An approach to minimizing legal and reputational risk in Red Team hacking exercises

Robust cyber-resilience depends on sound technical controls and testing of those controls in combination with rigorous cyber-security policies and practices. Increasingly, corporations and other organizations are seeking to test all of these, using methods more sophisticated than mere network penetration testing or other technical audit operations. More sophisticated organizations are also conducting so-called “Red Team” exercises, in which the organization tasks a small team of highly skilled and trained individuals to try to gain unauthorized access to physical and logical company assets and information. While such operations can have real value, they must be planned and conducted with great care in order to avoid violating the law or creating undue risk and reputational harm to the organization. This article explores these sometimes tricky issues, and offers practical risk-based guidance for organizations contemplating these types of exercises.     

The Global Dimension of Cybercrime

Cyberspace and thus cybercrime know no boundaries. This chapter reviews some of the basic forms of cybercrime, draws specific attention to the issues that arise when offences occur across borders and in relation to organised criminal groupings, and provides illustrations based on some of the more celebrated cases of the past few years. The borderless nature of cyberspace and the exponential take-up of digital technology throughout the world guarantee that transnational cybercrime will remain a challenge. Fortunately, many nations are rising to this challenge, individually and collectively, but the web of international cooperation does have its holes and those nations that lag behind the leaders risk becoming havens for cybercriminals of the future.     

公务员面试计算机评分系统中数据加密技术的研究与实现

随着我国公务员录用面试信息化建设工作的深入推进,各地陆续在公务员面试过程中采用了公务员面试计算机评分系统。该系统对考官基本信息库、考官的原始计分表、监督员（复核员）的统计表等数据的加密存贮和传输非常重要。为避免泄密,基于PKI技术的“混合签密”方案应用于面试计算机评分系统,能很好地提供机密性、完整性、可认证和不可否认性保证数据的安全性。     

Can computer forensic tools be trusted in digital investigations?

This paper investigates whether computer forensic tools (CFTs) can extract complete and credible digital evidence from digital crime scenes in the presence of file system anti-forensic (AF) attacks. The study uses a well-established six stage forensic tool testing methodology based on black-box testing principles to carry out experiments that evaluate four leading CFTs for their potential to combat eleven different file system AF attacks. Results suggest that only a few AF attacks are identified by all the evaluated CFTs, while as most of the attacks considered by the study go unnoticed. These AF attacks exploit basic file system features, can be executed using simple tools, and even attack CFTs to accomplish their task. These results imply that evidences collected by CFTs in digital investigations are not complete and credible in the presence of AF attacks. The study suggests that practitioners and academicians should not absolutely rely on CFTs for evidence extraction from a digital crime scene, highlights the implications of doing so, and makes many recommendations in this regard. The study also points towards immediate and aggressive research efforts that are required in the area of computer forensics to address the pitfalls of CFTs.     

UK software patents – Get with the program

Computer-implemented inventions feature in almost every field of technology, and although improvements to computer-based devices are routinely made in software, the circumstances in which patent protection is available remains unclear. The patentability of software varies considerably from jurisdiction to jurisdiction. Worryingly, there are variations in form, if not in substance, between patent offices working from the same legal source. Against the background of a sea change in the US position, there is the prospect of a clarification of the European Patent Office approach that will provide a platform for consistency in Europe. This paper focuses on the UK position, highlights the tension between the UK and the EPO and considers the key questions before the EPO's Enlarged Board of Appeal.     

从计算机病毒的传播机理看病毒的防治

当前的计算机病毒具有种类多、欺骗性强、利用系统漏洞对机器进行攻击、病毒技术不断翻新等特点,其传播途径也由文件交叉感染发展到电子邮件传播和浏览网页以及文件下载感染。为了维护计算机系统的安全,应根据其传播机理,采取切实有效的措施对病毒进行查杀。     

论为他人提供“翻墙”工具行为的定性

出于对互联网的管控需求,我国通过技术手段屏蔽了部分境外网站。但是,网民对境外网站的访问需求是客观存在,人们会尝试通过技术手段突破封锁,这些行为俗称为"翻墙"。"翻墙"的实现需要技术及资金支持,所以互联网长期存在提供"翻墙"软件工具以谋取利润行为。司法实践一直将其提供"翻墙"工具的行为定性为提供侵入、非法控制计算机信息系统程序、工具罪,但是,"翻墙"工具的技术原理是通过设立虚拟专用网的方式绕过我国网络监管部门的技术封锁,并未对计算机信息安全造成破坏,不宜定为计算机犯罪。但是,该行为实际是违反国家规定,未经许可擅自经营电信业务的行为,是对市场准入秩序的破坏,与非法经营罪所保护的法益与其构成要件更加接近。     

论网络犯罪的现象和原因

网络犯罪是典型的计算机犯罪 ,网络的发展 ,既可以促进社会经济的全面发展 ,也有可能给人类社会带来不可估计的损失 ,我们应以客观的态度来看待这个问题。不能盲目惊喜于网络给我们社会带来的种种便利 ,过分夸张网络的无所不能 ,认为发展了科学技术就能自动地解决社会生活中的种种问题 ,而忽视它的不稳定性 ;也不能对网络全面否定 ,忽视网络对社会的推动作用 ,进而人为地限制网络的正常发展 ,这样更是得不偿失的。     

电子计算机在非父排除率计算中的应用——中国人Rh型、Gm型和HLA型的非父排除率

本文根据 Ohno(1982)提出的单一位点复共显性基因非父排除率的公式,编制成 BASIC 程序,使用 IBM 个人电脑计算了我国长春等四个地区汉族 Gm 型的非父排除率和我国汉族等十六个民族的 Rh 型非父排除率。同时,根据 Chakravarti(1983)的多位点共显性基因非父排除率计算公式编制一个 BASIC 程序,用以计算了我国6个地区汉族及5个少数民族 HLA 型的非父排除率,其结果可用于亲权鉴定时对血型系统非父排除率的估计。