1. Training on “Albanian and Italian experience in investigation and prosecution of Cybercrime” General Prosecutor Office, Tirana 10 June 2014 VQA Ivano GABRIELLI Servizio Polizia Postale e delle Comunicazioni C.N.A.I.P.I.C.

2. DIRECTORATE FOR ROAD POLICE, RAILWAY POLICE, COMMUNICATIONS POLICE AND FOR THE SPECIAL UNITS OF THE ITALIAN NATIONAL POLICE DEPARTMENT OF PUBLIC SAFETY POSTAL AND COMMUNICATIONS POLICE SERVICE Organization Chart MINISTRY OF INTERIOR

3. Our main operational centres POSTAL AND COMMUNICATIONS POLICE SERVICE C N A I P I C C N C P O Online Police Station

4. Provincial Branches (Sezioni) 80 Regional Districts (Compartimenti) 20 Field Offices

5. Cyber Crime o Hacking o Crimes affecting: -Home banking -E-currency -E-Commerce o Cyber terrorism o Critical Infrastructure Protection Online Child Pornography Offences against the person committed by means of the internet o Cyber stalking o Online threats, harassment and defamation Safeguarding Communications Crimes affecting postal services o Controls over telecommunication-related activities Enforcing Copyright protection law – Satellite piracy Statutory areas of competence

6. Servizio Polizia Postale C.N.C.P.O. Established by Law n.38 of February 6, 2006, the National Centre for Combating Online Child Pornography conducts and coordinates all online child abuse investigations and prevention activities. The Centre updates a blacklist of child pornography websites on a daily basis. International cooperation h/24 Monitoring Reception and Notification Blacklisting and Filtering Relations with Financial Institutions Image Analysis Coordinating investigations

7. Servizio Polizia Postale C.N.A.I.P.I.C. Regulatory framework Art. 7-bis of Law n.155 of 31 July 2005, “Conversion into law, with amendments, of the decree law n. 144 of 27 July 2005 on urgent measures to combat international terrorism” (also known as “Pisanu Law”) Internet and telecommunications security: «Without prejudice to the competences of Intelligence and Security Agencies, set forth in articles 4 and 6 of Law n. 801 of 24 October 1977, the body of the Ministry of Interior entrusted with the security and regularity of telecommunication services * ensures the protection of national critical information infrastructures, as indicated in a specific Decree of the Minister of Interior, availing itself of direct ICT connections with the infrastructures concerned and provided for by specific agreements.» Decree of the Minister of Interior of 9 January 2008 implementing art. 7 bis of decree law n. 144 of 27 July 2005. It defines and indicates Critical Information Infrastructures and establishes the CNAIPIC within the Postal and Communications Police Service - Department of Public Safety. Decree of the Chief of Police of 7 August 2008. It states the CNAIPIC’s mission and defines its organization.

8. 8 CYBERCRIME scenario Internet users: In 2000 360,985,492 Today 2,405,518,376

9. NEW FORMS OF CYBERCRIME BASED ON DIGITAL IDENTITY THEFT MAINLY TARGETING: - ONLINE BANKING SERVICES - E-COMMERCE - KNOW-HOW THEFT AND INDUSTRIAL ESPIONNAGE

10. DIFFERENT CASES DIGITAL IDENTITY THEFT DIGITAL IDENTITY THEFT

11. Attacks against users «Traditional» Phishing techniques Theft of a few dozens of credentials Attacks on users computer systems New generation Botnet - Phishing Theft of thousands of credentials Attacks on large computer systems Data Breach Theft of hundreds of thousands of credentials DIGITAL IDENTITY THEFTS Main targets

12. 12 CYBERCRIME A case study “Between 2005 and 2007 Albert Gonzalez, along with a team of hackers called ShadowCrew, managed to hack into the databases of some leading companies of the retail industry, thus gaining access to more than 180 million payment cards. According to estimates, the damage caused by Gonzalez and his team to the affected companies amounted to more than $ 400 million, including reimbursements, forensic investigations and legal expenses.” Source: http://www.mcafee.com/it/resources/reports/rp-good-decade-for-cybercrime.pdf

13. CASE: STRATFOR

14. CYBERCRIME Yesterday, Today and…

15. CYBERCRIME … Tomorrow

16. IDENTITY THEFT IDENTITY THEFT

17. CYBERCRIMES affecting home banking and e-currency represent a constantly evolving phenomenon exploit increasingly sophisticated techniques and technologies (theft of digital identity and codes through new pharming e phishing techniques, insidious crimeware such as trojan horses and botnets, more and more refined skimming technologies, illegal accesses to databases, etc.) are put in place by cross-border criminal organizations have transnational and cross-sector effects

18. Identity Theft Cases in Italy Identity theft : Home Banking, E-currency, E-commerce and Theft of non-financial services access codes – Number of cases resulting from complaints filed from 2009 to 2012 Source:Polizia Postale e delle Comunicazioni

19. Our Activities from January 1 to May 31 2014 Websites monitored7252 Significant attacks detected 161 Alerts sent out relating to serious events453 Investigations conducted32 Individuals informed against to the J.A.33 HTC Emergency Incoming requests10 HTC Emergency Outgoing requests18

20. BOTNETS Source: http://www.team-cymru.org/ Data refer to July 19th, 2012

21. ZEUS BOTNET Infections Source: http://www.abuse.ch/?p=3499http://www.abuse.ch/?p=3499 Data refer to October 2011 – first detection of Zeus variant c.d. P2P

22. ZEUS BOTNET Attack on mobile systems

23. UNDERGROUND ECONOMY

24. PREVENTION AND RESPONSE synergic approach = public-private partnership = shared security data and information sharing and circulation involvement of specialized law enforcement agencies

25. In particular creation of a public-private task force data and information sharing and circulation with a view to preventing and countering crimes and to providing appropriate security policies refining operational capacities and law enforcement response International cooperation

26. Thank you for your attention