Presentation is loading. Please wait.

Presentation is loading. Please wait.

FBI Cyber Presentation

Published byJuniper Thornton Modified over 9 years ago

Similar presentations

Presentation on theme: "FBI Cyber Presentation"— Presentation transcript:

1 FBI Cyber Presentation
Andrew P. Dodd Special Agent Computer Intrusion Program FBI New Haven Field Office

2 ALL PART OF YOUR SECURITY POLICY
Best Practices Logs are your “internet security cameras” Point them at what matters! Store them for a reasonable time Study them to know what is normal Know Your Systems Accountability Patches ALL PART OF YOUR SECURITY POLICY

3 Threats on the Rise Advanced Persistent Threat (APT) Nation-States
Long-term, unauthorized access to your network Hard to detect (impossible without logs) Prevention is great…DETECTION is a must Devastating consequences

4 APT Signs Five signs of APT attacks: Abnormal logon activity (logs)
Widespread backdoor Trojans (logs) Unexpected data flows (logs) Discovering unexpected data bundles Hacking tools left behind

5 Threats on the Rise Ransomware Man-in-the-Email
Encrypts your data until you pay a fee to get it unlocked Either securely back up your data, or pay the bad guys and pray… Man-in-the- Customer needs urgent transfer of funds Often the Financial Controller is tricked Keep tabs on what you post online

6 Investigating Internationally
What to do when the criminals operate exclusively beyond U.S. borders? Have a law-firm on call (e.g. China) FBI global law enforcement presence FBI Legal Attaches (LEGAT) Global coverage from more than 60 embassies Interpol Mutual Legal Assistance Treaties (MLAT)

7 Case Study Case began in June 2005 when an InfraGard member received a phishing from Peoples Bank Member did not have an account with Peoples Bank and immediately recognized it as phishing A spoofed address and graphical images were created to look like the message was truly from Peoples Bank Phishing contained a link to a phishing web site unwittingly hosted in Minnesota

8 Romanian Phishing Case Study
Unwitting owner of phishing web site provided copies of files used to produce the web site From the scripts, it was determined that phished data was sent to an collector account, Search warrants and subpoenas to Yahoo! and various ISPs revealed a connection to Romania

9 Romanian Phishing Case Study
Investigative assistance provided by Peoples Bank revealed numerous ATM withdrawals made in Romanian cities using phished data The LEGAT in Bucharest was brought into the investigation The LEGAT worked closely with the Romanian National Police (RNP) in a joint investigation

10 Romanian Phishing Case Study
Timeline 06/2005 – case begins from receipt 08/2005 – first of many search warrants issued 01/2007 – Seven Romanians indicted in CT 06/2007 – First arrest made in Bulgaria November 10, 2010 – fourteen new indictments Between December 2011 and November 2013, nine Romanians were arrested and extradited directly from Romania 07/2014 – Last subject sentenced to 45 months

11 Romanian Phishing Case Study
Results 13 Arrests 1 Bulgaria, 1 Canada, 1 Croatia, 9 Romania, 1 Sweden None had ever been to the United States 13 Extraditions from 5 different countries 13 Convictions 12 guilty pleas and 1 at trial 13 Sentences ranging from 7 – 80 months Average around 50 months First extradition for computer crimes committed by someone who had never been to the U.S. First extraditions directly from Romania of Romanian citizens

12 Reaching out to Law Enforcement
Who KNOW IN ADVANCE WHO YOU WILL CALL!!! Call a known person Calling publically listed numbers is BAD PLANNING! Verify at least annually your contact information What Computer intrusions and Internet-crimes Report regardless of loss Share what you know

13 Reaching out to Law Enforcement
Why Because the security of the Internet is a global community concern All of us need to work together on this A secure Internet will boost every legitimate business A non-secure Internet may knock out some competition, but the bottom line of the survivors will not reap the benefits that a secure Internet can provide

14 Reaching out to Law Enforcement
Where Location of intrusion Where are the computers? Location of subject Often not known until deep into investigation Company headquarters Often better equipped to assist with investigation

15 Reaching out to Law Enforcement
When As soon as you can, however… Collect as much information as you can before calling law enforcement Once law enforcement becomes involved, restrictions on gathering evidence may attach More information will help to determine if an investigation will be opened and what, if any, public exposure the victim may face

16 Reaching out to Law Enforcement
How However you had it planned Work day, work hours Work day, after hours Weekend Holiday POC on vacation

17 SA Andrew P. Dodd 203-503-5488 andrew.dodd@ic.fbi.gov
Questions??? SA Andrew P. Dodd

Download ppt "FBI Cyber Presentation"

Similar presentations

Computer Systems Networking. What is a Network A network can be described as a number of computers that are interconnected, allowing the sharing of data.

Computer Systems Networking. What is a Network A network can be described as a number of computers that are interconnected, allowing the sharing of data.
Cyber Safety Assessment Review

Cyber Safety Assessment Review
Account HIGHJACKING & IDENTITY THEFT GPCE Credit Union has prepared a slide show presentation to examine the most prevalent financial crimes at work today.

Account HIGHJACKING & IDENTITY THEFT GPCE Credit Union has prepared a slide show presentation to examine the most prevalent financial crimes at work today.
ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3, 2014 1.

ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3,
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Module 5: financial services review

Module 5: financial services review
1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
8 Mistakes That Expose You to Online Fraud to Online Fraud.

8 Mistakes That Expose You to Online Fraud to Online Fraud.
Email Basics. 2 Class Outline Part 1 - Introduction –Explaining email –Parts of an email address –Types of email services –Acquiring an email account.

Basics. 2 Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services –Acquiring an account.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Discovering Computers 2010

Discovering Computers 2010
Data Protection Act. Lesson Objectives To understand the data protection act.

Data Protection Act. Lesson Objectives To understand the data protection act.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth.

Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth.
Securing Information Systems

Securing Information Systems

Similar presentations

Ads by Google