1 / 23

Crime DOES Pay (Unless you get caught)

Crime DOES Pay (Unless you get caught). Renana Friedlich , IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013. Traditional Forensics. Digital Forensics. He’s tough, but we’ll make him talk. Example – Bredolab. Russia. Netherlands. France.

adele-prince
Download Presentation

Crime DOES Pay (Unless you get caught)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Crime DOES Pay(Unless you get caught) RenanaFriedlich, IR & Forensic Team Leader Hacktics Advanced Security Center, Ernst & Young February 2013

  2. Traditional Forensics

  3. Digital Forensics He’s tough, but we’ll make him talk.

  4. Example – Bredolab Russia Netherlands France

  5. Agenda • Computer Crime Definition • Crime Detection • Dealing with an Incident • Jurisdiction • Punishment • Case Studies • Summary and Recommendations

  6. Computer Crime Definition • What name would best describe this type of offense? • Is it a new form of crime? • Computer as a target • Computer as a weapon

  7. Security systems Proportions Subject of attack Rising Above the Noise Level Vectors that may lead to detection:

  8. Relevant Parties for Detection • Governmental Agencies • Auditing Processes • Local Police • Security Vendors • HoneyNets • SOCs • ISPs • And more … • End Users

  9. Top 10 Detected Incidents • Verizon 2012 Data Breach Investigations Report

  10. Duration Until the Incident is Discovered Early detection heavily depends on the organization’s security maturity level. Average time until detection( Days)

  11. Internal Care • Law Enforcement Entity Dealing with an Incident • Regulations Common ways of dealing with an incident: Incident Severity

  12. Local crime • International crime Jurisdiction • Law enforcement authorities ask for extradition • Accepted • Denied

  13. Current & potential damage • Offender intentions & personal gain • Financial damage Punishment The penalty usually depends on the following factors:

  14. Case Studies

  15. Case Study 1 • Attacker: Pablo Escobar (James Jeffery) • Victim: Abortions website

  16. Case Study 2 • Attacker: Gary McKinnon • Victim : USA military computers(“Thebiggest military computer hack of all time”) • The US authorities tried to get an extradition • Requested penalty: Up to 60 years in prison

  17. Case Study 3

  18. Case Study 3 Take 1 Take 2 Age – 28 Accused with charges of conspiracy and fraud. Increased or deleted cards limit, then sold the stolen credit card numbers in the black market. • Age – 19 • Arrested for hacking to computers at NASA, the Pentagon, and more. • Didn’t try to get a hold of secrets, rather to prove that the systems were flawed. 1.5 years in prison 3 years probation + $503,000 fine

  19. Summary • The chances of getting caught are slim. • Even if an offender does get caught, there is a long way to go before he may stand trial. • Since so “MANY” stand trial, penalty is disproportionate.

  20. And the Conclusion Is … Crime Does Pay …

  21. Poor • Save logs Recommendations • Moderate • Continuous log monitoring • Good • Build incident response capabilities

  22. How good is your detection mechanism…?

  23. Thank you. RenanaFriedlich, Incident response & forensic team leader Renana.Friedlich@il.ey.com, 054- 2661260

More Related