Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Private Presentation, 9/16/051 An Executive Briefing Cybercrime.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "A Private Presentation, 9/16/051 An Executive Briefing Cybercrime."— Presentation transcript:

1 A Private Presentation, 9/16/051 An Executive Briefing Cybercrime

2 A Private Presentation, 9/16/052 Cyberspace 2005 : Growing Opportunities for Crime 1 billion people on Internet 10 Billion Web pages accessible on Internet 12% of global trade via Internet 7.7% of U.S. consumer spending 1.4+ Billion Internet Auctions 2.2+ Billion Google searches/month 2+ trillion U.S. e-mails/year

3 A Private Presentation, 9/16/053 Who Are the Attackers?  Hackers  Robot Network Operators; Phishers; Malware Authors; Spam  Criminals  Impersonators; Fraud Operatives; Extortion Rackets  Spies  Insiders; Corporate Spies; Foreign Intelligence Services  Terrorists  Spooking Defenses; Denial of Service

4 A Private Presentation, 9/16/054 Part - 1  Hackers  Criminals  Spies  Terrorists

5 A Private Presentation, 9/16/055 Cops and Robbers Share Identical Information

6 A Private Presentation, 9/16/056 Tools are Readily Available SOURCE: http://www.hackershomepage.com/

7 A Private Presentation, 9/16/057 Similar Catalogs Offer A Wide Range of Hacking Tools

8 A Private Presentation, 9/16/058 From Hackershomepage.com Advertisement 800b MSR206 MAGNETIC STRIPE CARD READER/WRITER THIS IS THE DEVICE EVERYONE HAS BEEN ASKING FOR. This device will allow you to change the information on magnetic stripe cards, on ALL 3 tracks. It will also allow you to write to new cards.

9 A Private Presentation, 9/16/059 From Hackershomepage.com Advertisement 701 COMPUTER KEYSTROKE GRABBER Use this device to capture ALL keystrokes on a computer including user name and password. Password will be in plain text and not echoed like "********". This device will grab email and system passwords.

10 A Private Presentation, 9/16/0510 Partial List How to Make Virus and Criminal Software

11 A Private Presentation, 9/16/0511 Password Cracking Tool

12 A Private Presentation, 9/16/0512 Password Cracker Shopping List

13 A Private Presentation, 9/16/0513 Example of Malware Marketplace

14 A Private Presentation, 9/16/0514 Part - 2  Hackers  Criminals  Spies  Terrorists

15 A Private Presentation, 9/16/0515 What Is the Problem? 27.3 Million Americans in last five years were victims of identity theft. 57 Million of US adults who were recipients of attempts to steal their electronic identification.

16 A Private Presentation, 9/16/0516 What’s the Corporate Cost of Cybercrime? $48 Billion total loss to businesses. $2.6 Billion writeoffs taken by on-line merchants in 2004. Equals 2% of sales. $5.8 Billion cost for business security. 75% of the losses caused by insiders.

17 A Private Presentation, 9/16/0517 NYTimes, 6/18/05

18 A Private Presentation, 9/16/0518 A Long List of Known Compromises Loss of tapes by Citigroup, compromising 3.9 million accounts; Theft of account information by former employees of the Bank of America (108,000 accounts); Loss of 16,500 employees' details at MCI, stolen from laptop in a garage; Loss of back-up tapes containing 1.2 million charge card holder details at the Bank of America; Credit information about 145,000 accounts, stolen from Choicepoint, an information services company.

19 A Private Presentation, 9/16/0519 How It Works (Simplified Version) 1.Bank issues credit card to Customer. 2.Customer pays Merchant with credit card. 3.Merchant passes credit card to Payment Processor. 4.Payment Processor approves Customer and gives OK to Merchant to deliver. 5.Payment Processor bills Bank. 6.Bank bills Customer.

20 A Private Presentation, 9/16/0520 Points of Vulnerability Customer Applies Bank Issues Credit Card Customer Uses Card Merchant Receives Card Payment Processor Receives Card Payment Processor Bills Bank Customer Pays 100+ Computers 1,000+ Phone Links 10+ Databases 100M Lines of Code 1,000+ Operators 10,000+ Maintainers

21 A Private Presentation, 9/16/0521 Impersonation (Identity Theft) Statistics 700,000 identity theft victims a year. Most learn about identity theft 12 months after it has occurred. More than half of victims report their cases have been opened an average of 44 months. Victims report they've spent an average of 175 hours actively trying to clear their names. SOURCES: FTC Clearinghouse Report, FBI Law Enforcement Bulletin and Security Management Magazine

22 A Private Presentation, 9/16/0522 Phishing Setting up a fake store front that looks like the real one to trick people; usually to steal their personal information. 20 million+ attacks/month Named after Brien Phish who set up a credit card scam in the 1980s over the phone by pretending to be from the credit card company.

23 A Private Presentation, 9/16/0523 Pharming A message to a bank is redirected to an address that the user did not intend. Usually done to extract personal information from the user into the hands of a hacker.

24 A Private Presentation, 9/16/0524 Spear Phishing From: NAVY.MIL E-MAIL SERVER HTTP:/WWW.NAVY.MIL COMNAVSURFLANT 1.MAIN MAILING SERVER WILL BE UNAVAIBLE FOR NEXT TWO DAYS. 2. TO CONTINUE RECEIVING MAIL YOU HAVE TO CONFIGURE AUTO-FORWARDING SERVICE. 3. FILL ATTACHED FORM MIL-005698/135.2

25 A Private Presentation, 9/16/0525 Fake Security Message

26 A Private Presentation, 9/16/0526 A Fake Security Checkup

27 A Private Presentation, 9/16/0527 Invitation to Commit a Criminal Act

28 A Private Presentation, 9/16/0528 Organization to Exploit Identify Theft (The ShadowCrew Case) Enforcers (2-6) Make sure payments are made Moderators (12-24) Administer Discussion “Forums” offer “Tutorials ”. Organize. Reviewers (100+) Examine offerings, Evaluate $ gains, Post Reviews Sellers (100 - 200) Acquire identity sources, Advertise and deliver “merchandise”, Money Launderers (few) Conversion to and from Electronic credits to cash.

29 A Private Presentation, 9/16/0529 Sale of Credit Cards Forum.carderplanet.net offered credit cards. USD $200.00 - 300 USA credit cards without cvv2 code: credit card number, exp. day. cardholder billing address,zip,state). USD $200.00 - 50 USA credit cards with cvv2 code: credit card number, exp. day. cardholder billing address & CVV code from the back side of the card). Also cards with SSN+DOB at $40 each. Minimal deal $200

30 A Private Presentation, 9/16/0530 Part - 3  Hackers  Criminals  Spies  Terrorists

31 A Private Presentation, 9/16/0531 Parasitic Software Spyware: Software that leaks information to a third party. Adware: Software that shows advertising materials to its user. Browser Hijackers: Software that changes browser settings to point users elsewhere. Backdoors: Software that can cause other untrusted software to be installed. Cookies: A record about browser searches.

32 A Private Presentation, 9/16/0532 Worms A computer Worm is a self-replicating computer program. A Worm is self-contained and and can self- reproduce itself to other computers. A common payload is to install a Backdoor into the infected computer to convert them to Zombies.

33 A Private Presentation, 9/16/0533 Zombie Computer A zombie computer performs malicious tasks under the direction of the hacker. Owners are unaware. Over 50% of all spam worldwide is now sent by zombies.

34 A Private Presentation, 9/16/0534 Spyware Spyware Worms have the ability to self- replicate without a host program and send information from a computer to a third party without the user's permission or knowledge.

35 A Private Presentation, 9/16/0535 Flaws in Cyber-Crime Protection Banks pass risks to merchants; Credit cards easy to get; Privacy laws inhibit fraud detection; Audits only of financial assets, not data integrity, Software firms have no liability; Legal protection of cyber-crime insufficient; FBI has totally insufficient resources; Apprehension and then prosecution very hard.

36 A Private Presentation, 9/16/0536 Prosecution is Not a Deterrent Nigeria Woman in $242M E-mail Fraud Case LAGOS (Reuters)—A Nigerian court has sentenced a woman to two and half years in jail …and a $15,000 fine.

37 A Private Presentation, 9/16/0537 Do Not Expect Help

38 A Private Presentation, 9/16/0538 Part - 4  Hackers  Criminals  Spies   Terrorists

39 A Private Presentation, 9/16/0539 What is Cyber-Terror? Terrorism is violence to intimidate or coerce the target. Objectives are primarily political and social or economic in case of extortion. Cyber-terror is the exploitation of computing for acts of terrorism.

40 A Private Presentation, 9/16/0540 Global View of Internet Connectivity USA Europe Asia

41 A Private Presentation, 9/16/0541 US Internet Backbone Concentrated in a Few Switches

42 A Private Presentation, 9/16/0542 Current Prospects Rising U.S. dominance in world trade. U.S. information superiority. Rapidly escalating anti-U.S. hostility. Military actions combined with cyberterrorism acts. Damage U.S. economic power and functioning of the U.S. civil society through cyberterrorism.

43 A Private Presentation, 9/16/0543 A Cyber-Terror List Stop trading on Stock Exchanges Interrupt VISA processing Corrupt Medicare/Medicaid Database Prevent payments of Social Security Disable Motor Vehicle registration data Damage Internet Routing Tables Deny Internet access to the Military

44 A Private Presentation, 9/16/0544 Data on Detected Attacks on the Department of Defense

45 A Private Presentation, 9/16/0545 Advice Learn How to Operate in Cyberspace

46 A Private Presentation, 9/16/0546 Deploy a Spam and Malware Catchers

47 A Private Presentation, 9/16/0547 1,333 Intruders Caught in one Week

48 A Private Presentation, 9/16/0548 Allow only Approved Senders to Pass Through

49 A Private Presentation, 9/16/0549 Use Rapidly Changing Passwords

50 A Private Presentation, 9/16/0550 Keep 495 Members of InfraGard in Connecticut Informed https://secure.infragard-ct.org/

Download ppt "A Private Presentation, 9/16/051 An Executive Briefing Cybercrime."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Identity Theft Someone steals your personal information for his/her own gain It’s a crime!

Identity Theft Someone steals your personal information for his/her own gain It’s a crime!
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Chapter 4 Personal Security

Chapter 4 Personal Security
Threats To A Computer Network

Threats To A Computer Network
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 1 Introduction to Security

Chapter 1 Introduction to Security
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Fastest Growing Crime in America. IDENTITY THEFT IS COSTING YOU BIG MONEY. 10 million people are effected by identity theft each year. More than 46 million.

Fastest Growing Crime in America. IDENTITY THEFT IS COSTING YOU BIG MONEY. 10 million people are effected by identity theft each year. More than 46 million.
FIRST COURSE Computer Concepts Internet and Email Microsoft Office Get to Know Your Computer.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Similar presentations

Ads by Google