Скачать презентацию Welcome to the Financial Services Club What Скачать презентацию Welcome to the Financial Services Club What

51881a2facde85889d80af81276383f3.ppt

  • Количество слайдов: 62

Welcome to the Financial Services Club Welcome to the Financial Services Club

What the Club does • Established 2004 and meeting regularly ever since • Focus What the Club does • Established 2004 and meeting regularly ever since • Focus is to be a kind of ‘rotary club’ for bankers but with focus upon the future of financial services • Usually a keynote from an industry practitioner, government policymaker, regulator or someone who’s really interesting • Covers all areas of the financial markets: retail and investment banking, capital markets, insurance, brokerage • London, Edinburgh, Dublin and Vienna • Presentations, Debates, Question Times, Dinners, Roundtables • Chatham house rules

A few member firms A few member firms

www. thefinanser. com www. thefinanser. com

Tonight Fraud and Cybercrime Ø DCS Martin Mc. Laughlin, Garda Ø Paul Lothian, Symantec Tonight Fraud and Cybercrime Ø DCS Martin Mc. Laughlin, Garda Ø Paul Lothian, Symantec

National e-Crime Programme DSU Charlie Mc. Murdie Police Central e-crime Unit National e-Crime Programme DSU Charlie Mc. Murdie Police Central e-crime Unit

National e-Crime Programme Current Picture UK Police Service • 140, 000 Police Officers in National e-Crime Programme Current Picture UK Police Service • 140, 000 Police Officers in the UK & 78, 000 Staff (http: //police. homeoffice. gov. uk/about-us/) • 300 Police Officers and Staff currently employed in High Tech Crime Units (PCe. U Capability Report 2008/09) • 83% engaged in grading paedophilia (PCe. U Capability Report 2008/09) • Only 5 Forces have Crime Prevention Officers / Industry Liaison Officers (PCe. U Capability Report 2008/09) • No Common reporting to capture scale of e-Crime (PCe. U Capability Report 2008/09)

National e-Crime Programme PCe. U Mission statement. “To improve the police response to victims National e-Crime Programme PCe. U Mission statement. “To improve the police response to victims of e-crime by developing the capability of the Police Service across England, Wales and Northern Ireland, co-ordinating the law enforcement approach to all types of e-crime, and by providing a national investigative capability for the most serious e-crime incidents. ”

National e-Crime Programme structure Sponsor / SRO DAC Janet Williams Programme Governance National e-Crime National e-Crime Programme structure Sponsor / SRO DAC Janet Williams Programme Governance National e-Crime Programme Board ACPO Central / Regional e-Crime Structure PCe. U Implementation Project Olympics Olympic e-Crime Project Training, Recruitment & Retention e-Crime Accreditation Project e-Crime Committee Regional e-Crime Units Forensics Regional e-Crime Forensic Triage Project Development Project Legal Issues Prevention e-Crime Prevention Project Regional Representatives e-Crime Forum Increasing Knowledge for Action SOCA Research & Development

National e-Crime Programme Remit To tackle those responsible for the most serious incidents of: National e-Crime Programme Remit To tackle those responsible for the most serious incidents of: - • • Computer intrusion Distribution of malicious code Denial of service attack and Internet-enabled fraud

National e-Crime Programme Operational Response National e-Crime Programme Operational Response

National e-Crime Programme Sterling Forums Banking Construction Recruitment PCe. U ISPs Travel Hotels Olympics National e-Crime Programme Sterling Forums Banking Construction Recruitment PCe. U ISPs Travel Hotels Olympics

The Coder National e-Crime Programme Mules (Collection) RUSSIA Job Title (Tester & Counter) To The Coder National e-Crime Programme Mules (Collection) RUSSIA Job Title (Tester & Counter) To prepare mule accounts to ensure they are active. To collect money withdrawn and to arrange sending funds back to Russia. United Kingdom The Mules Job Title (Organiser) To liaise with the Russians in order to provide details of mule accounts to populate the server, receives instructions of who to pay. Job Title (Recruiter) Mule recruiter, collects details of persons willing to receive funds into their accounts. Provides forged documents to create new identities.

National e-Crime Programme Successes Four men sentenced in banking trojan case 18 November 2009 National e-Crime Programme Successes Four men sentenced in banking trojan case 18 November 2009 A gang of four men have been sentenced to 13 years in prison for their role in using the PSP 2 BBB trojan to steal hundreds of thousands of pounds from UK bank accounts. Pops & robbers COPS yesterday nicked a gang accused of downloading their own music with stolen credit cards — then claiming royalties. Two held over Zeu. S Trojan virus that steals personal data Police arrest two suspected hackers over virus that has infected tens of thousands of computers around the world Hackers target Guardian jobs site Half million people may have details compromised despite technicians interrupting 'sophisticated' attack on recruitment site

National e-Crime Programme Successes Police shut 1, 200 scam shopping websites The Metropolitan Police's National e-Crime Programme Successes Police shut 1, 200 scam shopping websites The Metropolitan Police's Central e-crime unit carries out the biggest single swoop of bogus websites selling fake designer fashion items Real-world arrest for man who stole Rune. Scape virtual characters A man who hacked into accounts to steal virtual characters and their possessions on one of the world’s biggest multi-player online games has Police swoop to shut down more than 100 websites illegally selling Premiership football tickets been arrested.

National e-Crime Programme • Uniflora - Scam Lottery Emails - Successful confiscation order of National e-Crime Programme • Uniflora - Scam Lottery Emails - Successful confiscation order of £ 745, 000 to be paid by fraudsters who used MPS to make lottery scam look genuine. • Kennet – Virus attached to spam email - 1 charged with unauthorised modification of computers. Infecting computers using viruses attached to unsolicited (spam) email.

An Garda Siochana Fraud and Cybercrime -Financial Services Club, Ireland 28 th January 2010. An Garda Siochana Fraud and Cybercrime -Financial Services Club, Ireland 28 th January 2010. Presented by: Detective Chief Superintendent Martin Mc. Laughlin Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Garda Bureau of Fraud Investigation è Objectives : ÊInvestigate Serious Cases Of ÊCommercial Fraud Garda Bureau of Fraud Investigation è Objectives : ÊInvestigate Serious Cases Of ÊCommercial Fraud ÊCheque, Payment Card Fraud ÊCounterfeit Currency ÊComputer Crime ÊMoney Laundering ÊCompany Law Offences ÊCompetition Offences Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Computer Crime Investigation Unit… è Established in 1991 - The Criminal Damage Act 1991 Computer Crime Investigation Unit… è Established in 1991 - The Criminal Damage Act 1991 è Role : • To act as the National Central Reference Point (N. C. R. P. ) for Computer Forensics and Hi Tech Crime Investigations • ICT Crime Investigations and Computer Forensics • To assist and advise other Garda Investigation Units in the seizure and recovery of computer evidence • Via ‘Europol’ & ‘Interpol’ to liaise with other N. C. R. P. ’s in relation to Hi-tech/Computer crime • To advise on Security Measures and Prevention Techniques for combating such crime Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Operational Activities at the GBFI… § Case Types; • Commercial fraud… Credit Fraud. • Operational Activities at the GBFI… § Case Types; • Commercial fraud… Credit Fraud. • Payment Card Fraud – Organised Crime Gangs • Pin Entry Device Fraud ( PED) - Organised Crime Gangs • ATM Fraud – Organised Crime Gangs • Malicious Software attacks – Organised Crime Gangs • PABX Fraud - financial loss Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Continued……. • Internet Abuse - Hacked ‘Websites’, Harassment via the Internet - Organised Crime Continued……. • Internet Abuse - Hacked ‘Websites’, Harassment via the Internet - Organised Crime Gangs • Digital Evidence retrieval - assisting all major investigations with the retrieval of Digital Evidence • Financial profiling - assisting all major investigations in the enhancing of prosecutions against organised crime gangs. Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Pin Entry Device Fraud Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 Pin Entry Device Fraud Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 PED Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

PED Skimming Skimmed Data (Encrypted by Skimmer) Skimmer Memory Card Mobile Phone (probably SMS) PED Skimming Skimmed Data (Encrypted by Skimmer) Skimmer Memory Card Mobile Phone (probably SMS) FTP Server Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

ATM FRAUD Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 ATM FRAUD Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Next generation ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 Next generation ATM Skimmer Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Malicious Software attacks Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 Malicious Software attacks Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Trojans è User inadvertently downloads a piece of malicious software called a Trojan. è Trojans è User inadvertently downloads a piece of malicious software called a Trojan. è The software watches for certain actions which trigger the Trojan to: ÊCapture personal information such as online banking credentials ÊTrick the customer into authorising fraudulent transactions. è Criminal gangs use Trojans to target particular banks and/or countries. Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Banking Trojans (some examples) è Zeus è Torpig è Patcher è Clampi è Silon Banking Trojans (some examples) è Zeus è Torpig è Patcher è Clampi è Silon è Eurosol è Banbra è Dabobra è Nabload è Bancos è Goldun è Nukulus è Domador è Haxdoor è Apophis è Dumarin è Cimuz è Bank. Div è Dumaru è Bzud è Snatch è Sinowal è Metafisher è Gozi è Wspoem è Abwiz è Spyforms è Anserin è Nethell è Silentbanke r è Audio. Videoè Limbo è Agent DQ è Xorpig è Briz è Mebroot è Visual. Breez è CLOD Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Infrastructure “Back end” Web Server “Front end” C&C Server Firewall Database Server Infected PCs Infrastructure “Back end” Web Server “Front end” C&C Server Firewall Database Server Infected PCs DNS Server Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Patcher Infection Statistics (August 2009) >6800 infected PCs Garda Bureau of Fraud Investigation, Harcourt Patcher Infection Statistics (August 2009) >6800 infected PCs Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Some recent Initiatives in Ireland to raise the level of awareness of fraud awareness; Some recent Initiatives in Ireland to raise the level of awareness of fraud awareness; Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Be Aware, Beat Fraud; Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 Be Aware, Beat Fraud; Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Fraud Alert Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2 Fraud Alert Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Challenges for Police…. . èLots of challenges in the near future ÊUse of technology Challenges for Police…. . èLots of challenges in the near future ÊUse of technology in traditional crime ÊNew crimes ÊRequirement for up skilling of investigators ÊInformation sharing ÊPartnership approach ÊInter-jurisdictional cooperation Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Finally…. è Positive changes in Ireland ÊIBF high tech crime forum ÊCloser cooperation with Finally…. è Positive changes in Ireland ÊIBF high tech crime forum ÊCloser cooperation with international bodies ÊEuropol, INTERPOL ÊISEC MSc Degree ÊNational Cyber security Strategy Initiative ÊUCD Centre for Cybercrime Investigation Ê2 CENTRE centres of excellence (Ireland taking the lead) ÊMSc programmes Ê Bureau MSc programme Garda ISECof Fraud Investigation, Harcourt Street, Dublin 2

Contact Information Garda Bureau of Fraud Investigation, Harcourt Square, Dublin 2 Tele 01 -6663701 Contact Information Garda Bureau of Fraud Investigation, Harcourt Square, Dublin 2 Tele 01 -6663701 Fax 01 -6663798 Email: edward. [email protected] ie Web. ‘www. garda. ie’ Garda Bureau of Fraud Investigation, Harcourt Street, Dublin 2

Anatomy of a Breach Financial Services Club, Dublin January 2010 Anatomy of a Breach Financial Services Club, Dublin January 2010

Global Intelligence Network Identifies more threats, takes action faster & prevents impact Calgary, Alberta Global Intelligence Network Identifies more threats, takes action faster & prevents impact Calgary, Alberta San Francisco, CA Mountain View, CA Culver City, CA Dublin, Ireland Reading, England Alexandria, VA Tokyo, Japan Chengdu, China Austin, TX Taipei, Taiwan Chennai, India Pune, India Sydney, AU Worldwide Coverage Global Scope and Scale 24 x 7 Event Logging Rapid Detection Attack Activity • 240, 000 sensors • 200+ countries Malware Intelligence • 130 M client, server, gateways monitored • Global coverage Preemptive Security Alerts Vulnerabilities • 32, 000+ vulnerabilities • 11, 000 vendors • 72, 000 technologies Information Protection Spam/Phishing • 2. 5 M decoy accounts • 8 B+ email messages/day • 1 B+ web requests/day Threat Triggered Actions 47

Sources of a Breach Organized Criminal Well Meaning Insider Malicious Insider 48 Sources of a Breach Organized Criminal Well Meaning Insider Malicious Insider 48

Stages of a Breach > Incursion > Discovery > Capture > Exfiltration 49 Stages of a Breach > Incursion > Discovery > Capture > Exfiltration 49

Security Market Drivers Incursion 192% growth in spam from 2007 to 2008 In 2008, Security Market Drivers Incursion 192% growth in spam from 2007 to 2008 In 2008, Symantec documented 5, 471 vulnerabilities, 80% of which were easily exploitable 90% of incidents would not have happened if systems had been patched 75, 000 active bot-infected computers per In 2008 we found day, up 31% from 2007 50

Security Market Drivers Discovery 90% of breaches in 2008 involved organized crime targeting corporate Security Market Drivers Discovery 90% of breaches in 2008 involved organized crime targeting corporate information 81% of attacked companies were non-compliant in PCI 67% of breaches were due to insider negligence 51

Security Market Drivers Capture 285 million records were stolen in 2008, compared to 230 Security Market Drivers Capture 285 million records were stolen in 2008, compared to 230 million between 2004 and 2007 Credit card detail accounts for 32% of all goods advertised on underground economy servers IP theft costs companies $600 billion globally 52

Security Market Drivers Exfiltration “Gov’t Posts Sensitive List Of US Nuclear Sites” Associated Press Security Market Drivers Exfiltration “Gov’t Posts Sensitive List Of US Nuclear Sites” Associated Press “Goldman May Lose Millions From Ex-Worker’s Code Theft” July 7 (Bloomberg), Goldman Sachs “ 2 Men Accused Of Swiping CC Numbers” July 2 (Bloomberg), KPHO. com “Royal Air Force Embarrassed By Yet Another Sensitive Data Loss” May 25, UK News 53

Prelude to a Breach 1 Poorly Protected Infrastructure 54 Prelude to a Breach 1 Poorly Protected Infrastructure 54

Prelude to a Breach 2 Lack of IT Policies 55 Prelude to a Breach 2 Lack of IT Policies 55

Prelude to a Breach 3 Poorly Protected Information 56 Prelude to a Breach 3 Poorly Protected Information 56

Prelude to a Breach 4 Poorly Managed Systems 57 Prelude to a Breach 4 Poorly Managed Systems 57

Thank You! Copyright © 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Thank You! Copyright © 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U. S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Plenary Meetings • 9 th February, the Media’s role, Hugh Pym, Chief Economics Editor, Plenary Meetings • 9 th February, the Media’s role, Hugh Pym, Chief Economics Editor, BBC • 11 th February, Capital Markets Chamber: “This house believes that a single customer view will always be fuzzy. ” • 23 rd February: “How banks should think about technology and innovation”, JP Rangaswami, Chief Scientist, BT Group 11 th March: “Innovations in Bank Retailing”, a panel discussion with: Michael Salmony, the European Payments Council; Dr Tim Murdoch, Founder & CEO of i. Ceni Mobile; and Michael Davison, Senior Managing Consultant, IBM Global Business Services 16 th March, Capital Markets Chamber: This house believes that banks' infrastructures are not up for the BIS' new risk controls. A debate on strengthening the resilience of banking” 23 rd March: “Asia’s banks rising”, Emmanuel Daniel, the Asian Banker 22 nd April: “What’s on a treasurer’s mind”, with Magnus Lind, Sarah Jones and more 17 th May : “Turning banking on its head”, a dinner with Sir Win Bishcoff, Chairman, Lloyds Banking Group • • •

Other Clubs Capital Markets Chamber Scotland Ireland CEE Other Clubs Capital Markets Chamber Scotland Ireland CEE

Welcome to the Financial Services Club Welcome to the Financial Services Club