Cyberbad Where Spam is leading to Phillip Hallam-Baker

Slides:



Advertisements
Similar presentations
Cyber Crime and Technology
Advertisements

Jennifer Perry. We help victims of e-crime and other online incidents – Web based service – Providing practical, plain language advice – No-nonsense advice.
S CENARIOS FOR THE F UTURE OF THE C ANADIAN P AYMENTS S YSTEM A UTHENTICATION AND I DENTITY W ORKSHOP N OVEMBER 3, 2010 Greg Wolfond.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Economic and Social Impact of Digital Security Eng. Qusai AlShatti Deputy Director for Information Technology.
© 2004 VeriSign, Inc. Web Services and the Old World Phillip Hallam-Baker Principal Scientist VeriSign Inc.
The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
Cyber Crime Game Players By Marharyta Abreu & Iwona Sornat.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.
INFORMATION WARFARE Written by: Larry Druffel Presented by: Frank Dang TCOM 614 Introduction to Telecommunication University of Redlands.
E-Commerce Security and Fraud Issues and Protections
Wonga example Register Question- What risks do you think businesses face due to IT developments?
© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc.
Matteo Cavallini – ULS MEF/Consip Digital Agenda Assembly – Cybersecurity: barriers and incentives Matteo Cavallini Cybersecurity: State of the Art and.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Preparedness for cybersecurity threats domestic aspects of cyber security Jaan Priisalu.
CYBER CRIME AND SECURITY TRENDS
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009.
Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.
© 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license.
Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.
PAPER AC 1 : E-BUSINESS AND CYBER LAWS. MEANING OF E-BUSINESS  E-business, is the application of information and communication technologies (ICT) which.
An Investigation into E-Commerce Frauds and their Security Implications By Kevin Boardman Supervisor: John Ebden 29 July 2004.
Information Warfare Playgrounds to Battlegrounds.
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
E-Rule. What is cyber crimes Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime.
CYBER CRIME AND SECURITY If we can defeat them sitting at home……who needs to fight with tanks and guns!!!! Presented By Lipsita Behera. B.Sc IST, 3 rd.
Get Safe Online Expert advice for everyone In association with.
Hurdles in implementation of cyber security in India.
Information Warfare Playgrounds to Battlegrounds.
AVAR 2004, Japan, Tokyo Today’s Threats and the Evolution of the Computer Underground Today’s Threats and the Evolution of the Computer Underground Eugene.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
MANAGING RISK. CYBER CRIME The use of the internet and developments in IT bring with it a risk of cyber crime. Credit card details are stolen, hackers.
A threat to global security and economy Koushik Mannepalli CMPE 294.
Computer crimes.
CONTROLLING INFORMATION SYSTEMS
Stop cybercrime, protect privacy, save world. Chris Monteiro Cybercrime, dark web and internet security researcher Systems administrator Pirate / Digital.
Cybersecurity Test Review Introduction to Digital Technology.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
Extra Credit Presentation: Allegra Earl CSCI 101 T 3:30.
Internet Security and Implications on Transportation Systems 1 Yan Chen Department of Electrical Engineering and Computer Science Northwestern University.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.
By. Andrew Largent COSC-480. Upstream Intelligence (UI) is data about IP’s, domains and Autonomous System Numbers (ASN) acting or representing the presence.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
James F. Fox MENA Cyber Security Practice Lead Presenters Cyber Security in a Mobile and “Always-on” World Booz | Allen | Hamilton.
CURRENT STATUS OF CYBERCRIME  Security is the fastest growing service in IT  Cyber Crime Costs $750 Billion annually  70% of threats arrive via .
October 28, 2015 Cyber Security Awareness Update.
Cyber crime and security issues
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
Securing Information Systems
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Submitted By: Arslan Javaid Bsmc Submitted to: Sir Farrukh
CHAPTER 4 Information Security.
Securing Information Systems
Strong Security for Your Weak Link:
E-Commerce Security and Fraud Issues and Protections
Protecting Your Company’s Most Valuable Asset
The Crime and Deviance Channel
Protect Your Ecommerce Site From Hacking and Fraud
LO1 - Know about aspects of cyber security
IT Security Solutions for Banking
Presentation transcript:

Cyberbad Where Spam is leading to Phillip Hallam-Baker

Spam is Criminal Infrastructure SpamBotnets

Botnets beget Spam – Adverts for criminal / defective products – Phishing – Advance Fee Frauds Denial of Service Extortion All Things ‘Cyber-bad’

What is Cyber-Terror? Cyber-Bad

Lowering the barriers

Cyber-Bad for Hire Hacking tools (commodity  ø day exploits) Stolen credentials Crime as Service – Spam – Botnets Unwitting Accomplices (mules) – Receiving stolen goods – Money laundering

Cyber-bad Purposes Vandalism Vigilantism Fraud Terrorism Warfare

Criminals extend reach Compromise systems during manufacture – Pin Entry Devices compromised during manufacture Phone home with PIN data to Pakistan Criminal insiders – Blackmailed or bought prior to hire – US Cert: 41% incidents involve insiders Soc Generalé demonstrates €bn potential

Internet Crime Isn’t The banks are still where the money is

Russian Business Network

Cyber Crime to Cyber Terror? RBN ‘customer’ 1488.ru

It’s not a new game…

Internet Terrorism Today

Internet = Outreach

Internet = Praxis

Realistic Future Scenarios

Internet = Research Open Sources – AQ manual claims 80% of information is available Criminal Expert Sources – Who can tell me X for $100? Espionage – Find an honest expert, penetrate their machine

Internet Crime = Funding

Internet Crime = Money Laundry

Internet Sabotage = Force Multiplier

Is a Hollywood Scenario likely?

Past Performance is no guarantee…

Security through obscurity works… … until it fails

Fixing the Problem

What is the problem? Banks – Cost of Internet crime Direct Losses Customer Service Opportunity Losses National Security – Potential criminal profits – Potential sabotage damage

Are there solutions? Chip and PIN – Eliminated Card Present Fraud in Europe Remaining attacks exploit legacy channels Why not in the US? – Different market structure – Anti-trust used to block changes

Anti-Crime Solutions Authentication – SPF, DKIM, Secure Internet Letterhead Web Authentication – Extended Validation, Secure Internet Letterhead Secure Identity – SAML, WS-*, OpenID, OATH, Identity 3.0 Data Level Security – CRM Infrastructure, Open CRM Network Security – Reverse Firewalls, DNSSEC, BGP Security – Domain Centric Administration, Default Deny Infrastructure

Conclusions The threats are real – They are not necessarily Internet threats – But the Internet changes the game The threats are serious – They may not be “terrorism” as we know it – But they are worth caring about Criminal infrastructure is an ongoing threat – Some states are playing the privateer game – We cannot rely on international cooperation