Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Guernsey CyberCrime Forum - ECD COLP

No description

on 28 June 2017

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Guernsey CyberCrime Forum - ECD COLP

Cyber enabled Crime is a growth industry
Currently estimated that Fraud is 90% under reported

Emerging Trends Against Business
Phishing - (Emails)

CEO Fraud (Chief Executive Officer)
Business E-mail Compromise
National Campaign Work
Do you Really know...Public wi-fi
Detective Chief Superintendent
Glenn Maleary

Emerging Economic
Cyber Crime Trends

Identity Crime

Professional Enablers

Money Mules

Social Engineering

Virtual Currencies

Cyber Crime

CEO Fraud (Characteristics)
Someone is absent
Telephone call - followed by e-mail
Confidential transactions
Pressure situation
Empowering individuals
Cultural global challenge
An e-mail encouraging you to click on a link?
Spear Phishing - targets employees
Whale Phishing- targets high end users/executives and CEOs
Water holing- lure victims to compromised sites
The Current Scale of the problem
2016/17 - National Fraud and Cyber Reports

Action Fraud - 280,000.....(Over 20,000 Cyber Dependent)
Cifas - 412,000
Financial Institutes - 83,000
Currently over 1.9 million reports of fraud reported to Action Fraud
In excess of £50 million losses for Online shopping reported

Fraud and Cyber affects us all (Individuals & Businesses)

5.2m Fraud & 2.0m Cyber crimes (England & Wales Crime survey 2016)

Offenders and victims from all demographics

80% of all fraud and cyber crimes are believed to be preventable
(GCHQ 2011)

What Bank is this?

Warning - please hover mouse before clicking
Not all public hotspots are password protected
Hackers use unsecure connections to infect your device with Malware.

Make sure you are indeed logging on to the
wi-fi network – E.G. CHECK WITH THE BAR / CAFE

Use a VPN service - i.e. 4G

Never configure your device to connect automatically to unknown wi-fi networks

Be careful what you access...e-mails, social networks, online shopping....WHY LOOK AT YOUR BANK ACCOUNT?

GCA - Global Cyber Alliance
Joint Money Laundering Intelligence Taskforce (JMLIT)
The Joint Money Laundering Intelligence Taskforce (JMLIT) has been set-up in partnership with the financial sector to combat high end money laundering.

JMLIT has been developed with partners in government, the British Bankers Association, law enforcement and over 20 major UK and international banks under the leadership of the ‘Financial Sector Forum’.

The taskforce will analyse information and expertise in the public and private sectors to better understand the true scale of money laundering and the methods used by criminals to exploit the UK’s financial system.

Cyber Disruption
• The Global Cyber Alliance (GCA) was established in
September 2015 by:
The Manhattan Distict Attorney's Office
The City of London Police
The Centre of Internet

• It is an international, cross-sector effort designed to
confront, address, and prevent malicious cyber activity,
and turn that information in to actionable intelligence.

• The GCA has attracted 150 member organisations in the first 18 months of its existence.

• GCA is championing the use of the Dmarc (domain-based message authentication, reporting and conformance) protocol to help organisations protect themselves from email fraud. The Alliance has created a guide to help organisations implement Dmarc, which is being rolled out across UK government departments, led by the UK’s National Cyber Security Centre (NCSC).

Joint Fraud Taskforce
The Joint Fraud Taskforce is a partnership between the Government, City of London Police, National Crime Agency, Financial Fraud Action UK, the Bank of England, Cifas and the banks

It aims to deliver a co-ordinated and collaborative response that reduces fraud and brings criminals to justice through shared intelligence, designing out vulnerabilities and a greater awareness of the risk of fraud among the public.

Understanding the threat – working to identify key priorities for the Taskforce and spot intelligence gaps and vulnerabilities.

Collective response – fast-tracking intelligence sharing between banks and law enforcement for a more coordinated approach to serious and organised crime gangs, including the creation of a new top ten most-wanted fraudsters.

Victims and vulnerability – more efficient identification of victims and potential victims, including national roll-out of intervention training for bank staff.

Behaviour change - finding out why victims fall prey to fraud and helping to raise awareness of the steps they can take to protect themselves.

Tackling systematic vulnerabilities - removing the weak links in systems and processes, which fraudsters can exploit.

Economic Crime Prevention Centre (ECPC)
The Economic Crime Prevention Centre coordinates prevention campaigns and a Fraud Prevention Network that reaches across every single police force in England & Wales.

Through this network, policing is reaching more people and businesses than ever with prevention advice.

Protect Yourself events:
Increasing the use of social media and online portals to raise awareness of current threats.
Delivering inputs to professionals operating within the counter fraud community.

Producing timely and accurate alerts from the analytical teams, letting business know what the current and emerging threats are
Producing cyber profiles for each police force in England and Wales.

Public Awareness Campaigns
Weekly social media releases (Do you Really Know etc) providing advice on the issues we are seeing
Wider campaigns with partners- Christmas, Hajj, Dating, Identity etc

UK Sleep walks to Cyber Crisis? - headlines

British businesses are still not doing enough to protect themselves from costly cyber attacks.

Recent government research showed that only 17 per cent of firms had given their staff cyber security training in the past year.

The biggest cyber crime threats are data theft, distributed denial of service (DDoS) attacks, phishing and ransomware, and the key enablers include poor cyber security, poor security awareness and training, lack of personal responsibility, insiders and criminal marketplaces.

The emergence of these criminal marketplaces mean that anyone with little or no cyber expertise can buy or rent everything they need to carry out a cyber attack, from easy-to-use tools and malware to cashing-out facilitiesImproved training for staff and greater discussion of the risks at board level.

Off-the-shelf tools such as DDoS-for-hire services and remote-access Trojans (RATs) are available with step-by-step tutorials at little to no cost to the user, making the skills barrier for entry into cyber crime lower than it has ever been.

According to government research, two thirds of large British businesses have been targeted by a cyber attack in the past year, with a quarter experiencing some kind of cyber incident on a monthly basis. (May 2016)

Such attacks exact a heavy financial toll. Research released by consultancy Cebr last year found that cyber attacks were setting businesses back £34bn a year in increased IT expenditure and lost revenue.

1) That the cyber threats to businesses and individuals in the UK come from:
a. Cyber Criminal Groups
b. State Actors
c. Cyber Activists

2) Collectively these groups will deploy a wide range of Tactics, Techniques, and Procedures (TTPs) in order to achieve their desired outcomes which usually come down to:
a. stealing money
b. stealing data
c. stealing data to steal money
d. general vandalism and extortion

3) The majority of cyber attacks we see employ a combination of technical exploits and social engineering. The technical exploit gives the aggressor access to a computer system, and the social engineering attack uses that access to achieve an end goal (see above) by tricking a human being.

4) Businesses can stay relatively safe from cyber attacks from all three types of aggressors by doing the following:
a. Keep computer systems up to date and remove legacy software to avoid technical exploits. This is called patching.
b. Educate staff to ensure they are well informed and that procedures are robust to avoid social engineering attacks.
c. Make the effort to understand your threat landscape – who might want to harm you, steal from you, or spy on you – and adjust your levels of protection accordingly. For example:
i. If your business may be targeted by cyber activists who are known to use Denial of Service (DOS) as a tactic, then employ a DOS mitigation service.
ii. If your business has valuable Intellectual Property which competitors or state actors may want to get, then limit the number of staff with access to that data.
d. Understand the size and expanse of your IT estate, and have an appropriate strategy to protect that estate. At the very least this should involve anti-virus and strong password enforcement.

What does "Cyber" boil down to?

1. Disrupts business functions.

2. Interrupts supply chains.

3. Damages business reputation.

4. Compromises customer’s data.

5. Forfeits intellectual property.

What does "Cyber" boil down to?
5 Questions Boards and CEOs must ask:
1. How is the organisation informed about risks of cybercrime?

2. What is our plan to address cybercrime?

3. Does our Cybercrime program apply industry standards and best practices?

4. What are our metrics?

5. How comprehensive is our response plan and how often is it tested

8 Strategies for Dealing with Cyber Risks:
1. Incorporate cyber risks into existing risk management and governance procedures.
2. Elevate cyber risk discussions to the CEO and board of directors.
3. Implement industry standards and best practices.
4. Identify and manage your organizations specific risks.
5. Provide oversight and review.
6. Develop and test incident response plans and procedures.
7. Coordinate cyber incident response planning across the organisation.
8. Maintain situational awareness of cyber threats.

What is the NFIB seeing reports of: (April 2016)
Computer Malware/Virus/Malware (£1.1m)
- Police Ransomware
- Phishing emails from HMRC
- "Invoice" emails claiming debts are owed - malware attachment ("Locky or Dridex" ransomware).

Denial of Service Extortion (£30k)
- Usally demand bitcoins
- Lizard Squad

Hacking Server (£378k)
- Companies websites have been hacked and payment details changed (Mandate Fraud)

Hacking Personal (£400k)
- Computer software frauds (Microsoft and Talk Talk)

Hacking – Social Media and Email (£1.2m)
- Cyber enabled banking crimes / range of account hacks, the majority are in relation to email hackings
AF currently receives almost a report every minute - it should receive nearer 10!
Full transcript