Presentation on theme: "Technology & Crime Cyber – Mini Conference ADIL ILYAS CYBER CRIME CONSULTANT – CID HQ."— Presentation transcript:
Technology & Crime Cyber – Mini Conference ADIL ILYAS CYBER CRIME CONSULTANT – CID HQ
Agenda Status:- Situational Analysis of Cyber Crimes in the country. Threats:- Current and Future Threats & Threat Sources Trends:- Patterns and roadways of Cyber Crimes in the country Challenges:- Technical to Administrative Challenges Solutions:- A way forward Case Studies
Introductions Technology is a double-edge sword, and it's a good idea to understand how both sides of the blade cut. The Good Part: Medicine, Education, Communication, Trade/Commerce, Entertainment and much more It facilitates crime but it has been also mobilized to successfully combat crimes, even in Tanzania. There are negative externalities brought about by the increased use of technology and some of these pose serious challenges on the course of our daily lives.
Cyber Crime - Explained Any electronic Device that can either STORE, PROCESS or COMMUNICATE can be used to either commission an offense or be used as a target of an Offense. Technological Enabled Crimes ( Cyber Crimes ) o Traditional Crimes using new technology. o Examples: - Fraud, Counterfeiting, Tax Evasion, Money Laundering Computer Crimes o Crimes brought fourth by new technology Hacking, Denial of Service Attacks, System Manipulation, Phishing, Spamming Tools Regular Phones, Smart Phones Computers Storage Devices ( Flash Disk, CDs etc)
Who can commit an offense ? Over 18 million people in Tanzania are connected to Mobile Phone Networks Over 8 million people in Tanzania are connected to the internet, with or without knowledge of their connection state. More than 7% of the population owns a PC Anyone of these can commit an offense Mostly likely they will use the same available technology to facilitate that offense. Practically they have the weapon for the offense.
Our Status Quick Fact :- The beauty about technology it does not wait for a country or region to fully mature into a developed state, but rather its instantaneously available across globe. The same technology may impact regions differently and bring about positive and negative outcomes. Noticeable Government Efforts TCRA Harmonized Communication Sector ( Pricing, Service Structure, Resource Management ) Tanzania Police Force – Cyber Crime Unit. o Newly Revamped Department o Covers: Computer & Mobile Forensics, Hi-Tech Crimes, Research & Emerging Crimes, First Responders, Stake Holder Liason, Cyber Prosecution o Continuous Training Efforts :- Over 250 First Responders / Officers have been trained CERT – Establishment in progress. Establishment of eGA Establishment of EPOCA, and ongoing process of Establishing Cyber Law
Our Status Communication Sector:- Mobile Subscriber Registration has helped in identifying culprits misusing the technology. But still some phones continue to operate un-registered and other with false pre-registered information Storage of Corroborative Evidence as CDRs with mobile operators has helped a great deal in combating crimes, but Most Operators fail to retain DHCP Logs on internet activities. Insider collaboration, SIM Swapping and Soft Engineering on victims has been the latest trend in Mobile Money Theft.
Our Status … Financial Sector Tanzania has over 26 Banks; all these banks use the latest technology available in the market to offer services. Some of these banks even inter-connect their services to Mobile Communication Networks. Banks have been in the frontline of attacks by both Locals and Foreigners Technology used against banks are :- Key Loggers, Skimmers, ATM Cloners, Insiders, Sniffers, Identity Theft, Card Trading
Threats & Threat Sources.. Threat SourceDescription & Technology usedTypical Threats Posed Organized Criminal Groups Criminal groups seek to attack systems for monetary gain. Key Loggers ATM Skimmers Card Cloners Identify Theft Computer & Computer Software SMS ID Manipulation GSM Gateways Internet Fraud Theft Forgery & Counterfeiting Money Laundering Tax Evasion Call Termination Fraud Email Scams, Fake Websites Denial of Service Attacks Piracy Defamation and Offensive Content Impersonation
Threats & Threat Sources.. Threat SourceDescription & Technology usedTypical Threats Posed Amateur Offenders Offenders with various motivations some monetary gains while others focus on personal agendas Mobile Phones Computers Internet Harassment & Threats Theft Defamation Impersonation
Threats & Threat Sources.. Threat SourceDescription & Technology usedTypical Threats Posed Insiders The disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to steal system data. Theft Fraud Denial of Service Attacks Theft of Information
In order to commit the offense MOTIVATION & OPPORTUNITY
MOTIVATORS t FINANCIAL PERSONAL MOTIVATIONS ADVENTURE / POWER HI-TECH
Opportunities 7 YEARS AGO Ally Dar Es Salaam Joanitha Arusha
Opportunities 4 YEARS AGO Ally Dar Es Salaam Joanitha Arusha MPESA
Opportunities 1 YEAR AGO Ally Dar Es Salaam Joanitha Arusha MPESATIGO PESA
Opportunities NOW Ally Dar Es Salaam Joanitha Arusha CRDB BANK NMB BANK MPESA TIGO PESA MPESA OR MOBILE BANKING CARDLESS WITHDRAWO
Opportunities for Criminals Increased volume of E-Commerce and online corporate transactions Increased connectivity for both targets and offenders Increased vulnerability of targets Convergence of Technologies
Typical Offenses Fraud Call Termination Fraud Credit/Debit Card Trading Organized Scams Terrorism Money Laundering Denial of Services Piracy Counterfeiting Tax Evasion Impersonation and concealment of identity Illegal Interception of Communication
Administrative Challenges Enactment of Cyber Laws that will encompass all aspects of Cyber Crimes and Computer Related Offenses Delay Educational Sectors to introduce Disciplines in Cyber Crimes Lack National Strategy in Combating Cyber Crimes Consumer & End User Education on New Products Admissibility of Electronic Evidence in Courts Education and Training to Law Enforcement Officers, Prosecutors and Judicial Retaining of Corroborative Evidence by Third Party Providers Stakeholder collaboration still a challenge No Standard Operating Procedures or Best Practices Adopted Working IN Border but fighting a borderless crime Costs
Technical Challenges Many Offenses are never detected Many detected Offenses are never reported Difficult to Quantify offenses Distributed Systems make search and seizure difficult Encryption Skills sets required to Investigate and Forensically extract ESI Difficult to Police Cyber Space Convergence of Technologies The Constantly Evolving Technological Landscape and Emerging Crime ware Technique
Tools Using Hardware based Key loggers. A common method across Asia/African Markets
Way Forward On a more holistic level, a multifaceted approach is certainly required in order to comprehensively deal with the problem most effectively. o EDUCATION Educating information technology users including individuals, corporate entities and organizations is a largely preventative measure. Universities & Institutions should accommodate Information Security o PUBLIC & PRIVATE PARTNERSHIPS Both are inter-dependent on one another. o DEFENSIVE TECHNOLOGY Monitoring & Forensic Technology