Download - 2013.05.16 cfaa powerpoint for ima.v1
![Page 1: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/1.jpg)
FRAUD 2.0Helping Businesses Prepare for
Computer Fraud and Data Breaches
Shawn E. Tumawww.brittontuma.com
The Association of Accountants and Financial Professionals in Business
May 16, 2013
![Page 2: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/2.jpg)
2
#fraud20
www.brittontuma.com
![Page 3: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/3.jpg)
3
have you ever
heard of …
www.brittontuma.com #fraud20
![Page 4: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/4.jpg)
4
Aaron Swartz?
www.brittontuma.com #fraud20
![Page 5: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/5.jpg)
5
Sandra Teague?
www.brittontuma.com #fraud20
![Page 6: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/6.jpg)
6
Bradley Manning?
www.brittontuma.com #fraud20
![Page 7: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/7.jpg)
7
Hacking?
www.brittontuma.com #fraud20
![Page 8: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/8.jpg)
8
Data Breach?
www.brittontuma.com #fraud20
![Page 9: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/9.jpg)
9
Identity Theft?
www.brittontuma.com #fraud20
![Page 10: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/10.jpg)
10
Stuxnet?
www.brittontuma.com #fraud20
![Page 11: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/11.jpg)
11
Active Defense?
www.brittontuma.com #fraud20
![Page 12: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/12.jpg)
12
NON COMPUTER
RELATED FRAUD?
www.brittontuma.com #fraud20
![Page 13: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/13.jpg)
13
As of September 2012, cybercrime
• costs $110 billion annually
• 18 adults every second are victims
• 556,000,000 adults every year are victims
• 46% of online adults are victims
• mobile devices are trending
2012 Norton Cybercrime Reportwww.brittontuma.com
The Statistics
![Page 14: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/14.jpg)
14
What is fraud?• Fraud is, in its simplest form, deception
• Black’s Law Dictionary
• all multifarious means which human ingenuity can devise, and which are resorted to by one individual to get advantage over another by false suggestions or suppression of the truthwww.brittontuma.com
Fraud?
#fraud20
![Page 15: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/15.jpg)
15
Traditional vehicles for fraud?• verbal communication
• written communication
• in person
• through mail
• via wirewww.brittontuma.com
Fraud?
#fraud20
![Page 16: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/16.jpg)
16
What do computers do?
EFFICIENCY!www.brittontuma.com #fraud20
![Page 17: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/17.jpg)
17
FRAUD 2.0
www.brittontuma.com #fraud20
![Page 18: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/18.jpg)
18
Computer Fraud = Fraud 2.0• Deception, through the use of a computer
• “old crimes committed in new ways … using computers and the Internet to make the task[s] easier”
• computer hacking, data theft, theft of money, breaches of data security, corporate espionage, privacy breaches, computer worms, Trojan horses, viruses, malware, denial of service attacks
• mouse and keyboard = modern fraudster tools of choice
www.brittontuma.com
Fraud 2.0
#fraud20
![Page 19: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/19.jpg)
19
Who knows the percentage of businesses that suffered at least one act of computer fraud in last
year?
90%(Ponemon Institute Study)
www.brittontuma.com
Fraud 2.0
#fraud20
![Page 20: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/20.jpg)
20
BRIEF HISTORY OF THE COMPUTER FRAUD
AND ABUSE ACT (CFAA)
#fraud20
![Page 21: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/21.jpg)
21
Computer Fraud and Abuse Act
Federal Law – 18 U.S.C § 1030
www.brittontuma.com
The Law!
#fraud20
![Page 22: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/22.jpg)
22
History of CFAA
www.brittontuma.com #fraud20
![Page 23: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/23.jpg)
23
History of CFAA
www.brittontuma.com #fraud20
![Page 24: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/24.jpg)
24
Why?
Primary Law for Misuse of Computers
Computers …
Why is the Computer Fraud and Abuse Act important?
www.brittontuma.com #fraud20
![Page 25: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/25.jpg)
25www.brittontuma.com
“Everything has a computer in it nowadays.”
-Steve Jobs
Why Computers?
#fraud20
![Page 26: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/26.jpg)
26
WHAT IS A COMPUTER?
#fraud20
![Page 27: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/27.jpg)
27www.brittontuma.com
has a processor or stores data
“the term ‘computer’ means an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device, but …”
IMPORTANT! “such term does not include an automated typewriter or typesetter, a portable hand held calculator, or other similar device;”
The CFAA says
What is a computer?
#fraud20
![Page 28: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/28.jpg)
28www.brittontuma.com
What about . . .
What is a computer?
#fraud20
![Page 29: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/29.jpg)
29www.brittontuma.com
“’That category can include coffeemakers, microwave ovens, watches, telephones, children’s toys, MP3 players, refrigerators, heating and air-conditioning units, radios, alarm clocks, televisions, and DVD players, . . . .”
-United States v. Kramer
The Fourth Circuit says
Anything with a microchip
#fraud20
![Page 30: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/30.jpg)
30www.brittontuma.com
This may limit the problem of applying it to alarm clocks, toasters, and coffee makers – for now?
The CFAA applies only to “protected” computers
Protected = connected to the Internet
Any situations where these devices are connected?
What is a “protected” computer?
#fraud20
![Page 31: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/31.jpg)
31www.brittontuma.com
seriously . . .
What is a computer?
#fraud20
![Page 32: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/32.jpg)
32www.brittontuma.com
•TI-99 •3.3 MHz Processor•16 KB of RAM
•Leap Frog Leapster•96 MHz Processor•128 MB of RAM
•iPhone 5•1.02 GHz Processer•1 GB of RAM
Perspective
#fraud20
![Page 33: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/33.jpg)
33www.brittontuma.com
66 MHz = fastest desktop in 80s
96 MHz = child’s toy today
250 MHz = fastest super computer in 80s
1.02 GHz = telephone today
Perspective
#fraud20
![Page 34: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/34.jpg)
34
WHAT DOES THE CFAA PROHIBIT?
#fraud20
![Page 35: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/35.jpg)
35
Statutory Language
CFAA prohibits the access of a protected computer that is
Without authorization, or Exceeds authorized access
www.brittontuma.com #fraud20
![Page 36: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/36.jpg)
36
Statutory Language
Where the person accessing Obtains information
Commits a fraud
Obtains something of value
Transmits damaging information
Causes damage
Traffics in passwords
Commits extortion
www.brittontuma.com #fraud20
![Page 37: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/37.jpg)
37
Very Complex Statute
Overly simplistic list
Very complex statute
Appears deceptively straightforward
Many pitfalls
www.brittontuma.com
“I am the wisest man alive, for I know one thing, and that is that I know nothing.”
-Socrates
#fraud20
![Page 38: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/38.jpg)
38
Very Complex Statute
Two Most Problematic Issues
“Loss” Requirement
• Confuses lawyers and judges alike
Unauthorized / Exceeding Authorized Access
• Evolving jurisprudence
• Interpreted by many Circuits
• New conflict on April 10, 2012www.brittontuma.com #fraud20
![Page 39: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/39.jpg)
39
Civil Remedy
Limited civil remedy Procedurally complex with many
cross-references
“damage” ≠ “damages”
Must have $5,000 “loss” (i.e., cost)
Loss requirement is jurisdictional threshold
www.brittontuma.com #fraud20
![Page 40: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/40.jpg)
40
Civil Remedy
What is a “loss”?“any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.”
Loss = cost (unless interruption of service)
www.brittontuma.com #fraud20
![Page 41: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/41.jpg)
41
Civil Remedy
Remedies Available
• Economic damages
• Loss damage
• Injunctive relief
Not Available• Exemplary damages
• Attorneys’ fees
www.brittontuma.com #fraud20
![Page 42: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/42.jpg)
42
Basic Elements
Elements of broadest CFAA Claim1. Intentionally access computer;
2. Without authorization or exceeding authorized access;
3. Obtained information from any protected computer; and
4. Victim incurred a loss to one or more persons during any 1-year period of at least $5,000.
www.brittontuma.com #fraud20
![Page 43: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/43.jpg)
43
Basic Elements
Elements of CFAA Fraud Claim1. Knowingly and with intent to defraud;
2. Accesses a protected computer;
3. Without authorization or exceeding authorized access;
4. By doing so, furthers the intended fraud and obtains anything of value; and
5. Victim incurred a loss to one or more persons during any 1-year period of at least $5,000.
www.brittontuma.com #fraud20
![Page 44: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/44.jpg)
44
WRONGFUL ACCESS
#fraud20
![Page 45: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/45.jpg)
45
Wrongful Access
General Access Principles Access by informational / data use
≠ technician
Must be knowing or intentional access
≠ accidental access
www.brittontuma.com #fraud20
![Page 46: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/46.jpg)
46
Wrongful Access
“without authorization” Outsiders No rights Not defined Only requires intent to
access, not harm Hacker!
“exceeds authorized” Insiders Some rights CFAA defines: access
in a way not entitled Necessarily requires
limits of authorization Employees, web
users, etc.
www.brittontuma.com
Two Types of Wrongful Access
#fraud20
![Page 47: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/47.jpg)
47
Wrongful Access
When does authorization terminate?
Trilogy of Access Theories
• Agency Theory
• Intended-Use Theory
• Strict Access Theory
www.brittontuma.com #fraud20
![Page 48: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/48.jpg)
48
Wrongful Access
Ways to establish limits for Intended-Use
Contractual• Policies: computer use, employment & manuals
• Website Terms of Service
Technological• Login and access restrictions
• System warnings
Training and other evidence of notification
Notices of intent to use CFAA
www.brittontuma.com #fraud20
![Page 49: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/49.jpg)
49
Wrongful AccessExamples
Employment SituationsMost common scenario is employment• Employee access and take customer account
information
• Employee accesses and takes or emails confidential information to competitor
• Employee improperly deletes data and email
• Employee deletes browser history
• Employee accessing their Facebook, Gmail, Chase accounts at work
www.brittontuma.com #fraud20
![Page 50: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/50.jpg)
50
Wrongful AccessExamples
Family Law SituationsHave you ever logged into your significant other’s email or Facebook to see what they’re saying to others?
DON’T ANSWER THAT!
• Estranged spouse in Arkansas did after separation
• NTTA account?
• Bank account?
• Cancelling services via online accounts?
www.brittontuma.com #fraud20
![Page 51: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/51.jpg)
51
Wrongful AccessExamples
Sharing Website LoginsHave you ever borrowed or shared website login credentials and passwords for limited access sites (i.e., online accounts)?
DON’T ANSWER THAT!
• Recent case held that permitting others to use login credentials for paid website was viable CFAA claim
• The key factor here was the conduct was prohibited by the website’s agreed to Terms of Service
www.brittontuma.com #fraud20
![Page 52: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/52.jpg)
52
Wrongful AccessExamples
Misuse of WebsitesEver created a fake profile or used a website for something other than its intended purpose?
DON’T ANSWER THAT!
• Myspace Mom case – United States v. Drew
• Fake login to disrupt legitimate website sales
• Accessing website to gain competitive information when prohibited by TOS
• Creating fake Facebook to research opposing parties
www.brittontuma.com #fraud20
![Page 53: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/53.jpg)
53www.brittontuma.com
Earlier Questions?
Have you ever heard of?
• Aaron Swartz – information liberator!
• Sandra Teague – Obama’s academic records
• Bradley Manning –released classified info
• Stuxnet – variations for corporate espionage
• Active Defense – fun stuff – call me! #fraud20
![Page 54: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/54.jpg)
54
DATA BREACHWHAT DO YOU DO?
#fraud20
![Page 55: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/55.jpg)
55
Data Breach
Data Breach
• product of computer fraud• on the rise• major risk to virtually all businesses
• PII, PHI, financial data, cardholder data• disruption and data loss• claims from data subjects• fines and penalties from govts, agencies, indust.
groups
• impossible to prevent• plan ahead to reduce harm
www.brittontuma.com #fraud20
![Page 56: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/56.jpg)
56
Data Breach
4 Phases of Data Breach
• Preparation
• Prevention
• Understanding • Laws, Rules & Regulations
• Responding
www.brittontuma.com #fraud20
![Page 57: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/57.jpg)
57
Data Breach
Preparation
• Breach Response Plan• Goal Execute!• Who, What, When, How
• Attorney – privilege
• Adopted Notification Form
• Educate Team• IT Security Audit / Penetration
Testing• Compliance Audit
• HIPAA, ERISA, OSHA, PCI, FINRA
• Cyber Insurancewww.brittontuma.com #fraud20
![Page 58: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/58.jpg)
58
Data Breach
Prevention
• Software and Systems Updates
• Remediate Vulnerabilities
• Encrypt, Encrypt, Encrypt
• Data Surveillence & IT Alerts• Cyber CounterIntelligence / CounterEspionage
• IT Alerts
www.brittontuma.com #fraud20
![Page 59: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/59.jpg)
59
Data Breach
Understanding Laws, Rules & Regulations• No Federal Breach Notification Law
(yet)• 46 States’ Have Laws
• ≠ Alabama, Kentucky, New Mexico, South Dakota
• Massachusetts is an oddball• 45 days (FL, OH, VT, WI) otherwise expeditious
without unreasonable delay• Consumers + State Attorney General
• Agencies (FTC, HHS, OCR, DOL, SEC)• Industries (FINRA, PCI)• International
www.brittontuma.com #fraud20
![Page 60: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/60.jpg)
60
Data Breach
Responding to a Breach – Just Execute the Plan!• Contact Attorney• Assemble Response Team• Contact Forensics• Contact Vendor for Notification• Investigate Breach• Remediate Responsible Vulnerabilities• Reporting & Notification
• Law Enforcement First• AGs, Admin. Agencies, Industries, Cred. Rpt,
Consumerswww.brittontuma.com #fraud20
![Page 61: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/61.jpg)
61
OTHER LAWS FOR COMBATING FRAUD
2.0
#fraud20
![Page 62: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/62.jpg)
62
Federal Laws
Federal Laws for Combating Fraud 2.0• Electronic Communications Privacy Act - 18
U.S.C. § 2510
• Wiretap Act ≠ intercept communications
• Stored Communications Act ≠ comm. at rest
• Fraud with Access Devices - 18 U.S.C. § 1029
• devices to obtain passwords, phishing, counterfeit devices, scanning receivers, drive through swipe cards
• Identity Theft – 18 U.S.C. § 1028
www.brittontuma.com #fraud20
![Page 63: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/63.jpg)
63
Texas Laws
Texas Laws for Combating Fraud 2.0• Breach of Computer Security Act (Tx. Penal Code §
33.02)
• knowingly access a computer without effective consent of owner
• Fraudulent Use or Possession of Identifying Info (TPC § 32.51
• Unlawful Interception, Use, or Disclosure of Wire, Oral or Electronic Communications (TPC § 16.02)
• Unlawful Access to Stored Communications (TPC § 16.04)
• Identity Theft Enforcement and Protection Act (BCC § 48.001)
• Consumer Protection Against Computer Spyware Act (BCC § 48.051)
• Anti-Phishing Act (BCC § 48.003)
www.brittontuma.com #fraud20
![Page 64: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/64.jpg)
64
• Welcome to the world of Fraud 2.0!
• Why? Remember what Jobs said
• CFAA is very broad and covers all kinds of computer fraud (sometimes) – evolving!
• Data Breaches – be prepared – it will happen!
• Many other Federal and Texas laws also available for combating computer fraud
• Cyber Insurancewww.brittontuma.com
Conclusion
#fraud20
![Page 65: 2013.05.16 cfaa powerpoint for ima.v1](https://reader034.vdocuments.us/reader034/viewer/2022050815/548ac4feb4795952448b4c04/html5/thumbnails/65.jpg)
65www.brittontuma.com
Do You Want to Know More?
www.brittontuma.com
www.shawnetuma.com
Shawn E. Tumad. 469.635.1335m. 214.726.2808
e. [email protected]@shawnetuma
Copyright © 2012