Presentation is loading. Please wait.

Presentation is loading. Please wait.

Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013.

Similar presentations


Presentation on theme: "Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013."— Presentation transcript:

1 Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013

2 Crime DOES Pay – OWASP ConferencePage 2 Traditional Forensics

3 Crime DOES Pay – OWASP ConferencePage 3 Digital Forensics He’s tough, but we’ll make him talk.

4 Crime DOES Pay – OWASP ConferencePage 4 Example – Bredolab Russia Netherlands France

5 Crime DOES Pay – OWASP ConferencePage 5 Agenda ►Computer Crime Definition ►Crime Detection ►Dealing with an Incident ►Jurisdiction ►Punishment ►Case Studies ►Summary and Recommendations

6 Crime DOES Pay – OWASP ConferencePage 6 Computer Crime Definition ►What name would best describe this type of offense? ►Is it a new form of crime? Computer as a weapon Computer as a target

7 Crime DOES Pay – OWASP ConferencePage 7 Rising Above the Noise Level Vectors that may lead to detection: Security systems Proportions Subject of attack

8 Crime DOES Pay – OWASP ConferencePage 8 Relevant Parties for Detection End Users Security Vendors HoneyNets ISPs Local Police SOCs And more … Auditing Processes Governmental Agencies

9 Crime DOES Pay – OWASP ConferencePage 9 How to Report a Computer Crime USA ►The Internet Crime Complaint Center (IC 3 )

10 Crime DOES Pay – OWASP ConferencePage 10 How to Report a Computer Crime UK ►Police Central e-crime https://online.met.police.uk/https://online.met.police.uk/ ►Action Fraud

11 Crime DOES Pay – OWASP ConferencePage 11 How to Report Computer Crime Meanwhile in Israel … Return

12 Crime DOES Pay – OWASP ConferencePage 12 Top 10 Detected Incidents ►Verizon 2012 Data Breach Investigations Report CategoryAttackOverall Rank Large Org. HackingUse of stolen login credentials31 MalwareBackdoor62 HackingExploitation of backdoor C&C channel73 PhysicalTampering94 MalwareKeylogger/Form-grabber/Spyware15 SocialPretexting (classic social engineering)116 HackingBrute force and dictionary attacks57 HackingSQL injection158 SocialPhishing (or any type of *ishing)209 MalwareC&C (listens for and executes commands)2210

13 Crime DOES Pay – OWASP ConferencePage 13 Duration Until the Incident is Discovered Early detection heavily depends on the organization’s security maturity level. Average time until detection( Days)

14 Crime DOES Pay – OWASP ConferencePage 14 Dealing with an Incident Common ways of dealing with an incident: Internal Care Law Enforcement Entity Regulations Incident Severity

15 Crime DOES Pay – OWASP ConferencePage 15 Collaboration Interpol, Europol, FBI, local police, social media & security teams, and more … Return

16 Crime DOES Pay – OWASP ConferencePage 16 Jurisdiction

17 Crime DOES Pay – OWASP ConferencePage 17 Punishment The penalty usually depends on the following factors: Financial damage Current & potential damage Offender intentions & personal gain

18 Crime DOES Pay – OWASP ConferencePage 18 Case Studies

19 Crime DOES Pay – OWASP ConferencePage 19 Case Study 1 ►Attacker: Pablo Escobar (James Jeffery) ►Victim: Abortions website

20 Crime DOES Pay – OWASP ConferencePage 20 Case Study 2 ►Attacker: Gary McKinnon ►Victim : USA military computers (“The biggest military computer hack of all time”) ►The US authorities tried to get an extradition ►Requested penalty: Up to 60 years in prison

21 Crime DOES Pay – OWASP ConferencePage 21 Case Study 3

22 Crime DOES Pay – OWASP ConferencePage 22 Take 1 ► Age – 19 ► Arrested for hacking to computers at NASA, the Pentagon, and more. ► Didn’t try to get a hold of secrets, rather to prove that the systems were flawed. Take 2 ► Age – 28 ► Accused with charges of conspiracy and fraud. ► Increased or deleted cards limit, then sold the stolen credit card numbers in the black market. Case Study years in prison 3 years probation + $503,000 fine

23 Crime DOES Pay – OWASP ConferencePage 23 Summary ►The chances of getting caught are slim. ►Even if an offender does get caught, there is a long way to go before he may stand trial. ►Since so “MANY” stand trial, penalty is disproportionate.

24 Crime DOES Pay – OWASP ConferencePage 24 And the Conclusion Is … Crime Does Pay …

25 Crime DOES Pay – OWASP ConferencePage 25 Recommendations Save logs Poor Continuous log monitoring Moderate Build incident response capabilities Good

26 How good is your detection mechanism…?

27 Thank you. Renana Friedlich, Incident response & forensic team leader


Download ppt "Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013."

Similar presentations


Ads by Google