Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity

Similar documents
Personal Cybersecurity

A to Z of the Darknet

Cyber Crime Update. Mark Brett Programme Director February 2016

Legal Foundation and Enforcement: Promoting Cybersecurity

Chapter 10: Security and Ethical Challenges of E-Business

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

Security Trend of New Computing Era

Panda Security 2010 Page 1

White Paper. The Industrialization of Hacking SUMMARY

Sizing and Scoping ecrime

MULTIPLE CHOICE. Choose the one alternative that best completes the statement or answers the question.

Chapter 6 Network and Internet Security and Privacy

ISACA West Florida Chapter - Cybersecurity Event

Botnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer

Caribbean Cyber Security: Not Only Government s Responsibility

Project 2020: Preparing Your Organization for Future Threats Today

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Unique Phishing Attacks (2008 vs in thousands)

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

Dark Web. Ronald Bishof, MS Cybersecurity. This Photo by Unknown Author is licensed under CC BY-SA

(Botnets and Malware) The Zbot attack. Group 7: Andrew Mishoe David Colvin Hubert Liu George Chen John Marshall Buck Scharfnorth

Security Awareness. Presented by OSU Institute of Technology

The Bots Are Coming The Bots Are Coming Scott Taylor Director, Solutions Engineering

Cyber Vigilantes. Rob Rachwald Director of Security Strategy. Porto Alegre, October 5, 2011

Internet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008

CS Paul Krzyzanowski

Cyber Fraud What can you do about it?

Account Takeover: Why Payment Fraud Protection is Not Enough

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

Botnet Communication Topologies

Dissecting Data Breaches. What Keeps Going Wrong?

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Darknet an where it is taking the law

The Scenes of Cyber Crime

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Fifth Edition

!!!!!!!!!!!!!!!!!!!!!!!!!!!"!#$%%!&'!"(&)'*!!!!!!"#$%!&'(!)*+',+%!!

SPAM Malware s Super Highway. How To Protect Yourself Against Malicious s 1

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

Are You Avoiding These Top 10 File Transfer Risks?

Technology in Action

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

Cyber Security for PSNTs John Burger, Colonel, U.S. Army (Retired) VP Strategy and Threat Management, Reliaquest

Symantec Intelligence Quarterly: Best Practices and Methodologies October - December, 2009

A Review Paper on Network Security Attacks and Defences

Fighting the. Botnet Ecosystem. Renaud BIDOU. Page 1

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Network Security Fundamentals

Thailand Initiatives and Challenges in Cyber Terrorism

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

ITU Regional Cybersecurity Forum for Asia-Pacific

2014 CliftonLarsonAllen LLP Cyber Crime and Payment Fraud Trends Key Threats to All Businesses CliftonLarsonAllen LLP. CLAconnect.

Automating Security Response based on Internet Reputation

Presented by: - Anselm Charles ICT Manager CARICOM IMPACS

Cyber fraud and its impact on the NHS: How organisations can manage the risk

Networks and the Internet A Primer for Prosecutors and Investigators

Cyber risk no business too big or too small

Electronic Identity Theft and Basic Security

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Who We Are! Natalie Timpone

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Cyber Crime Seminar. No Victim Too Small Why Small Businesses Are Low Hanging Fruit

Online Threats. This include human using them!

Tor Hidden Services. Roger Dingledine Free Haven Project Electronic Frontier Foundation.

Dynamic Botnet Detection

Is the Best Defense a Good Offense? Christopher T. Pierson, CIPP/US, CIPP/G James T. Shreve, CIPP/US, CIPP/IT

Cybersecurity For The Small Business & Home User ( Geared toward Windows, but relevant to Apple )

From Russia With Love

Cybersecurity and Hospitals: A Board Perspective

Level 2 Cambridge Technical in IT

HOW SAFE IS YOUR DATA? Micho Schumann, KPMG, Cayman Islands

Norse IPViking Technical Overview

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

The tale of one thousand and one ADSL modems

Steven D Alfonso Financial Crimes Intelligence Specialist IBM RedCell

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

SI Special Topics: Data Security and Privacy: Legal, Policy and Enterprise Issues, Winter 2010

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

WHITE PAPER THE SOCIAL MEDIA FRAUD REVOLUTION A STUDY OF THE EXPANSION OF CYBERCRIME TO NEW PLATFORMS

Regulator s Perspective of Best Practices in Combatting Cybercrime Executive Fraud Forum October 30, 2013

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

Securing Information Systems

McAfee S DO s AnD DOn ts Of Online Shopping

Botnet Detection Using Honeypots. Kalaitzidakis Vasileios

NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

THE DARK WEB AND HOW IT AFFECTS YOUR INDUSTRY

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Background. Threats. Present Status. Challenges and Strategies 9/30/2009 TRAI 2

MarkMonitor Dark Web and Cyber Intelligence TM Dark Web Threat Intelligence to Protect Against Cyberattacks

Quick Heal Total Security Multi-Device (Mac) Simple, fast and seamless protection for Mac.

Phishing Read Behind The Lines

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

Red ALERT Apparent Breach of an Unidentified Pharmacy Related Database

CHAPTER 3. Information Systems: Ethics, Privacy, and Security

Computer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017

Private Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes

Transcription:

Computer Crime and Intellectual Property Section Large-Scale Internet Crimes Global Reach, Vast Numbers, and Anonymity Anthony V. Teelucksingh Computer Crime and Intellectual Property Section (CCIPS) Criminal Division, United States Department of Justice August 2010 1

Computer Crime and Intellectual Property Section REMJA Working Group on Cybercrime www.oas.org/juridico/spanish/ www.oas.org/juridico/english/ Computer Crime and Intellectual Property Section www.cybercrime.gov anthony.teelucksingh@usdoj.gov +1 (202) 514-1026 August 2010 2

Agenda Globalization of crime Some vexing problems Anonymity Botnets Carding Digital currency August 2010 3

Computer Crime and Intellectual Property Section Globalization of Crime August 2010 4

Globalization of Crime The Internet knows no borders Criminals exploit the Internet Global reach Anonymity Safe havens Mass targets August 2010 5

Global Cybercrime Snapshots 2009 Botnets * 6.8 million bot-infected computers 47,000 active each day 17,000 new command and control servers *Symantec Internet Security Threat Report, Vol. XV, April 2010 August 2010 6

Geographic distribution of infected computers in a single ZeuS botnet. August 2010 7

Symantec Internet Security Threat Report, Regional Data Sheet Latin America, April 2010 August 2010 8

Global Cybercrime Snapshots 2009 2.9 million new malicious code threats * Data breaches from hacking examples ** 160,000 health insurance and medical records university 530,000 social security numbers government agency 570,000 credit card records business 750,000 customer records mobile telephone service provider 130,000,000 credit card numbers credit card processor *Symantec Internet Security Threat Report, Vol. XV, April 2010 **Open Security Foundation, Dataloss Database, 2009 August 2010 9

Symantec Internet Security Threat Report, Regional Data Sheet Latin America, April 2010 August 2010 10

Online Underground Economy Symantec Internet Security Threat Report, Vol. XV, April 2010 August 2010 11

The Players Cyber-economy crime organizations Traditional organized crime drugs, guns, goods, people Gangs Extremists terrorist organizations Professional hackers Spammers Cybercrime organizations August 2010 12

OEA-REMJA August 2010 13

Some Vexing Problems Anonymity Botnets Carding Forums Digital Currency August 2010 14

Computer Crime and Intellectual Property Section Anonymity August 2010 15

Attribution is Difficult Impossible? Savvy online criminals know how to hide False identification Domain name registration Stolen credit cards Services that do not verify user information Online tools Proxies Anonymizing network Peer-to-peer Decentralized Segmented Redundant Resilient August 2010 16

Web Proxy Sits between ISP and web server ISP and web server no longer talk to each other directly Result: user anonymity from web server WEB PROXY USER ISP WEB SERVER August 2010 17

Web Proxies Type in the site you want August 2010 18

Web-Based Proxies The proxy gets the site and passes it to you You are still communicating with the proxy August 2010 19

Peer-to-Peer file sharing (P2P) Sharing files, using servers as little as possible August 20 2010

Old style P2P Relied on a server to keep track of the peers Who has KIDDIE.MPG? August 21 2010 Second computer from the right.

Newer style P2P Uses supernodes instead of central servers Who has KIDDIE.MPG? I ll ask the other supernodes. One of my nodes has it. August 2010 22

P2P today: Gigatribe and Darknets Small, private communities sharing files Difficult to find and enter 23 August 2010

P2P today: BitTorrent Efficient technology for a huge number of people to share huge files Tracker: knows which computer has which pieces of the file To join, get a.torrent file that identifies the tracker. Leacher: peer still downloading Seeder: Peer offering all pieces 24 August 2010

Anonymizing Network: Tor Tor = The Onion Router, an anonymity network that routes communication through multiple proxies, each with an independent layer of encryption (like an onion) Client = computer using Tor for anonymity Onion Router (OR) = computer that forwards data and anonymizes it (currently about 1200) Circuit = path taken by data through ORs Client OR OR OR Web Server August 2010 25

Computer Crime and Intellectual Property Section Botnets August 2010 26

What is a Botnet? A network of robots (bots) Robot : an automatic machine that can be programmed to perform specific tasks Also known as Zombies Thousands of computers controlled A powerful network at no cost August 2010 27

Purpose of a Botnet Distributed denial of service attacks Advertising spamming Sniffing traffic Keylogging Spreading new malware Installing advertisements Attacking IRC networks Manipulating online polls or games Mass identity theft August 2010 28

IRC Botnets Earlier Botnets controlled by Command and Control (C2) server Botnet user August 2010 29

IRC Botnets Newer Botnets distribute and have redundant C2 servers Botnet user August 2010 30

P2P Botnets Distributed control August 2010 31

P2P Botnets Hard to Disable August 2010 32

Computer Crime and Intellectual Property Section Carding August 2010 33

What is Carding? Carding: large-scale fraudulent use of stolen credit or debit card information Carding forums: websites and bulletin boards dedicated to carding Data usually comes from phishing/spamming or data breaches, rather than real world thefts Bulk transactions ( dumps ) are the norm Credit card data can be encoded on plastic cards for card-present transactions August 2010 34

What do Carding Forums Offer? Identity documents Stolen financial information User names and passwords Full info package of data on victim Card-making equipment and blanks Tutorials on how to be a carder or hacker August 2010 35

August 2010 36

Computer Crime and Intellectual Property Section Digital Currency August 2010 37

August 2010 38

Characteristics of Digital Currency Often backed by a precious metal such as gold May involve both an issuer and an exchanger Can be transferred to other digital currency Popular with cyber-criminals August 2010 39

Example: WebMoney Transfer (www.wmtransfer.com) Based in Russia Open account by downloading WebMoney client and providing name, address, and e-mail address Accepts bank transfers, credit cards, money orders, and cash Can transfer funds from one account to another August 2010 40

Summary Globalization of crime Some vexing problems Anonymity Botnets Carding Digital currency August 2010 41

Computer Crime and Intellectual Property Section REMJA Working Group on Cybercrime www.oas.org/juridico/spanish/ www.oas.org/juridico/english/ Computer Crime and Intellectual Property Section www.cybercrime.gov anthony.teelucksingh@usdoj.gov +1 (202) 514-1026 August 2010 42

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback