1 / 19

Cyber Crime Threat in Ukraine and Eastern Europe

Cyber Crime Threat in Ukraine and Eastern Europe. Ryan W. Garvey OSAC Coordinator Information Security & Cyber Threats. Understanding Cyber Crime. Traditional: theft, fraud, forgery, defamation and mischief New age crimes: hacking, web defacement, cyber stalking, web jacking etc.

anka
Télécharger la présentation

Cyber Crime Threat in Ukraine and Eastern Europe

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Crime Threat in Ukraine and Eastern Europe Ryan W. Garvey OSAC Coordinator Information Security & Cyber Threats

  2. Understanding Cyber Crime • Traditional: theft, fraud, forgery, defamation and mischief • New age crimes: hacking, web defacement, cyber stalking, web jacking etc. • Shadow economy could be worth as much as $105B every year • Increased reliance on the Internet by government and commercial firms for sharing and storing information

  3. Overview • Cyber crime: What is it? • Threats & tactics • Impacts • Outlook for 2010

  4. Cyber Crime • Unlawful acts wherein the computer is either a tool or a target or both • Conventional desktops or laptops computer, but also • PDA’s • Cell phones • USB drives • Cyber crime is the fastest-growing part of organized crime • As the perpetrators become more experienced, the attacks become more precise

  5. Cyber Crime

  6. Cyber Crime Organization • Organized like most legitimate businesses • Each cyber criminal • Specific role • Reward system • Organize stolen data very well • Majority of electronic crime is unsophisticated in intent • 95% Financial fraud and theft • 5% Espionage • Either political or industrial • Using techniques that are ever-more refined • Pursuing ever-more specific targets • Often highly placed executives

  7. Cyber Crime Org Chart

  8. Cyber Crime • Targeted attacks • Financial institutions • Enterprises • Governmental agencies • Persons • These "businesses" highly successful • Any organization using the Internet is vulnerable

  9. Hacking Denial of Service Attack Virus Dissemination Software Piracy Pornography Internet Relay Chat (IRC) Card skimming Net extortion Spoofing Cyber stalking Credit card fraud Cyber defamation Threatening Salami attack Phishing 419 Scams Threats

  10. Threat : Hacking • Malware as a service • Advertised and distributed like standard software • Communicate via • Internet relay chat (IRC) • Forums • Malware is the software that drives all types of cyber attacks • High level espionage to basic theft • Off-the-shelf malware can cost from $50 to $3,500 • Depending on the sophistication of its targeting • What kind of information it can grab • What kind of security it can circumvent

  11. Tactics: Hacking • Finding targets • A basic list of unqualified email addresses costs about 1/10th of a cent per address • A complete identity • including UK national insurance number • $5 a piece • For a tailored solution • Corporate executives within a certain geographic area or industry sector • $1000 and up

  12. Tactics: Hacking • Send the program out • Use a "botnet" of thousands of hijacked computers • A botnet can be rented and used for • Spamming • Hacking • Denial of service attacks • Anything else you might have in mind • One hour of a reasonable-sized network of 8,000 to 10,000 computers costs about $200

  13. Tactics: Hacking • The most common aim is theft of credit card details • A successful attack might yield 100,000 numbers within a week • You can then either exploit them yourself OR • Sell the list for 2% to 5% of the remaining balances • If the average card on your list has remaining credit of $1,000, each set of details is worth around $25 • Total profit approximately $2.5M

  14. Impacts • Loss of valuable data • Loss of Intellectual Property • Loss of productivity • Negative impact on profits or stock price • Brand damage • Lawsuits • Class actions

  15. Cyber Conclusions • Cyber threats increasing • Increasing connectivity • Organization of criminals • Sophistication increasing • Malware • Threat vectors multiplying • Security must keep pace • Educating the workforce • Defense in depth • Be proactive

  16. Ryan W. Garvey Coordinator Information Security & Cyber Threats 571-345-7748 garveyrw@state.gov

  17. Counter Measures / Best Practices • Transmit e-mail, text messages and similar communications using technology • Closed networks • Virtual private networks (VPN) • Public key infrastructure (PKI) • Encrypt all wireless connections • Real-time content inspection • Analyzes and understands what the code intends to do before it does it

  18. Counter Measures / Best Practices • Defense in depth • Email and web security • Firewall security • Endpoint protection • Unified threat management • Thorough background investigations of personnel • Education of the workforce • Establish relationships with local law enforcement • Share information • Report incidents

More Related