Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By: Brian Nienhaus.  What is cybercrime?  Running a cybercrime syndicate  Cybercrime attacks  Countermeasures  Organization profiles.

Similar presentations


Presentation on theme: "Presented By: Brian Nienhaus.  What is cybercrime?  Running a cybercrime syndicate  Cybercrime attacks  Countermeasures  Organization profiles."— Presentation transcript:

1 Presented By: Brian Nienhaus

2  What is cybercrime?  Running a cybercrime syndicate  Cybercrime attacks  Countermeasures  Organization profiles

3 Who, Where, When, Why

4  “The degree of overlap between [organized crime and cybercrime] is likely to increase considerably in the next few years. This is something that needs to be recognized by business and government as an emerging and very serious threat to cyber-security.”

5  Cybercrime is…?  “offenses ranging from criminal activity against data to content and copyright infringement” (Council of Europe’s CC Treaty)  United Nations refers to acts of fraud, forgery and unauthorized access  “…unlawful acts wherein the computer is either a tool or a target or both.”.

6  The Internet encourages anonymity and is distributed in nature  Many countries have very few laws addressing cybercrime  Love Bug Virus  VB script that spread via and corrupted many different file types  FBI traced the virus to the Philippines  The increasing growth of e-commerce

7  22.3% increase in # from 2008  211% increase in financial loss  Median dollar loss: $575  Crimes with no documented loss or harm are not included  Top 5 categories:  Non-delivered merchandise: 19.9%  Identity Theft: 14.1%  Credit Card Fraud: 10.4%  Auction Fraud: 10.3%  Computer Fraud: 7.9%

8 UNORGANIZEDORGANIZED  Usually the work of an individual  Decentralized  Smaller resource base  Hit and run mentality/opportunistic  Centralized group of criminals  Many based in “hostile” nation  Extensive access to resources/business connections  Extended operations

9

10  Hackers discover vulnerabilities and sell to the highest bidder  Crimeware suites created and sold to less technically inclined users  Crimeware-as-a-service mentality  Data supplier model  Pricing profiles introduced  Credits cards = cheap  Healthcare info/single logins for organizations = expensive  Cybercrime economy mirrors actual economy

11

12  Organized crime closely mimics the actual economy  Regionally-specific & enterprise-specific campaign  Each attack campaign gathered centrally to sell  Campaigns managed remotely from these central servers  Data and asset management is just as essential as in traditional business

13

14  (1) Boss deploys malicious code package  (2) Campaign managers retrieve package and customized as needed  (3) Malicious network used to inject package into legitimate sites. Commission- based  (4) Injected code served to users  (5) Toolkit affects individual users  (6) Infection data sent back to central location  (7) PII flows back to boss

15

16  Example of crimeware toolkit that originates from Eastern Europe, primarily Russia and the Ukraine  Utilizes three major components and powerful encryption:  ZueS trojan  ZueS config file  Specifcation of dropsite

17  Config file defines subset of targets  ZueS collects session variables during sessions  Bypasses auth. Mechanisms and piggybacks session  Criminals are able to move money to third parties in real-time  ZueS Builder provides binary files for constructing a botnet

18  How simple is it?  Number of new ZeuS binaries in the past month: 18,985  Number of new ZeuS binaries seen in the past week: 4,582  Number of new ZeuS binaries seen in one day: 977

19  Trend Report Trend Report  ZeuS Video ZeuS Video

20

21  Consider:  Hardware and software keeps getting cheaper  Combine the Internet and a global scope, the the potential for attacks is limitless  Security will always be breached  Even when laws are passed to increase technological safeguards, new technology will always outstrip legislation

22  I3C  Accepts complaints, investigates, and/or redirects to appropriate law enforcement  Joint operations with other agencies  Publishes cyber-security information  IT Act(2000)  Attempt to define various electronic specifications:  Digital Signatures  Use/Retention of electronic records  Security  Certification Authorities  Offenses

23  df df  df df  ch/researchandanalysis/zeusapersistentcriminalenterprise. pdf ch/researchandanalysis/zeusapersistentcriminalenterprise. pdf   p p  


Download ppt "Presented By: Brian Nienhaus.  What is cybercrime?  Running a cybercrime syndicate  Cybercrime attacks  Countermeasures  Organization profiles."

Similar presentations


Ads by Google