- 1.CEFORA: 14-11-2013CYBERCRIME: RISKS, THREATS ESPIONAGE,
ANONYMITY, HACKTIVISM, EXTORTIONARE YOU PREPARED ? Laurent
BOUNAMEAU Deputy head of service Bounameau Laurent, FCCU
2. CloudDefinition et impactSocial Networks Good & bad
newsVolatility Traces probative value of physical evidence
AnonymityTor, Bitcoin: a virtual world in autarky ?In praticeAn
explosive combination Bounameau Laurent, FCCU 3. Bounameau Laurent,
FCCU 4. Bounameau Laurent, FCCU 5. Beyond the web Bounameau
Laurent, FCCU 6. Who investigates ICT crime ?Bounameau Laurent,
FCCU 7. E-Police organisation and tasks Integrated police Federal
PoliceNational Level 31 personsFederal Police Regional level1
Federal Computer Crime Unit 24 / 7 (inter)national contact
PolicyOperations :Training Equipment FCCU NetworkForensic ICT
analysis ICT Crime combatingIntelligence Internet & ePayment
fraude Cybercrime www.ecops.be hotline Internat internet ID
requests25 Regional Computer Crime Units (1 / judicial
disctrict)180 personsAssistance for house searches, forensic
analysis of ICT, taking statements, internet investigationsLocal
LevelFirst line policeLocal PoliceFreezing the situation until the
arrival of CCU or FCCU Selecting and safeguarding of digital
evidenceBounameau Laurent, FCCUInvestigations of ICT crime case
(assisted by FCCU) 8. Investigative problems : cloud computing 3
categories Bounameau Laurent, FCCU 9. Its so simple On his
tabletBounameau Laurent, FCCUCloud computing 10. But you loose the
property of your data Bounameau Laurent, FCCU 11. And if you dont
desire it You will not have the choice Bounameau Laurent, FCCU 12.
Cloud computing Impact on crimeApplicability of national (privacy)
law governing companies ? Very mobile working environment for
criminals Cloud data centers will become new focus of
hackersBounameau Laurent, FCCU 13. Cloud computing Impact on police
methodsLess evidence on local computer equipment Loss of efficiency
of house searches / PC forensics Need for international forensic
network searches Legal framework / cooperation agreements Legal
hackingBounameau Laurent, FCCU 14. Social networksBounameau
Laurent, FCCU 15. Social networks Impact on crimeVery much
information & easily searchable => intelligence for other
crimes Identity theft : account takeover, creation of bogus
profiles, abuse for extortion, spying, malware distribution,
Internet fraud Privacy breaches by Social network providers and
affiliates Explosion of abuse of freedom of speech => will
remain there forever ( sextortion)Bounameau Laurent, FCCU 16.
Social networksBounameau Laurent, FCCU 17. Social networks Impact
on police methodsOld investigation methods less effective (no
witnesses, no material traces => virtual world) Difficulty to
set up history for undercover agents / front stores Difficulty to
wipe out existing history of real identity of undercover agents
Legal use of information gathered on these social networks Lack of
swift effective methods to remove illegal contentBounameau Laurent,
FCCU 18. When virtual world is becoming real !Bounameau Laurent,
FCCU 19. When virtual world is becoming real !Bounameau Laurent,
FCCU 20. When virtual world is becoming real !Bounameau Laurent,
FCCU 21. Anonymity They try to anonymize them BUTBounameau Laurent,
FCCU 22. Anonymity More and more they SUCCEED Bounameau Laurent,
FCCU 23. AnonymityTOR User Onion Routers wwwWeb server- First
request - Second request -1 minute later Bounameau Laurent, FCCU
24. TOR Userwe are working in coop Bounameau Laurent,
FCCUAnonymityServer Childporn @tormail 25. Bitcoin The first three
times you think you understand Bitcoin, youre wrong.Dan Kaminsky
(@dakami)Bounameau Laurent, FCCUAnonymity 26. Everyday in the media
& in the web Bounameau Laurent, FCCU 27. When virtual money is
used in black market Bounameau Laurent, FCCU 28. Fortunately there
are still traces you knew this ?Bounameau Laurent, FCCU 29.
Fortunately there are still traces you knew this ? Who will buy it
? ;-)Bounameau Laurent, FCCU 30. Botnets: DDos attacks
HackerKnowledge serverWebserver / node Infected, and
?InternetSCADAProcess controlCommand & Control FCCU Bounameau
Laurent, Servertrigger eventMW update Very frequent MW update
request Malware update serverUpdate malware / transfer info &
money 31. Botnets: DDos attacks Bounameau Laurent, FCCU 32.
Botnets: DDos attacks Bounameau Laurent, FCCU 33. E-banking,
phishing & money muleVictime John DOE2 Password user id
Phishing Site3Transfert OrderBank Site1Bank: John Doe4Contract
Financial managerBank: Money Mule6Bounameau Laurent, FCCUMoney Mule
Jefke5 34. Defacement & more !!YesterdayBounameau Laurent,
FCCULast week 35. Police ransomwareBounameau Laurent, FCCU 36.
PaySafeCard VouchersBounameau Laurent, FCCU 37. Common web sites to
use vouchersBlocking web sites Bounameau Laurent, FCCU 38.
Terrorism, hacktivism No financial intent Political / social
objectivesAttack and create chaos Destabilize economy and
societyMight take their time to prepare ... Or set up actions very
quickly (social networks) Bounameau Laurent, FCCU 39. Terrorism,
hacktivism DDOS attacks on Mastercard, Paypal, VISA Hours out ! No
transaction for other companies Sony Playstation network (LulzSec)
SPNetwork 2 month out => 171 million $ losses data from 60
million users in the nature some usage Private data from different
databases on the Internet (doxed) => Military / FBI Bounameau
Laurent, FCCU 40. Latest malware developmentsBounameau Laurent,
FCCU 41. Ransom, extortion ?Bounameau Laurent, FCCU 42. Data
breaches76%of databreaches utilised weak or stolen credentials
Username: admin Password: passwordComputers, routers, PABX,
Bounameau Laurent, FCCUSource: Verizon Data Breach Report 2013 43.
The inside threats Fired system administator in courier company
Hard working IT in financial institution Theft of PCs in R&D
department of company Social conflict DDOS attacksBounameau
Laurent, FCCU 44. Brussels, we have a problem ... Victim Hey, can
you help us ? Were a Belgium telecom/hosting compagny We have a
problem Our web servers are hacked & some web sites of our
Belgium clientsare defacedBounameau Laurent, FCCU Police OK Some
questions to startthe case Who, where, what, when 45. Some traces
but where ? Cybercrime Scene InvestigationBounameau Laurent, FCCU
46. Traces: who / where / what ? In Belgium Hosting firm=>
Nothing in Belgium Client=> Nothing in Belgium Hacked firme=>
Nothing in Belgium Bounameau Laurent, FCCU In USA Hacked web server
Defaced web site In Netherlands Hacked server In United Kingdom
Hacker ? In Luxemburg Hacker ? 47. Who are the criminals Unit 8200
?Bounameau Laurent, FCCU 48. Role of governments &
international organizations Working according a strategy Develop
international plans & reaction schemes for critical ICT
infrastructure protection Develop legal framework Bounameau
Laurent, FCCUObligation to report cybercrime incidents Obligation
to secure your computersystem (?) Possibility for ISP to cut off
infected machines (?) Obligation to respond to requests of Gov
authority when serious incidents happen 49. Responsabilities of the
enterprises E-Security = business risk => management
responsibility Think about how to survive when e-systems are under
attack Enforce detection of incidents IDS ? Report incidents to
CERT ? to police ? Integrate strong authentication in e-business
applications Bounameau Laurent, FCCU 50. Responsibilization of end
users Awareness raising => media Training on e-security &
attitude already at school in the enterprises Obligation to secure
his PC properly ? Bounameau Laurent, FCCU 51. How many elements do
you knowAre we prepared Bounameau Laurent, FCCU 52. +32 2 743 74
74Bounameau Laurent, FCCU
