strategic management of cybercrime making crime pay
Download
Skip this Video
Download Presentation
Strategic Management of Cybercrime Making Crime Pay

Loading in 2 Seconds...

play fullscreen
1 / 18

Strategic Management of Cybercrime Making Crime Pay - PowerPoint PPT Presentation


  • 153 Views
  • Uploaded on

Strategic Management of Cybercrime Making Crime Pay. A/Prof Paul A. Watters Research Director ICSL. Overview. Use business planning activities to interpret current cybercrime tactics within a strategic context Understand the key drivers for management in cybercrime organisations

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Strategic Management of Cybercrime Making Crime Pay' - joylyn


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
strategic management of cybercrime making crime pay

Strategic Management of Cybercrime Making Crime Pay

A/Prof Paul A. Watters

Research Director ICSL

overview
Overview
  • Use business planning activities to interpret current cybercrime tactics within a strategic context
  • Understand the key drivers for management in cybercrime organisations
  • Predict how new threats to cybercrime might change or curtail future organisational planning
business planning
Business Planning
  • Cybercrime organisations are like any other business
    • What cash return is sought by their investors?
      • ROI
    • What are the (non-cash) critical success factors?
      • Risk management – threat of arrest, seizure of capital
business planning1
Business Planning
  • How do we know they operate like a business?
business analysis steps
Business Analysis Steps
  • What do we do?
  • To whom do we do it?
  • How do we do it?
  • How can we beat or avoid competition?
what do we do
What do we do?
  • Goal is to maximise revenue through fraud
    • Identify most vulnerable targets
      • The unemployed or desperate
    • Identity schemes which maximise return but minimise risk
      • Low or nil cost to operate, minimal risk of detection or arrest
    • Scheme proceeds laundered through legitimate businesses
      • Cheque cashing fraud, mules
to whom do we do it
To whom do we do it?
  • Identify asset-rich countries with sophisticated banking systems
    • Must have easy means to “cash out”
    • Attack launched from countries with no extradition treaty with target
    • Local “protection” from government, police, legitimate business as cover etc
    • Individual loss < minimum thresholds for investigation (no loss aggregation)
how do we do it
How do we do it?

Example: Implied Obligation?

how can we beat or avoid competition
How can we beat or avoid competition?
  • Principle of specialisation
    • Writing kits or running attacks?
    • Diversified industrial – very 1970’s
  • Strategic HR
    • Hiring the best talent
  • Partnerships
    • Strategic outsourcing where it makes sense
  • Trade organisations
    • Sharing knowledge, intelligence and expertise freely
strategy from tactical data
Strategy from tactical data?
  • Key challenge to measure the threat landscape
    • Mapping of campaigns to identifiable groups
    • Estimate of potential impact
      • Quantitative – dollars lost
      • Qualitative – harm to reputation, confidence in banking
optimised threat management
Optimised threat management
  • Can we use data mining to optimise response to threats?
    • Best allocation of resources to different types of threat
      • Existing kits = takedowns, resource management
      • New kits = forensic investigation, focused intelligence discovery/updates
an example new threats1
An Example: New Threats

Volume of new attacks

Time

no simple answers
No Simple Answers

Only 5% of variation in new case volume over time accounted for by linear model!

summary
Summary
  • Cybercriminals operate as businesses
  • Analysing cybercrime data helps us interpret the threat landscape
    • Understanding of current activity levels
    • Prediction of future types of activity
    • Reveals the drivers and business planning choices undertaken by criminal groups
  • Simple techniques only achieve so much
    • More sophisticated algorithms needed to improve predictability
ad