic Espionage Act of 1996p. 344
Council of Europe - Draft Convention on Cybercrimep. 348
Draft Convention on Cybercrime (Draft No 19)p. 348
Chapter I Use of termsp. 350
Chapter II Measures to be taken at the national levelp. 351
Section 1 Substantive criminal lawp. 351
Section 2 Procedural lawp. 355
Section 3 Jurisdictionp. 357
Chapter III International Co-operationp. 358
Chapter IV Follow-upp. 365
Chapter V Final Provisionsp. 365
B Excerpt from Criminal Affidavit in the Ardita Casep. 369
Efforts to Identify and Localize the Intruder Within the FAS Harvard Hostp. 372
Real-Time Monitoring of the Intruder's Activities in November and December, 1995p. 376
Identification of "Griton," the Intruder, in Buenos Aires, Argentinap. 384
C Resources and Publicationsp. 387
General Informationp. 387
Center for Education and Research in Information Assurance and Security (CERIAS)p. 387
NIST Computer Security Resource Clearinghousep. 387
Computer Crime Research Resourcesp. 388
Rik Farrowp. 388
Bruce Schneier and Counterpane Systemsp. 388
Lincoln Stein's WWW Security FAQp. 388
Bill Cheswick's Home Pagep. 388
Alec Muffet's Home Pagep. 388
Marcus Ranum's Home Pagep. 388
Fred Cohen and Associatesp. 388
Dr. Dorothy Denning's Home Pagep. 388
Dan Farmer's Home Pagep. 388
Sarah Gordon's Home Pagep. 389
George Smith, The Crypt Newsletterp. 389
U.S. GAO Cybersecurity Assessmentsp. 389
Information Security: Computer Attacks at Department of Defense Pose Increasing Risksp. 389
Information Security: Computer Attacks at Department of Defense Pose Increasing Risksp. 389
Information Security: Computer Hacker Information Available on the Internetp. 389
Information Security: Opportunities for Improved OMB Oversight of Agency Practicesp. 389
IRS Systems Security and Funding: Employee Browsing Not Being Addressed Effectively and Budget Requests for New Systems Development Not Justifiedp. 389
IRS Systems Security: Tax Processing Operations and Data Still at Risk Due to Serious Weaknessesp. 389
IRS Systems Security: Tax Processing Operations and Data Still at Risk Due to Serious Weaknessesp. 390
Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safetyp. 390
Computer Security: Pervasive, Serious Weaknesses Jeopardize State Department Operationsp. 390
Executive Guide: Information Security Management--Learning From Leading Organizationsp. 390
FAA Systems: Serious Challenges Remain in Resolving Year 2000 and Computer Security Problemsp. 390
Information Security: Serious Weaknesses Place Critical Federal Operations and Assets at Riskp. 390
Information Security: Serious Weaknesses Put State Department and FAA Operations at Riskp. 390
Information Security: Strengthened Management Needed to Protect Critical Federal Operations and Assetsp. 390
Department of Energy: Key Factors Underlying Security Problems at DOE Facilitiesp. 391
Information Security: The Melissa Computer Virus Demonstrates Urgent Need for Stronger Protection Over Systems and Sensitive Datap. 391
High-Risk Series: An Update HR-99-1p. 391
Information Security: Many NASA Mission-Critical Systems Face Serious Risksp. 391
Anti-Virus Informationp. 391
Virus Bulletinp. 391
Rob Rosenberger's Computer Virus Mythsp. 391
European Institute for Computer Antivirus Research (EICAR)p. 391
Datafellows Virus Information Centerp. 392
Henri Delger's Virus Helpp. 392
Eddy Willems Free Anti-Virus Consultancyp. 392
Incident Response Informationp. 392
Computer Emergency Response Team (CERT)p. 392
Forum of Incident Response and Security Teams (FIRST)p. 392
Computer Incident Advisory Capability (CIAC)p. 392
Federal Bureau of Investigation, National Infrastructure Protection Center (NIPC)p. 393
President's Commission on Critical Infrastructure Protection (PCCIP)p. 393
What Is Information Warfare? by Martin Libickip. 393
Information Warfare Resourcesp. 394
Institute for the Advanced Study of Information Warfarep. 394
Organizations and Associationsp. 394
Computer Security Institute (CSI)p. 394
American Society for Industrial Security (ASIS)p. 394
The Information Systems Security Association (ISSA)p. 394
Federal Information Systems Security Educators' Association (FISSEA)p. 395
International Information Systems Security Certification Consortium, Inc. (ISC)2p. 395
Electronic Frontier Foundation (EFF)p. 395
High Technology Crime Investigation Associationp. 395
USENIXp. 395
The SANS (System Administration, Networking, and Security) Institutep. 396
International Computer Security Association (ICSA)p. 396
Books and Publicationsp. 396
On-Line News Sourcesp. 397
SecurityFocus and Security Portalp. 397
APBonlinep. 397
Security Mailing Listsp. 398
AUSCERT Australian Computer Emergency Responsep. 398
CERT Advisory Mailing List Computer Emergency Response Teamp. 398
CIAC Mailing Listp. 398
Cypherpunks Mailing Listp. 398
Firewalls Mailing Listp. 398
Academic-Firewalls Mailing Listp. 398
FWall-users Mailing Listp. 399
Firewalls Wizardsp. 399
BugTraq Mailing Listp. 399
Newsgroupsp. 399
Conferences and Trainingp. 400
Computer Security Institutep. 400
The Federal Law Enforcement Training Center (FLETC)p. 400
National Cybercrime Training Partnershipp. 400
MIS Training Institutep. 400
National Information Systems Security Conferencep. 400
Computer Undergroundp. 401
2600 Magazine: The Hacker Quarterlyp. 401
Attritionp. 401
DefConp. 401
L0pht Heavy Industriesp. 401
Phrackp. 402
Cult of the Dead Cow (cDc)p. 402
AntiOnlinep. 402
Hacker News Network (HNN)p. 402
Computer Underground Digestp. 402
Indexp. 403