1 / 0

Crime DOES Pay (Unless you get caught)

Crime DOES Pay (Unless you get caught) . Renana Friedlich , IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013. Traditional Forensics. Digital Forensics. He’s tough, but we’ll make him talk . Example – Bredolab. Russia. Netherlands. France.

beau
Télécharger la présentation

Crime DOES Pay (Unless you get caught)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Crime DOES Pay(Unless you get caught)

    RenanaFriedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013
  2. Traditional Forensics
  3. Digital Forensics He’s tough, but we’ll make him talk.
  4. Example – Bredolab Russia Netherlands France
  5. Agenda Computer Crime Definition Crime Detection Dealing with an Incident Jurisdiction Punishment Case Studies Summary and Recommendations
  6. Computer Crime Definition What name would best describe this type of offense? Is it a new form of crime? Computer as a target Computer as a weapon
  7. Security systems Proportions Subject of attack Rising Above the Noise Level Vectors that may lead to detection:
  8. Relevant Parties for Detection Governmental Agencies Auditing Processes Local Police Security Vendors HoneyNets SOCs ISPs And more … End Users
  9. Top 10 Detected Incidents Verizon 2012 Data Breach Investigations Report
  10. Duration Until the Incident is Discovered Early detection heavily depends on the organization’s security maturity level. Average time until detection( Days)
  11. Internal Care Law Enforcement Entity Dealing with an Incident Regulations Common ways of dealing with an incident: Incident Severity
  12. Local crime International crime Jurisdiction Law enforcement authorities ask for extradition Accepted Denied
  13. Current & potential damage Offender intentions & personal gain Financial damage Punishment The penalty usually depends on the following factors:
  14. Case Studies
  15. Case Study 1 Attacker: Pablo Escobar (James Jeffery) Victim: Abortions website
  16. Case Study 2 Attacker: Gary McKinnon Victim : USA military computers(“Thebiggest military computer hack of all time”) The US authorities tried to get an extradition Requested penalty: Up to 60 years in prison
  17. Case Study 3
  18. Case Study 3 Take 1 Take 2 Age – 28 Accused with charges of conspiracy and fraud. Increased or deleted cards limit, then sold the stolen credit card numbers in the black market. Age – 19 Arrested for hacking to computers at NASA, the Pentagon, and more. Didn’t try to get a hold of secrets, rather to prove that the systems were flawed. 1.5 years in prison 3 years probation + $503,000 fine
  19. Summary The chances of getting caught are slim. Even if an offender does get caught, there is a long way to go before he may stand trial. Since so “MANY” stand trial, penalty is disproportionate.
  20. And the Conclusion Is … Crime Does Pay …
  21. Poor Save logs Recommendations Moderate Continuous log monitoring Good Build incident response capabilities

  22. How good is your detection mechanism…?

  23. Thank you.

    RenanaFriedlich, Incident response & forensic team leader Renana.Friedlich@il.ey.com, 054- 2661260
More Related