Presentation is loading. Please wait.

Presentation is loading. Please wait.

Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013.

Published byEve Dreyer Modified over 9 years ago

Similar presentations

Presentation on theme: "Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013."— Presentation transcript:

1 Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013

2 Crime DOES Pay – OWASP ConferencePage 2 Traditional Forensics

3 Crime DOES Pay – OWASP ConferencePage 3 Digital Forensics He’s tough, but we’ll make him talk.

4 Crime DOES Pay – OWASP ConferencePage 4 Example – Bredolab Russia Netherlands France

5 Crime DOES Pay – OWASP ConferencePage 5 Agenda ►Computer Crime Definition ►Crime Detection ►Dealing with an Incident ►Jurisdiction ►Punishment ►Case Studies ►Summary and Recommendations

6 Crime DOES Pay – OWASP ConferencePage 6 Computer Crime Definition ►What name would best describe this type of offense? ►Is it a new form of crime? Computer as a weapon Computer as a target

7 Crime DOES Pay – OWASP ConferencePage 7 Rising Above the Noise Level Vectors that may lead to detection: Security systems Proportions Subject of attack

8 Crime DOES Pay – OWASP ConferencePage 8 Relevant Parties for Detection End Users Security Vendors HoneyNets ISPs Local Police SOCs And more … Auditing Processes Governmental Agencies

9 Crime DOES Pay – OWASP ConferencePage 9 How to Report a Computer Crime USA ►The Internet Crime Complaint Center (IC 3 ) www.ic3.gov www.ic3.gov

10 Crime DOES Pay – OWASP ConferencePage 10 How to Report a Computer Crime UK ►Police Central e-crime https://online.met.police.uk/https://online.met.police.uk/ ►Action Fraud http://www.actionfraud.police.uk/home http://www.actionfraud.police.uk/home

11 Crime DOES Pay – OWASP ConferencePage 11 How to Report Computer Crime Meanwhile in Israel … Return

12 Crime DOES Pay – OWASP ConferencePage 12 Top 10 Detected Incidents ►Verizon 2012 Data Breach Investigations Report CategoryAttackOverall Rank Rank @ Large Org. HackingUse of stolen login credentials31 MalwareBackdoor62 HackingExploitation of backdoor C&C channel73 PhysicalTampering94 MalwareKeylogger/Form-grabber/Spyware15 SocialPretexting (classic social engineering)116 HackingBrute force and dictionary attacks57 HackingSQL injection158 SocialPhishing (or any type of *ishing)209 MalwareC&C (listens for and executes commands)2210

13 Crime DOES Pay – OWASP ConferencePage 13 Duration Until the Incident is Discovered Early detection heavily depends on the organization’s security maturity level. Average time until detection( Days)

14 Crime DOES Pay – OWASP ConferencePage 14 Dealing with an Incident Common ways of dealing with an incident: Internal Care Law Enforcement Entity Regulations Incident Severity

15 Crime DOES Pay – OWASP ConferencePage 15 Collaboration Interpol, Europol, FBI, local police, social media & email security teams, and more … Return

16 Crime DOES Pay – OWASP ConferencePage 16 Jurisdiction

17 Crime DOES Pay – OWASP ConferencePage 17 Punishment The penalty usually depends on the following factors: Financial damage Current & potential damage Offender intentions & personal gain

18 Crime DOES Pay – OWASP ConferencePage 18 Case Studies

19 Crime DOES Pay – OWASP ConferencePage 19 Case Study 1 ►Attacker: Pablo Escobar (James Jeffery) ►Victim: Abortions website

20 Crime DOES Pay – OWASP ConferencePage 20 Case Study 2 ►Attacker: Gary McKinnon ►Victim : USA military computers (“The biggest military computer hack of all time”) ►The US authorities tried to get an extradition ►Requested penalty: Up to 60 years in prison

21 Crime DOES Pay – OWASP ConferencePage 21 Case Study 3

22 Crime DOES Pay – OWASP ConferencePage 22 Take 1 ► Age – 19 ► Arrested for hacking to computers at NASA, the Pentagon, and more. ► Didn’t try to get a hold of secrets, rather to prove that the systems were flawed. Take 2 ► Age – 28 ► Accused with charges of conspiracy and fraud. ► Increased or deleted cards limit, then sold the stolen credit card numbers in the black market. Case Study 3 1.5 years in prison 3 years probation + $503,000 fine

23 Crime DOES Pay – OWASP ConferencePage 23 Summary ►The chances of getting caught are slim. ►Even if an offender does get caught, there is a long way to go before he may stand trial. ►Since so “MANY” stand trial, penalty is disproportionate.

24 Crime DOES Pay – OWASP ConferencePage 24 And the Conclusion Is … Crime Does Pay …

25 Crime DOES Pay – OWASP ConferencePage 25 Recommendations Save logs Poor Continuous log monitoring Moderate Build incident response capabilities Good

26 How good is your detection mechanism…?

27 Thank you. Renana Friedlich, Incident response & forensic team leader Renana.Friedlich@il.ey.comRenana.Friedlich@il.ey.com, 054- 2661260

Download ppt "Crime DOES Pay (Unless you get caught) Renana Friedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013."

Similar presentations

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
3/25/2017 Social Jessica Winters

3/25/2017 Social Jessica Winters
You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
Advanced Piloting Cruise Plot.

Advanced Piloting Cruise Plot.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.

By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
Overview An overview of Apprenticeships and the Apprenticeship Vacancy Matching Service Your presenter is Anne Rodriguez Issue 1.0 Apprenticeship Vacancy.

Overview An overview of Apprenticeships and the Apprenticeship Vacancy Matching Service Your presenter is Anne Rodriguez Issue 1.0 Apprenticeship Vacancy.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
Business Transaction Management Software for Application Coordination 1 www.choreology.com Business Processes and Coordination.

Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa

Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
My Alphabet Book abcdefghijklm nopqrstuvwxyz.

My Alphabet Book abcdefghijklm nopqrstuvwxyz.
0 - 0.

0 - 0.
1 ICOTS What weve learned since October 6, 2008. 2 GETTING STARTED.

1 ICOTS What weve learned since October 6, GETTING STARTED.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.

Similar presentations

Ads by Google