Cyber Crime Update Mark Brett Programme Director February 2016
What is Cyber Crime? What are the current threats? What is the capability of local and regional Cyber Crime Investigations? What support is out there to assist?
The adopted definition of Cyber Crime is: Cyber Dependent Crimes, where a digital system is the target as well as the means of attack. These include attacks on computer systems to disrupt IT infrastructure, and stealing data over a network using malware (the purpose of the data theft is usually to commit further crime). Cyber Enabled Crimes. Existing crimes that have been transformed in scale or form by their use of the Internet. The growth of the Internet has allowed these crimes to be carried out on an industrial scale. The use of the Internet to facilitate drug dealing, people smuggling and many other 'traditional' crime types.
The Attraction? Traditional Crime Cyber Crime Presence at crime scene Remote from crime scene One offence at a time Multiple offences at once High risk/low reward Low risk/high reward Local enquiries International enquiries Victim reports to police Victim reputation
Source: http://img2.wikia.nocookie.net/ cb20101009053841/itlaw/images/8/8e/figure1.jpg
criminals Today Mirror Legitimate Business Processes yed erators o unce g the ough nology uch bove, or t iate How Zeus botnet operators utilize money mules http://www.fortinet.com/sites/default/files/whitepapers/cybercrime_report.pdf, Ransomware, which actually encrypts data on an model and infected user s machine, is a new trend that seems
Organised crime is well organised! Source: http://sophosnews.files.wordpress.com/2012/01/kb-actors.jpg
Think Digital What are the lines of enquiry?
Think Digital What are the lines of enquiry?
Which of these is a cyber threat? Common house hold smart goods are now being hacked and used in Spam and DDOS activity
We now live our lives online 3bn people will be using the internet worldwide by 2016 and by the end of the year, networked devices will outnumber people by six to one On average each household has 3 internet enabled devices and 2/5 adults have smart phones 8% of GDP generated through the internet economy 121bn in 2010 with Household annual retail sales worth 2.6bn with 30% year on year growth
Some stats... 81% of large organisations and 60% of small organisations reported a security breach (reduced slightly), although Severity and impact has increased the worst breaches averaging at 65k - 115k for small organisations and between 600k - 1.15m for large. 2014 saw more than 1,500 significant data breaches global companies losing hundreds of millions of user details, sometimes including credit card and bank account details Credit card details with CVV being sold for as little as $1 on black market exchanges Crime rate in England and Wales more than doubled to 11.6 million offences primarily because of the inclusion of 5.1m incidents of online fraud and 2.5m incidents of cybercrime More than 70% of fraud is now committed online 2013 McAfee estimated Economic Cost of Cyber crime globally as $500bn Cyber Security identified as a Tier 1 threat to the UK, alongside Terrorism, War and Natural Disaster GCHQ report - 80% cyber crime preventable
The National, Regional & Local Picture
The National, Regional & Local Picture National/ International NCA Cross Border Regional Organised Crime Units First Responders & Local Investigations Local Forces
What Organisations need to ask themselves Do you know the value of your data? Reputational Damage//Trust what if these were affected? Do you know where your critical data is stored? Who has access to your data? Do you have backups? When did you last test them? Do you really know your employees? Do you have business continuity in place? What would you do if you lost your critical data tonight? How would you respond to a Cyber Incident?
Get Safe Online
What is the Cyber-security Information Sharing Partnership (CiSP)? CiSP is a joint industry and government scheme based in CERT-UK. CiSP is an online social networking tool and enables its members to exchange information on threats and vulnerabilities as they occur in real time.
Questions?