Overview
Cybersecurity is often thought to involve protecting one’s identity and sensitive information when online, but this is not nearly the full extent of the risk. Critical information and infrastructure can be vulnerable to attack by malicious actors and when compromised, loss of critical data; publication of sensitive materials; damage or destruction of systems, or other severe consequences could follow.
This course investigates cybercrime in its many guises including in the context of prevention and transnational cooperation, and also focuses on the prosecution of cybercrime. Prosecution often involves bringing together multiple people across many departments and multiple jurisdictions which can pose a variety of challenges. Drawing from the U.S. policy, legislative, institutional and prosecutorial experience, this seminar will integrate the selected topics through lectures, case studies and class discussion. Participants will also engage in in-depth study of cybercrime investigation and prosecution while developing their skills.
The covered material will be of interest to policy makers, regulators, business leaders, government officials, prosecutors, criminal justice personnel, judges, attorneys, and academics, specifically in developing economies where cybercrime is emerging or may pose a particular threat.
Format
The seminars are currently offered both in-person and online simultaneously, at the choice of the participant. This choice must be indicated at the time of registration. A small number of courses are scheduled to be delivered exclusively in person or online, and are indicated as such in the schedule. In-Person Only seminars usually start at 9:30 am Washington D.C. time. Daily sessions usually end at 4:00 pm. Breaks (including the lunch break) are allocated as appropriate. Online Only seminars will be delivered through five (for 1-week course) or ten (for 2-weeks course) live online sessions via videoconferencing platform. Each session will last approximately 3.5 hours and will be scheduled to start within a time window of 7:00 am – 8:30 am Washington D.C. time. Hybrid In-Person/Online seminars will start at a time most convenient to both in-person and online participants, and will generally follow the In-Person seminar format. We expect the classes to be highly interactive and can include presentations, case studies and exercises.
Course Outline
Cybercrime
- Defining and describing cybercrime, and understanding the systems involved
- Hacking: Privacy, integrity, accessibility, and application
- Bots, malware, spam, identity theft, phishing and other vulnerabilities and exploits
- The Client/Server model: Peer-to-Peer (Gigatribe, BitTorrent, etc.); Darknets
- Cloud Computing
- Combating Cross-Border Cybercrime
- Combating Cybercrime Locally, Regionally and Globally
- Recent Developments
Managing Risk, Cyber Audits, Preventing Attacks, and Mitigating Damage
- Data Protection
- What systems can be affected and how are they vulnerable?
- Internet of Things (IOT), Interconnected Systems (i.e. electrical grids, traffic control systems) and Devices (i.e. IP cameras and even smart locks)
- Particular challenges for emerging economies
Prosecuting Cybercrime
- Foundational elements
- Challenges associated with prosecution
- Investigating and preparing for trial
- Relationship to other crimes, including Human Trafficking and Financial Crimes
- Cross border challenges
- Developing a robust framework upon which countries and courts can cooperate to prosecute offenders
- Coordinating and educating all parties, including the police, other investigators, prosecutors, judges and the public
International Cooperation and Cyberwarfare
- The role of state actors and case study
- EU General Data Protection Regulation (GDRP)
- The Convention on Cybercrime
- Mutual assistance and evidence sharing
Course Advisor
JANE RUDY is a Cybersecurity Policy Writer at MIT Lincoln Laboratory. In both defense and research environments, Jane’s work focuses on implementing secure systems under the Risk Management Framework. She has supported both tactical and strategic roles implementing technical and policy-based security controls. Jane holds a BA in Political Science and International Affairs as well as an MA in Cybersecurity, both from Northeastern University.