Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNCLASSIFIED. Definitional - Issues Post Sept 11 th Realizations.. * In drafting Patriot Act, Congress noted: Criminal conduct potentially tied to.

Similar presentations


Presentation on theme: "UNCLASSIFIED. Definitional - Issues Post Sept 11 th Realizations.. * In drafting Patriot Act, Congress noted: Criminal conduct potentially tied to."— Presentation transcript:

1 UNCLASSIFIED

2 Definitional - Issues

3

4 Post Sept 11 th Realizations.. * In drafting Patriot Act, Congress noted: Criminal conduct potentially tied to terrorism is “inexorably woven through the Internet”… * Critical information regarding such tentacles, more often resides with industry or academia long before it migrates into Govt/LE’s hands… *Terrorism support tentacles stretch far, and are often not easily identifiable with known terrorist groups at the outset..

5 Initiative Based Partnerships

6

7 NCFTA = Resource Fusion Center: NCFTA PPA Teams Industry SME’s Law EnforcementAcademia (Intel & Analysis) *Alerts *PSA’s *Proactive Options *Target Initiatives *Impact *Lessons Learned =Training (Output – Benefit)

8 NCFTA Space FBI Secure Space DPN DB SPAM DB Other DB Contract DB’s Trilogy IDW Fidelity DB’s IDT-BITS DB’s BSA-Other DB’s CIDDAC Intel MRC DB’s Referral to Law Enforcement & Coordination

9 Nature of the Threat: Complex & more sophisticated,Complex & more sophisticated, Increasingly International in origin or supportIncreasingly International in origin or support Organized Criminal Groups with distinct rolesOrganized Criminal Groups with distinct roles Social Engineering = Common Theme….Social Engineering = Common Theme….

10 OPERATION RELEAF (Retailers & Law Enforcement Against Fraud) (Retailers & Law Enforcement Against Fraud) 2003 IC3 received 35,000 transactions for a potential economic loss in excess of $10 million. Six week period ending 12/31/2003, IC3 received from 29 Industry members, 1434 fraudulent transactions of a potential loss in excess of $600,000. Of these transactions 733 addresses were identified.

11

12 Recruiting Methods

13 UNCLASSIFIED

14

15

16

17 Organized Crime In The 21 st Century International Carder’s Alliance International Carder’s Alliance

18 Sobig.F 18 August 2003 In a single day, 1 in every 17 s sent worldwide came from Sobig.F. In a single day, 1 in every 17 s sent worldwide came from Sobig.F. Time delayed action. Time delayed action. Due to contact 20 servers for instructions Due to contact 20 servers for instructions Like the Blaster worm, that pointed some 400,000 host PCs to Microsoft's windowsupdate.com at the same time on the same day. Like the Blaster worm, that pointed some 400,000 host PCs to Microsoft's windowsupdate.com at the same time on the same day. windowsupdate.com Picture a future Sobig using millions of infected machines to hack into the servers of a major bank. "The virus-writer world and the hacker world have come together. Picture a future Sobig using millions of infected machines to hack into the servers of a major bank. "The virus-writer world and the hacker world have come together. *From “Attack of the World Wide Worms”Attack of the World Wide Worms Time Magazine, Aug 25, 2003, CERT® Incident Note IN

19 Industry List serve Joint Triage Team Direct Contact 24/7 With Triage Members Matched with other Teams Input L.E.T.F

20 Develop & Refine Initiatives

21 Defining Success (Impact) Disrupt & Disable –Shut Down sites –Label/Banner links-Images –Search/Seizure (Recover customer data) Investigate (Proactively) –Maximize informal intelligence sharing –Keep strategy focused – Tweek periodically Public Service Advisories (PSA’s) –Utilize DPN team to maximize this…

22

23 Organized Crime In The 21 st Century 13 Arrests - Estonia 17 Arrests - Estonia 4 Arrests - Russia 4 Arrests - Austria 3 Arrests - Nigeria 4- Va Wash Ariz Calif

24

25 Spoofed Website Hosted on the server in China Legitimate Website

26 Hosted in Germany Source of Spam Harvested Data Victim Login from Romania

27

28 *FBI*FTCWorking: *Postal*DHSUSSS? *NW3C*TargetDHL *State and LocalsSEC Others.. CIRFU * FBI *Postal *DHS *State *Local *USCERT INDUSTRY Co-Located IN HOUSE *Discover *BSA *Fidelity *Microsoft *PNC *Target *Pfizer IN THE WORKS *eBay/Pay Pal *Symantec *Google *Fiserv *Merril Lynch *PSI Intel Products PSA’s-Alerts Case Referrals /year to L.E.T.F Follow-up /Support. T.F and International L.E. Out-Put,Products Industry Intel not turned on yet….. *Western Union *NRF *Mastercard *CypherTrust *VISA *Escrow.com *Experian *Autotrader *Corillean RELEAF 80+ Industry DPN 60+ Industry Anti-S 95 Industry MRC 800 Industry DHL,UPS, Fed EX Consumer Complaint Website 18K/Month PSA’s Joint Training Govt Agency Input FBI.Postal,DHS,FTC, SEC,USCERT,IRS Non-Profit 501 ©

29 Why Bother??  Critical Intelligence = Fast!  Exponential SME Analysis – Input  2 Way Information Sharing  Alerts  PSA’s  Other Intel Products  Voluntary Data Input  (minimize legal process needs)  1-Stop Shop  Stake Holders Define Threat/Problem

30 UNCLASSIFIED


Download ppt "UNCLASSIFIED. Definitional - Issues Post Sept 11 th Realizations.. * In drafting Patriot Act, Congress noted: Criminal conduct potentially tied to."

Similar presentations


Ads by Google