1 / 18

ICT Crime Investigation - Case Study on Internet Lawful Interception

ICT Crime Investigation - Case Study on Internet Lawful Interception. Yang, Kai-Sheng Technical Crime Prevention Center Criminal Investigation Bureau National Police Agency. Agenda. Current Situation Case Study Future Challenges. Current Situation. Emerging Advanced Technologies

rosalie
Download Presentation

ICT Crime Investigation - Case Study on Internet Lawful Interception

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ICT Crime Investigation-Case Study on Internet Lawful Interception Yang, Kai-Sheng Technical Crime Prevention Center Criminal Investigation Bureau National Police Agency

  2. Agenda • Current Situation • Case Study • Future Challenges

  3. Current Situation • Emerging Advanced Technologies • Popularity of Infrastructures and Multiple Applications/Services in Internet • Wired Broadband: ADSL、Cable Modem、Fiber Optic(FTTx) • Wireless Broadband: Wi-Fi、WiMAX • Marketplace Platform: Auction (3C Products, game awards), Online Game • Integration with Telecom Service • Easy and Convenient Communication; Low Cost • ISR( International Simple Resale ) • VoIP:Skype • Mobile Network

  4. Current Situation • Fact of Crimes (Census in 2009) • Serious Social Issue:TheNo.1onTenMajorPublicGrievances wastelephone and Internet fraud crime • Telephone Fraud Crime • Title Used by Fraud Crime • Government Agencies: 1.Police 2.Post Office • Guess Who: 1.family(friends) 2.call from bar 3. acquaintance pretended • By Privacy Information Leakage: 1.Police2. Bank3.Telecom Service Provider • Internet Fraud Crime • Major Crime Model • Auction:1.Yahoo!2. 露天拍賣 • Credit Card:1.take good by fraud 2.game points

  5. Cases Study • Telephone Fraud Crime • Case of “A Number” Change (The “A Number” is the same as the Caller ID) • Internet Fraud Crime • Case of Auction Crime • Hacker Intrusion • Case of collecting 50,000,000 items of Personal Data for Several Fraud Crime Groups

  6. Case of “A Number” Change • Recently the ways of fraud groups are from local, traditional phone fraud to new type of cross boarder fraud crime with advanced ICT technologies • By “A Number” of VoIP Display, they can change their numbers into the ones of public services, banks, famous trading companies • Major Types: • Cash in Delivery or Draft by Counter to Specified Account • Pretend Police or Prosecutor for case investigation • Pretend Hospital to apply medical stipend,or takecaseinvestigation • ATM Operation • Phish Website, 3C or Book Internet Shop, Internet Bank with Installment, fund transfer

  7. Victim “A Number” Display Change 2 China Taiwan 1 4 5 VoIPSwitch in China Fraud Group Taiwanese Operator HK 3 HK Operator

  8. Auction Fraud Crime • Major Crime Types: 1、Fake Auction 2、True Auction (Replace the targeted good with different one in delivery) 3、Triangle Fraud (Trick both seller and buyer as victims)

  9. Internet Auction Fraud 1、Fake Auction / True Fraud Post false auction information to those innocent people and invite them to trade in for money transfer Trading Platform B: Buyer, Victim A: Swindler Money Draft 9

  10. Recently swindler groups use faked trade messages in auction platform or community BBS to attract students with concert ticket, high price 3C products, fashion designs in order to get money • Faked Auction – Intrude PTT, Facebook Not only in Auction platform, swindler groups also use high popular BBS station (PTT) or Facebook to trick students It was reported that 5 students were suffered in PTT during Chinese New Year period. One female student was tricked by NT$2800 with the concert ticket of Super Junior, and another male student was tricked by NT$1000 with Sakura cup of Japanese Starbucks

  11. Post trade information by high-creditedaccount to attract orders, and deliver low priced trash to buyers in order to make an image of trade disputes. Late on all information investigated by police are faked. Dispute? Trick? Trade Platform A:Seller B:Buyer Money Draft Delivery-lowprice,Trash undelivery 2、True Auction True Cheating(Swapping)

  12. Looking for high-valued good from e-commerce website, and posting the same information in another website to attract buyers to send money to seller, and take away goods directly from seller A.Seller 4.Cseduces Bto send money to A 5.Send goods to C 1.Cbuys from A to get information C. Swindler B. Buyer 3.award 2.Post trade information to attract B 3、Middle-man Cheating(Triangle Cheating) 12

  13. Internet Middle-man Young Girl Tricks Money New trick of “Internet Middle-man”! One young girl plans to buy designer purse, takes account number of seller, posts trade information to another website to attract buyer to send money to seller, and takes purse from seller and runs away

  14. Case of Fake Auction

  15. Hacker Intrusion - 50,000,000 Personal Data Breach In 26 Aug., 2008, Taiwan police caught a hacker group,who integrate database with 50,000,000 pieces of personal data stolen from account DB of Post Bank of China, Health Insurance Bureau, Ministry of Education and several Telecom operators, as well as several million NT dollars. 6 criminals were caught by red-hand. Hacker Channel: By collocate or hosting service in China Jumping Board: By collage mail servers, host IP’s are all over China Database Enquiry Website with High Profit: Hacker group intruded database in Post Bank of China, stole millions NT dollars, and intruded and stole 50,000,000 pieces of personal data from National Health Insurance Bureau, Ministry of Education and several telecom operators One piece of personal data enquiry for NT$300 by name, National ID # or other fussy enquiry method

  16. Future Challenges 1.EmergingHighTechCrime,High RiskySocialSecurity • Theoutlawusemoderntechnologiestocommitmorecrimes • Emerging high tech crime challenges lawful investigation drastically 2. IT with Telecom, Fraud Crime Cross Boarder • Anonymous, cross-boarder ICT crimes will be the major features in Internet, mobile phone…etc platforms. If lawful enforcement cannot keep up with technology, it will be great impact to efficiency and capability of LEA • Leader of hacker group likes to commit crime cross strait

  17. Future Challenges 3. Internet Black Market Formed • Information of backdoors, breakdown • Phishing • Cross-boarder Crime • Professional Cacker • Stealing Account information • By Trojan or faked website, get account name, password, personal or transaction information 4. Greater Development of Internet Lawful Interception • Multiple Internet Applications and Services to 140+ • Decoding method for LI must be aligned with protocol upgrade, such as IM: MSN、QQ • Unique encryption break down, such as VoIP、Skype

  18. Thank you for Your Attention Technical Crime Prevention Center C I B Yang, Kai-Sheng(楊凱勝) Email:apkz2010@gmail.com Tel:886-2-23452581 ICT Crime Investigation-Case Study on Internet Lawful Interception

More Related