Cyber CriminologyCase Analysis On Moonlight Maze: A Crime Against United States Government
Question
Task:
You have to choose a case study based on cyber criminology and a cyber attack that has been carried out in the selected case and:
• Summary of what happened
• analyse the methods used
• analyze the cybercriminals
o who are
o summary of their history
o typical attacks
• Consequences of the cyber attack
• Victims of the cyber attack
o psychological aspect
o Measures to recover the victims
• Consequences for the business
Answer
Introduction
Cyber criminologyis also called e-crime because the mode of the crime is online and the aim is to attack companies online. The crime is conducted by computers, or sometimes the crime is done in a way to attack the computers. Many big companies fall prey to this kind of cybercrimeand the criminals are called cybercriminals (Yar&Steinmetz, 2019). As per the European Commission, the definition of cybercrime is:
There has to be traditional form of crime like fraud or forgery which is committed with the help of electronic communication and network. Another definition includes the publication of illegal content and cybercrime also includes a crime which is unique and specific to electronic networks (Boes&Leukfeldt, 2017). With the growth of technology and network, there has been a significant increase in cybercrime because it has been found that cybercriminals have started to target individuals, businesses and big companies to boost their own profit. Research claims that the reason behind the sudden increase of cybercrime is the spread of technology in all spheres of life which has enabled the significant growth of cybercriminals (Buyadji, 2017). Internet has helped in connecting the globe together and has also improved communication and interaction thereby enabling business which is both a positive and a negative aspect. The aim of the research shall be to understand how we think the effect of cyber technology is and how criminals are born within business models to exacerbate their own growth.
There are different kinds of cybercrime and the categorisation has been done for comprehension and easy accessibility. When a cyber crime is done against the government it is considered to be an attack on the sovereignty of the nation and is declared an act of war. The crime against government can be done by breaching confidential information, by having access to encrypted files and there by hacking them, by causing cyber terrorism and cyber warfare and also with the help of pirated software. The research shall be done on crime against government and a case study selected for this particular research is the Moonlight Maze- a cyber crime committed against them United States government in the year 1999 (Holt, Brewer & Goldsmith, 2019).
Case study- Moonlight Maze
Summary: to begin with, the code name was given to a highly classified data breach of classified information of the United States government. This incident started in the year 1996 and it had the potential of affecting various American government agencies and it affected NASA, the Pentagon, the DOE and so on. It is considered to be of the longest I'm serious kind of intelligence breach and it was a persistent threat against the government that has been faced in the recent history. The first incidents that was recorded off this operation was in the year 1998 when the official government website noticed some abnormal activities in networks that were highly classified and not available to general public. It was found that all the systems within the United States government like the Pentagon, the National Aeronautics and Space Administration and the Department of Energy where showing targeted attacks persistently (Banks, 2016). All these systems game under threat and it lasted for a very long period of time. From the initial activity, it became clear that the attacks were mostly aimed to have access to sensitive and confidential information and stored data. Immediately the government started to analyse the reason behind the threat and who the attackers where. Property search concluded that the attack had gone on for more than 2 years. The attackers had access to all the classified files and they had surfed through thousands of document to gain access to the military installation, the configuration of the US military troop and also the military hardware design.
Analysing the methods used
The method for the attack was hacking. The attackers used the method of hacking by using “back doors” that helped them have access to the system, so that they could infiltrate the system further and have access to the data that they wished to use. The attack was used to use the tools in such a way that specific network could be traced back to the country of origin and all the exploited data from the attack could beused to gain access to the public resources (Chris, 2016). The attackers were hackerswho used the defect of the software manufacturer and gain access to the system because the maintenance were not aware of the flaws in the system. The attackers also left some vulnerabilities unpatched for a significant period of time like 6 years to one month which helped them neglect the security patch cycles. The reason why the US government could not figure out that there was hacking going on was because the hackers can see their location and they used connection with the help of different 1rebel Institute and University so that their location could not be traced. The method used by hackers to conceal the location and use a different valuable institution is called proxying.
Cybercriminals
Who are
The FBI conducted a thorough research and after significant investigation the director of National Infrastructure Protection Center said that the cyber attack was conducted from last Russia. These cyber attackers were extensively trained and they had knowledge in computer and intelligence department which help them use different vulnerable Institute to get access to the classify data. These attackers had their background in intelligence and the data extraction done by them was easy and accessible. The attackers had very similar profile like those of the solar sunrise attack.
Summary of their history
The attackers were trained in security service and the intruders use the following steps 2 maximise their attack: they initially enumerated the address space network and thereafter they scanned all the vulnerabilities to identify them and explore them in such a way that they could install a blacktop program how access to re-enter the system and destroy all the files. They also destroyed all the files and removed the data so that they could not leave any trace behind. Even though experts conducted research to find out that the religion of the attack was in Russia, and attackers were trained in Moscow, there was no confirmation that Russia was the one to initiate the attack. The reason behind the lack of confirmation in blaming Russia was because there could have been a chance that the attackers routed their location to Russia (Chris, 2016). It could be completely possible that the addition of that was in different country and the government could not trace it because the location was routed.
Typical attacks
Once the attack was stabilized for 2 years, it was found that the group had a link to the hijack satellite connection and the government website which used back door and deception tactics in the Russian language Turla. Computer virus Agent.BTZ was used which had the ability to replicate itself and also steal data which was used in the particular cyber attack to attack the United States military and also breach the computer server of the Pentagon (Doman, 2016). There has been a link between the cyber attack and the language which helps in understanding that the attack was done with the help of a cold so that this typical attack could not be traced by the government.
Consequence of the attack
The consequence of the attack was devastating to history of America because it proved the day with vulnerable to any kind of data breach and exploitation and that a third party could have access to all the information that they wanted to keep classified for a long period of time. It also brought forward the problem of attribution and traceability with explained that there was a problem in identifying internal as well as external threat to information within the government data.
Victims of the cyber attack
The victims in this case was millions of people residing in the United States because the hackers had the potential to compromise the internal security as well as reach homeland security causing detrimental effect to privacy and safety of the citizens (Buchanan &Sulmeyer, 2016). Cyber attack and cyber espionage have we dating consequences and financial institutions and internal security of a country because they have the potential to destabilize a government and also attack the morale of the public. There was a threat to public safety because of the breach of security network and therefore the immunity of the United States government was threatened and people limited their social interaction because of fear. This had a psychological impact because the freedom of the citizens was curbed to a certain extent.
Consequences
Even though a cyberwar does not have the potential of causing casualties, it is significantly consider attract to estate and equivalent to war because it damages the internal security of a country. The United States became aware of the differences in their system and the fact that information has been compromised was a big setback.
References
Banks, W. C. (2016). Cyber espionage and electronic surveillance: Beyond the media coverage. Emory LJ, 66, 513.
Boes, S., &Leukfeldt, E. R. (2017). Fighting cybercrime: A joint effort.In Cyber-Physical Security (pp. 185-203).Springer, Cham.
Buchanan, B., &Sulmeyer, M. (2016). Russia and cyber operations: Challenges and opportunities for the next US administration. Carnegie Endowment for International Peace, 3.
Buyadji, S. (2017).Peculiarities of Legal Regulation of Cybercrime in the USA. LexPortus, 4, 130.
Chris, D. O. M. A. N. (2016). ’The First Cyber Espionage Attacks: How Operation Moonlight Maze Made History.
Doman, C. (2016). The first cyber espionage attacks: How operation Moonlight Maze made history.
Holt, T. J., Brewer, R., & Goldsmith, A. (2019). Digital drift and the “sense of injustice”: Counter-productive policing of youth cybercrime.Cyber criminology Deviant Behavior, 40(9), 1144-1156.
Kaplan, F. (2016).Solar sunrise, moonlight maze. Dark Territory: The Secret History of Cyber War, 78-88.
Yar, M., & Steinmetz, K. F. (2019). Cybercrime and society. SAGE Publications Limited.