Docstoc

cybercrime

Document Sample
cybercrime Powered By Docstoc
					An Executive Briefing




             Cybercrime



                        A Private Presentation, 9/16/05   1
Cyberspace 2005 : Growing Opportunities for Crime


•   1 billion people on Internet
•   10 Billion Web pages accessible on Internet
•   12% of global trade via Internet
•   7.7% of U.S. consumer spending
•   1.4+ Billion Internet Auctions
•   2.2+ Billion Google searches/month
•   2+ trillion U.S. e-mails/year



                   A Private Presentation, 9/16/05   2
  Who Are the Attackers?

 Hackers
  Robot Network Operators; Phishers; Malware Authors; Spam

 Criminals
   Impersonators; Fraud Operatives; Extortion Rackets

 Spies
  Insiders; Corporate Spies; Foreign Intelligence Services

 Terrorists
  Spooking Defenses; Denial of Service
                        A Private Presentation, 9/16/05       3
Part - 1



            Hackers

            Criminals
            Spies
            Terrorists




               A Private Presentation, 9/16/05   4
 Cops and
  Robbers
    Share
  Identical
Information




              A Private Presentation, 9/16/05   5
Tools are Readily Available




SOURCE: http://www.hackershomepage.com/

                     A Private Presentation, 9/16/05   6
Similar Catalogs Offer A Wide Range of Hacking Tools




                    A Private Presentation, 9/16/05    7
From Hackershomepage.com Advertisement


• 800b MSR206 MAGNETIC STRIPE CARD
  READER/WRITER
• THIS IS THE DEVICE EVERYONE HAS
  BEEN ASKING FOR.
• This device will allow you to change the
  information on magnetic stripe cards,
  on ALL 3 tracks.
• It will also allow you to write to new
  cards.


                  A Private Presentation, 9/16/05   8
From Hackershomepage.com Advertisement


• 701 COMPUTER KEYSTROKE GRABBER
• Use this device to capture ALL
  keystrokes on a computer including
  user name and password.
• Password will be in plain text and not
  echoed like "********". This device will
  grab email and system passwords.




                  A Private Presentation, 9/16/05   9
Partial List How to Make Virus and Criminal Software
123Mania         CoolWebSearch        Gratisware          MySearch            SearchWWW
2020Search       CrackedEarth         Httper              Naupoint            ShopAtHomeSelect
404Search        CustomToolbar        HuntBar             NavExcel            ShopNav
7FaSSt           Cytron               Hyperlinker         nCase               Sidesearch
AccessPlugin     DailyToolbar         IEAccess            NeoToolbar          SmartBrowser
ActualNames      DailyWinner          IEDriver            NetPal              SmartestSearch
ACXInstall       DialerActiveX        IEMonit             NetShagg            SpecialOffers
AdBreak          DialerMaker          IEPlugin            NetworkEssentials   SpyBlast
AdRoar           DialerOffline        IETray              NewDotNet           SRE
AdultBox         DialXS               IGetNet             NewtonKnows         StarDialer
AdultLinks       DownloadPlus         ILookup             NowBox              StripPlayer
Aornum           DownloadReceiver     InetSpeak           Onflow              SubSearch
AproposMedia     DownloadWare         InternetOptimizer   OnlineDialer        Supaseek
ASpam            E2Give               InternetWasher      PerfectNav          SuperBar
AutoSearch       EasySearchBar        IPInsight           PerMedia            SuperSpider
AutoStartup      Enconfidence         ISTbar              PowerStrip          Surfairy
BargainBuddy     eStart               KeenValue           Pugi                SVAPlayer
BDE              eXactSearch          Keywords            PurityScan          SvcMM
BookedSpace      ezCyberSearch        LinkReplacer        RapidBlaster        TargetSaver
BroadcastPC      ezSearching          lop                 RelatedLinks        TinyBar
BrowserAid       FastVideoPlayer      MagicControl        RichFind            ToolbarCC
BrowserToolbar   FavoriteMan          MarketScore         Roimoi              TopConverting
Bulla            FlashTrack           MasterDialer        SaveNow             TOPicks
ClearSearch      FreeScratchAndWin    MatrixDialer        SCAgent             TopText
ClickTheButton   FreshBar             MediaTickets        SearchAndBrowse     Transponder
ClientMan        GAMsys               MediaUpdate         Searchex            Tubby
CnsMin           Gator                Meridian            Searchfst           TVMedia
CometCursor      GlobalNetcom         MoneyTree           SearchRelevancy     UCmore
Comload          GogoTools            MoreResults         SearchSprint        UCSearch
CommonName       GrandStreet          MyPageFinder        SearchSquire        VistaBar
                              A Private Presentation, 9/16/05                              10
Password Cracking Tool




                   A Private Presentation, 9/16/05   11
Password Cracker Shopping List




                   A Private Presentation, 9/16/05   12
Example of Malware Marketplace




                   A Private Presentation, 9/16/05   13
Part - 2



            Hackers

            Criminals
            Spies
            Terrorists




               A Private Presentation, 9/16/05   14
What Is the Problem?



• 27.3 Million Americans in last five years were
  victims of identity theft.
• 57 Million of US adults who were recipients of
  attempts to steal their electronic identification.




                       A Private Presentation, 9/16/05   15
What’s the Corporate Cost of Cybercrime?


• $48 Billion total loss to businesses.
• $2.6 Billion writeoffs taken by on-line
  merchants in 2004. Equals 2% of sales.
• $5.8 Billion cost for business security.
• 75% of the losses caused by insiders.




                    A Private Presentation, 9/16/05   16
NYTimes,
6/18/05




           A Private Presentation, 9/16/05   17
A Long List of Known Compromises


• Loss of tapes by Citigroup, compromising 3.9 million
  accounts;
• Theft of account information by former employees of
  the Bank of America (108,000 accounts);
• Loss of 16,500 employees' details at MCI, stolen from
  laptop in a garage;
• Loss of back-up tapes containing 1.2 million charge
  card holder details at the Bank of America;
• Credit information about 145,000 accounts, stolen
  from Choicepoint, an information services company.


                   A Private Presentation, 9/16/05   18
How It Works (Simplified Version)


1. Bank issues credit card to Customer.
2. Customer pays Merchant with credit card.
3. Merchant passes credit card to Payment
   Processor.
4. Payment Processor approves Customer
   and gives OK to Merchant to deliver.
5. Payment Processor bills Bank.
6. Bank bills Customer.



                    A Private Presentation, 9/16/05   19
Points of Vulnerability

                 Customer Applies

              Bank Issues Credit Card

                Customer Uses Card               100+ Computers
                                               1,000+ Phone Links
              Merchant Receives Card              10+ Databases
                                               100M Lines of Code
                                                1,000+ Operators
         Payment Processor Receives Card
                                               10,000+ Maintainers

            Payment Processor Bills Bank

                   Customer Pays 9/16/05
                     A Private Presentation,               20
Impersonation (Identity Theft) Statistics


• 700,000 identity theft victims a year.
• Most learn about identity theft 12
  months after it has occurred.
• More than half of victims report their
  cases have been opened an average of
  44 months.
• Victims report they've spent an average
  of 175 hours actively trying to clear
  their names.


SOURCES: FTC Clearinghouse Report, FBI Law Enforcement Bulletin and Security Management Magazine
                                A Private Presentation, 9/16/05                             21
Phishing


• Setting up a fake store front that looks
  like the real one to trick people; usually
  to steal their personal information.
• 20 million+ attacks/month
• Named after Brien Phish who set up a
  credit card scam in the 1980s over the
  phone by pretending to be from the
  credit card company.




               A Private Presentation, 9/16/05   22
Pharming


• A message to a bank is redirected to an
  address that the user did not intend.
• Usually done to extract personal
  information from the user into the
  hands of a hacker.




              A Private Presentation, 9/16/05   23
Spear Phishing


From: NAVY.MIL E-MAIL SERVER
   HTTP:/WWW.NAVY.MIL
   COMNAVSURFLANT

1. MAIN MAILING SERVER WILL BE UNAVAIBLE
   FOR NEXT TWO DAYS.
2. TO CONTINUE RECEIVING MAIL YOU HAVE TO
    CONFIGURE AUTO-FORWARDING SERVICE.
3. FILL ATTACHED FORM MIL-005698/135.2



                 A Private Presentation, 9/16/05   24
Fake Security Message




                   A Private Presentation, 9/16/05   25
A Fake Security Checkup




                    A Private Presentation, 9/16/05   26
Invitation to Commit a Criminal Act




                     A Private Presentation, 9/16/05   27
Organization to Exploit Identify Theft (The ShadowCrew Case)

              Enforcers (2-6)                     Make sure payments are made


                                                   Administer Discussion “Forums”
            Moderators (12-24)                     offer “Tutorials”. Organize.

                                                   Examine offerings, Evaluate
              Reviewers (100+)                     $ gains, Post Reviews


                                                    Acquire identity sources,
             Sellers (100 - 200)                    Advertise and deliver
                                                    “merchandise”,

                                                    Conversion to and from
           Money Launderers (few)                   Electronic credits to cash.
                      A Private Presentation, 9/16/05                         28
Sale of Credit Cards


• Forum.carderplanet.net offered credit cards.
• USD $200.00 - 300 USA credit cards without cvv2
  code: credit card number, exp. day. cardholder billing
  address,zip,state).
• USD $200.00 - 50 USA credit cards with cvv2 code:
  credit card number, exp. day. cardholder billing
  address & CVV code from the back side of the card).
• Also cards with SSN+DOB at $40 each.
• Minimal deal $200



                       A Private Presentation, 9/16/05   29
Part - 3



            Hackers
            Criminals

              Spies
            Terrorists




                A Private Presentation, 9/16/05   30
Parasitic Software


Spyware: Software that leaks information to a
  third party.
Adware: Software that shows advertising
  materials to its user.
Browser Hijackers: Software that changes
  browser settings to point users elsewhere.
Backdoors: Software that can cause other
  untrusted software to be installed.
Cookies: A record about browser searches.


                     A Private Presentation, 9/16/05   31
Worms


• A computer Worm is a self-replicating
  computer program.
• A Worm is self-contained and and can self-
  reproduce itself to other computers.
• A common payload is to install a Backdoor
  into the infected computer to convert them to
  Zombies.




                 A Private Presentation, 9/16/05   32
Zombie Computer


• A zombie computer performs malicious tasks
  under the direction of the hacker.
• Owners are unaware.
• Over 50% of all spam worldwide is now sent
  by zombies.




                  A Private Presentation, 9/16/05   33
Spyware


Spyware Worms have the ability to self-
 replicate without a host program and send
 information from a computer to a third party
 without the user's permission or knowledge.




                A Private Presentation, 9/16/05   34
    Flaws in Cyber-Crime Protection


•   Banks pass risks to merchants;
•   Credit cards easy to get;
•   Privacy laws inhibit fraud detection;
•   Audits only of financial assets, not data integrity,
•   Software firms have no liability;
•   Legal protection of cyber-crime insufficient;
•   FBI has totally insufficient resources;
•   Apprehension and then prosecution very hard.




                         A Private Presentation, 9/16/05   35
Prosecution is Not a Deterrent


Nigeria Woman in $242M E-mail Fraud Case

LAGOS (Reuters)—A Nigerian court has
sentenced a woman to two and half years in jail
…and a $15,000 fine.




                     A Private Presentation, 9/16/05   36
Do Not Expect Help




                     A Private Presentation, 9/16/05   37
Part - 4



            Hackers
            Criminals
            Spies

              Terrorists


                A Private Presentation, 9/16/05   38
What is Cyber-Terror?


• Terrorism is violence to intimidate or coerce
  the target.
• Objectives are primarily political and social or
  economic in case of extortion.
• Cyber-terror is the exploitation of computing
  for acts of terrorism.




                    A Private Presentation, 9/16/05   39
Global View
of Internet
Connectivity




               A Private Presentation, 9/16/05   40
                                           USA
US Internet Backbone Concentrated in a Few Switches




                    A Private Presentation, 9/16/05   41
Current Prospects


• Rising U.S. dominance in world trade.
• U.S. information superiority.
• Rapidly escalating anti-U.S. hostility.
• Military actions combined with cyberterrorism
  acts.
• Damage U.S. economic power and
  functioning of the U.S. civil society through
  cyberterrorism.




                    A Private Presentation, 9/16/05   42
A Cyber-Terror List


•   Stop trading on Stock Exchanges
•   Interrupt VISA processing
•   Corrupt Medicare/Medicaid Database
•   Prevent payments of Social Security
•   Disable Motor Vehicle registration data
•   Damage Internet Routing Tables
•   Deny Internet access to the Military



                      A Private Presentation, 9/16/05   43
Data on Detected Attacks on the Department of Defense

                                    80,000
   Number of Cyber-attacks on DoD


                                    70,000

                                    60,000

                                    50,000

                                    40,000

                                    30,000

                                    20,000

                                    10,000

                                        0
                                             1997 1998 1999 2000 2001 2002 2003 2004

                                                    A Private Presentation, 9/16/05    44
  Advice




Learn How to Operate in Cyberspace




             A Private Presentation, 9/16/05   45
Deploy a Spam and Malware Catchers




                   A Private Presentation, 9/16/05   46
1,333 Intruders Caught in one Week




                      A Private Presentation, 9/16/05   47
Allow only Approved Senders to Pass Through




                    A Private Presentation, 9/16/05   48
Use Rapidly Changing Passwords




                   A Private Presentation, 9/16/05   49
Keep 495 Members of InfraGard in Connecticut Informed




                                                                  QuickTime™ and a
                                                        TIF F (Uncompressed) decompressor
                                                           are needed to see this picture.




  https://secure.infragard-ct.org/
                      A Private Presentation, 9/16/05                                50