Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Crime & Cyber Terrorism Dr Richard Overill Department of Informatics King’s College London

Published byJuliet Lambert Modified over 9 years ago

Similar presentations

Presentation on theme: "Cyber Crime & Cyber Terrorism Dr Richard Overill Department of Informatics King’s College London"— Presentation transcript:

1 Cyber Crime & Cyber Terrorism Dr Richard Overill Department of Informatics King’s College London richard.overill@kcl.ac.uk www.inf.kcl.ac.uk/staff/richard/

2 Terminology Cyber prefix – involving the Internet or other wide area digital networks and networked systems. Cyber Crime – aims to make money, often using conventional scams transferred to cyber domain (e.g. financial fraud, extortion) Cyber Terrorism – aims to create public panic, usually in conjunction with conventional terrorism (e.g. a bomb blast, in conjunction with CCTV & mobile phone network outages)

3 Characteristics of Cyber Crime Technologically driven: −digital economy is critically dependent on databases, websites and networks −e-commerce; e-business; e-banking; critical national infrastructure (CNI) Cost: −estimated at £2.2bn − £27bn pa in the UK −estimated at £1.8bn − £21bn pa to UK business −estimated at £33bn − £643bn pa worldwide −‘guesstimates’ since around 85% goes unreported Frequency: businesses are being targeted by cyber malware attacks once every three minutes on average

4 “The Perfect Crime”? Crime Scene Investigators (CSIs) gather physical or biological evidence at the crime scene This relies on Locard’s principle (1910): “every contact leaves a trace”, because it leads to a physical exchange of material But in the case of a computer attached to the Internet, what bounds the crime scene? And what if any digital traces will be recoverable? Digital forensics (MPS DEFS, FSA DEU)

5 FSA Digital Evidence Unit Six sentenced for insider dealing (27 Jul.12) “The defendants were convicted of making a combined profit of £732,044.59 on trading between 1 May 2006 and 31 May 2008. It was a sophisticated and complex attempt to deal on inside information over a long period” The investigation took the team 3 years’ work http://www.fsa.gov.uk/library/communication/pr/ 2012/080.shtml

6 Occupations & Motivations –unemployed individual: technical challenge / information discovery (e.g. Gary Mckinnon); –commercial / financial organisation: financial gain via commercial espionage / IP exfiltration (e.g. PLA 61398 based in Shanghai) or financial fraud (e.g. a ‘planted’ / ’turned’ / greedy employee) –‘for hire’ (cyber-mercenary): money laundering for Serious & Transnational Organised Crime; –‘political’ (cyber-terrorist): supporting a sub-state group’s terrorist aims; –‘hacktivist’ (e.g. Anonymous, LulzSec, TeaMP0isoN) for the ‘lulz’ or in support of a movement)

7 Types of Cyber Crime Forgery (‘making a false instrument’) Fraud (‘criminal deception’) Embezzlement (financial) Commercial espionage (intellectual property loss) Digital Rights piracy (peer-to-peer networks) Blackmail / Extortion Theft (only of laptops, tablets, PDAs, mobiles, etc.) Misuse / Abuse (incl. sabotage, subversion & DoS)

8 Computer & Network Attacks Four basic ‘external’ types: active penetration by hackers or ‘malware’ (viruses, worms, Trojan horses, etc.) cognitive hacking using deception scams (‘spear-phishing’, ‘drive-by’ downloads, misdirection attacks, etc.) passive eavesdropping by means of specialized listening equipment (TEMPEST, van Eck, etc.) flooding attacks which overwhelm the system (Electronic Siege / Denial of Service, DDoS)

9 Characterising Cyber Crime A log-log plot of frequency vs value of all US reported cyber crimes produces a straight line with a discontinuity (‘kink’) at $2.8M: Overill & Silomon, J.Inf.War.10(3) 29-36 (2011) This is interpreted to indicate that there are two modes of operation for cyber criminals: –Lower value cyber crime for individuals and small groups –Higher value cyber crime for serious organised (transnational) cyber criminals with a business model and an organisational infrastructure

10 Two Cybercrime Modes

11 Modern Malware 403 million distinct malware variants by 2012-Q1 160,000 new malware variants every day Stuxnet –July 2010: targeted Iran’s nuclear reprocessing ultracentrifuge controllers Duqu –September 2011: gathers commercial / industrial intelligence; shares code with Stuxnet Flame / Flamer / sKyWIper –May 2012: 20MB; digital reconnaissance tool

12 UK Computer Misuse Act 1990 Basic Hacking Offence (BHO) –unauthorised access (attempted; mens rea) –penalty: 6 months and/or £2,000 fine Ulterior Intent Offence (UIO) –intent to commit a further serious offence –penalty: 5 years and/or unlimited fine

13 UK CMA (cont’d) & PJA Unauthorised Modification Offence (UMO) –unauthorised modification of computer contents (trans-border; mens rea) –penalty: 5 years and/or unlimited fine UK Police and Justice Act (PJA), 2006 –covers DoS & DDoS ‘flood’ attacks –penalty: 5 years and/or unlimited fine

14 What you can do... Timely software patch deployment Timely anti-malware update deployment Strictly enforce your BYOD policy Enforce ‘clean’ / ‘dirty’ zones Enforce full disk encryption Fully vet all personnel on appointment Regularly (annually) re-vet all personnel

15 The Myth of Total Security “The only truly secure computer system is one that is powered off, cast in a block of concrete, and sealed in a lead-lined room with armed guards ~ and even then I have my doubts!” Prof Gene Spafford (CERIAS, Purdue University) - analyst of the first Internet worm (1988)

Download ppt "Cyber Crime & Cyber Terrorism Dr Richard Overill Department of Informatics King’s College London"

Similar presentations

By Andy Scott, Michael Murray and Adam Kanopa

By Andy Scott, Michael Murray and Adam Kanopa
Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.
Computer Crimes and Security Professor Matt Thatcher.

Computer Crimes and Security Professor Matt Thatcher.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 Cyber Risk – What can you do…? Chris Clark Managing Director, Prosperity 24.7.

1 Cyber Risk – What can you do…? Chris Clark Managing Director, Prosperity 24.7.
Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.

Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL.

Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
Cyber Crime.

Cyber Crime.
Chapter 14 Crime and Justice in the New Millennium

Chapter 14 Crime and Justice in the New Millennium
‘ Cyber crime, security and financial crime - what SMEs need to know and how to protect yourself’ Dr. Nicholas Ryder Professor in Financial Crime Department.

‘ Cyber crime, security and financial crime - what SMEs need to know and how to protect yourself’ Dr. Nicholas Ryder Professor in Financial Crime Department.
Power Laws for Cyber Crime Richard Overill & Jantje Silomon Department of Informatics King’s College London.

Power Laws for Cyber Crime Richard Overill & Jantje Silomon Department of Informatics King’s College London.
ICDFI 2013 Keynote Speech 1: Quantifying Likelihood in Digital Forensic Investigations Dr Richard Overill Department of Informatics, King’s College London.

ICDFI 2013 Keynote Speech 1: Quantifying Likelihood in Digital Forensic Investigations Dr Richard Overill Department of Informatics, King’s College London.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Information Warfare Theory of Information Warfare

Information Warfare Theory of Information Warfare
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Computer Forensics BACS 371

Computer Forensics BACS 371
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.

Similar presentations

Ads by Google