Strategic management of cybercrime making crime pay
Download
1 / 18

Strategic Management of Cybercrime Making Crime Pay - PowerPoint PPT Presentation


  • 147 Views
  • Uploaded on

Strategic Management of Cybercrime Making Crime Pay. A/Prof Paul A. Watters Research Director ICSL. Overview. Use business planning activities to interpret current cybercrime tactics within a strategic context Understand the key drivers for management in cybercrime organisations

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Strategic Management of Cybercrime Making Crime Pay' - joylyn


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Strategic management of cybercrime making crime pay

Strategic Management of Cybercrime Making Crime Pay

A/Prof Paul A. Watters

Research Director ICSL


Overview
Overview

  • Use business planning activities to interpret current cybercrime tactics within a strategic context

  • Understand the key drivers for management in cybercrime organisations

  • Predict how new threats to cybercrime might change or curtail future organisational planning


Business planning
Business Planning

  • Cybercrime organisations are like any other business

    • What cash return is sought by their investors?

      • ROI

    • What are the (non-cash) critical success factors?

      • Risk management – threat of arrest, seizure of capital


Business planning1
Business Planning

  • How do we know they operate like a business?


Business analysis steps
Business Analysis Steps

  • What do we do?

  • To whom do we do it?

  • How do we do it?

  • How can we beat or avoid competition?


What do we do
What do we do?

  • Goal is to maximise revenue through fraud

    • Identify most vulnerable targets

      • The unemployed or desperate

    • Identity schemes which maximise return but minimise risk

      • Low or nil cost to operate, minimal risk of detection or arrest

    • Scheme proceeds laundered through legitimate businesses

      • Cheque cashing fraud, mules


To whom do we do it
To whom do we do it?

  • Identify asset-rich countries with sophisticated banking systems

    • Must have easy means to “cash out”

    • Attack launched from countries with no extradition treaty with target

    • Local “protection” from government, police, legitimate business as cover etc

    • Individual loss < minimum thresholds for investigation (no loss aggregation)


How do we do it
How do we do it?

Example: Implied Obligation?



How can we beat or avoid competition
How can we beat or avoid competition?

  • Principle of specialisation

    • Writing kits or running attacks?

    • Diversified industrial – very 1970’s

  • Strategic HR

    • Hiring the best talent

  • Partnerships

    • Strategic outsourcing where it makes sense

  • Trade organisations

    • Sharing knowledge, intelligence and expertise freely


Strategy from tactical data
Strategy from tactical data?

  • Key challenge to measure the threat landscape

    • Mapping of campaigns to identifiable groups

    • Estimate of potential impact

      • Quantitative – dollars lost

      • Qualitative – harm to reputation, confidence in banking


Phishing campaigns australian data
Phishing Campaigns Australian Data

Volume


Optimised threat management
Optimised threat management

  • Can we use data mining to optimise response to threats?

    • Best allocation of resources to different types of threat

      • Existing kits = takedowns, resource management

      • New kits = forensic investigation, focused intelligence discovery/updates



An example new threats1
An Example: New Threats

Volume of new attacks

Time


No simple answers
No Simple Answers

Only 5% of variation in new case volume over time accounted for by linear model!



Summary
Summary

  • Cybercriminals operate as businesses

  • Analysing cybercrime data helps us interpret the threat landscape

    • Understanding of current activity levels

    • Prediction of future types of activity

    • Reveals the drivers and business planning choices undertaken by criminal groups

  • Simple techniques only achieve so much

    • More sophisticated algorithms needed to improve predictability


ad