9. The internal risk
Fired system administator in courier company
Hard working IT in financial institution
Dancing cursor in security firm
Theft of PCs in R&D department of company
Social conflict DDOS attacks on e-commerce
10.
11. Recent cyber crime targetting firms
Spyware / trojan horses / remote admin
Botnet attacks
Espionage
Identity fraud (phishing – spear phishing)
getting your customers identity information : CO2
Fraudulent business proposals via Internet
Buying your goods with forged cheques
False escrow payment services (thrusted third parties)
Nigerian waste recycling => your old pc’s & harddisks
14. Phishing and money mules Victim
John DOE
2
Password
userid
Phishing site
3 Transfert
order Bank site
Bank John Doe
1
Contract as
“Financial manager”
4
Bank Money Mule
6 5
Money
Jefke Mule
16. Webserver / node
Computer
Crash
Hacker
Internet
Info Access line
Cmd blocked
My IP is x.y.z.z
Command and
Control Server
Botnet attack on a webserver / node
17. How do I get infected ?
The hacker sending a Trojan Horse (= container program)
to the victim PC via
E-mail (spam, ...)
Peer2peer (Kazaa, bitorrent,...)
Chat (IRC, MSN, ...)
Auto infection of the victim PC by visiting websites containing
infecting scripts abusing OS vulnerabilities
Auto propagation of the malware from zombies towards
neighbouring PCs in network abusing OS vulnerabilities
The infection procedure often connects to
update server to download new versions to the zombie
19. Why ? Making money !
Sometimes still for fun (scriptkiddies)
Spam distribution via Zombie
Click generation on banner publicity
Dialer installation on zombie to make premium rate calls
Spyware installation
Espionage => banking details / passwords / keylogging
Ransom bot => encrypts files => money for password
Capacity for distributed denial of service attacks DDOS
=> disturb functioning of internet device (server/router)
28. Who is threating us ?
Script kiddies
Insider ICT guy in your company
Loosely organized criminals
Firmly organized criminal groups
Terrorists / hacktivists
Nation warfare troups
Undergroud economy platform for selling &
buying criminal services and products
29. Firmly organized criminals
We see more and more organization
in the criminal activity on the internet
Focussed on financial intent
Cooperation with moneylaunderers
Different specialisations
recruting persons – ICT development – handling money
Infiltration in or taking over legal businesses
(development firms, operators, ...)
30. Terrorist / hacktivists
No financial intent
Political / social objectives
Attack and create chaos and disaster
Destabilize economy and society
Might take their time to prepare ...
Or set up actions very quickly (social networks)
45. Contact information
Belgian Federal Judicial Police
Direction for economical and financial crime
Federal Computer Crime Unit
Notelaarstraat 211 - 1000 Brussels – Belgium
Tel office : +32 2 743 74 74
Fax : +32 2 743 74 19
Head of Unit : luc.beirens@fccu.be
Central Internet Contact Point : www.ecops.be