1 / 26

Technological Crime

Technological Crime. Who Are We?. The Royal Canadian Mounted Police is the Canadian national police service. We are an agency of the Ministry of Public Safety Canada. The RCMP is a national, federal, provincial and municipal policing body.

jenny
Download Presentation

Technological Crime

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Technological Crime

  2. Who Are We? The Royal Canadian Mounted Police is the Canadian national police service. We are an agency of the Ministry of Public Safety Canada. The RCMP is a national, federal, provincial and municipal policing body. We provide federal policing service to all Canadians and policing services under contract to the three territories, eight provinces (except Ontario and Quebec) and more than 200 municipalities and 600 Aboriginal communities.

  3. Technological Crime mandate InvestigatePure Computer Crimes • Criminal offences detailed in OM.IV.1 • Primarily unauthorized access and mischief to data • CIP mandate Computer Investigative SupporttoTechnologically Facilitated Crimes • Any traditional crime assisted by information technologies • Search, seizure, analysis of digital evidence

  4. Service Delivery Structure

  5. The Cyber Crime Threat Why is it a problem? What is the nature of it? How is it evolving? What are our most successful techniques in combating this threat?

  6. Cost and Means of Attack Source: SA Robert Flaim FBI

  7. Why is it a problem? • Transnational nature of the Internet = vulnerability • Anonymous access to infrastructures via the Internet and SCADA • Interdependencies of systems make attack consequences harder to predict and more severe • Malicious software is widely available and does not require a high degree of technical skill to use • More individuals with malicious intent on Internet • New cyber threats outpace defensive measures

  8. Why is it a problem? • Threat not merely in the value of the data compromised, stolen, or altered, but in the nature of an attack. Ex: Damage from a cyber attack usually much greater than the resources needed to accomplish the attack. • Attacks aided by the anonymity, openness, connectivity, and speed of the Internet. • Ramifications include loss of confidence in the systems that form our national core.

  9. Cyberthreats • Due to the nature of globally interconnected networks, cyber attacks can be launched from anywhere in the world, with rapid cascading effects in multiple jurisdictions. • The extent of the cyber threat ranges from individuals and organizations to national security. • Estimates show that as few as 5% percent of cybercriminals are caught and convicted.* *Source:Mcafee: (McAfee North America Criminology Report - Organized Crime and the Internet 2007)

  10. Cyberthreats • Attacks against individuals often fall into two categories: • malicious software • social engineering. • Malicious software attacks compromise home and small business computers. Once infected, the malicious code harvests personal data while the user is online. • Social engineering attacks are aimed at home users and try to trick them into revealing sensitive personal information, such as bank logins and credit card details.

  11. Cyberthreats • Criminals are also targeting corporate networks to steal information, usually financial data, held on customer databases. • Successful hacking attacks on businesses can yield huge amounts of personal information which can then be easily exploited. • Since the possibility of attack is great and the volume of attackers is essentially limitless, without a defensive strategy, all users are potentially vulnerable over the Internet to criminals worldwide.

  12. Sophistication of Cybercrime • Simple Unstructured: Individuals or groups working with little structure, forethought or preparation • Advanced Structured: Groups working with some structure, but little forethought or preparation • Complex Coordinated: Groups working with advance preparation with specific targets and objectives.

  13. Attack Sophistication vs Intruder Knowledge Source: Carnegie Mellon University

  14. Threats and Capabilities

  15. Vulnerability Exploit Cycle Source: Carnegie Mellon University

  16. What is the nature of the threat? Technical Threats • How IT systems are configured/deployed (Speed & Convenience vs. security) • Some systems are highly vulnerable until the worst bugs in the software have been reported and corrected, which creates a window of opportunity for criminals to exploit these systems. • Blended Threats: Botnets/Malware/Viruses/etc

  17. How is the threat evolving? • The race between criminals to exploit data/systems before security measures protect it or law enforcement catches them. • Blended threats are expected to increase, especially within the following areas: - Exploitation frameworks and rootkits- BOT-NETS, Trojan-Horse malicious code- Increasingly Sophisticated Attacks- Wireless devices- Zero-day exploits- ID-Theft (Phishing)- “High-Yield” Investment Offers

  18. How is the threat evolving? • Blended threats continued: - Online “419” Schemes- Electronic Billing Fraud - Auction on Line/ Non Delivery of Goods- Targeted Attacks - Hackers- Child Exploitation- SCADA – Supervisory Control and Data Acquisition- Exploit process/software vulnerabilities for cash

  19. How is the threat evolving? Financially Motivated Cyber Crime • Digital currency ( theft/layering stage of the money laundering process) • Legislation • Anonymous • Borders • Internet Payment Systems • Online Banking • Online Casinos • Pre-paid Credit Cards

  20. Internal & External Drivers • Emerging 3rd generation of convergent communications device technologies • Increased criminal use of Internet • Increased public use of technology = increased demand for analysis • Enhanced use of security products & services • Capacity/proliferation of devices with increasing storage capabilities and continually shrinking electronic footprints (encryption & compression) • Development of new technologies (VHS vs. DVR)

  21. Internal & External Drivers • Complex tracking of identification and transactions • Jurisdiction/Nonexistent or differing laws • Speed of cooperation and information sharing • Private sector concerns re privacy/shareholders/solutions • Large scale investigations with multiple sites and suspects which can also cross international boarders

  22. MOST SUCCESSFUL TECHNIQUES Sharing information between government agencies, the private sector and the public • Canadian Cyber Incident Response Centre (CCIRC) • Cybertip.ca portal • Phonebusters • Strong networking / relationship building with our partners • Leveraging partnerships maximizing potential/minimizing duplication • NRCAN, Bell Security Solutions, ARIN • Combining Efforts to Combat Cyber Crime • Cyber Crime Council • Locally, Provincially, Nationally and Internationally • G8 – HTC Sub Committee, CACP E-crimes,etc

  23. MOST SUCCESSFUL TECHNIQUES • Focused Enforcement Strategies • Integrated Policing • Sharing of tools, techniques and/or best practices • Enhancing our communications strategy – internal and external • Continuous development: employees, tools and techniques • Continuously look to the future to identify trends & technology • Prevention and Public Education

  24. How can you help? • Observe • Identify • Notify • Partner = positive impact

  25. With ever increasing numbers, Canadians are embracing the internet. Only by working in partnership we can achieve the goal of making the Internet a safe community for Canadians.

  26. Insp. Carole BirdOIC Program Management Support ServicesTechnological Crime BranchRoyal Canadian Mounted Police(613)990-1353Carole.Bird@rcmp-grc.gc.ca

More Related