Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybercrime, Cyber Intelligence, Web 2.0

Similar presentations


Presentation on theme: "Cybercrime, Cyber Intelligence, Web 2.0"— Presentation transcript:

1 Cybercrime, Cyber Intelligence, Web 2.0

2 Agenda Cyber Intel – CC Market Looking at HCC Closing
Looking for Cyber Jihadists Like Cybercriminals Look for Your Rapid Look at cyber intel exercise - web 2.0 and beyond Looking at HCC Closing

3 Cybercrime – Intelligence Gathering
Sophisticated attacks designed to use and exploit as many possible avenues of attack / threat vectors as required to succeed Uses people, process and technology weaknesses Dynamic methods Focuses effort and emphasis on weakest areas Human Intelligence (HUMINT) Information Security (INFOSEC) Communications Intelligence (COMINT) Signals Intelligence (SIGINT) Open Source Intelligence (OSINT) Cyber Intelligence (CYBINT) Culturonomics Risk assessment based – path of least resistance Repeatable process Metrics used (what gets measured gets results) Exploits human vulnerabilities Uses denial and deception to obfuscate Remains hidden and resident Extracts information of value for monetization, economic advantage, strategic advantage Normally clandestine means to consistently gather intelligence Opportunistic Only as sophisticated as it needs to be Sophistication determined and dictated by aggressors after intelligence gathering Exploits technological vulnerabilities

4

5 Looking at Cyber Jihadists Like Cybercriminals look for you
Infiltration Looking at Cyber Jihadists Like Cybercriminals look for you

6 How do you find the sites
Maltego Touchgraph (Demo) Silobreaker

7 OSINT http://www.onstrat.com/osint/ http://www.touchgraph.com/

8 جهاد دار الحرب دار الاسلام كافر السلفيه التحرير الجهاد الاقتصادي
Historical Aspects كافر دار الحرب دار الاسلام Infidel Salafi Liberation السلفيه House of War House of Islam التحرير Five Pillars of Islam (Arabic: أركان الإسلام) is the term given to the five duties incumbent on every Muslim. These duties are: 1) Shahadah (profession of faith) 2) Salat (ritual prayer five times each day) 3) Sawm (fasting during Ramadan) 4) Zakat (Islamic tax or tithing) 5) Hajj (Pilgrimage to Mecca at least once during life). Economic Jihad Political Jihad Intelligence Jihad Subversive Jihad Diplomatic Jihad الجهاد الاقتصادي الجهاد السياسي الاستخبارات الجهاد التخريبيه الجهاد الجهاد الدبلوماسية جهاد 6) Jihad

9 Personas

10 Persona examples

11 Sample desktop configuration

12 Minhaj – Answers to Questions

13 Social / Cultural Values

14 Islam

15 Muhammad (PBUH)

16 What it takes to get started - Infiltration
Create Personas Create addresses Document personas Acquire pre-paid phones Establish Twitter and Facebook accounts to match personas Setup IRC accounts to match personas – unique nic Human Intel Cyber Intel Open Source Intel Need historical understanding Need religious understanding Need cultural understanding Need linguistic understanding

17 Command, Control, COmmunications
Snuggling Disrupt and confuse Command, Control, COmmunications

18 Friend Them Using Personas

19 Rapid Look at cyber intel exercise web 2.0 and beyond
Cyber Intelligence Rapid Look at cyber intel exercise web 2.0 and beyond

20 Methods Tools Methods Web searches and sites
Google.com (maps and search engine) Spokeo.com Intellius.com Yahoo.com Paterva Facebook.com Myspace.com LinkedIn.com VisualCV.com Treadstone71.com Methods Social Engineering Attempts Online Search Engines Government Records Search Web searches and sites Bing Silobreaker Public Records (free sites, and those available from ancestry.com) Social Networking sites: LinkedIn, Classmates.com, Facebook, YouTube Special OSINT tools MaltegoCE Web Data Extractor TouchGraph SEO Browser FOCA HUMINT Phone calls and s to known associates and/or relatives

21 An example – 27 minutes work
Looking at HCC

22 One final piece

23 Closing Maltego Touchgraph (Demo) Silobreaker Ancestry.com
Closing


Download ppt "Cybercrime, Cyber Intelligence, Web 2.0"

Similar presentations


Ads by Google