Police Technical Approach to Cyber Threats

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Police Technical Approach to Cyber Threats"

Transcription

1 Police Technical Approach to Cyber Threats Jumpei Kawahara Director of High-Tech Crime Technology Division, National Police Agency, Japan

2 1 Overview

3 (cases) Current Situation , Others Illegal and harmful information Internet auction fraud Unauthorized access and virus Defamation and abuse Spam s Fraud and fraudulent business 80,273 77, , , , H23 H24 H25 H H27 Number of consultations on cybercrimes, etc. 2

4 Advantages of Police - Authority for investigation - Nationwide working units - Own technological capability 3

5 olice Organization for High-Tech Crime Technology National Police Agency High-Tech Crime Technology (HTCT) Div. Digital Forensic Center Cyber Force Center Technical Support Counter Cybercrime Cybercrime Div. Counter Cyber Attack Security Planning Div. Other crimes General Crimes Organized Crime Traffic Child Sexual Exploitation / Abuse etc. 1

6 Mission of HTCT Organization To provide technical expertise to tackle cyber threats Digital Forensics - analysis of evidence stored in digital devices - technical support for search, seizure, inspection, etc. Cyber Forces - 24/7 basis detection and analysis of suspicious traffic - cooperation with private sectors - malware analysis - incident response activity 2

7 2 Digital Forensics

8 Digital Forensics Extract Digital devices seized at crime scenes 0AF46ED3 9EF5300C 2FE567BB 9321E8A8 Visualize s Accounts Address List etc. Electronic evidence Analyze Identification of criminals Proof of crimes Disclosing crime syndicate 4

9 Fundamentals of Digital Forensics Electronic evidence can be valuable based on: Correctness of Procedure Accuracy of Analysis Objective Verifiability 6

10 Organization for Digital Forensics National Police Agency Digital Forensics Center Highly advanced digital forensic analysis Regional Police Bureaus Prefectural Info-Communications Departments 3

11 Handling Broken Mobile Phone Transplant(1) Circuit Memory IC Broken smartphone Removed circuit 8

12 Handling Broken Mobile Phone Transplant(2) Removed circuit Memory IC ( stained ) restored the function by cleansing, reballing, etc. 1 Transplant into alternative device ( the same model as the broken one ) 2 Analysis! Alternative device 9

13 3 Cyber Forces

14 Cyber Forces Organization (CFs) - Nationwide technical task forces for counter cyber attacks CFs promote preventing cyber attacks and mitigating the damage in coordination with Critical Infrastructure providers, etc. N P A Cyber Force Center (CFC) - The headquarters 10

15 Real-time Detection Network System : sensor Darknet Observation Cyber Force Center file-sharing illegal network server file down illegal file Web Defacement Detection DoS Attack Observation P2P Network Observation 11

16 Suspicious Incoming Packets * ( packets per day per IP address ) * Captured by NPA s sensors FH 2014 SH 2015 FH 2015 SH 2016 FH 12

17 Suspicious Scanning Activities Discovered(1) ( packets / day / IP address ) Linux-based Devices are drawing interest of attackers as hop points of attacks 2,000 sharp increase 0 Oct Sep Captured packets destination port 23/TCP (telnet) CCTV (Webcam) NAS Digital video recorder 13

18 Suspicious Scanning Activities Discovered(2) ( packets / day / IP address ) Scanning Industrial Control Systems connected to the Internet are continuously exposed to scans 10 sharp increase continuous scans 0 Jan Jun /TCP 443/TCP 102/TCP 22/TCP 179/TCP 5006/TCP 80/TCP Others scan scan Potential attackers Industrial control system Search engine on online devices 14

19 4 Our Efforts

20 Measures against Cyber Threats Suspicious traffic Cyber Force Center Analysis Information sharing with local CFs polices, private sectors, etc. Police-Industry Joint Drill Calling public attention to threats on the portal ( ) 16

21 Malware Information Sharing Malware sample Malware Analysis Dynamic Analysis Static Analysis Results Information sharing Counter Cyber Attack Section of NPA Advanced Technology Industry Critical Infrastructure Anti Virus Vendors Managed Security Service Providers 15

22 International Cooperation Counter-Cybercrime Technology and Investigation Symposium (CTINS) for Police officers and technical officers in Asian & Pacific region 16 th CTINS - Discussions, Lectures & Hands-on Training Experts Meetings with digital forensics experts from foreign law enforcement agencies 17

23 Capacity Enhancement Educational Training at the National Police Academy for experts in digital forensics, etc. and for new employees Trainees learn programming, system management and digital forensics, etc. Nationwide Training Environment as the basis of remote training for nationwide CF members in terms of : - incident response - analysis of electronic evidences 18

Cyber Intel within European Cybercrime Center Ops

Cyber Intel within European Cybercrime Center Ops @EC3Europol ENISA CTI-EU Cyber Intel within European Cybercrime Center Ops Álvaro Azofra EC3 Operations Rome, 30 Oct 2017. SUMMARY 1. Europol 2. European Cybercrime Center (EC3) 3. EC3 Operations 4. EC3

More information

COMPUTER FORENSICS (CFRS)

COMPUTER FORENSICS (CFRS) Computer Forensics (CFRS) 1 COMPUTER FORENSICS (CFRS) 500 Level Courses CFRS 500: Introduction to Forensic Technology and Analysis. 3 credits. Presents an overview of technologies of interest to forensics

More information

PERSON SPECIFICATION. Cyber PROTECT Officer. Job Title: Status: Established

PERSON SPECIFICATION. Cyber PROTECT Officer. Job Title: Status: Established PERSON SPECIFICATION Area: Crime and Intelligence Directorate Job Title: Cyber PROTECT Officer Weekly Hours: Section: CAID Scale: Grade 6 Version: 1.2 Post No: GI080 Status: Established Version Date: 37

More information

Regional Seminar on Cyber Preparedness

Regional Seminar on Cyber Preparedness Regional Seminar on Cyber Preparedness Cyber Crime Challenges from a Law Enforcement Perspective Dr. Philipp Amann, MSc Senior Strategic Analyst, EC³ 18 May 2015 Europol Unclassified - Basic Protection

More information

The Scenes of Cyber Crime

The Scenes of Cyber Crime Organizer: BRIDGING BARRIERS: LEGAL AND TECHNICAL OF CYBERCRIME CASES The Scenes of Cyber Crime 5 July 2011 Toralv Dirro EMEA Security Strategist, McAfee Labs Low Risk + High Profit -> Crime 500,000 Cyber

More information

Call for Interest for the INTERPOL Digital Crime Centre 2 nd round (area of advanced technology required for the Malware/BotNet analysis)

Call for Interest for the INTERPOL Digital Crime Centre 2 nd round (area of advanced technology required for the Malware/BotNet analysis) Call for Interest for the INTERPOL Digital Crime Centre 2 nd round (area of advanced technology required for the Malware/BotNet analysis) (CFI-12-IGCI-02) Background INTERPOL recognizes that police worldwide

More information

THE TRIPWIRE NERC SOLUTION SUITE

THE TRIPWIRE NERC SOLUTION SUITE CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on

More information

ITU/HIPPSA Technical Assistance on Cybercrime Law for the Republic of Rwanda, Kigali 11 th -12 th July 2013

ITU/HIPPSA Technical Assistance on Cybercrime Law for the Republic of Rwanda, Kigali 11 th -12 th July 2013 HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa ITU/HIPPSA Technical Assistance on Cybercrime Law for the Republic of Rwanda, Kigali 11 th -12 th July 2013 Draft Computer

More information

CYBER SECURITY TRAINING

CYBER SECURITY TRAINING CYBER Security skills for the digital age. Cyber Crime has never been more predominant. The number of breaches is exponentially rising year on year leading to an ever increasing Cyber Security threat.

More information

ESSA Q INTEGRITY REPORT

ESSA Q INTEGRITY REPORT ESSA Q3 2017 INTEGRITY REPORT EDITORIAL ESSA held its first major event on sports betting and integrity at Lords Cricket ground in mid-october. It was fitting that the event took place at the home of cricket,

More information

UNODC. International Cooperation and Assistance in Cybercrime Matters

UNODC. International Cooperation and Assistance in Cybercrime Matters UNODC International Cooperation and Assistance in Cybercrime Matters UNODC Approach To integrate cybercrime and electronic evidence related issues in broader UNODC mandates of Supporting Member States

More information

Legislative Council Panel on Security

Legislative Council Panel on Security LC Paper No. CB(2)282/16-17(05) For discussion on 6 December 2016 Legislative Council Panel on Security Measures to combat technology crimes and proposed creation of a permanent Chief Superintendent post

More information

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security

More information

Investigation and Intelligence Framework. Alan Ho, Kelvin Wong, Anthony Lai, Zetta Ke VXRL

Investigation and Intelligence Framework. Alan Ho, Kelvin Wong, Anthony Lai, Zetta Ke VXRL Investigation and Intelligence Framework Alan Ho, Kelvin Wong, Anthony Lai, Zetta Ke VXRL VXRL Valkyire-X Security Research Lab Non-profit Making group in HK Offensive, Creative and Fun Only one CTF team

More information

INDONESIA S PERSPECTIVE ON CYBER TERRORISM

INDONESIA S PERSPECTIVE ON CYBER TERRORISM INDONESIA S PERSPECTIVE ON CYBER TERRORISM CYBER TERRORISM No generally acceptable definition Cyber terrorism is one form of terrorism that use computer resources to launch terror attacks on critical infrastructures

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

2005 E-Crime Watch Survey Survey Results Conducted by CSO magazine in cooperation with the U.S. Secret Service and CERT Coordination Center

2005 E-Crime Watch Survey Survey Results Conducted by CSO magazine in cooperation with the U.S. Secret Service and CERT Coordination Center OVERALL RESULTS E-Crime Watch Survey: 2005 Field Dates: 3/3/05 3/14/05 Total completed surveys: 819 Margin of Error: +/- 3.4% NOTE TO EDITOR For the purpose of this survey, electronic crime, intrusion,

More information

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution

More information

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research

More information

CIRT: Requirements and implementation

CIRT: Requirements and implementation CIRT: Requirements and implementation By : Muataz Elsadig Sudan CERT Joint ITU-ATU Workshop on Cyber-security Strategy in African Countries Khartoum, Republic of Sudan, 24 26 July 2016 There is no globally

More information

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security UN General Assembly Resolution 68/243 GEORGIA General appreciation of the issues of information security Widely publicized cyber attacks and, to some expert opinions, cyber war - conducted against Georgia

More information

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers Computer Information Systems (CIS) CIS 101 Introduction to Computers This course provides an overview of the computing field and its typical applications. Key terminology and components of computer hardware,

More information

Cybersecurity, safety and resilience - Airline perspective

Cybersecurity, safety and resilience - Airline perspective Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,

More information

OAS Cybersecurity Capacity Building Efforts

OAS Cybersecurity Capacity Building Efforts OAS Cybersecurity Capacity Building Efforts Are We Ready in Latin America and the Caribbean? 2016 Cybersecurity Report www.cybersecurityobservatory.com The opinions expressed in this publication are of

More information

Data Protection and Cybercrime Challenges

Data Protection and Cybercrime Challenges Data Protection and Cybercrime Challenges (Preliminary Presentation) Sigrid Arzt Commissioner IFAI, Mexico Octopus Conference 6-8 June 2012 Strasbourg, France DATA PROTECTION IN MEXICO: A BRIEF OVERVIEW.

More information

An overview of the CERT/CC and CSIRT Community

An overview of the CERT/CC and CSIRT Community An overview of the CERT/CC and CSIRT Community Jason A. Rafail October 2007 2007 Carnegie Mellon University Overview CERT/CC CSIRTs with National Responsibility Partnerships and Trust Training Conclusion

More information

10025/16 MP/mj 1 DG D 2B

10025/16 MP/mj 1 DG D 2B Council of the European Union Brussels, 9 June 2016 (OR. en) 10025/16 OUTCOME OF PROCEEDINGS From: On: 9 June 2016 To: General Secretariat of the Council Delegations No. prev. doc.: 9579/16 + COR 1 Subject:

More information

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access

More information

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the

More information

A practical guide to IT security

A practical guide to IT security Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

More information

Forensics and Active Protection

Forensics and Active Protection Forensics and Active Protection Computer and Network Forensics Research Project 2003 Work Update Yanet Manzano Florida State University manzano@cs.fsu.edu manzano@cs.fsu.edu 1 Outline CNF Project Goal

More information

Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool. Cyber Security 3.0 Better Together August 18, 2017

Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool. Cyber Security 3.0 Better Together August 18, 2017 Preempting Cyber Fraud: SWIFT Threat Indicator Sharing Tool Cyber Security 3.0 Better Together August 18, 2017 Research Overview Problem Statement Research Goals & Methodology Defining Insider Cashout

More information

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security

More information

NebraskaLink Acceptable Use Policy

NebraskaLink Acceptable Use Policy NebraskaLink Acceptable Use Policy Introduction This acceptable use policy (the "Policy") defines acceptable practices relating to the use of NebraskaLink's services (the "Service") by customers of NebraskaLink

More information

About Issues in Building the National Strategy for Cybersecurity in Vietnam

About Issues in Building the National Strategy for Cybersecurity in Vietnam Vietnam Computer Emergency Response Team - VNCERT About Issues in Building the National Strategy for Cybersecurity in Vietnam Vu Quoc Khanh Director General Outline Internet abundance Security situation

More information

Cybersecurity Overview

Cybersecurity Overview Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy Jackson Energy Authority 731.422.7500 INTRODUCTION Jackson Energy Authority ( JEA ) has formulated this Acceptable Use Policy ( AUP ), in order to set forth terms regarding the responsible

More information

E-guide Getting your CISSP Certification

E-guide Getting your CISSP Certification Getting your CISSP Certification Intro to the 10 CISSP domains of the Common Body of Knowledge : The Security Professional (CISSP) is an information security certification that was developed by the International

More information

Cyber Security Technologies

Cyber Security Technologies 1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales

More information

Resolution: Advancing the National Preparedness for Cyber Security

Resolution: Advancing the National Preparedness for Cyber Security Government Resolution No. 2444 of February 15, 2015 33 rd Government of Israel Benjamin Netanyahu Resolution: Advancing the National Preparedness for Cyber Security It is hereby resolved: Further to Government

More information

Regulation P & GLBA Training

Regulation P & GLBA Training Regulation P & GLBA Training Overview Regulation P governs the treatment of nonpublic personal information about consumers by the financial institution. (Gramm-Leach-Bliley Act of 1999) The GLBA is composed

More information

ITU Model Cybercrime Law: Project Overview

ITU Model Cybercrime Law: Project Overview ITU Model Cybercrime Law: Project Overview Jody R. Westby ICT Applications and Cybersecurity Division Policies and Strategies Department, BDT International Telecommunication Union International

More information

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person) Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,

More information

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction Cybersecurity Risk Mitigation: Protect Your Member Data Presented by Matt Mitchell, CISSP Knowledge Consulting Group Introduction Matt Mitchell- Director Risk Assurance 17 years information security experience

More information

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access

More information

Council of the European Union Brussels, 16 March 2015 (OR. en)

Council of the European Union Brussels, 16 March 2015 (OR. en) Conseil UE Council of the European Union Brussels, 16 March 2015 (OR. en) 7266/15 LIMITE PUBLIC JAI 178 COSI 32 ENFOPOL 66 CYBER 17 COTER 49 NOTE From: To: Subject: EUROPOL Standing Committee on operational

More information

Current skills gap for capable CTI analysts: Training for forensics & analysis

Current skills gap for capable CTI analysts: Training for forensics & analysis Current skills gap for capable CTI analysts: Training for forensics & analysis WORKSHOP CTI EU Bonding EU Cyber Threat Intelligence 30-31 October, Link Campus University, Rome, Italy Ing. Selene Giupponi

More information

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0 P.O. Box 212 Philip D. Murphy, Governor 300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ 08625-0212 www.tech.nj.gov STATE OF NEW JERSEY TECHNOLOGY CIRCULAR Enterprise Information

More information

Symantec Ransomware Protection

Symantec Ransomware Protection Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway

More information

CYBER SECURITY OPERATION CENTER

CYBER SECURITY OPERATION CENTER CYBER OPERATION CENTER Reply s new Cyber Security Operation Centre is a structure specialised in the provision of Premium-level security services, tailored to the customer's needs, processes, and the specific

More information

PROGRAMME CODE QHA5101. This Programme helps to understand various types of crime in digital world and the related legislations in India.

PROGRAMME CODE QHA5101. This Programme helps to understand various types of crime in digital world and the related legislations in India. PROGRAMME CODE QHA5101 This Programme helps to understand various types of crime in digital world and the related legislations in India. TABLE OF CONTENT About the Programme Overview Benefits Objectives

More information

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure EXECUTIVE ORDER [13800] - - - - - - - STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS

More information

Texas Department of Banking United States Secret Service January 25, 2012

Texas Department of Banking United States Secret Service January 25, 2012 Texas Department of Banking United States Secret Service January 25, 2012 Presented by: Texas Department of Banking Banking Commissioner Charles G. Cooper Deputy Commissioner Bob Bacon Chief IT Security

More information

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA Cyber Security in M&A Joshua Stone, CIA, CFE, CISA Agenda About Whitley Penn, LLP The Threat Landscape Changed Cybersecurity Due Diligence Privacy Practices Cybersecurity Practices Costs of a Data Breach

More information

Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence

Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence Presented by Keith Barger and Audra A. Dial March 19, 2014 2014 Kilpatrick Townsend & Stockton LLP Protection of

More information

IS Today: Managing in a Digital World 9/17/12

IS Today: Managing in a Digital World 9/17/12 IS Today: Managing in a Digital World Chapter 10 Securing Information Systems Worldwide losses due to software piracy in 2005 exceeded $34 billion. Business Software Alliance, 2006 Accessories for war

More information

How to Respond to a HIPAA Breach. Tuesday, Oct. 25, 2016

How to Respond to a HIPAA Breach. Tuesday, Oct. 25, 2016 How to Respond to a HIPAA Breach Tuesday, Oct. 25, 2016 This Webinar is Brought to You By. About HealthInsight and Mountain-Pacific Quality Health HealthInsight and Mountain-Pacific Quality Health are

More information

Defining Computer Security Incident Response Teams

Defining Computer Security Incident Response Teams Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that

More information

Credit Card Data Compromise: Incident Response Plan

Credit Card Data Compromise: Incident Response Plan Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,

More information

Joint ICTP-IAEA School of Nuclear Energy Management November 2012

Joint ICTP-IAEA School of Nuclear Energy Management November 2012 2374-20 Joint ICTP- School of Nuclear Energy Management 5-23 November 2012 Establishing National Nuclear Security Infrastructure (Module 9 Topics 3 & 4) EVANS Rhonda International Atomic Energy Agency,

More information

Cooperation with Law Enforcement Agencies - Advising in Cyber Crime Cases

Cooperation with Law Enforcement Agencies - Advising in Cyber Crime Cases Cooperation with Law Enforcement Agencies - Advising in Cyber Crime Cases European Union Agency for Network and Information Security www.enisa.europa.eu About ENISA The European Union Agency for Network

More information

PURPOSE STATEMENT FOR THE COLLECTION AND PROCESSING OF WHOIS DATA

PURPOSE STATEMENT FOR THE COLLECTION AND PROCESSING OF WHOIS DATA PURPOSE STATEMENT FOR THE COLLECTION AND PROCESSING OF WHOIS DATA The GDPR requires that the collection and processing of personal data be for specified, explicit and legitimate purposes. (Article 5(1)(b).

More information

The Insider Threat Center: Thwarting the Evil Insider

The Insider Threat Center: Thwarting the Evil Insider The Insider Threat Center: Thwarting the Evil Insider The CERT Top 10 List for Winning the Battle Against Insider Threats Randy Trzeciak 14 June 2012 2007-2012 Carnegie Mellon University Notices 2011 Carnegie

More information

CRITICAL INFRASTRUCTURE AND CYBER THREAT CRITICAL INFRASTRUCTURE AND CYBER THREAT

CRITICAL INFRASTRUCTURE AND CYBER THREAT CRITICAL INFRASTRUCTURE AND CYBER THREAT CRITICAL INFRASTRUCTURE SAFER CITIES. THRIVING COMMUNITIES. Critical Infrastructure sectors have become prime targets for cyber criminals due to their vitality to a nation s security and stability. 16

More information

Overview Bank IT examination perspective Background information Elements of a sound plan Customer notifications

Overview Bank IT examination perspective Background information Elements of a sound plan Customer notifications Gramm-Leach Bliley Act Section 501(b) and Customer Notification Roger Pittman Director of Operations Risk Federal Reserve Bank of Atlanta Overview Bank IT examination perspective Background information

More information

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments Trusted protection for endpoints and messaging environments Overview creates a protected endpoint and messaging environment that is secure against today s complex data loss, malware, and spam threats controlling

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value

More information

CLOUD FORENSICS : AN OVERVIEW. Kumiko Ogawa

CLOUD FORENSICS : AN OVERVIEW. Kumiko Ogawa CLOUD FORENSICS : AN OVERVIEW Kumiko Ogawa What is Cloud Forensics Forensic Science - Application of science to the criminal and civil laws that are enforced by police agencies in a criminal justice system.

More information

Serious Organised Crime Agency Collaborative Partnership s Work! Howard Lamb SOCA e-crime

Serious Organised Crime Agency Collaborative Partnership s Work! Howard Lamb SOCA e-crime Serious Organised Crime Agency Collaborative Partnership s Work! Howard Lamb SOCA e-crime Serious Organised Crime Agency Background Established under the Serious Organised Crime and Police Act 2005 NDPB

More information

CYBERCRIME The Legal Issues

CYBERCRIME The Legal Issues The IBIA Annual Convention Cancun 3-5 November, 2015 CYBERCRIME The Legal Issues J. Stephen Simms jssimms@simmsshowers.com +1.410.783.5795 Welcome to Cyber-Holics Anonymous Group Therapy To Start our meeting:

More information

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City

Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City 1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the

More information

Information Security of the Beijing 2008 Olympic Games. Yonglin ZHOU

Information Security of the Beijing 2008 Olympic Games. Yonglin ZHOU Information Security of the Beijing 2008 Olympic Games Yonglin ZHOU About CNCERT Government MIIT others Internet Infrastructure ISPs.CN Critical Information System Power, Banks Public Users SME End Users

More information

The City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance.

The City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance. Policy Number: 10-09-02 Section: Roads and Traffic Subsection: Traffic Operations Effective Date: April 25, 2012 Last Review Date: Approved by: Council Owner Division/Contact: For information on the CCTV

More information

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information

More information

with environments a comprehensive against cyber combination attack. of technology, experience, and experts. NEC Cyber Security Solutions

with environments a comprehensive against cyber combination attack. of technology, experience, and experts. NEC Cyber Security Solutions Protecting Extensive experience ICT environments and expert from technology cyber attacks helps protect ICT with environments a comprehensive against cyber combination attack. of technology, experience,

More information

Defining cybersecurity.

Defining cybersecurity. PREPARING FOR TOMORROW S THREATS 28 September 2016 Andrew Facchini Presales & Product Manager +47 459 07 330 andrew@mnemonic.no Defining cybersecurity. WHO IS MNEMONIC? Founded in 2000 110+ security specialists

More information

Child Online Protection in Child Pornography Namibia

Child Online Protection in Child Pornography Namibia Child Online Protection in Child Pornography Namibia Regulation in Namibia UNICEF Namibia Presented by: Jolanda van Westering Outline Introduction Typology of online abuse and exploitation Scale and response

More information

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code Learning Objective Explain the importance of network principles and architecture

More information

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017 DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.

More information

Management Frameworks

Management Frameworks Chapter I Internal Fujitsu Group Information Security Independent of the chief information officer (CIO), the Fujitsu Group has appointed a chief information security officer (CISO) under the authority

More information

Hacking and Cyber Espionage

Hacking and Cyber Espionage Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge

More information

Sage Data Security Services Directory

Sage Data Security Services Directory Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time

More information

2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM

2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM 2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM Recap of 1 st ARF Jeju (South Korea) Cyber Terrorism recently been brought

More information

Chapter 6 Network and Internet Security and Privacy

Chapter 6 Network and Internet Security and Privacy Chapter 6 Network and Internet Security and Privacy Learning Objectives LO6.1: Explain network and Internet security concerns LO6.2: Identify online threats LO6.3: Describe cyberstalking and other personal

More information

RESOLUTION 45 (Rev. Hyderabad, 2010)

RESOLUTION 45 (Rev. Hyderabad, 2010) 212 RESOLUTION 45 (Rev. Hyderabad, 2010) The World Telecommunication Development Conference (Hyderabad, 2010), recalling a) Resolution 45 (Doha, 2006) of the World Telecommunication Development Conference

More information

MANAGEMENT of INFORMATION SECURITY Third Edition

MANAGEMENT of INFORMATION SECURITY Third Edition MANAGEMENT of INFORMATION SECURITY Third Edition CHAPTER AW AND THICS In law a man is guilty when he violates the rights of others. In ethics he is guilty if he only thinks of doing so. Immanuel Kant Upon

More information

Security and resilience in Information Society: the European approach

Security and resilience in Information Society: the European approach Security and resilience in Information Society: the European approach Andrea Servida Deputy Head of Unit European Commission DG INFSO-A3 Andrea.servida@ec.europa.eu What s s ahead: mobile ubiquitous environments

More information

Systemic Analyser in Network Threats

Systemic Analyser in Network Threats Systemic Analyser in Network Threats www.project-saint.eu @saintprojecteu #saintprojecteu John M.A. Bothos jbothos@iit.demokritos.gr Integrated System Laboratory Institute of Informatics & Telecommunication

More information

How AlienVault ICS SIEM Supports Compliance with CFATS

How AlienVault ICS SIEM Supports Compliance with CFATS How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal

More information

Presented by: Njei Check Head, Audit Security Division, ANTIC

Presented by: Njei Check Head, Audit Security Division, ANTIC Windhoek, 30th May 2017 Presented by: Njei Check Head, Audit Security Division, ANTIC B.P 6170 Yaoundé Tél : (+237) 694 405 868 Email : das@antic.cm Website : http://www.antic.cm SUMMARY 1 INTRODUCTION

More information

Unique Phishing Attacks (2008 vs in thousands)

Unique Phishing Attacks (2008 vs in thousands) The process of attempting to acquire sensitive information, such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. In the 2 nd half

More information

Data Preservation Checklists

Data Preservation Checklists Data Preservation Checklists At the G8 meeting of Justice and Interior Ministers in Moscow in October 1999, the Ministers recognized that law enforcement authorities conducting criminal investigations

More information

ESTABLISHMENT OF AN OFFICE OF FORENSIC SCIENCES AND A FORENSIC SCIENCE BOARD WITHIN THE DEPARTMENT OF JUSTICE

ESTABLISHMENT OF AN OFFICE OF FORENSIC SCIENCES AND A FORENSIC SCIENCE BOARD WITHIN THE DEPARTMENT OF JUSTICE 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 ESTABLISHMENT OF AN OFFICE OF FORENSIC SCIENCES AND A FORENSIC SCIENCE BOARD WITHIN

More information

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Protecting Against Online Fraud. F5 EMEA Webinar August 2014 Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture

More information

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security Government Resolution No. 2443 of February 15, 2015 33 rd Government of Israel Benjamin Netanyahu Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security It is hereby resolved:

More information

Effective Cyber Incident Response in Insurance Companies

Effective Cyber Incident Response in Insurance Companies August 2017 Effective Cyber Incident Response in Insurance Companies An article by Raj K. Chaudhary, CRISC, CGEIT; Troy M. La Huis; and Lucas J. Morris, CISSP Audit / Tax / Advisory / Risk / Performance

More information

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise RANSOMWARE PROTECTION A Best Practices Approach to Securing Your Enterprise TABLE OF CONTENTS Introduction...3 What is Ransomware?...4 Employee Education...5 Vulnerability Patch Management...6 System Backups...7

More information

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. Security for Your Business Mitigating risk is a daily reality for business owners, but you don t have

More information

G8 Lyon-Roma Group High Tech Crime Subgroup

G8 Lyon-Roma Group High Tech Crime Subgroup G8 Lyon-Roma Group High Tech Crime Subgroup In October 2009, a series of recommendations for amendments to ICANN s Registrar Accreditation Agreement (RAA) was proposed to ICANN by law enforcement agencies

More information

National Guard GIS and Related Technologies for Counterdrug Law Enforcement

National Guard GIS and Related Technologies for Counterdrug Law Enforcement Page 1 of 6 Maj Michael Thomas Lt Col Billy Asbell Dr. Melinda Higgins Mr. Nick Faust National Guard GIS and Related Technologies for Counterdrug Law Enforcement The National Guard Bureau Counterdrug Office

More information