GLACY+ - African Union€¦ · Cyber security and Cybercrime Background & Global outlook Jan...

Cyber security and CybercrimeBackground & Global outlook

Jan KERKHOFS

Council of Europe ExpertFederal Magistrate, Federal Prosecutor’s Office, Belgium

jan.Kerkhofs@just.fgov.be

Addis Ababa, Ethiopia, 11-12 April 2018

GLACY+Global Action on Cybercrime ExtendedAction globale sur la cybercriminalité elargie

www.coe.int/cybercrime - 1 -

African Union Commission – Council of Europe Joint Programme”Cyber Security and Cybercrime Policies for African Diplomats”

Cyber Security and cybercrime:hand in hand

www.coe.int/cybercrime - 2 -

Cyber Security and cybercrime:what is it?

www.coe.int/cybercrime - 3 -

Cyber Security• Cyber security refers to

the technologies andprocesses designed toprotect computers,networks and data fromunauthorized access,vulnerabilities andattacks delivered via theInternet by (cyber)criminals

Cybercrime• Criminal activities

carried out by means ofcomputers or theInternet (Oxford Dictionary)

• Computer crime, ICTcrime, high tech crime,computer/ICT/high techenabled crime, …

Cyber security and Cybercrime

- 4 -

What is at stake? - Criticalinfrastructures

www.coe.int/cybercrime - 5 -

• 3500 BC: the abacus

• 1820: the first cybercrime!

• 1978: first spam-mail via Arpanet

• 1982: the first virus installed on an Apple

A brief history

www.coe.int/cybercrime - 6 -

• 1969 – ARPANET– Militaire Advanced Research Projects Agency

(ARPA) – cold war– Dynamic Rerouting

• The first step in cyberspace:– “That's one small step for a man, one giant leap

for crime.“• Build so it can not be blocked or seized

A brief history

www.coe.int/cybercrime - 7 -

A brief history

www.coe.int/cybercrime - 8 -

ARPANET anno 1974

How the internet works:dynamic rerouting

www.coe.int/cybercrime - 9 -

AZ

AZ

How the internet works:dynamic rerouting

www.coe.int/cybercrime - 10 -

AZ -> A en Z

A en Z ->AZ

www.coe.int/cybercrime

Information Society

http://blog.oxforddictionaries.com/2015/03/cyborgs-cyberspace-csi-cyber/, 27/11/2016 - 12 -

• A part of the daily life of the citizens• workplace,• home• most of the leisure moments

• There is no physical distances between people indifferent places in the world

• Political frontiers are indifferent to the cyber world

www.coe.int/cybercrime

Information Society

http://blog.oxforddictionaries.com/2015/03/cyborgs-cyberspace-csi-cyber/, 27/11/2016 - 13 -

• Information is open and available to everybody

• No States sovereignty

• Cyberspace is independent, anarchic andungovernable

• It is everywhere and it is nowhere

• Any person can express himself

Internet of things (IoT)

www.coe.int/cybercrime - 14 -

• Around 40% of the worldpopulation has an internetconnection today. In 1995, itwas less than 1%.

www.coe.int/cybercrime

Internet Users

http://www.internetlivestats.com/internet-users/, 27/11/2016 - 15-

• The number ofInternet usershas increasedtenfold from1999 to 2013.

• The first billionwas reached in2005. Thesecond billionin 2010. Thethird billion in2014.

11 April 2018, 5:04 pm

Global digital snapshot

https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 16-

Annual growth

https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 17 -

Quarterly growth

https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 18 -

Internet Use: Regional overview

https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 19 -

Time spent on the Internet

https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 20 -

Social Media use

https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 21 -

Social Media regional overview

https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 22 -

Active Users by Platform

https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 23 -

Time spent on Social Media

https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 24 -

The regional African situation

https://www.slideshare.net/wearesocialsg/digital-in-2017-northern-africa - 25 -

Information Society and Cybercrime

• New illegal activities are being “invented” everyday• within the networks

• using the networks

• against the networks

• A global crime

• Always multiple territorial connections• the action of the criminals reach computers and victims in

countries other than their countries

• inherent to the nature of cybercrime

• because of the expansion of the networks it is impossible, toeach country, to act alone against this problem

www.coe.int/cybercrime - 26 -

Information Society and Cybercrime

• Crimes are committed remotely• Evidence is volatile and often on the “cloud”

• National law enforcement agencies are limited to theirgeographical borders

• International assistance in criminal investigations requireproper legal channels

• No jurisdiction online, if outside national borders

• International cooperation deals with very distant countrieswith different cultures, with different legal tradition anddifferent criminal law frameworks

www.coe.int/cybercrime - 27 -

How criminals use Technology

TECHNOLOGY AS AVICTIM

Traditionally considered to be true “computer crime” and involvessuch offences as hacking, denial of service attacks and thedistribution of viruses.

TECHNOLOGY ASAN AID TO CRIME

Computers and other devices are used to assist in the commissionof traditional crimes, for example, to produce forged documents,to send death threats or blackmail demands or to create anddistribute illegal material such as images of child abuse.

TECHNOLOGY AS ACOMMUNICATIONTOOL

Criminals use technology to communicate with each other in wayswhich reduce the chances of detection, for example by the use ofencryption technology

TECHNOLOGY AS ASTORAGE DEVICE

Intentional or unintentional storage of information on devices usedin any of the other categories and typically involves the data heldon computer systems of victims, witnesses or suspects

TECHNOLOGY AS AWITNESS TOCRIME

Evidence contained in IT devices can be used to support evidenceto which it is not obviously related, for example to prove ordisprove an alibi given by a suspect or a claim made by a witness.

www.coe.int/cybercrime - 28 -

Europol IOCTA – key findings

Europol IOCTA Report 2017 - 29 -

EURO

POL

Inte

rnet

Orga

nise

d Cr

ime

Thre

atAs

sess

men

t

RANSOMWARE - MALWARE

ONLINE CHILD SEXUAL EXPLOITATION

PAYMENT FRAUD

SOCIAL ENGINEERING

DATA BREACHES AND NETWORK ATTACKS -DDOS

ATTACKS ON CRITICAL INFRASTRUCTURES- DDOS

CRIMINAL ACTIVITIES ONLINE – ONLINECRIMINAL MARKETS

BIG DATA, IOT AND THE CLOUD

TERRORISM

A few examples: cybercrime and -threats today

www.coe.int/cybercrime - 30 -

dinsdag 17 april 2018 Slim omgaan met het internet 31

32

How to make moneyon the internet

www.coe.int/cybercrime - 33 -

Information viaPhishing

Sell theinformation

SocialEngineer

Malwarecreator

Malwareuser

Data seller

dinsdag 17 april 2018 Slim omgaan met het internet 34

Phishing – social engeneering

www.coe.int/cybercrime - 35 -

The cybercrime threat map

https://www.europol.europa.eu/iocta/2017/index.html - 36 -

Succes factors

• Cyber security policy – Cybercrime legislation –legal framework• CERT – Cyber Emergency Plan

• Malabo Convention, 2014

• Budapest Convention, 2001

• Capacity building• Skill and competence development

• Research and development

• International cooperation

www.coe.int/cybercrime - 37 -

Questions?

www.coe.int/cybercrime - 38 -

Thank you

Jan KERKHOFS

Council of Europe ExpertFederal Magistrate, Federal Prosecutor’s Office, Belgium

jan.Kerkhofs@just.fgov.be

Addis Ababa, 11-12 April 2018

GLACY+Global Action on Cybercrime ExtendedAction globale sur la cybercriminalité elargie

www.coe.int/cybercrime - 39 -