Presentation is loading. Please wait.

Presentation is loading. Please wait.

Supervisory Special Agent R. David Mahon 1961 Stout Street, #1823 Denver, Colorado (303) 629-7171 FBI Denver Cyber Squad.

Published byGrace Caldwell Modified over 9 years ago

Similar presentations

Presentation on theme: "Supervisory Special Agent R. David Mahon 1961 Stout Street, #1823 Denver, Colorado (303) 629-7171 FBI Denver Cyber Squad."— Presentation transcript:

1 Supervisory Special Agent R. David Mahon 1961 Stout Street, #1823 Denver, Colorado (303) 629-7171 INFRAGARD-DN@FBI.GOV FBI Denver Cyber Squad

2 Presidential Decision Directive 63 “The US will take the necessary measures to swiftly eliminate significant vulnerability to both physical and cyber attacks on our critical infrastructures, including our cyber systems.” May 22, 1998 May 22, 2003

3 Increased government security by 2000 Secure information system infrastructure by 2003 Federal agencies to serve as model in reducing infrastructure vulnerabilities Seeks participation of private industry Presidential Decision Directive 63

4 4 National Infrastructure Assurance Council Critical Infrastructure Coordinating Group Information Sharing and Analysis Center(s) The Private Sector SectorLead Agency Special Function Agencies DoJ / FBI Law Enforcement Internal Security DoD National Defense CIA Intelligence DoS Foreign Affairs National Infrastructure Protection Center Executive Office of the President OSTP (R&D) National Security Advisor National Coordinator Banking & Finance Transportation Electric and Gas & Oil Information / Comms Emergency Law Enforcement Government Services Emergency Fire Public Health Services Water Supply Dept of Treasury Dept of Transportation Dept of Energy Dept of Commerce Dept of Justice FEMA HHS EPA Critical Infrastructure Assurance Office

5 PDD 63 Requires the FBI through the NIPC to: Serve as national infrastructure threat gathering, assessment, warning, vulnerability & law enforcement investigation/response entity Be linked electronically as a national focal point Establish its own relationships with private sector Be the principal means of coordinating US Govt response, mitigation, investigation and reconstitution efforts.

6 Coordinate FBI computer intrusion investigations Support other agencies and state & local governments involved in infrastructure protection NIPC Mission Detect, deter, warn of, investigate, and respond to attacks on critical infrastructures

7 Share, analyze, & disseminate information Provide training for Federal, state and local cyber investigators Clearinghouse for technological developments 24/7 watch and warning capability NIPC Mission

8 NIPC Organization Location Located at FBIHQ in Washington, D.C., the NIPC is one of the fastest growing investigative areas in the FBI Composition Multiple government agencies Federal, state, and local law enforcement Private sector representatives

9 NIPC Programs

10 Key Asset Initiative

11 Develop Database for specific entities within each infrastructure Key Asset: An organization, group of organizations, system, or group of systems is considered to be a key asset if it is determined that the loss of associated goods or services or information would have widespread and dire economic or social impact. Develop Emergency Points of Contact Cyber and Physical Threats Contingency Planning Vulnerability Assessments for Assets with National Importance Develop Database for specific entities within each infrastructure Key Asset: An organization, group of organizations, system, or group of systems is considered to be a key asset if it is determined that the loss of associated goods or services or information would have widespread and dire economic or social impact. Develop Emergency Points of Contact Cyber and Physical Threats Contingency Planning Vulnerability Assessments for Assets with National Importance

12 Critical Infrastructures “Critical infrastructures are those physical and cyber-based systems essential to the minimum operations of the economy and government.” Presidential Decision Directive-63 May 1998

13

14 Control systems Emergency coordination Control systems Comms Transactions Control systems Comms Control systems Comms Control systems Comms Telecomm site power Power for systems & facilities Emergency backup power Power for systems & facilities Emergency backup power Power for systems & facilities Emergency backup power Power for systems & facilities Emergency backup power Fuels for backup power Fuels for primary or backup power Fuels for backup power Energy for distribution systems Fuels for backup power Fuels for system support Corporate finance Corporate & local government finance Major bridges & crossings Vehicles & routes for system service & response Major bridges & crossings Vehicles & routes for system service & response Major bridges & crossings Vehicles & routes for system service & response Transport of canceled checks, etc. Vehicles & routes for system service & response Cooling water 911 systems Emergency response control Cooling water 911 systems Emergency response services Cooling water 911 systems Emergency response services Drinking water 911 systems Emergency response services Cooling water 911 systems Emergency response services Information & Communications Electrical Power Gas & Oil Storage & Distribution Banking & Finance Physical Distribution Vital Human Services Information & Communications Electrical Power Gas & Oil Storage & Distribution Banking & Finance Physical Distribution Vital Human Services How are infrastructures on the left reliant on infrastructures across the top? New Thinking Required To Appreciate Infrastructure Interdependencies

15 Pipeline disruption Power outage Submarine cable lost Bomb threats in two buildings Threat to water supply Two bridges down Oil refinery fire Telephone service disrupted FBI phones jammed 911 unavailable Two regional ISP’s out of service What if…...

16 Computer Intrusion Program

17 Vulnerabilities: A New Dimension Physical vulnerabilities and threats are known. Cyber vulnerabilities are growing and are not well understood.

18 Cyber vulnerability stems from easy accessibility to infrastructures via Internet New Risks and Threats Tools to do harm are widely available and do not require a high degree of technical skill Globalization of infrastructures increases exposure to potential harm Interdependencies of systems make attack consequences harder to predict and perhaps more severe

19 CSI/FBI 2001 Computer Crime and Security Survey Source: Computer Security Institute Likely Sources of Attack 76% 81% 49% 31% 25% Independent Hackers Foreign Competitors

20 CSI/FBI 2001 Computer Crime and Security Survey Source: Computer Security Institute Unauthorized use of computer system within the last 12 months 64% 25% 11% YesNo Don’t Know

21 CSI/FBI 2001 Computer Crime and Security Survey Source: Computer Security Institute Types of Attacks 26 40% 36% 64% 49% 91% 94% Theft of Proprietary Info System Penetration Denial of Service Laptop Unauthorized Access by Insider Insider Abuse of Net Access Virus

22 Structured Threats Organized Crime Industrial Espionage Hacktivists National Security Threats Terrorists Intelligence Agencies Information Warfare Unstructured Threats Insiders Recreational Hackers Institutional Hackers Cyber Threats

23 Hackers

24 Types of Attacks Denial of Service Hijacked Domain Names Defacement of Web Page Denial of Service Hijacked Domain Names Defacement of Web Page

25 Vladimir Levin In 1994, hackers compromised passwords to impersonate account holders Attempted 40 transfers totaling $10 million Actual losses of $400,000 5 individuals arrested All pled guilty to either bank fraud or conspiracy to commit bank fraud

26 CREDIT CARD EXTORTION Russian hackers break into more than 40 e- commerce businesses/databases in 10 states One business had 38,000 credit-card numbers compromised; another had 15,700 credit cards numbers stolen Businesses contacted by subjects – they offered to “fix” the problem for a price. And, one victim company hired a hacker as a computer security consultant!!

27 CREDIT CARD HACKERS… November, 2000: Undercover sting set up in Seattle; two subjects lured to US Subjects demonstrate their hacking prowess for their new “employers,” then arrested on the spot 250 gigabytes of stolen data recovered through a “reverse hack” into the subjects’ computers

28 Terrorist Groups Aum Shinrikyo Usama Bin Laden

29 Terrorist fundraising, communications on Internet Ramzi Yousef: –Plotted to bomb 11 U.S. airliners in Pacific –Details of plot encrypted on laptop Ramzi Yousef: –Plotted to bomb 11 U.S. airliners in Pacific –Details of plot encrypted on laptop Tamil Tigers: web site defacement Zapatista National Liberation Army (EZLN) Terrorists

30 “Several countries have or are developing the capability to attack an adversary’s computer systems.” “Developing a computer attack capability can be quite inexpensive and easily concealable: it requires little infrastructure, and the technology required is dual-use.” George Tenet, CIA Director 2/2/99 Information Warfare

31 "... attaining one hundred victories in one hundred battles is not the pinnacle of excellence. Subjugating the enemy's army without fighting is the true pinnacle of excellence." Sun Tzu, The Art of War c. 350 B.C. “Information warfare is the use of, destruction or manipulation of information on a computer network to destroy the enemy’s telephone network, fuel pipelines, electric grid, transportation control system, national funds transfer system...in order to achieve a strategic victory.” --Beijing Jianchuan Zhishi (Chinese Press) 30 June, 1999

32 Ownership of Problem Risk is shared among public and private interests Risk is shared among public and private interests Partnership is the Foundation for Infrastructure Protection Partnership is the Foundation for Infrastructure Protection

33 INFRAGARD A Government and Private Sector Alliance

34

35 InfraGard Overview Voluntary Program/Public and Private Sectors National Identity, yet Locally Flexible Information Shared Locally and Nationally Fosters Trust Between Members, Locally and Nationally

36 Forum for members to communicate Prompt dissemination of threat warnings Help in protecting computer systems Education and training on infrastructure vulnerabilities A community that shares information in a trusted environment Membership Benefits

37 Primary Features Secure Web Site Intrusion Alert Network Seminars and training

38 Intrusion Alert Network NIPC transmits sanitized description to other members via E-mail NIPC analyzes incident –Trends identified and reported –Investigation opened if appropriate Member sends encrypted message about attack to NIPC and FBI Field Office via E-mail –Detailed description –Sanitized description

39 Secure Web Site Information about recent intrusions Archives of intrusion incidents Original research on security issues Chat and conference with other members InfraGard news Links to other security sites Contact information

40 Chapter begun November 15, 2000 Membership from every infrastructure sector Quarterly meetings of general membership Individual sectors meet more frequently Training planned on vulnerabilities, risk assessment, solutions Denver InfraGard Chapter

41 DENVER INFRAGARD CEO/Senior level briefing projects planned Educational initiatives underway involving computer forensic training; regional cyber crimes survey “Action” item projects underway with private sector

42

43 www.ifccfbi.gov IFCC MISSION STATEMENT To develop a national strategic plan to address fraud over the Internet, and to provide support to law enforcement and regulatory agencies at all levels of government for crimes that occur over the Internet.

44 www.ifccfbi.gov PURPOSE OF THE IFCC DEVELOP NATIONAL STRATEGY IDENTIFY AND TRACK FRAUD ANALYZE INTERNET CRIME TRENDS TRIAGE INTERNET COMPLAINTS DEVELOP INVESTIGATIVE PACKETS FORWARD INFO TO APPROPRIATE AGENCY

45

46

47 www.ifccfbi.gov ADVANTAGES WHICH THE INTERNET PROVIDES CRIMINALS Identification and Location of victims Victims do not see or speak to fraudsters Accepted vehicle for commerce Minimal cost to set up web page Technology has made Internet company set up very easy

48 www.ifccfbi.gov IFCC INTERNET COMPLAINTS 2000 AVG 1,848 PER MONTH 2000* TOTAL 14,787 2001 AVG 4,155 PER MONTH 2001 TOTAL 49,863 2002 AVG 5,942 PER MONTH 2002** TOTAL 35,657 * MAY 8, 2000 THROUGH DECEMBER 31, 2000 ** JANUARY 1, 2002 THROUGH JUNE 1, 2002

49 Federal Bureau of Investigation FBI – Denver Division Cyber Squad Tel: (303) 629-7171 1961 Stout Street Suite 1823 Fax: (303) 628-3240 Denver, Colorado 80294infragard-dn@fbi.gov

Download ppt "Supervisory Special Agent R. David Mahon 1961 Stout Street, #1823 Denver, Colorado (303) 629-7171 FBI Denver Cyber Squad."

Similar presentations

Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism

Thai delegation Presentation at 4 th ARF seminar on Cyber-terrorism
Department of Homeland Security Site Assistance Visit (SAV)

Department of Homeland Security Site Assistance Visit (SAV)
Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.

Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.
Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.

Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.
Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.

Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.
FBI Intelligence Houston Field Intelligence Group Overview Carlos J. Barrón FIG Coordinator Field Intelligence Group H O U S T O N UNCLASSIFIED.

FBI Intelligence Houston Field Intelligence Group Overview Carlos J. Barrón FIG Coordinator Field Intelligence Group H O U S T O N UNCLASSIFIED.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.

Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202) 353-7848.

Responding to Cybercrime in the Post-9/11 World Scott Eltringham Computer Crime and Intellectual Property Section U.S. Department of Justice (202)
InfraGard A Partnership For Protecting America. What is InfraGard “ A cooperative undertaking between the U.S. Government (the FBI) and an association.

InfraGard A Partnership For Protecting America. What is InfraGard “ A cooperative undertaking between the U.S. Government (the FBI) and an association.
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.

Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Mark S. Bruhn, Interim Director University Copyright.
InfraGard Update SSA John V. Gillies SA Matthew E. Morin.

InfraGard Update SSA John V. Gillies SA Matthew E. Morin.
CIAO.0209 - July 99 - 1 Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.

CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Business Crisis and Continuity Management (BCCM) Class Session 3 3 - 1.

Business Crisis and Continuity Management (BCCM) Class Session
Network Security of The United States of America By: Jeffery T. Pelletier.

Network Security of The United States of America By: Jeffery T. Pelletier.
June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.

June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.

Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.

Similar presentations

Ads by Google