1 / 36

C0c0n 2014 23 August 2014 Dinesh O Bareja

Pains & Prizes Pride & Prejudice of Collaboration. @God’s Own Country in the year 2014. C0c0n 2014 23 August 2014 Dinesh O Bareja. Enhancing collaboration to counter cybercrime in the world of virtual realities and Social media. Disclaimer.

hasad-grimes
Download Presentation

C0c0n 2014 23 August 2014 Dinesh O Bareja

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pains & Prizes Pride & Prejudice of Collaboration @God’s Own Country in the year 2014 C0c0n 2014 23 August 2014 Dinesh O Bareja

  2. Enhancing collaboration to counter cybercrime in the world of virtual realities and Social media

  3. Disclaimer.. Problems, issues, solutions are indicative and not finite The reason is that if one gets down to brass tacks, the list can go on and on…

  4. Internet Clichés The world is a global village Level playing field (was said about business but also applies to criminals and cops) Non-existent Borders or Jurisdiction Anonymity

  5. A little more of general stuff…. There’s more to cybercrime under the hood

  6. Unfortunate Truisms of Kal-YugAaj-Yug Cybercrime is BIG business and is highly profitable Whether it is ethical or unethical EYE OPENERS The Bottomline, Topline, Middle line Or … any line… is..

  7. Yes… cybercrime can beEthical or Unethical If it is ethical it (may) mean it is legal then how can we call it a crime

  8. Legal Crimes The IT Act requires a body corporate to have “reasonable security” in place By law an ISO certification will suffice which I buy in the open market Government or private organizations do not disclose the extent of damage in event of a cybercrime – collusion ? Abetment ? Shame ?

  9. Legal Crimes Complaints are dropped once an informal investigation is done – usually the complainant does not want to proceed Will we let go of a person who has attacked another with a gun or knife

  10. Legal Crimes Body corporate has to have “reasonable” security in place! ISO Certification is available for sale off the shelf Organizations authorize hackers to exploit their systems. Will someone ‘authorize’ a bomb explosion too

  11. Legal Crimes Companies and Government bodies do not disclose when they have been hacked – can they desist if money has been stolen thus hiding a crime LEA usually drops investigation on the request of the complainant!

  12. Yes It is a different worldIt has changed It is still changing (exponentially) Are we keeping pace?No!!

  13. Cybercrime is not a cause for concern because it is growing exponentially But… because it can be the cause of frustration, anger and other stress disorders in the LEA EYE OPENERS

  14. Excluded from this talk And we do not want to talk about capacity, capability and such challenges as this is not within the scope of this talk / topic / panel

  15. What is needed Breakaway from conventional thinking Move at speed Empower team members Accept reality / need of transparency…

  16. & How can we do this… Adopt the open source philosophy to give unconditionally – your goodwill will always come around to you COLLABORATE SHARE Make your expertise, information, intelligence, resources, tools available across the country and taste Glory! BENEFIT & SUCCEED Reap the benefit of the information and expertise received through the sharing mechanism

  17. Enhancing collaboration to counter cybercrime in the world of virtual realities and Social media

  18. Let me get back to the topic of the day…

  19. Inability to continue investigation due to non-availability of cross-border information Lack of knowledge of modus operandi for a crime which may have happened elsewhereMLAT works at the speed of carrier pigeons Pain

  20. Global Pain Too many stakeholders The process is convoluted, long and frustrating Trained manpower, access to technology, budget constraintsTone-at-the-top

  21. The normal lifecycle of a cybercrime investigation • Crime Perpetrated • Starts Investigation • Discovers IP Address • Obtains Evidence • Stop Investigation • There’s hope • File Papers • Go Home • Identifies Modus Operandi • Report Lodged Domestic International This is illustrative and does not purport to be the actual / complete lifecycle

  22. The Solution of collaboration

  23. Collaborative Relationships Directory of primary ‘intermediary’ organizations Relationships with International LEA, CERT, Intelligence, Home, Judiciary A central agency which will act as a clearing house (e.g. CyberDome) Sharing…. - Advisories - Crime Information - Cybercriminal Profiles - Modus Operandi - Technology advances Partnership Framework

  24. How can this work

  25. International Anti-Cybercrime Exchange Information is provided back to the national agency which will update the domestic system and investigation can come to close Also facilitate collaborative investigations, arrests or actions A central agency which will act as a clearing house and contribute information and intelligence to the Exchange

  26. Single window communicationCredibility established at both endsJudicial acceptabilityQuick resolutionno more Pain! PRIZE

  27. The Collaboration Case Charity begins at home Cyber Dome can bring all states on one platform and establish an international example Central Information Request Agency at national level for communication

  28. Why should I share my information or techniqueThis is my idea or innovationThe medal is mineThis was to have been my moment of glory PRIDE & PREJUDICE

  29. At Present.. Who is working in the domain of international anti-cybercrime At the forefront… Microsoft, Facebook, Google and other technology majors

  30. Concluding notes and words..

  31. The problem Cross Border Crimes Non availability of information No proactive policing (pre-cog) Differing protocols and laws Multiple LEAs Corporate challenges of ISP EYE OPENERS

  32. The Dangers Ahead Internet of Things Mobile technology Dis-satisfied young geeks Easy availability of mal-tools Easy availability of targets Continued practice of LEA transfers Keeping your head in the sand My daddy strongest attitude

  33. The Dangers Ahead

  34. A sucker will keep being born every minute & fools will continue to be easily parted with their money Both add to the burden of LEA through their participation in scams and crimes as primary victims! A final EYE OPENER

  35. Dinesh O Bareja Lving Information Security • Contact Information: • E: dinesh@opensecurityalliance.org • T: +91.9769890505 • T: @bizsprite • F: dineshobareja • L: http://in.linkedin.com/in/dineshbareja

  36. Thank You !

More Related