Skip to main content
SpringerLink
Log in

Technical, legal and ethical dilemmas: distinguishing risks arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing perspective

  • Original Paper
  • Published:
Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Abstract

While hype around the benefits of ‘cloud computing’increase, challenges in maintaining data security and data privacy have also been recognised as significant vulnerabilities (Ristenpart et al. in Proceedings of the 14th ACM conference on computer and communications security, pp 103–115, 2009; Pearson in CLOUD’09, pp 44–52, 2009; Vouk in J Comput Inf Technol 4:235–246, 2008). These vulnerabilities generate a range of questions relating to the capacity of organisations relying on cloud solutions to effectively manage risk. This has become particularly the case as the threats faced by organisations have moved increasingly away from indiscriminate malware to more targeted cyber-attack tools. From forensic computing perspective it has also been recognised that ‘cloud solutions’ pose additional challenges for forensic computing specialists including discoverability and chain of evidence (Ruan et al. in Adv Digital Forensics VII:35–46, 2011; Reilly et al. in Int J Multimedia Image Process 1:26–34, 2011). However, to date there has been little consideration of how the differences between indiscriminate malware and targeted cyber-attack tools further problematize the capacity of organisations to manage risk. This paper also considers these risks and differentiates between technical, legal and ethical dilemmas posed. The paper also highlights the need for organisations to be aware of these issues when deciding to move to cloud solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. Preferred Australian spelling of cyber-attack is used through this paper.

  2. It is worth noting, that in some jurisdictions, even ownership of such tools can be considered illegal. This can subsequently be detrimental for development of defences against these tools, i.e. antivirus industry.

References

  1. Ristenpart, T., Tromert, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 103–115. ACM, New York (2009)

  2. Pearson, S.: Taking account of privacy when designing cloud computing services. In: CLOUD’09, pp. 44–52. IEEE (2009)

  3. Vouk, M.A.: Cloud computing: issues, research and implementations. J. Comput. Inf. Technol. 4, 235–246 (2008)

    Google Scholar 

  4. Ruan, K., Carthy, J., Kechadi, T., Crosbie, M.: Cloud forensics: an overview. Adv. Digital Forensics VII, 35–46 (2011)

    Google Scholar 

  5. Reilly, D., Wren, C., Berry, T.: Cloud computing: Pros and Cons for computer forensic investigations. Int. J. Multimedia Image Process. 1, 26–34 (2011)

    Google Scholar 

  6. Foster, I., Yong, Z., Raicu, I., Lu, S.: Cloud computing and grid computing 360-degree compared. In: Grid Computing Environments Workshop, 2008, GCE ’08, pp. 1–10 (2008)

  7. Mell, P., Grance, T.: The NIST definition of cloud computing. Commun. ACM 53, 50–50 (2010)

    Google Scholar 

  8. Mell, P., Grance, T.: The NIST definition of cloud computing. In: Commerce, U.S.D.o. (ed.) National Institute of Standards and Technology, Gaithersburg, MD (2011)

  9. Dahbur, K., Mohammad, B., Tarakji, A.B.: A survey of risks, threats and vulnerabilities in cloud computing. In: Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications, pp. 1–6. ACM, Amman, Jordan (2011)

  10. http://www.nautilus.org/info-policy/workshop/papers/denning.html

  11. Information Security magazine: http://www.cs.georgetown.edu/~denning/infosec/disarming-blackhats.html

  12. Gordon, S., Ford, R.: Cyberterrorism? Comput. Security 21, 636–647 (2002)

    Article  Google Scholar 

  13. Gordon, S., Ford, R.: On the definition and classification of cybercrime. J. Comput. Virol. 2, 13–20 (2006)

    Article  Google Scholar 

  14. Broucek, V., Turner, P.: Forensic computing: developing a conceptual approach in the era of information warfare. J. Inf. Warfare 1, 95–108 (2001)

    Google Scholar 

  15. http://www.af.mil/lib/corner.html

  16. http://www.student.seas.gwu.edu/~reto/papers/infowar.pdf

  17. Linkoping University: http://www.ida.liu.se/~guniv/Infowar/

  18. Warren, M., Hutchinson, W.: Information warfare and hacking. In: Armstrong, H. (ed.) 5th Australian Security Research Symposium, pp. 195–206. Edith Cowan University, Perth (2001)

  19. Gordon, S., Ford, R.: Computer crime revisited: the evolution of definition and classification. In: Turner, P., Broucek, V. (eds.) Proceedings of the 15th Annual EICAR Conference “Security in the Mobile and Networked World”, pp. 48–59. EICAR, Hamburg (2006)

  20. Denning, D.E.: Information Warfare and Security. Addison-Wesley Longman Ltd, Essex (1999)

    Google Scholar 

  21. Kulish, N.: Germans condemn police use of spyware. New York Times, pp. A.5–A.5, New York (2011)

  22. McCullagh, A., Broache, A.: Will security firms detect police spyware? CNET News. CBC Interactive (2007)

  23. Bodenheimer, D.Z.: Cyberwarfare in the Stuxnet age. Can Cannonball law keep pace with the digital battlefield? The SciTech Lawyer 8 (2012)

  24. Fahs, R.: Position Paper: The Future of AV Testing. EICAR (2010)

  25. Wolfe, J.: Bona fide researcher? In: Gattiker, U.E. (ed.) EICAR Conference Best Paper Proceedings. EICAR, Copenhagen (2003)

  26. Owens, W.A., Dam, K.W., Lin, H.S. (eds.): Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities. The National Academies Press, New York (2009)

  27. Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. Security Privacy IEEE 9, 49–51 (2011)

    Google Scholar 

  28. Masters, G.: Life after Stuxnet. SC Mag. 22, 29–31 (2011)

    Google Scholar 

  29. Chen, T.M., Abu-Nimeh, S.: Lessons from Stuxnet. Computer 44, 91–93 (2011)

    Article  Google Scholar 

  30. Vaquero, L.M., Rodero-Merino, L., Caceres, J., Lindner, M.: A break in the clouds: towards a cloud definition. ACM SIGCOMM Comput. Commun. Rev. 39, 50–55 (2009)

    Article  Google Scholar 

  31. Help Net Security: http://www.net-security.org/secworld.php?id=11513

  32. Higgins, K.J.: Apache issues workarounds for ‘Killer’ attack. Informationweek (2011)

  33. UBM TechWeb: http://www.darkreading.com/vulnerability-management/167901026/security/attacks-breaches/228300082/possible-new-threat-malware-that-targets-hardware.html

  34. Desnos, A., Erra, R., Filiol, E.: Processor-dependent malware... and codes. eprint arXiv:1011.1638 (2010)

  35. National Cybersecurity and Communications Integration Center: Assessment of Anonymous Threat to ontrol Systems. US Department of Homeland, Security (2011)

  36. Rashid, F.Y.: DHS warns of anonymous cyber-attack tools, planned mass protests. eWeek.com. Ziff Davis Enterprise Inc (2011)

  37. Cawley, C.: Federal Communications Commission Assistance for Online Attacks. Bright Hub Inc (2011)

  38. Symantec Connect: http://www.symantec.com/connect/blogs/targeted-attacks-against-small-and-medium-businesses-during-2011

  39. Symantec Connect: http://www.symantec.com/connect/blogs/targeted-attacks-and-smbs

  40. Prince, B.: Behind the government’s rules of cyber war. Security Week. Wired Business Media (2011)

  41. Wilson, C.: Botnets, cybercrime, and cyberterrorism: vulnerabilities and policy issues for congress. In: Foreign Affairs, Defense, and Trade Division (eds.) Congressional Research Services (2008)

  42. U.S. Department of Justice: http://www.fbi.gov/news/stories/2011/november/malware_110911

  43. Broucek, V.: “Forensic Computing: Exploring Paradoxes”: an investigation into challenges of digital evidence and implications for emerging responses to criminal, illegal and inappropriate on-line behaviours. School of Computing and Information Systems, vol. PhD. University of Tasmania, Hobart (2009)

  44. Broucek, V., Turner, P.: Considerations for e-forensics: insights into implications of uncoordinated technical, organisational and legal responses to illegal or inappropriate on-line behaviours. Int. Sci. J. Comput. 4, 17–25 (2005)

    Google Scholar 

  45. Broucek, V., Turner, P.: Winning the battles, losing the war? Rethinking methodology for forensic computing research. J. Comput. Virol. 2, 3–12 (2006)

    Article  Google Scholar 

  46. Broucek, V., Turner, P., Frings, S.: Music piracy, universities and the Australian Federal Court: issues for forensic computing specialists. Comput. Law Security Rep. 21, 30–37 (2005)

    Article  Google Scholar 

  47. Brungs, A., Jamieson, R.: Identification of legal issues for computer forensics. Inf. Syst. Manag. 22, 57–66 (2005)

    Article  Google Scholar 

  48. Hannan, M., Frings, S., Broucek, V., Turner, P.: Forensic computing theory& practice: towards developing a methodology for a standardised approach to computer misuse. In: Kinght, S.-A. (ed.) 1st Australian Computer. Network & Information Forensics Conference, Perth, WA, Australia (2003)

  49. Hannan, M., Turner, P.: The last mile: applying traditional methods for perpetrator identification in forensic computing investigations. In: 3rd European Conference on Information Warfare and Security (2004)

  50. Hannan, M., Turner, P., Broucek, V.: Refining the taxonomy of forensic computing in the era of E-crime: insights from a survey of Australian Forensic Computing Investigation (FCI) Teams. In: 4th Australian Information Warfare and IT Security Conference, pp. 151–158, Adelaide, SA, Australia (2003)

  51. Reith, M., Carr, C., Gunsch, G.: An examination of digital forensic models. Int. J. Digital Evidence 1 (2002)

  52. Cornall, R., Black, R.: 2011 Independent Review of the Intelligence Community Report. Commonwealth of Australia, Canberra (2011)

    Google Scholar 

  53. Department of Defense: Department of Defense Cyberspace Policy Report: A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934. Department of Defense, United States of America (2011)

  54. Department of Defense: Department of Defense Strategy for Operating in Cyberspace. Department of Defense, United States of America (2011)

  55. Carnabuci, C.: The long arm of the USA Patriot Act: tips for Australian Businesses selecting data service providers. Freshfields Bruckhaus Deringer (2011)

Download references

Author information

Authors and Affiliations

  1. School of Psychology, University of Tasmania, Private Bag 30, Hobart, TAS, 7001, Australia

    Vlasti Broucek

  2. School of Computing and Information Systems, Private Bag 87, Hobart, TAS, 7001, Australia

    Paul Turner

Authors
  1. Vlasti Broucek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paul Turner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vlasti Broucek.

Additional information

This is an extended version of paper that was originally published in proceedings of the 21th Annual EICAR Conference 2012.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Broucek, V., Turner, P. Technical, legal and ethical dilemmas: distinguishing risks arising from malware and cyber-attack tools in the ‘cloud’—a forensic computing perspective. J Comput Virol Hack Tech 9, 27–33 (2013). https://doi.org/10.1007/s11416-012-0173-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-012-0173-0

Keywords

Search

Navigation