fbi and cyber crime | crime stoppers international

Download FBI And Cyber Crime | Crime Stoppers International

Post on 08-May-2015

1.131 views

Category:

Education

1 download

Embed Size (px)

DESCRIPTION

Crime Stoppers International 32nd Training Conference Presentation October 25, 2011 by Cyber Crime FBI Unit Chief David Wallace in Montego Bay, Jamaica

TRANSCRIPT

  • 1.FBI and Cyber Security Unit Chief David Wallace Cyber Division Federal Bureau of Investigation

2. Overview

  • FBI Mission
  • Cyber Threats
  • FBI Response

3. Mission

  • Protect the United States from Terrorist Attack.
  • Protect the United States against foreign intelligence operations and espionage.
  • Protect the United States against cyber based attacks and high technology crimes.
  • Proactive vs. Reactive

4.

  • Identify and neutralize the most significant individuals or groups conducting computer intrusions, the dissemination of malicious code, and/or other computer-supported operations.
  • The FBI is the only U.S. agency charged with the authority to investigate both criminal and national security computer intrusions.

Mission 5. Mission HQ Mission : Coordinate, supervise and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as targets of terrorist organizations, foreign government sponsored intelligence operations, or criminal activity; 6.

  • The Threats to General Public on the Internet
  • The Threats to Corporate and/or Financial Entities from Motivated Hackers

Cyber Criminal Threat 7. Criminal Threats to Internet Users

  • Cyber Extortion
    • Individuals threaten to use Social Networking power
    • Extortion-based DDoS attacks
    • Scareware/Fraudulent Antivirus Software
  • Phishing
    • Ongoing case with major bank, 350 subjects identified, over 50 in a cooperating foreign country
    • 2000 phishing transactions totaling $4 million
  • Botnets
    • Enable other criminal activity, Spam, distribution of additional Malware (Keyloggers, DNSChanger etc.)

8. One type of Cyber Extortion

  • These things, unless you honor the below claim, WILL HAPPEN on March 8, 2010.
  • As you have denied my claim I can only respond in this way. You no longer have a choice in the matter, unless of course you want me to continue with this outlined plan. I have nothing to lose, you have everything to lose.
  • My demand is now for $198,303.88. This amount is NOT negotiable, you had your chance to make me an offer, now I call the shots.
  • I have 6 MILLION e-mails going out to couples with children age 25-40, this e-mail campaign is ordered and paid for. 2 million go out on the 8th and every two days 2 million more for three weeks rotating the list. Of course it is spam, I hired a spam service, I could care less, The damge [sic] will be done.
  • I am a huge social networker, and I am highly experienced. 200,000 people will be directly contacted by me through social networks, slamming your integrity and directing them to this website within days.
  • I think you get the idea, I am going to drag your company name and reputation, through the muddiest waters imaginable. This will cost you millions in lost revenues, trust and credibility not to mention the advertising you will be buying to counter mine. Sad thing is its almost free for me!
  • The process is in motion and will be released on March 8th, 2010. If you delay and the site goes live, The price will then be $3,000,000.00.

9. DDoS Extortions

  • Recent trend targeting online product retailers
    • Company receives an extortion threat via email, online chat or their 1-800 telephone number
    • Demand to pay $,$$$ within five minutes or your website will be shut down
    • Many go unreported
    • Victims appear to be targets of opportunity
    • These tend to roll into Botnet investigations

10. Scareware also a form of Cyber Extortion 11. Criminal Threats to Internet Users

  • Cyber Extortion
    • Individuals threaten to use Social Networking power
    • Extortion-based DDoS attacks
    • Scareware/Fraudulent Antivirus Software
  • Phishing
    • Ongoing case with major U.S. banks, 350 subjects identified, over 50 in a cooperating foreign country
    • 2000 phishing transactions totaling $4 million
  • Botnets
    • Enable other criminal activity, Spam, distribution of additional Malware (Keyloggers, DNSChanger etc.)

12. Example of Phishing Emails Sent to Customers of U.S.-based Bank 13. Criminal Threats to Internet Users

  • Cyber Extortion
    • Recent trend in Health Care Services Industry
    • Threatening to use Social Networking power
    • Scareware/Fraudulent Antivirus Software
  • Phishing
    • Ongoing case with major U.S. banks, 350 subjects identified, over 50 in a cooperating foreign country
    • 2000 phishing transactions totaling $4 million
  • Botnets
    • Enable other criminal activity, Spam, distribution of additional Malware (Keyloggers, DNSChanger etc.)

14. Conficker Botnet

  • Estimated to Have Infected 7 to 15 million computers as of February 2010
  • Requires ongoing maintenance to keep caged
  • Could be any Botnet (Torpig, Coreflood, Mariposa) which drops malware

15. Example of Pervasive Malware Keylogger

  • Distributed via spam email, scareware or video codecs using social engineering techniques
  • Records all keystrokes of victim
  • Captures usernames, passwords, credit card numbers that victims type into webpages
  • Information is stored in a hidden text file, compressed and retrieved by hacker

16. Example of Non-Pervasive Malware DNS Changer

  • Also can be distributed via spam email, scareware or social engineering techniques
  • Modifies victims trusted Domain Name System (DNS) settings
  • Victim computers then unwittingly get their domain name resolution from a DNS server controlled by the badguy
  • Badguy then directs victim computers tohisservers running lookalike webpages (i.e., a counterfeit online banking webpage)
  • Victim unknowingly enters his banking credentials to what he thinks is the real webpage

17. Criminal Threats to Internet Users

  • ACH Transaction Fraud
    • Anyone with authority to pay, transfer funds, manage, control, or effect banking activity can be a victim
    • New attack vectors such as Malvertising
    • JabberZeus variant to compromise Two-Factor Authentication
  • Confederation of Cyber Criminal Organizations
    • The Web within the Web
    • Exchange of Tools for Criminal Activity
    • Distributed expertise among group members

18. Threats to Corporate Entities

  • Companies with financial databases are the targets of criminal hacker groups
  • Why?Thats where the money is!
  • andbetter work hours, large potential for return vs. risk, less chance of getting caught and/or shot than, say, being a drug dealer
  • Criminals perception that they can hide behind complex international laws

19.

  • 15,730 attempted transactions worth $10.2M
  • 14,544 successful transactions worth $9.7M
  • $9.4M (97%) was withdrawn on Nov 8 2008
  • 2,136 ATM terminals were accessed in over 28 countries

Scope of the Scheme Financial Services Intrusion 20. Cyber Terrorism

  • No full-scale cyber attacks.
    • DDoS
    • Defacements
  • Growing presence of terrorist organizations on the internet.
    • Internet being used not to just recruit or radicalize, but to incite.
  • Growing use of social networking sites tocollaborate and promote violence.

21. Counterintelligence and Economic Espionage

  • Espionage used to be spy vs. spy.
    • Today our adversaries can sit on the other side of the globe and have access to an entire network at their fingertips.
  • Who are they?
    • Nation-State Actors
    • Mercenaries for Hire
    • Rogue Hackers
    • Transnational Criminal Syndicates

22. Counterintelligence and Economic Espionage

  • What are they after?
    • Technology
    • Intelligence (Policy-maker decisions)
    • Intellectual Property
    • Military Weapons
    • Mi

Recommended

View more >