A Private Presentation, 9/16/051 An Executive Briefing Cybercrime.

A Private Presentation, 9/16/05

1

An Executive Briefing

CybercrimeCybercrime


2

Cyberspace 2005 : Growing Opportunities for Crime

• 1 billion people on Internet• 10 Billion Web pages accessible on Internet• 12% of global trade via Internet• 7.7% of U.S. consumer spending • 1.4+ Billion Internet Auctions• 2.2+ Billion Google searches/month• 2+ trillion U.S. e-mails/year


3

Who Are the Attackers?

HackersRobot Network Operators; Phishers; Malware Authors; Spam

Criminals Impersonators; Fraud Operatives; Extortion Rackets

SpiesInsiders; Corporate Spies; Foreign Intelligence Services

TerroristsTerroristsSpooking Defenses; Denial of Service


4

Part - 1

Hackers

Criminals

Spies

TerroristsTerrorists


5

Cops andRobbersShare

IdenticalInformati

on


6

Tools are Readily Available

SOURCE: http://www.hackershomepage.com/


7

Similar Catalogs Offer A Wide Range of Hacking Tools


8

From Hackershomepage.com Advertisement

• 800b MSR206 MAGNETIC STRIPE CARD READER/WRITER

• THIS IS THE DEVICE EVERYONE HAS BEEN ASKING FOR.

• This device will allow you to change the information on magnetic stripe cards, on ALL 3 tracks.

• It will also allow you to write to new cards.


9

From Hackershomepage.com Advertisement

• 701 COMPUTER KEYSTROKE GRABBER• Use this device to capture ALL keystrokes on a computer including user name and password.

• Password will be in plain text and not echoed like "********". This device will grab email and system passwords.


10

Partial List How to Make Virus and Criminal Software


11

Password Cracking Tool


12

Password Cracker Shopping List


13

Example of Malware Marketplace


14

Part - 2

Hackers

Criminals Spies

TerroristsTerrorists


15

What Is the Problem?

• 27.3 Million Americans in last five years were victims of identity theft.

• 57 Million of US adults who were recipients of attempts to steal their electronic identification.


16

What’s the Corporate Cost of Cybercrime?

• $48 Billion total loss to businesses.• $2.6 Billion writeoffs taken by on-line

merchants in 2004. Equals 2% of sales.• $5.8 Billion cost for business security.• 75% of the losses caused by insiders.


17

NYTimes, 6/18/05


18

A Long List of Known Compromises

• Loss of tapes by Citigroup, compromising 3.9 million accounts;

• Theft of account information by former employees of the Bank of America (108,000 accounts);

• Loss of 16,500 employees' details at MCI, stolen from laptop in a garage;

• Loss of back-up tapes containing 1.2 million charge card holder details at the Bank of America;

• Credit information about 145,000 accounts, stolen from Choicepoint, an information services company.


19

How It Works (Simplified Version)

1. Bank issues credit card to Customer.2. Customer pays Merchant with credit card.3. Merchant passes credit card to Payment

Processor.4. Payment Processor approves Customer

and gives OK to Merchant to deliver.5. Payment Processor bills Bank. 6. Bank bills Customer.


20

Points of Vulnerability

Customer Applies

Bank Issues Credit Card

Customer Uses Card

Merchant Receives Card

Payment Processor Receives Card

Payment Processor Bills Bank

Customer Pays

100+ Computers1,000+ Phone Links

10+ Databases100M Lines of Code1,000+ Operators

10,000+ Maintainers


21

Impersonation (Identity Theft) Statistics

• 700,000 identity theft victims a year.

• Most learn about identity theft 12 months after it has occurred.

• More than half of victims report their cases have been opened an average of 44 months.

• Victims report they've spent an average of 175 hours actively trying to clear their names.

SOURCES: FTC Clearinghouse Report, FBI Law Enforcement Bulletin and Security Management Magazine


22

Phishing

• Setting up a fake store front that looks like the real one to trick people; usually to steal their personal information.

• 20 million+ attacks/month• Named after Brien Phish who set up a credit card scam in the 1980s over the phone by pretending to be from the credit card company.


23

Pharming

• A message to a bank is redirected to an address that the user did not intend.

• Usually done to extract personal information from the user into the hands of a hacker.


24

Spear Phishing

From: NAVY.MIL E-MAIL SERVERHTTP:/WWW.NAVY.MILCOMNAVSURFLANT

1. MAIN MAILING SERVER WILL BE UNAVAIBLE FOR NEXT TWO DAYS.

2. TO CONTINUE RECEIVING MAIL YOU HAVE TO CONFIGURE AUTO-FORWARDING SERVICE.

3. FILL ATTACHED FORM MIL-005698/135.2


25

Fake Security Message


26

A Fake Security Checkup


27

Invitation to Commit a Criminal Act


28

Organization to Exploit Identify Theft (The ShadowCrew Case)

Enforcers (2-6) Make sure payments are made

Moderators (12-24)Administer Discussion “Forums” offer “Tutorials”. Organize.

Reviewers (100+)Examine offerings, Evaluate$ gains, Post Reviews

Sellers (100 - 200)Acquire identity sources, Advertise and deliver“merchandise”,

Money Launderers (few)Conversion to and from Electronic credits to cash.


29

Sale of Credit Cards

• Forum.carderplanet.net offered credit cards. • USD $200.00 - 300 USA credit cards without cvv2

code: credit card number, exp. day. cardholder billing address,zip,state).

• USD $200.00 - 50 USA credit cards with cvv2 code: credit card number, exp. day. cardholder billing address & CVV code from the back side of the card).

• Also cards with SSN+DOB at $40 each. • Minimal deal $200


30

Part - 3

Hackers

Criminals

Spies TerroristsTerrorists


31

Parasitic Software

Spyware: Software that leaks information to a third party.

Adware: Software that shows advertising materials to its user.

Browser Hijackers: Software that changes browser settings to point users elsewhere.

Backdoors: Software that can cause other untrusted software to be installed.

Cookies: A record about browser searches.


32

Worms

• A computer Worm is a self-replicating computer program.

• A Worm is self-contained and and can self-reproduce itself to other computers.

• A common payload is to install a Backdoor into the infected computer to convert them to Zombies.


33

Zombie Computer

• A zombie computer performs malicious tasks under the direction of the hacker.

• Owners are unaware.• Over 50% of all spam worldwide is now sent

by zombies.


34

Spyware

Spyware Worms have the ability to self-replicate without a host program and send information from a computer to a third party without the user's permission or knowledge.


35

Flaws in Cyber-Crime Protection

• Banks pass risks to merchants;• Credit cards easy to get;• Privacy laws inhibit fraud detection;• Audits only of financial assets, not data integrity, • Software firms have no liability;• Legal protection of cyber-crime insufficient;• FBI has totally insufficient resources;• Apprehension and then prosecution very hard.


36

Prosecution is Not a Deterrent

Nigeria Woman in $242M E-mail Fraud Case

LAGOS (Reuters)—A Nigerian court has sentenced a woman to two and half years in jail

…and a $15,000 fine.


37

Do Not Expect Help


38

Part - 4

Hackers

Criminals

Spies

Terrorists


39

What is Cyber-Terror?

• Terrorism is violence to intimidate or coerce the target.

• Objectives are primarily political and social or economic in case of extortion.

• Cyber-terror is the exploitation of computing for acts of terrorism.


40

Global Viewof InternetConnectivity

USA

Europe

Asia


41

US Internet Backbone Concentrated in a Few Switches


42

Current Prospects

• Rising U.S. dominance in world trade.• U.S. information superiority.• Rapidly escalating anti-U.S. hostility.• Military actions combined with cyberterrorism

acts.• Damage U.S. economic power and

functioning of the U.S. civil society through cyberterrorism.


43

A Cyber-Terror List

• Stop trading on Stock Exchanges• Interrupt VISA processing• Corrupt Medicare/Medicaid Database• Prevent payments of Social Security• Disable Motor Vehicle registration data• Damage Internet Routing Tables• Deny Internet access to the Military


44

Data on Detected Attacks on the Department of Defense

1997 1998 1999 2000 2001 2002 2003 20040

10,000

20,000

30,000

40,000

50,000

60,000

70,000

80,000


45

Advice

Learn How to Operate in Cyberspace


46

Deploy a Spam and Malware Catchers


47

1,333 Intruders Caught in one Week


48

Allow only Approved Senders to Pass Through


49

Use Rapidly Changing Passwords


50

Keep 495 Members of InfraGard in Connecticut Informed

QuickTime™ and aTIFF (Uncompressed) decompressorare needed to see this picture.

https://secure.infragard-ct.org/

A Private Presentation, 9/16/051 An Executive Briefing Cybercrime.

Documents

Transcript of A Private Presentation, 9/16/051 An Executive Briefing Cybercrime.