West Midlands Regional Cyber Crime Unit

Transcription

1 West Midlands Regional Cyber Crime Unit Detective Inspector Rob Harris Detective Sergeant Gary Sirrell 1

2 Why are we here? Police cannot tackle this alone Working partnerships and collaborations Industry & Academia has a key role Difficult Landscape Under Reporting Confidence in Law Enforcement

3 Local Policing Structures 43 Separate Forces Mainly Operating Independently Range from 973 in Warwickshire up to 33,367 in London (Met Police)

4 Regional and National Policing Structures 10 Regional Organised Crime Units (ROCU s)

5 History of Hacking Factory workers sabotaging new loom technology Nevil Maskelyne hijacked Marconi s demo of wireless broadcast Phone Phreaking discovered by 7 year old Joe Engressia - Later using the name Joybubbles discovered he could whistle at 2600Hz, hacking the telephone system Others began experimenting and John Draper discovered a plastic whistle given away in cereal boxes could also work

6 History of Hacking Draper started experimenting and began building electronic devices that became known as a Blue Box 2 friends with an interest in technology began developing and selling these Steve Wozniak and Steve Jobs first business was selling devices to hack phone systems!

7 History of Hacking Internet created A bank worker uses a computer to embezzle over $2million Queen sends her first st Spam st conviction in USA for a computer crime. Ian Murphy hacked into AT&T s systems and changed the system clock to get discounted rates st organised hacking group formed, and Hacker magazine launched st Virus Pakistan Brain begins infecting IBM computers World Wide Web, Sir Tim Berners-Lee ,000,000 users Ability to commit crime on an industrial scale

8 Types of Hackers Hacktervism Fame / Kudos (Experimenters & Gamers) Financial (Theft, Fraud, Blackmail DDOS ) Business - IP & Competitive Advantage State

9 Policing the Digital World "There is no reason anyone would want a computer in their home." Ken Olsen, founder of Digital Equipment Corporation, 1977 Began with Fraud Squads late 1980 s Hi-Tech Crime Units grew through 1990 s National Cyber Security Program 2008/09 Expansion of roles (eforensic Officers, Digital Media Advisors, Data Recovery Officers, Mobile Phone Technicians) Specialist Roles - Cyber Crime Units Investigation Technical Intelligence Protect

10

11 The Cyber Crime Protect Role, The 4P s, and other useful facts Detective Sgt Gary Sirrell

12 Cyber Crime Strategy The Four P s PROTECT Ensure adequate protection against the threat. PREPARE Reduce the impact where it does take place. PREVENT Stop people from engaging in criminal activity. PURSUE Identify, disrupt, and take action against those engaged in criminal activity.

13 My role is predicated on the premise that 80% of all Cyber Crime is preventable by the implementation of basic advice and controls. What do I do There is a Protect Officer in every ROCU Policing area (10 in E&W), and together we form a nationwide Protect Network to coordinate Protect, and elements of Prevent and Prepare activity. Work with Police Forces, Local Authorities, other agencies, Business etc to collate best practice around Cyber Crime prevention / source material already available, and share and signpost this to others within the Region, and if appropriate, Nationally. Assist in the training and up-skilling of Police officers, staff, and volunteers to ensure they are prepared to tackle all things Cyber. Work with schools to support lesson planning and activity around Cyber safety, Cyber bullying etc. Engage in all forms of activity to help educate the public around Cyber Safety. Work in partnership with businesses, business groups, and academia. Coordinate Media activity and education in the region around Cyber Crime prevention CISP Champion and promoter of Cyber Essentials

14 One Stand of the Protect work. Getting Police Officers to think Cyber. The Crime scene :

15 It s not just fingerprints, CCTV, and DNA any more

16 Why is this so important? Q to Bond in Skyfall I can do more damage on my laptop sitting in my pyjamas, before my first cup of Earl Grey than you can do in a year in the field *It is predicted that by 2020, 200 billion smart devices will exist in the world. *The UK is one of the most advanced digital economies in the world, with 12.5% of our economy online. This affords great opportunities but makes us vulnerable to Cyber attacks. *90% of large businesses, and 74% of SMEs reported a breach in the past year. The average cost of a severe breach for big firms is 1.5 million, and for SMEs it is over 300,000 (the Talk Talk breach has cost in excess of 60 million to date). *Last Summer GCHQ reported twice as many incidents against networks of national significance, and the volume and sophistication of attacks is increasing.

17 What support is out there to the public and for business?

18 Resources Get Safe Online

19 Resources Cyber Street Wise

20 Resources CESG 10 Steps

21 Resources Cyber Essentials

22 CiSP Cyber Information Sharing Partnership What is the Cyber-security Information Sharing Partnership (CiSP)? CiSP is a joint industry and government scheme based in CERT-UK. CiSP is an online social networking tool and enables its members to exchange information on threats and vulnerabilities as they occur in real time.

23 Reporting Action Fraud

24 What is Cyber Crime? Number of offences ranging from specific computer crimes under the Computer Misuse Act, to traditional crimes like Fraud and Harassment Cyber Enabled traditional crime now being committed over the internet, or Cyber Dependant New crimes that could only be committed with a computer

25 Key Threats Large scale harvesting of personal and business data to commit fraud offences against UK individuals and organisations Targeted compromise of UK networked systems to modify, delete or steal data to gain competitive advantage, undermine user confidence, inflict reputational damage, or to gain control of infrastructure Targeted disruption of access to UK networked systems and services Increasing volume of cyber dependent criminality due to traditional crime groups using as-a-service options Support services (cyber enablers) critical to cyber-dependant crime success extending the gap between law enforcement and criminal capacity and capability

26 Policing the Internet

27 Current Challenges Digital Crime Scene New sources of evidence Digital threat and risk Limited Capabilities in Digital Forensics ACPO Guidelines & ISO standards Challenge of outdated laws and rules (grey areas) Internet of Things explosion of devices Geographical Issues Bulletproof Hosting Remote or Hidden Storage Cryto-Currencies Dark Web

28 Current Work DDOS Botnets Hactavists Enablers National support NCA & International Local Forces Support Joint Visits Prepare & Protect SME Engagement CTU Collaboration

29 Case Studies

30 Questions Detective Inspector Rob Harris Detective Sergeant Gary Sirrell