Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.

Published byJudith Janis McDaniel Modified over 8 years ago

Similar presentations

Presentation on theme: "Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz."— Presentation transcript:

1 Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz

2 National Priorities Counterterrorism Counterintelligence Cyber Crime

3 Cyber Crime Components Computer Intrusions BOTNETS DDOS Attacks Intellectual Property Theft Theft of Trade Secrets Virus/Worm Activity Child Pornography Internet Fraud

4 How Severe is the Threat? THREATTHREAT Professional Cyber Criminals Organized Crime ( Foreign and Domestic) Money Information

5 Growing Trend BOTNETS Distributed Denial Of Service Attacks (DDoS) Extortion Malicious Attacks Pay for Click (Adware installations) Network Traffic Identity Theft (keylogging, phishing) SPAM

6 Components of BOTNET Internet Relay Chat (IRC) Server Usually a compromised Linux box Zombies- Compromised computers Home, Military, Government, Education, and Business infected by a worm, trojan, or virus Botherder – Person controlling BOTNET

7

8

9 Attack Network Attack Control Computer

10 Recent BOTNET Case ZOTOB Released ~8/2005 Spreads through email and MS05-039(PnP) Sets up Backdoor via trojan Controlled by Internet Relay Chat (IRC) Zotob A, B, C derived from MyTob Zotob D, E, F derived from Rxbot

11 ZOTOB- victims IRC SERVER Diabl0.turkcoders.net

12 ZOTOB - Subjects Code Analysis 43 41 4e 00 00 00 00 5b 78 5d 20 42 6f 74 7a 6f 72 B-O-T-Z-O-R.SCAN....[x] Botzor 32 30 30 35 20 42 79 20 44 69 61 62 6c 4f 00 00 2005 By DiablO................

13 ZOTOB - Subjects Diabl0 FBI Headquarters Cyber FBI Seattle Cyber Squad Identify hotmail account for Diabl0 through DNS Whois for blackcarder.net Worm analysis “greetz to my good friend coder”

14 ZOTOB - Subjects FBI flies to Morocco/Turkey

15 ZOTOB Conclusion Two subjects located and arrested in less than two weeks from infection

16 Cyber Prevention Current, patched Operating System Enable automatic updates Current virus protection Update as often as service allows Software and Hardware based firewall Anti-Spyware Protection Now a necessity Identify points of vulnerability Remote access Laptops

17 Resources www.consumer.gov/idtheft/ www.ic3.gov/ www.annualcreditreport.com (877-322-8228) www.annualcreditreport.com

18 Contact Special Agent Kenneth A. Schmutz (206) 262-2114 Kenneth.Schmutz@ic.fbi.gov

Download ppt "Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz."

Similar presentations

Primary Threats to Computer Security

Primary Threats to Computer Security
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.

Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
 What is a botnet?  How are botnets created?  How are they controlled?  How are bots acquired?  What type of attacks are they responsible for? 

 What is a botnet?  How are botnets created?  How are they controlled?  How are bots acquired?  What type of attacks are they responsible for? 
BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.

BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.
Bots and Botnets CS-431 Dick Steflik. DDoS ● One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie.

Bots and Botnets CS-431 Dick Steflik. DDoS ● One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie.
1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.
Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.
How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA 92697 USA

How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA USA
Lecture 1 Page 1 CS 236, Spring 2008 Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them?

Lecture 1 Page 1 CS 236, Spring 2008 Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them?
CYBER CRIME AND SECURITY TRENDS

CYBER CRIME AND SECURITY TRENDS
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Similar presentations

Ads by Google