Regional Seminar on Cyber Preparedness

Similar documents
Strategic and operational threat analysis at Europol's EC3

Designing Robustness and Resilience in Digital Investigation Laboratories

Cyber Intel within European Cybercrime Center Ops

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

EUROPEAN COMMISSION JOINT RESEARCH CENTRE. Information Note. JRC activities in the field of. Cybersecurity

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Electronic payments in the Netherlands

The commission communication "towards a general policy on the fight against cyber crime"

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

UNODC tackling cybercrime in support of a safe and secure AP-IS

Crime in the age of technology

Issue I. Airport Communication Project

INTERPOL s Role and Efforts in Combating Cybercrime. Dr. Madan M. Oberoi Director Cyber Innovation and Outreach

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Global Wildlife Cybercrime Action Plan1

European Cybercrime Centre EUROPOL

10025/16 MP/mj 1 DG D 2B

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Presented by: - Anselm Charles ICT Manager CARICOM IMPACS

Professional Training Course - Cybercrime Investigation Body of Knowledge -

Systemic Analyser in Network Threats

Cyber Security Strategy

European Union Agency for Network and Information Security

Commonwealth Cyber Declaration

PROJECT RESULTS Summary

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

CYBER SOLUTIONS & THREAT INTELLIGENCE

Council of the European Union Brussels, 16 March 2015 (OR. en)

INTERPOL For official use only. Fighting with friends

15412/16 RR/dk 1 DGD 1C

WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe

Cybercrime what is the hidden nature of digital criminal activities nowadays?

ILLICIT GOODS AND GLOBAL HEALTH. Future-oriented policing projects

LIMITE EN COUNCIL OF THE EUROPEAN UNION. Brussels, 26 September 2008 (30.09) (OR. fr) 13567/08 LIMITE ENFOPOL 170 CRIMORG 150

ENISA EU Threat Landscape

Global Cybercrime Certification

Call for Interest for the INTERPOL Digital Crime Centre 2 nd round (area of advanced technology required for the Malware/BotNet analysis)

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Staff and financial resources Introduction Programme Board Functions of EC Future orientation... 25

Caribbean Cyber Security: Not Only Government s Responsibility

Cyber Crime Update. Mark Brett Programme Director February 2016

Europol Unclassified Basic Protection Level. Council Working Party on Information Exchange and Data Protection (DAPIX) Friends of Presidency

Policy recommendations. Technology fraud and online exploitation

13268/16 EB/dk 1 DGD 1C

ISACA National Cyber Security Conference 8 December 2017, National Bank of Romania

Promoting Global Cybersecurity

ESSA Q INTEGRITY REPORT

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

RESOLUTION 130 (Rev. Antalya, 2006)

A Multi-Stakeholder Approach in the Fight Against Cybercrime

INTERPOL s Role and Effort in Combating Cybercrime Kunwon YANG Assistant Director, DFL, IGCI

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

Package of initiatives on Cybersecurity

Cybersecurity for ALL

Legal, Ethical, and Professional Issues in Information Security

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Incident Response Services

Thematic Paper on Organised Crime Cybercrime - New Investigation Strategies and New Technologies

Cyber Security Development. Ghana in Perspective

Police Technical Approach to Cyber Threats

Securing Europe's Information Society

Cyber Security Roadmap

Understanding the Changing Cybersecurity Problem

Cyber Security Technologies

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Virtual Currencies and The Commonwealth. 1 June 2016

COUNTER-TERRORISM. Future-oriented policing projects

Guiding principles on the Global Alliance against child sexual abuse online

FSOR. Cyber security in the financial sector VISION 2020 FINANCIAL SECTOR FORUM FOR OPERATIONAL RESILIENCE

EU policy on Network and Information Security & Critical Information Infrastructures Protection

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Cyber Security in Europe

RESOLUTION 130 (REV. BUSAN, 2014)

MANAGING SECURITY THREATS IN THE NEW CONNECTED WORLD THROUGH FORENSIC READINESS

G7 Bar Associations and Councils

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

Altitude Software. Data Protection Heading 2018

PROTECTING NATIONAL CRITICAL INFRASTRUCTURE AGAINST CYBER ATTACKS BEST PRACTICES RELATED TO TECHNOLOGY AND STANDARDS FROM EUROPE BANGKOK

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

Sage Data Security Services Directory

Cybersecurity & Digital Privacy in the Energy sector

Gujarat Forensic Sciences University

Project 2020: Preparing Your Organization for Future Threats Today

FOREWORD DR PHILIP SMITH MBE CHAIRMAN MILTON KEYNES BUSINESS LEADERS PARTNERSHIP


Cybersecurity and Hospitals: A Board Perspective

Council of the European Union Brussels, 14 July 2017 (OR. en)

UCD Centre for Cybersecurity & Cybercrime Investigation. University College Dublin School of Computer Science

The UK s National Cyber Security Strategy

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Provisional Translation

National Communications Authority

Cyber Security: Threat and Prevention

Defining cybersecurity.

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Garry Mukelabai Communications Authority Zambia

Transcription:

Regional Seminar on Cyber Preparedness Cyber Crime Challenges from a Law Enforcement Perspective Dr. Philipp Amann, MSc Senior Strategic Analyst, EC³ 18 May 2015 Europol Unclassified - Basic Protection level / Europol Public Information

Outline Introduction to Europol s European Cybercrime Centre (EC3) Relevant Developments and Challenges EC3 Walking the Walk Q&A 2

Connected Life 7,27 bn current world population 90 bn searches so far this year 2 mln blog posts written today Tweets sent today 423 mln 3,01 bn Internet users worldwide monthly active users 1,4 bn 3 7 bn mobile devices worldwide 70% Internet penetration in 51% Europe of employees connect to unsecured wireless networks with their smartphones 115 bn Emails sent today 24 bn total connected devices By 2020 12 bn mobile connected devices

2014 in Numbers 19% Android users encountered a mobile threat 15,577,912 malicious mobile apps worldwide 123,054,503 unique malicious objects detected 38% of user computers subjected to at least one web attack 12,100 mobile banking Trojans annually Cybercrime costs $445 billion or ~1% of global income 1,432,660,467 attacks launched from online resources over 307new cyber threats every minute, more than 5 every second Europol Unclassified - Basic Protection level / Europol Public Information

EC3 Who We Are and What We Do 5 European Cybercrime Centre

The Road to Europol s EC3 6

EC3 s Mandate Cybercrimes committed by Organised Groups, particularly those generating large criminal profits such as online fraud (FP Terminal) Cybercrimes which cause serious harm to their victims, such as online child sexual exploitation (FP Twins) Cybercrimes (including cyber attacks) affecting critical infrastructure and information systems in the Union (FP Cyborg) 7

EC3 s Organisational Structure 8

EC3 s Governance Model Assisted by 2 Advisory Groups 9

Multi-Stakeholder Approach 10

Core Functions EU cybercrime information and intelligence focal point Pool EU cybercrime expertise to support Members States in capacity building Provide coordination & support to Member States' cybercrime investigations Collective voice of European cybercrime investigators across law enforcement and the judiciary 11

Products and Services Operational, Technical and Forensic Support Operational Analysis Cross-Matching of Crime-related Information Mobile Office & On-the-Spot Deployment Digital Forensic IT Lab Europol Malware Analysis System Decryption Platform Large File Exchange SPACE Cyber Intelligence Knowledge Products Strategic Analysis Products Training Counterfeit Currency & Documents 12 Europol Unclassified - Basic Protection level / Europol Public Information

Cooperation Mechanisms 13

Joint Cybercrime Action Taskforce (J-CAT) 14

Cyber Challenges Internet of (Every)Thing(s) Lack of Security by Design Risk of Unpatched Systems Increased Connectivity, Blurred lines between the physical & virtual life New Payment Systems, Electronic Money, Crypto Currencies Anonymisation, Obfuscation, Encryption Techniques Cyber- Crime Cyber- Facilitated Crime Borderlessness of the Internet Cloud-based & Mobile Devices as Targets Targeted Threats Industrialisation of Cybercrime, Cybercrime-as-a-Service 15 Underground Cybercriminal Markets, Illegal Trade on Online Markets

Cybercrime-as-a-Service 16

Predictions for 2015/16 New mobile payment methods (e.g. NFC) and the rise of POS, ATM attacks Banking and healthcare sectors transition to cyberspace Widespread use of open source code Rise of the Internet of (Every)Things Continuous penetration of mobile phones Growing number of Internet users on a daily basis 17 Social media emerging as a new hotbed for cybercriminality Sophistication of malware going beyond Android and Windows Cloud-based hosting A merger services between cybercriminals and APT groups

Predictions for 2015/16 Rise of the Internet of (Every)Things Continuous penetration of mobile phones Growing number of Internet users on a daily basis New mobile payment methods (e.g. NFC) and the rise of POS attacks Banking and healthcare sectors transition to cyberspace Expected increase in the size, scope and sophistication of cyber threats and the emergence of new attack Sophistication vectors, of malware posing going new beyond challenges for law Android and enforcement Windows Widespread use of open source code Cloud-based hosting A merger services between cybercriminals and APT groups 18 Europol Unclassified - Basic Protection level / Europol Public Information

Financial Sector Trends and Challenges Attacks against financial institutions directly Payment card fraud in the EU dominated by well structured and globally active Organised Criminal Groups PCF migrating to countries with no/less successful countermeasures and cooperation Increase in online fraud (CNP fraud) data breaches main source of stolen data 19

Financial Sector Trends and Challenges Physical ATM/POS Skimming on the rise specialization by OCGs Professional production of skimming devices e.g. using 3-D printers Attacks against the chip ATM/POS Shimmer and Man-in-the-Middle cards Mobile banking and ATM malware 20

Financial Sector Trends and Challenges Increasing activities by Asian OCGs in the EU Increased (ab)use of cryptocurrencies and underground banking systems e.g. Hawala, Hundi, 21

Challenges for Law Enforcement Cross-border cooperation and PPPs Transnational crime Most relevant data/evidence held by private sector R&D Attribution Putting a person in front of the keyboard Who s behind an IP address or a nickname? Criminal abuse of encryption & anonymity services Legislation Evidence physically stored in different jurisdictions Identification of relevant legal framework Chain of custody and admissibility of evidence Timeliness, 22

Challenges for Law Enforcement Technical challenges Digital forensics ever increasing no. and variety of connected devices (IoE, Big Data) Volatility of electronic evidence Encryption, obfuscation, anti-forensics Timestamps, timelines, Tools, skills and expertise First responder (LE but also industry) Live Data Forensics Virtual infrastructure forensics Remote storage and Cloud forensics, 23

EC3 Walking the Walk 24 European Cybercrime Centre

Botnet Takedowns 25

Operation Onymous Operation Onymous targeted marketplaces running as hidden services on the Tor network. The action aimed to stop the sale, distribution and promotion of illegal and harmful items. 26

Operation Onymous Objectives: Stop the sale, distribution and promoting of illegal and harmful items Convey the message that criminals abusing TOR are not beyond the reach of law enforcement Figures: 17 arrests of vendors and administrators 410 hidden services taken down Bitcoins worth approximately 1 million USD and 180.000 Euros in cash, drugs, gold and silver seized 27

Global Airline Action Day 28

EC3 Intelligence/Knowledge Products CYBER-INTEL STRATEGY Cyber Bits Trends: Modus operandi, tool or technique used by cyber criminals. Emerging patterns and crime series. Knowledge: Offer guidance and raise awareness. Technology: Technical developments having impact law enforcement work. Tools: Presentation of tailored tools to support operational activities. OSINT Dashboard Strategic Assessments of Operations iocta Project 2020: Scenarios for the Future of Cybercrime Police Ransomware Threat Assessment, Review of Criminal Forums, etc. Strategic Assessments of Operations (e.g. Onymous) Quantitative Quarterly Report on Cybercrime, CC Dependencies Map ICANN Guide for Dummies, Assessment of Bitcoin, Top 10 External Cyber Threats, etc.

iocta Internet Organized Crime Threat Assessment EC3 s flagship strategic product Informs EU decision makers at strategic, policy and tactical levels In-house expertise and contributions from EU law enforcement, third parties, private sector, and academia 30

iocta Internet Organized Crime Threat Assessment Assessment of the three main mandated cybercrime areas of EC3 Set of key recommendations for EU law enforcement and policy makers Release date next version: September 2015 https://www.europol.europa. eu/ec3 31

EC3 Academic Advisory Network Establishment of a cross- disciplinary academic advisory network of thought leaders and leading academic experts Advising the EC3 on key cybersocietal issues Forward-looking research and thought leadership Strategic and policy-related input Platform for networking

Training Competency Framework 34

EC3 Capacity Building & Training Coordination Forensic Expert Training on Examination of Skimming Devices Training course on Combating the Sexual Exploitation of Children on the Internet Training Course on Open Source IT Forensics 35

Cybercrime Prevention, Communication & Events Management EU Cybercrime Prevention and Communication Strategy EU Cybercrime Network of Prevention Contact Points Communication and awareness- raising activities Events management 36

The Cyber Dichotomy Need to protect the privacy of citizens, provide a secure online environment for industry and create a safe cyberspace for everyone to enjoy Need for law enforcement to be able to investigate criminal activity online, including the criminal abuse of encryption and anonymity services The role of EC3 (platform for cooperation, pooling of expertise, tool support, R&D, training, highlighting of operational/legal issues, ) 37

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback