190 likes | 498 Views
Cyber Crime Threat in Ukraine and Eastern Europe. Ryan W. Garvey OSAC Coordinator Information Security & Cyber Threats. Understanding Cyber Crime. Traditional: theft, fraud, forgery, defamation and mischief New age crimes: hacking, web defacement, cyber stalking, web jacking etc.
E N D
Cyber Crime Threat in Ukraine and Eastern Europe Ryan W. Garvey OSAC Coordinator Information Security & Cyber Threats
Understanding Cyber Crime • Traditional: theft, fraud, forgery, defamation and mischief • New age crimes: hacking, web defacement, cyber stalking, web jacking etc. • Shadow economy could be worth as much as $105B every year • Increased reliance on the Internet by government and commercial firms for sharing and storing information
Overview • Cyber crime: What is it? • Threats & tactics • Impacts • Outlook for 2010
Cyber Crime • Unlawful acts wherein the computer is either a tool or a target or both • Conventional desktops or laptops computer, but also • PDA’s • Cell phones • USB drives • Cyber crime is the fastest-growing part of organized crime • As the perpetrators become more experienced, the attacks become more precise
Cyber Crime Organization • Organized like most legitimate businesses • Each cyber criminal • Specific role • Reward system • Organize stolen data very well • Majority of electronic crime is unsophisticated in intent • 95% Financial fraud and theft • 5% Espionage • Either political or industrial • Using techniques that are ever-more refined • Pursuing ever-more specific targets • Often highly placed executives
Cyber Crime • Targeted attacks • Financial institutions • Enterprises • Governmental agencies • Persons • These "businesses" highly successful • Any organization using the Internet is vulnerable
Hacking Denial of Service Attack Virus Dissemination Software Piracy Pornography Internet Relay Chat (IRC) Card skimming Net extortion Spoofing Cyber stalking Credit card fraud Cyber defamation Threatening Salami attack Phishing 419 Scams Threats
Threat : Hacking • Malware as a service • Advertised and distributed like standard software • Communicate via • Internet relay chat (IRC) • Forums • Malware is the software that drives all types of cyber attacks • High level espionage to basic theft • Off-the-shelf malware can cost from $50 to $3,500 • Depending on the sophistication of its targeting • What kind of information it can grab • What kind of security it can circumvent
Tactics: Hacking • Finding targets • A basic list of unqualified email addresses costs about 1/10th of a cent per address • A complete identity • including UK national insurance number • $5 a piece • For a tailored solution • Corporate executives within a certain geographic area or industry sector • $1000 and up
Tactics: Hacking • Send the program out • Use a "botnet" of thousands of hijacked computers • A botnet can be rented and used for • Spamming • Hacking • Denial of service attacks • Anything else you might have in mind • One hour of a reasonable-sized network of 8,000 to 10,000 computers costs about $200
Tactics: Hacking • The most common aim is theft of credit card details • A successful attack might yield 100,000 numbers within a week • You can then either exploit them yourself OR • Sell the list for 2% to 5% of the remaining balances • If the average card on your list has remaining credit of $1,000, each set of details is worth around $25 • Total profit approximately $2.5M
Impacts • Loss of valuable data • Loss of Intellectual Property • Loss of productivity • Negative impact on profits or stock price • Brand damage • Lawsuits • Class actions
Cyber Conclusions • Cyber threats increasing • Increasing connectivity • Organization of criminals • Sophistication increasing • Malware • Threat vectors multiplying • Security must keep pace • Educating the workforce • Defense in depth • Be proactive
Ryan W. Garvey Coordinator Information Security & Cyber Threats 571-345-7748 garveyrw@state.gov
Counter Measures / Best Practices • Transmit e-mail, text messages and similar communications using technology • Closed networks • Virtual private networks (VPN) • Public key infrastructure (PKI) • Encrypt all wireless connections • Real-time content inspection • Analyzes and understands what the code intends to do before it does it
Counter Measures / Best Practices • Defense in depth • Email and web security • Firewall security • Endpoint protection • Unified threat management • Thorough background investigations of personnel • Education of the workforce • Establish relationships with local law enforcement • Share information • Report incidents