‘Cybercrime’

Bruce will talk about the current threat environment for business, and what individuals can do about it.

Previous Event: 14th March 2013

Cyber Crime By AngusKingston Licensed Creative Common Cyber Crime by AngusKingston Licenced Creative Common

‘Cybercrime’

Bruce has been investigating cybercrime for 10 years.

Bruce van der Graaf
Detective Inspector, Fraud & Cybercrime Squad

 CYBERCRIME

NOTES TAKEN FROM UBN SESSION

THURSDAY 14th MARCH 2013

Bruce van der Graaf a Detective Inspector, Fraud & Cybercrime Squad has worked as a Police Officer for 31 years, including 10 years in cyber crime.

Bruce gave us an insight into the potential threat of Cyber Crime to both business and our personal computers and provided us with some helpful hints to combat potential cyber threats.

The presentation included data on the scale of cyber crime with information quoted from a Trustwave (a leading provider of on-demand and subscription-based information security and PCI DSS compliance management solutions to businesses) “Executive Summary” taken from their 2013 Annual report.

The report detailed the types of threats and percentage increase for the different forms of cyber crime. These included-

25% Encryption sophistication. The use of encryption by attackers during data ex filtration is on the rise. Over 25% of all data was encrypted by cybercriminals

50% Memory scrapping. The most popular malware family was memory scraping. 20% of new case samples included memory scraping functionality and such activity was detected in 50% of investigations where associated malware had identifiable data collection functionality.

61% PDF files. Of all client side attacks, 61% targeted Adobe Reader Users via malicious PDF’s.

71% Black hole.  Versions of “Blackhole” exploit kit make up 70% of all client side attacks serving up zero day exploits

73% SQL and remote.  Always the two most noteworthy methods of intrusion. SQL injections and remote access made up 73% of the infiltration methods used in Y2012

Other points were-

The time from actual detection of a threat to actual inactivation/apprehension of the offender is on average 210 days. This is up 35 days from Y2011.

16 character passwords can be broken in 8 hours

The most popular form of computer hacking is through web applications, with a 400% increase in mobile malware particularly through the increased use of Androids.

Some malware is now near fully undetectable.

72% of SPAM contains malware. It is recommended a process is put in place to authenticate emails.

$12.3 Billion is netted from computer crime in a year with one third attributed to the Russians, mainly through online fraud using Trojans or Phishing Emails.

SPAM is the second biggest money earner.

DDOS is a process whereby criminals take down a user’s websites and then charge to have them restore the website. (Ransom Ware)

Man-in-the-browser (MITB, MitB, MIB, MiB), a form of Internet threat related to man-in-the-middle (MITM), is a proxy Trojan horse that infects a web browser by taking advantage of vulnerabilities inbrowser security to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application. A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or two or three-factor Authentication solutions are in place. A MitB attack may be countered by utilising out-of-band transaction verification, although SMS verification can be defeated by man-in-the-mobile (MitMo) malware infection on the mobile phone. (Wickipedia)

Cyber crime is commonly associated with espionage and extortion.

Examples of “phishing emails” are emails requesting you to authenticate Bank details.

Phone Porting 2FA two factor authentication – compromising the second factor

Malware – injection of script into a live session using Zeus, Spy Eye, Trojans etc.

Carding contributes to $120M in Credit card fraud. The Merchants lose money not the banks.

Criminals eliminate money transactions and money trails with cash alternative systems including Bitcoin and U/Kash. 

Bitcoin (sign: BTC) is a decentralized digital currency based on an open-sourcepeer-to-peer internet protocol. It was introduced by a pseudonymous developer named Satoshi Nakamoto in 2009.

U/Kash The U/Kash Virus is a colloquial nickname for a family of ransomware Trojans that display fraudulent police alerts, block you from using other applications and threaten you with legal action if you don’t pay a fee within a short time period. Preferred payment methods for this fine include Paysafecard and U/kash

A Commonwealth Government body set up to counter cyber crime is the Defence Signals Directorate (DSD) This body provides strategies to mitigate targeted cyber intrusions. Their website is ttp://www.dsd.gov.au/infosec/top35mitigationstrategies.htm

  Advice given to prevent cyber crime

Before down loading Applications (APPS) ensure the number of downloads exceeds >100,000. This is usually enough time to discover if there is malicious content and for Google to delete them.

PDF Files attachments and links from unknown sources should not be opened.

Non authentic emails are a major source of malware. If you don’t know the source, delete it.

Should your website be lost through cybercrime do not pay the criminals to have it restored. Try to do a system restore in safe mode or use your local Computer Technician. Make sure you backup remotely off line so data can be saved and not corrupted if the computer is compromised. (Advice from others not Bruce)

Intentionally limit access to specific internet sites. Bruce referred us to DNS.org

Opendns.com useful. A means of checking that the sites are not malicious and can also set content filters

Governments stay smart online http://www.staysmartonline.gov.au/ a useful site.

 Questions from the floor

Is Paywave safe? – Answer Yes

What is the purpose of the funny group of characters that you have to enter in when accessing some web sites? This is called capture text and it is to insure a person is accessing the website not a machine robot.

How does working in Cybercrime relate to you being a Christian?

Answer – You need to be careful you are not corrupted.

Be accountable to Christian friends

God’s process of grace is based on sound governance and good order which through my occupation I try to maintain.