Presentation is loading. Please wait.

Presentation is loading. Please wait.

Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa

Similar presentations


Presentation on theme: "Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa"— Presentation transcript:

1 Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa
Cyber crime issues – current state of cyber security readiness and cyber crime enforcement capability Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa Brunei – April 2010

2 STRUCTURE OF HITECH CRIME DEPARTMENT
Police General Department of Criminal Investigation and Prevention Hightech Crime Department Division 1 Division 2 Division 3 Division 4 Division 5 - Division 1: Staff Division - Division 2: In charge of Cyber Crime - Division 3: In charge of crimes using Hightech - Division 4: Liaison Office in HCMC Division 5: In charge of data recovering, e-evidence collecting We have divided our description of e-Crime into 3 headings: Team 1: Those crimes which can only be committed because technology is available, such as computer hacking, analysis virus Team 2: another science, crimes using hitech, old crimes, new techniques ex Telecommunication crimes, Fraud financial online, e-commerce, the sale of goods and services to commit online crime. Those crimes which have always been committed, but now are being done in different and new ways due to technology. This includes criminals using technology, such as encryption, and moving crime online, such as Fraud. Team 3: Labeling a “cyberattack” as “cybercrime” or “cyberterrorism” is problematic because of the difficulty determining with certainty the identity, intent, or the political motivations of an attacker “Cybercrime” can be very broad in scope, and may sometimes involve more factors than just a computer hack. Page 2 2

3 Group discussion Vietnam High Tech Crime Division (VHTCD) was established on 2 March 2005. VHTCD’s responsibilities are to prevent and combat high tech crime in all forms; recover, analyze e-evidences to assist operational investigation requests. I would like to initially provide a brief overview of VN HTCD, and in particular how the e-Crime department contributes to the organisations aims and objectives. Page 3 3

4 APRIL 2005: STUDY TOUR OF 4 VN POLICE OFFICERS AT AHTCC-AFP
We have divided our description of e-Crime into 3 headings: Team 1: Those crimes which can only be committed because technology is available, such as computer hacking, analysis virus Team 2: another science, crimes using hitech, old crimes, new techniques ex Telecommunication crimes, Fraud financial online, e-commerce, the sale of goods and services to commit online crime. Those crimes which have always been committed, but now are being done in different and new ways due to technology. This includes criminals using technology, such as encryption, and moving crime online, such as Fraud. Team 3: Labeling a “cyberattack” as “cybercrime” or “cyberterrorism” is problematic because of the difficulty determining with certainty the identity, intent, or the political motivations of an attacker “Cybercrime” can be very broad in scope, and may sometimes involve more factors than just a computer hack. Page 4 4

5 Cyber crime issues - In 2010 Vietnam has 22 Million internet users and 7 ISP. - Based on internet, Cyber crime is no border crime - Criminals and terrorist groups explore more ways to work together - Cyber crime becoming more organized and nowadays as a transnational business, damage the nation infrastructure, economy and national security. . Page 5

6 Challenges in combating trans border cyber crime:
Current state of cyber security readiness and cyber crime enforcement capability Increasing Threat of cyber crime and the necessity to take countermeasures: The increasing use of new technologies, automated attacking tools by cyber criminals (SQL injection, fake IP, fake , fake mobile phone number, using proxy server…) Challenges in combating trans border cyber crime: - New technique for tracking Internet cyber attacks; - Issues of international co-operation in cyber crime investigation and information exchange and jurisdiction. - Tracing and identifying criminals; Initial information gathering and undercover online investigations; 3. Digital forensic analysis of evidence and data recovering; Page 6

7 Cyber crime issues - Amendment of cyber crimes to new criminal code;
- Legal issues relating digital evidence of procedural law - Issues of manpower and training for law enforcement forces, public prosecutor and judges Page 7

8 Other trend in cyber crime methods:
Current state of cyber security readiness and cyber crime enforcement capability Other trend in cyber crime methods: - The growing profit from cyber attacks by targeting core banking, internet commerce website (data usually have credit card information). - Cyber criminals can choose to operate from geographic locations where penalties for some forms of cyber crime may not yet exist. - Cyber attacks can silently steal information without leaving behind any damage that would be noticed by a user, escape detection in order to remain on host systems for longer periods of time. Page 8 8

9 Cyber crime issues + Increasing use of mobile communication devices for attacking by cyber criminals. + Using new technologies allow cyber criminals, terrorist organizations to transcend borders and operate internationally with less chance of detection. + It is estimated that only five percent of cybercriminals are ever arrested or convicted. Page 9 9

10 Cyber crime trend Page 10 10

11 e-Crime dominated by fraud Online banking and credit cards
Cyber crime issues Current issues: e-Crime dominated by fraud Online banking and credit cards Targeted attacks to gain data Individuals, e-commerce sites, transaction processing Anonymous and international Activity is global and hard to trace Fast, irrevocable, unidentifiable payments Virtual payment systems are method of choice Page 11

12 Cyber crime issues Some typical methods attack of cyber crime:
- Denial of service (DDoS, botnet), virus, malware, phishing… Malicious code can scan a victim’s computer for sensitive information, such as name, address, place and date of birth, social security number, mother’s maiden name, and telephone number. Full identities obtained this way are bought and sold in online markets. Page 12

13 Cyber crime issues - Stolen credit card numbers and bank account information can be sold online - Cyber criminals offer services: ship goods, change the billing address, manipulation of stolen PINs or passwords. Page 13

14 Current state of cyber security readiness and cyber crime enforcement capability
Page 14

15 Fraud using e-commerce Credit card fraud
Steal bank account, credit card information with following modus operandi: 1- Attacking shopping website via SQL Injection to obtain list, credit card number, personal information 2- Phishing, 3- Collecting, buying credit card number on internet 4- Stealing credit card information by using Keylogger, spyware… 5- Skimming Page 15

16 4- Using credit card information to buy (card absent) in web shops
Current state of cyber security readiness and cyber crime enforcement capability Significant increases in credit and debit card fraud: 6 modes operandies: 1- Selling credit card information on internet, almost to criminals in foreign countries 2- Using credit card information to make fake ATM card and cashing in ATM 3- Using credit card information to make fake color credit card, paying for luxury services and goods in shops, hotels, air fairs… 4- Using credit card information to buy (card absent) in web shops 5- Shipping: Using credit card information to buy goods in internet and sending it to other and collect later 6- Transfer money from stolen credit cards to bank account, for gambling Page 16

17 Money laundering using e-money:
Current state of cyber security readiness and cyber crime enforcement capability Fraud using e-commerce: - Auction fraud - Non-delivery fraud - Money invest Fraud Money laundering using e-money: Transfer money from stolen credit cards, bank accounts to e-money accounts : e-gold, webmoney, paypal, e-passport... Or Western Union, bank account of the criminals Page 17

18 Current state of cyber security readiness and cyber crime enforcement capability
fraud containing fraudulent details notifying win of million of USD to cheat and obtain personal assets. - Access to database of telecommunication companies, banks, government agencies, enterprises… and steal information. Page 18

19 Current state of cyber security readiness and cyber crime enforcement capability
Need a better Measurement: In 2009: 5 amendments regarding cyber crime in the Penal Code of Vietnam: - Article 224.  Spreading virus to computer networks, harm to computer network, telecommunication networks, internet and digital equipments. - Article 225. Blocking or causing operation disorders to computer network, telecommunication networks and digital equipments (DDOS, BOTNET attacking). - Article 226. Illegally Spreading information into or illegally using information in computer networks, telecommunication networks or internet (hacking, abuse). - Article 226a. Illegally accessing to other people's computer networks, internet, telecommunication networks or digital equipments. Article 226b. Using computer networks, internet, telecommunication networks or digital equipments to obtain other people's assets (fraud). This is important cyber crime law, developing with international assistance. Page 19

20 Current state of cyber security readiness and cyber crime enforcement capability
Page 20

21 Current state of cyber security readiness and cyber crime enforcement capability
Page 21

22 International co-operation
Purpose: Exchange of information, experience Cooperation on cyber crime investigation Training for law enforcement agencies in less developing countries on cyber crime investigation and data recovering Page 22

23 Vietnam Hightech Crime Department
Thank you Page 23


Download ppt "Viet Nam Hitech Crime Investigation Department Dr. Tran Van Hoa"

Similar presentations


Ads by Google