O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
A Scribd passará a dirigir o SlideShare em 1 de dezembro de 2020A partir desta data, a Scribd passará a gerenciar sua conta do SlideShare e qualquer conteúdo que você possa ter na plataforma. Além disso, serão aplicados os Termos gerais de uso e a Política de Privacidade da Scribd. Se prefira sair da plataforma, por favor, encerre sua conta do SlideShare. Saiba mais.
« Economic War » :
Operational fight against Immersive Fictitious Data
Architectures used during financial attacks (IFDA)
Associate professor in mathematics,
Associate researcher in cybersecurity - cyberdefence - CREC, Saint Cyr
1) How BEC scams became 2017’s most lucrative crime ….
2) IFDA Attacks (low level) - IFDA : Immersive Fictitious Data Architectures
3) IFDA Attacks (high level) - IFDA : Immersive Fictitious Data Architectures
4) How to fight IFDA used in financial Attacks (BEC Scams & HoaxCrash) ?
5) The Future of IFDA Attacks : AI, GANs, …. - Inside or outside the Matrix ?
1) How BEC scams became 2017’s
most lucrative crime ….
BEC SCAMS : Business Email Compromise & CEO Fraud
OUR MARKET – FINANCIAL & COGNITIVE CYBERCRIMINALITY
THE FAKE NEWS
1- False Wire Transfer Orders 2- HOAXCRASHES
False Wire Transfer Orders affect every kind of companies from every
kind of sector.
« President Frauds » consist in, as a crook, convincing the collaborator
from a company to transfer funds in emergency to a third to repond to
a supposed order from the director on the pretext of a debt to rectify,
an advance payment ou other.
Communication and press services from listed companies regularly
send press releases to specialised agencies. An attacker can look for
impersonate the communication service of the group imitating the
graphic chart of real releases, the homepage of the company website
and using the official logo of the group.
Fake News, financial and cognitive cybercriminality
Emmanuel Macron announces
a law project to struggle
against « fake news » on the
Le Parisien with AFP, 01/03/2018
« Fake news » : Facebook
takes part in a $14 millions
La Tribune, 04/03/2017
The struggle against fake
news is fundamental in
order to offer a relevant
environment to announcers.
Maurice Lévy, Publicis, 03/06/2018
Google is going to invest
$300M to struggle against
CONSEQUENCES MORE AND MORE
The goal of a financial or economical fake information
diffusion about a listed company is to trigger a Flash
Crash on the targeted equity.
10 minutes are largely enough to create a Flash Crash,
fraudulently speculate on the equity and generate a
profit of several millions of dollars.
« President Frauds », impressive sums of money
*According to the Justice Department (March 2017)
Since 2016 in tje USA (figure from FBI)
of french companies (considering
the 50K exporter SMB in France)
have been victim of at least one
fraud attempt in 2016.
(Euler Hermes study 2017)
Billions of dollars of damage from
of President frauds in the
USA since 2015.
Euler Hermes Report - BEC SCAMS 2018
Business Email Compromise – CEO Fraud
Immersive Fictitious Data Architectures (IFDA) - Financial Attacks Model
Attacker : Goal, Strategy S, Gain function to maximize
Attacker produces a series of actions : [ (AR1,AD1), (AR2,AD2), …… , (ARn,ADn) Goal or not]
where ARi is an action on physical space,
ADi is an action on cyberspace (sending mail, SMS, dataset, files, malware, html link, video, audio, text).
(AR2, AD2) = S < (AR1,AD1) ; (TR1,TD1) >
(AR3, AD3) = S < [(AR1,AD1)(TR1,TD1)(AR2,AD2)] ; (TR2,TD2) >
( ARk , ADk ) = S < [(AR1-AD1), (TR1,TD1), ….. , (ARk-1,ADk-1)] ; (TRk-1,TDk-1) >
Preserving the trust of the target in the sequence :
TRUST-TARGET < [(AR1-AD1), (TR1,TD1), ….. , (ARk-1,ADk-1), (TRk-1,TDk-1), (ARk, ADk) ] > = 1 (if 0 stop)
Preserving the consistency of the sequence :
CONSISTENCY < [(AR1-AD1), (TR1,TD1), ….. , (ARk-1,ADk-1), (TRk-1,TDk-1), (ARk, ADk) ] > = 1 (if 0 stop)
Maximize the IMMERSIVITY of the sequence
Target : Target produces (or not) a series of actions (physical space – cyberspace) : [ TR1-TD1, TR2-TD2, …… , TRn-
TDn,…. ] in response (or not) to the actions of Attacker.
BRM Attack – July 21 2015
1,6 Millions – Président
4) How to fight IFDA used in financial
Attacks (BEC Scams & HoaxCrash) ?
BLOCKCHAIN - AI SaaS
FAKE NEWSINITIAL SALE
THROUGH ALETHEION APP
Aletheion uses the best solution from the market, co-branded with RSA, in order to ensure a high
security level during the first authentication step to reach the Blockchain – AI interface.
Ledgerion is a PINPAD from RSA SecurID looking like a credit card
and encrypting users passwords to get an additional security level,
especially in environments considered with a high risk of electronic
5) The Future of IFDA Attacks : AI, GANs, ….
Inside or outside the Matrix ?
We will soon be faced with
sophisticated and credible
Immersive Fictitious Data
Architectures (IFDA). They
will rely on our cognitive
biases and on our
emotional and biological
weaknesses to deceive us
and to fully exploit the
"human factor" in attacks.
Inside the Matrix ? - Outside the Matrix ?
IFDA HUNTER – SécurIA Program Security A.I. Group – Hub FranceIA