Regional Cyber Crime Unit

Slides:

Advertisements

Similar presentations

Being Proactive and Less Reactive in Security Operations and Cyber Attack Response Christina Raftery, MCSE, CISSP FBI Los Angeles Field Office.

Advertisements

IT Security “Knowing the potential threat to YOU and your business” Ian McLachlan IT Manager.

Travelers CyberRisk for Insurance Companies

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

David A. Brown Chief Information Security Officer State of Ohio

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Cyber Crime The current threat to the UK Security Marking.

Staffordshire Police Corporate PowerPoint Template by Carl Uttley Staffordshire Police Cyber Crime ACC Nick Baker.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

Australian High Tech Crime Centre Resourcing Cybercrime Tuesday, 6 November 2007.

LittleOrange Internet Security an Endpoint Security Appliance.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Bank Crime Investigation Techniques by means of Forensic IT

Cyber Cops The Challenges Detective Sergeant Cath Elvey NW Regional Cyber Crime Unit.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

Marketing of Information Security Products. The business case for Information Security Management.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Network Security Resources from the Department of Homeland Security National Cyber Security Division.

Joseph Ferracin Director IT Security Solutions Managing Security.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #33 Information Warfare November 19, 2007.

E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

IS Network and Telecommunications Risks Chapter Six.

Hurdles in implementation of cyber security in India.

CYBER RESILIENCE BEST PRACTICE. To Discuss Why cyber risk management is increasingly challenging How everyone has a role to play in your cyber risk management.

National and International Development Strategy International Development Unit / Gordon Thomson / January 2016.

West Midlands Police response to Cybercrime: Local, Regional and National capabilities DCI Iain Donnelly.

NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS

TLP:Green FIRST/TF-CSIRT Technical Colloquium January 25 th – 27 th, 2016 Prague, CZ TLP:Green.

Safe’n’Sec IT security solutions for enterprises of any size.

Information Security: Current Threats Marc Scarborough Information Security Officer

MIS323 – Business Telecommunications Chapter 10 Security.

Cyber Services Plc BRIEF SUMMARY  Founded in 2015  Founders and members are security veterans with proven international reputation  Resources.

Garda Bureau of Fraud Investigation Computer Crime Investigation Unit Sgt Paul Johnstone LLB MLitt An Garda Síochána Cybercrime and Cyber Risks Credit.

Friday 22nd April 2016 DS Chris Greatorex SEROCU

Centre of Expertise - Security Securing your business against cybercrime Or surely we do not have anything to worry about...do we?

1 1 Advanced Cyber Security Event - Introduction 11 th May 2016 Matt Locker.

EUROPEAN SECURITY POLICY A SNAPSHOT ON SURVEILLANCE AND PRIVACY DESSI WORKSHOP, CPH 24 JUNE 2014 Birgitte Kofod Olsen, Chair Danish Council for Digital.

CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.

PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Defining your requirements for a successful security (and compliance

Proactive Incident Response

Cybersecurity - What’s Next? June 2017

Learning from Complex Child Sexual Exploitation Investigations

Cyber Crime What’s all the fuss about?

Compliance with hardening standards

RCCU Zephyr South West Regional Cyber Crime Unit.

Data Compromises: A Tax Practitioners “Nightmare”

Securing Information Systems

Risks & Reality Cyber Security Risks & Reality

Andy Hall – Cyber & Tech INSURANCE Specialist

Chapter 9 E-Commerce Security and Fraud Protection

Keeping your data, money & reputation safe

Networking for Home and Small Businesses – Chapter 8

Networking for Home and Small Businesses – Chapter 8

Networking for Home and Small Businesses – Chapter 8

West Midlands Police response to Cybercrime:

Presentation transcript:

Regional Cyber Crime Unit DCI Steve Thomas

The Situation Tier 1 threat to UK infrastructure Cost to UK economy over £400bn per annum (Lloyds Ins) 150,000 jobs lost across Europe Greater global cost than heroin, cocaine and cannabis 83% of UK population have internet access No deaths?

Daniel Perry 17yrs

It won’t happen to us !!

YaTH Business Impact In 2014 estimated 65% of all SME’s attacked. Average impact between £65k -£115k for SME, £600k - £1.5m Large Commercial sensitivity/Reputational costs Information Commissioners Office = £000,000’s in fines European Network & Info Sec (NIS) Directive = £millions in fines Average time to detect intrusion/infection190 days. 9 out 10 Preventable !!

Threats/Attacks DDOS (Distributed Denial of Service) Phishing, Spear, Whale, Smish, Vish = Social Eng Data loss/corruption (worms, virus, malware, Trojan) Data loss – Conventional Hacking – Network, Servers, Wifi, Foodchain Rogue Insider – PICNIC/BYOD

Disaster Examples + = Disaster + your WiFi = Disaster

Social media : Business Asset or Threat Social Media used to target an organisation? Usually well considered weak points - Perimeter measures, firewall, IDS, IPS, Email scanning. Security architecture and policies, staff training. Access Control,and data encryption. But What about your staff? Activities seen as private and not in the course of the business Individuals use of social media – Can these be leveraged against the organisation as a part of targeted social Engineering attack targeting company assets/security.

Example ! Staff member 18-29 = Facebook 500+ Contacts Tweets at work with location enabled Works in data centre, gym member, h/a locus, pictures Meta Data (photos), partners home, car reg, D.O.B www.echosec.com www.wigle.com Are the employers happy with this?

The Attraction Traditional Physical presence at the crime scene One offence at a time High risk/low reward Local enquiries Victim reports to police Cyber Remote from the crime scene Multiple offences at once Low risk/high reward International enquiries Victim reputation

10 Steps to Protection Training/User Awareness (PICNIC) Network Security Malware Protection – Scanning Monitoring – Log analysis Incident Management Manage User Privileges (admin) Removable Media – BYOD Secure Configuration – Patching/Passwords Home/Mobile Working – VPN’s (encrypt) Test it all works !! 10 Steps to Protection

Responsibility Q, Where should responsibility sit? A, Data owner/pays the fines !! CEO

Support https://www.cert.gov.uk/cisp https://www.getsafeonline.org/business/ https://www.gov.uk/government/.../cyber-essentials-scheme-overview

Funding for SME’s https://interact.innovateuk.org

LE Structure National Crime Agency Regional Cyber Crime Unit Force Cyber Crime Units District Policing

Our Capabilities

Pursue Proactive investigation Reactive investigation Cyber advice and strategy for SIOs Cyber CSI Digital forensics UK and International partners Proactive investigation Intelligence gathering and analysis Covert Digital Operations

Prevent Protect Profiling of potential Cyber criminals University liaison Industrial liaison Intelligence requirement to Forces and partners Identification of targets Infrastructure protection Cyber Threat Reduction Group Cyber Information Sharing Partnership

Prepare Penetration testing and security advice Cyber Attack Response Plans - Exercising Virtual Task Force - Cyber Specials Student placements

How prepared are you ?

All your servers are going under DDoS attack unless you pay 25 Bitcoin All your servers are going under DDoS attack unless you pay 25 Bitcoin. You have 24hrs.

regional.cyber@westyorkshire.pnn.police.uk 0113 397 0702 07595 009 790