strategic management of cybercrime making crime pay n.
Download
Skip this Video
Download Presentation
Strategic Management of Cybercrime Making Crime Pay

Loading in 2 Seconds...

play fullscreen
1 / 18

Strategic Management of Cybercrime Making Crime Pay - PowerPoint PPT Presentation


  • 153 Views
  • Uploaded on

Strategic Management of Cybercrime Making Crime Pay. A/Prof Paul A. Watters Research Director ICSL. Overview. Use business planning activities to interpret current cybercrime tactics within a strategic context Understand the key drivers for management in cybercrime organisations

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Strategic Management of Cybercrime Making Crime Pay' - joylyn


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
strategic management of cybercrime making crime pay

Strategic Management of Cybercrime Making Crime Pay

A/Prof Paul A. Watters

Research Director ICSL

overview
Overview
  • Use business planning activities to interpret current cybercrime tactics within a strategic context
  • Understand the key drivers for management in cybercrime organisations
  • Predict how new threats to cybercrime might change or curtail future organisational planning
business planning
Business Planning
  • Cybercrime organisations are like any other business
    • What cash return is sought by their investors?
      • ROI
    • What are the (non-cash) critical success factors?
      • Risk management – threat of arrest, seizure of capital
business planning1
Business Planning
  • How do we know they operate like a business?
business analysis steps
Business Analysis Steps
  • What do we do?
  • To whom do we do it?
  • How do we do it?
  • How can we beat or avoid competition?
what do we do
What do we do?
  • Goal is to maximise revenue through fraud
    • Identify most vulnerable targets
      • The unemployed or desperate
    • Identity schemes which maximise return but minimise risk
      • Low or nil cost to operate, minimal risk of detection or arrest
    • Scheme proceeds laundered through legitimate businesses
      • Cheque cashing fraud, mules
to whom do we do it
To whom do we do it?
  • Identify asset-rich countries with sophisticated banking systems
    • Must have easy means to “cash out”
    • Attack launched from countries with no extradition treaty with target
    • Local “protection” from government, police, legitimate business as cover etc
    • Individual loss < minimum thresholds for investigation (no loss aggregation)
how do we do it
How do we do it?

Example: Implied Obligation?

how can we beat or avoid competition
How can we beat or avoid competition?
  • Principle of specialisation
    • Writing kits or running attacks?
    • Diversified industrial – very 1970’s
  • Strategic HR
    • Hiring the best talent
  • Partnerships
    • Strategic outsourcing where it makes sense
  • Trade organisations
    • Sharing knowledge, intelligence and expertise freely
strategy from tactical data
Strategy from tactical data?
  • Key challenge to measure the threat landscape
    • Mapping of campaigns to identifiable groups
    • Estimate of potential impact
      • Quantitative – dollars lost
      • Qualitative – harm to reputation, confidence in banking
optimised threat management
Optimised threat management
  • Can we use data mining to optimise response to threats?
    • Best allocation of resources to different types of threat
      • Existing kits = takedowns, resource management
      • New kits = forensic investigation, focused intelligence discovery/updates
an example new threats1
An Example: New Threats

Volume of new attacks

Time

no simple answers
No Simple Answers

Only 5% of variation in new case volume over time accounted for by linear model!

summary
Summary
  • Cybercriminals operate as businesses
  • Analysing cybercrime data helps us interpret the threat landscape
    • Understanding of current activity levels
    • Prediction of future types of activity
    • Reveals the drivers and business planning choices undertaken by criminal groups
  • Simple techniques only achieve so much
    • More sophisticated algorithms needed to improve predictability