Download presentation
Presentation is loading. Please wait.
Published byPierce Hodges Modified over 9 years ago
1
Incident Response Case in Cyber-Fraud -Case of Republic of Korea-
2
Case Study : Bypass SRS Contents KISA II Current States of Cyber-Fraud IIII Response systems for Cyber-Fraud IVIV IIIIII
3
1. KOREA INFORMATION & SECURITY AGENCY(KISA)
4
KISA(www.kisa.or.kr) Korea Information & Security Agency History – In 1996, Korea Information Security Center was established. – In 2001, KISC grew to the Korea Information Security Agency. – In 2009, 3 government bodies, KISA, NIDA and KIICA were united into Korea Internet and Security Agency.
5
Major Duties of KISA Information Security, Broadcast and Communication Improvement, – ICT International Cooperation KISA is empowered by Ministry of Science, ICT and Future Planning – ‘Act on Promotion of Information & Communications Network Utilization and Information Protection, etc.’
6
2.CURRENT STATES OF CYBER- FRAUD
7
What is Phishing? Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. -http://en.wikipedia.org/wiki/Phishing-
8
Cyber-Fraud in S.Korea Voice Phishing – The criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward. Smishing – Use cell phone text messages to deliver the bait to induce people to divulge their personal information. In the text message may be a website URL. http://www.wikipedia.org/
9
Smartphone Penetration Rate in S.Korea
10
Number of Reports from National Police
11
Annual Damages from National Police
12
3. RESPONSE SYSTEMS FOR CYBER- FRUAD
13
Forged caller’s phone number Block Service - VOICE No Forged number ( 02-1234-0112 ) Yes Exist? Voice Phishing Forged caller’s phone number Block Service International Call Telecommunication Company Block Public Company Public Company BANK Law Enforcement Law Enforcement Phone Numbers International Call Block DB [Company Name, Phone Number]
14
Block SMS text Server Receiver Try to find phone number in Phone Number DB 3 4 Matching sender’s [Company Name, Phone No.] ⇒ PASS Bank A (1599-9999) Bank A (1599-9999) Bank B (1599-5000) Bank B (1599-5000) Company’s Data KISA Company [Name, Phone Number] : : Using Forged-Number for hiding identification ( 02-1599-9999) KB 국민은행입 니다. 보이스피싱 주 의경보 발령 ( 피 해신고는 112) KB 국민은행입니 다. 고객님의개인정 보가 유출되었으 니보안승급바랍 니다.kbbenk.com Normal SMS Text 2 Mismatching sender’s [Company Name, Phone No.] ⇒ Block 4 SMS Server MMO’s Message Center Sending SMS Text Receive SMS Sending company by Internet Fake SMS Message Using URL 2 [Phone Number DB] 1 Phone Record : about 0.6 M [ Phone Number DB ] Forged caller’s phone number Block Service - SMS
15
Statistics of forged caller’s phone number Block Service Voice : 2013.1~, SMS : 2013.9~ from KISA
16
Smishing Response System(SRS) [Mobile Network Operator] Confirm by Human In KISA Brief Report Result KISC Analyze SMS Text Message 118 Call Center (24/7) SMS text Message URL Block Request [ISP/MSO] Confirm By Human Outside KISA Result Confirm Request [Law Enforcement] Information Collect Suspicious URL Analyze Confirm Block Download& Analyze Server Suspicious URL KISC : Korea Internet Security Center Suspicious URL
17
# of detected Smishing Message from KISA
18
# of malicious App. from KISA
19
# of blocked URL from KISA
20
4. Case Study : Bypass SRS
21
Avoiding Filter & Block 토요일에 결혼식 잊지말고 축복하러 와주세요 웨딩사진첩 "t.c*/R*tvvTv*w" 토요일 z 결혼식 f 잊 q 지 o 말고 w 축복하러 f 와주세요 k 웨딩 z 사진첩 "t.c*/R*tvvTv*w" 구매하신 물품이 정상처리 되셨습니다. https://dl.dropboxusercontent.com/s/xfx*ty0n9qz *boz/map.apk
22
Using CAPTCHA Code CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) – Type of challenge-response test used in computing to determine whether or not the user is human http://www.wikipedia.org/
23
Using User Input Ask to input user’s phone number
24
Checking Connection Method http://www.spo.go.kr/Phishing Site (http://www.spo1.co.kr/) http://goo.gl/zn9t0H SRS Mobile
25
Counter Measure 1.Increasing Text Filter ability 2.Induction Image Comparing Tech. 3.Build malicious app gathering system in mobile area
26
Conclusion Cyber-Fraud will be increasing Move to Instant Messenger (Line, Kakao, QQ etc) Preparing Fin-Tech No perfect technical-solution for preventing Cyber-Fraud yet
27
Q/A jmlee@kisa.or.kr
28
Thank You
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.