Teodor Cimpoesu - Crimeware& Botnets - The International Criminal Law Conference
29
Cibercriminalitate : crimeware & botnets INTERNATIONAL CRIMINAL LAW CONFERENCE, BABES-BOLYAI UNIVERSITY, FACULTY OF LAW CRIMES, CRIMINALS AND THE NEW CRIMINAL CODES: ASSESSING THE EFFECTIVENESS OF THE LEGAL RESPONSE Teodor Cimpoesu Senior Security Consultant 28.03.2014
-
Upload
teodor-cimpoesu -
Category
Technology
-
view
162 -
download
1
description
A presentation dedicated to Romanian Law Enforcement agents (prosecutors, policemen, intelligence officers). Provides a parallel between known organised crime, the thinking of those who must combat it, and cyber crime. Moreover, it has aggravating factors as new means of money laundry and anonymity, cross-border investigations complexity and lack of technical competency. Closes with a perspective of how modern technology shapes and changes the way we live, and a call for them to acknowledge that they are called responsible to protect us. Presentation in Romanian.
Transcript of Teodor Cimpoesu - Crimeware& Botnets - The International Criminal Law Conference
Cibercriminalitate: crimeware & botnetsINTERNATIONAL CRIMINAL LAW CONFERENCE, BABES-BOLYAI UNIVERSITY, FACULTY OF LAW
CRIMES, CRIMINALS AND THE NEW CRIMINAL CODES: ASSESSING THE EFFECTIVENESS OF THE LEGAL RESPONSE
Teodor CimpoesuSenior Security Consultant
28.03.2014
Agenda
① Crima organizata
② Cibercriminalitatea
③ Ecosistemul Crimeware
④ Combatere
⑤ Ce urmeaza
Crima organizata
1
Banda Grup Organizatie Sindicat Cartel Consortiu
“Organised crime’s infiltration in the legitimate private economy: An empirical network analysis approach”, STEFANO GURCIULLO
“It seems that Italian mafias registered €135 billion only in 2010”
(SOS Impresa, 2010)
PIB-ul Romaniei in 2013 ~ 145 miliarde
Cibercriminalitatea2
Mirela
Mirela
Cate SI ati vazut?
Toate! a) prin sistem informatic se înțelege orice dispozitiv sau ansamblu de dispozitive interconectate sau aflate în relație funcțională, dintre care unul sau mai multe asigură prelucrarea automată a datelor, cu ajutorul unui program informatic;
b) prin prelucrare automată a datelor se înțelege procesul prin care datele dintr-un sistem informatic sunt prelucrate prin intermediul unui program informatic;
c) prin program informatic se înțelege un ansamblu de instrucțiuni care pot fi executate de un sistem informatic în vederea obținerii unui rezultat determinat;
d) prin date informatice se înțelege orice reprezentare a unor fapte, informații sau concepte într-o formă care poate fi prelucrată printr-un sistem informatic. în această categorie se include și orice program informatic care poate determina realizarea unei funcții de către un sistem informatic;
Sistem informatic
Dispozitiv / Ansamblu
Program informatic
Date informatic
e
Reprezentare
informatii
“Serious” Crime
Baking Trojans
Furt date card
Botnets
DDoS - santaj
Furt de identitate
“UnSerious” Crime
Spam
Malvertising
Furt date personale
Bitcoin mining
Very Serious Crime
UnSerious Crime? Hacking
Furt baza de date
Fake AV
Spyware
Scareware
Malware
Ecosistemul Crimeware
3
Botnets
Grad decentralitate?
Moneda virtuala / Bitcoins
Prima moneda bazata pe algoritmi criptografici
P2P – peer to peer = eliminarea nodurilor centrale administrative
Nu au sustinere in valoare reala echivalenta (e.g. aur). Sunt create prin “minare”, ceea ce le da valoarea
Sunt pastrate in digital wallets si tranferate prin criptografie asimetrica
SilkRoad – FBI confisca $28M in bitcoins
MtGox – site spart si fraudat, paguba de $470M
Interzis in Rusia
Interzis in China (stire 28.03)
2014 – arestari de operatori pentru spalare de bani (US)
Peste 150 de familii de malware care vizeaza furtul sau minarea de bitcoin
Bitcoin peste TOR = anonimizarea tranzactii
“”
Within the FBI, we are targeting high-level intrusions—the biggest and most dangerous botnets, state-sponsored hackers, and global cyber syndicates. We want to predict and prevent attacks rather than reacting after the fact
JAMES COMEY, FBI DIRECTOR
“The Impact of Cybercrime and Cyber Espionage” McAfee, Center for Strategic and International Studies July 2013
Combatere4
“”
Within the FBI, we are targeting high-level intrusions—the biggest and most dangerous botnets, state-sponsored hackers, and global cyber syndicates. We want to predict and prevent attacks rather than reacting after the fact.
JAMES B. COMEY, FBI DIRECTOR
Cybercrime > Terorism
Abordare cyber-securitate
Prevenire Perimetrizare
Segregarea accesului
Covert channels
Criptare
Urmarire & Combatere Offensive investigations
Threat intelligence
Network forensics
Guerilla disruptive tactics
Docrtrina militaraTactici militare
Analiza IntelligenceServicii informatii
Investigare crima organizataMetodologie criminalistica
Cunostinte vs competente
Competente Investigare atacuri
Analiza malware si derivare intel
Internet forensics
Supraveghere informatica
Monitorizare grupuri infractionale
…
Sisteme, Servicii & Unelte Evaluare stare de securitate a SI
Analiza automata de malware
Analiza si monitorizare botnets
Actiuni ofensive/non-ofensive de atribuire
Furnizare Threat Intelligence
Analiza BigData de corelare
Analiza comunicatii si dinamica atacuri
…
Ce urmeaza5
Mirela
Mirela
Cate dintre tehnologii exista deja?
TOATE!
Imagini/Referinte
http://www.jocelynbainhogg.eu/
http://www.nature.com/nbt/journal/v30/n5/full/nbt.2213.html
Surce: http://www.ucl.ac.uk/jdi/events/int-CIA-conf/ICIAC12_slides/ICIAC12_1A_SGurciullo
Img: http://upload.wikimedia.org/wikipedia/commons/c/cf/Sarah_Stock.jpg
http://www.theipadnews.com/wp-content/uploads/2011/10/iPad-for-kids-in-car.jpg
http://www.dw.de/image/0,,17156166_303,00.jpg
http://www.incrediblethings.com/wp-content/uploads/2012/09/weather-toaster.jpeg
http://www.fbi.gov/wanted/cyber
http://usa.kaspersky.com/files/images/InternetSecurityCenter/030Infographics/KasperskyLab-Inforgaphic_Botnet-10-180725.png
http://www.blacklotus.net/learn/about-ddos-attacks
http://www.securelist.com/en/analysis?pubid=204792095
http://ronnierocket.com/2013/05/14/visualizing-how-a-bitcoin-transaction-works/
http://www.globalinitiative.net/wpfb-file/csis-the-impact-of-cybercrime-and-cyber-espionage-july-2013-pdf/
