Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
A Vision of Cybercrime in Italy
1. A vision of cybercrime in Italy
Matteo Cavallini
2. About me
Currently I am the Head of Security in Consip SpA, a company owned
solely by the Italian Ministry of Economy, with the mission of providing
consultancy and project support, organizational and technological
services aimed at the innovation of Public Administration.
Since 2007 I have been the Head of the Local Security Unit (LSU)
MEF/Consip, the internal CERT of the Italian Ministry of Economy
I am also the VP of the Cloud Security Alliance – Italy Chapter
Matteo Cavallini CeCOSVI 2012 - Prague
3. Italian National CERT is on its way… yet
so we built an operational network
Associations
Tech. & Security
Providers
Matteo Cavallini CeCOSVI 2012 - Prague
4. Italian National CERT is on its way… yet
We gathered pieces of info from public sources and
our peers in order to... create our “vision”
Matteo Cavallini CeCOSVI 2012 - Prague
6. Police Ransomware in Italy
Hundreds of fake bills
sent to Italian citizens
claiming that there
has been an access to
some banned
pornographic photos.
PC is crippled by the
malware and there is
a request of 100€ to
pay.
Sources are F-Secure and 2012 - Prague
Matteo Cavallini CeCOSVI TrendMicro
7. Some Pieces... from Clusit Report
Target distribution
Matteo Cavallini CeCOSVI 2012 - Prague
8. Some Pieces... from Our Team
Monitoring open sources with spefic tools
developed by our team, we found early traces
of many attacks against Italian and European
websites, enabling us to give our contribution
to contain the incident. Here some examples:
appsrv.ice.gov.it
www.qualitapa.gov.it
Matteo Cavallini CeCOSVI 2012 - Prague
9. What about the costs of a breach?
Symantec-Ponemon Report
Matteo Cavallini CeCOSVI 2012 - Prague
10. A Direct Consequence…
According to EECTF Survey, companies are
reluctant to report attacks
Matteo Cavallini CeCOSVI 2012 - Prague
11. Some Pieces... from UCAMP
Central Office for Means of Payment Fraud (UCAMP) is
responsible for Euro counterfeiting and preventing fraud committed
through the use of payment means other than cash
Italy is still a small “market”
70
60
50
40
Italy 2010
30
Euro Area 2009
20
EU 27 2009
10
0
Paymentmeans other than cash
Matteo Cavallini CeCOSVI 2012 - Prague
12. Some Pieces... from UCAMP
Italy is still a small “market”... also for carders!
0,060% 80%
70%
0,050%
60%
0,040%
50%
0,030% 2009 40% In Country
2010 30% Abroad
0,020%
20%
0,010%
10%
0,000% 0%
Italy Australia France Italy UK France Australia
Unrecognized transactions by area
Losses causedby frauds
Matteo Cavallini CeCOSVI 2012 - Prague
13. Some Pieces... from UCAMP
In Italy the majority of frauds are made via POS
2009
Unrecognized transactions involving
Internet cards in Italy (organized by type)
5%
ATM
25%
Internet 2010
7%
POS
70%
ATM
30%
POS
63%
Preliminary data for 2011
confirm the trends.
Matteo Cavallini CeCOSVI 2012 - Prague
14. Some Pieces... from the Italian Police
Total Total Average People Fake
inspections complaints amount charged banks
Phishing
in 2011
Matteo Cavallini CeCOSVI 2012 - Prague
15. Beyond Official Data... Here are Some Trends
At the moment, in Italy:
Phishing and financial malware targets private companies and public
administrations more then ever
Most of financial malware is a variant of ZeuS
In cyberfrauds, there are some “special abilities” related to ethnic groups
Most of money mules are abroad
On average, every 100 wire transfers made by fraudsters, 80 are blocked
before being sent.
Matteo Cavallini CeCOSVI 2012 - Prague
16. Beyond Official Data... Here are Some Trends
Efficiency in cross border payments is
strongly increased by the institution of
the “Single Euro Payment Area” (SEPA).
Most of these payments are now
executed within 1 day.
Also criminals take advantage of this
situation so, most of the money mules
are abroad.
Italian Police is reinforcing its direct
contacts with other LEAs of the SEPA
countries to increase efficiency.
Matteo Cavallini CeCOSVI 2012 - Prague
17. Other Pieces... from the Italian Police
Total Total People
complaints inspections charged
Identity theft
in 2011
Matteo Cavallini CeCOSVI 2012 - Prague
18. From figures to real crimes...
They steal the
digital signature
and put the
company of an
unsuspecting
businessman in
their name:
busted by the
Financial Police -
03-26-2012
Matteo Cavallini CeCOSVI 2012 - Prague
19. Here another example...
Many gov
agencies
hacked.
Drop-zone was in
Malesia.
An interesting case of an Italian hacker that sent a lot a spear-
phishing emails to users of the local and central PA. Using the
stolen password he sold to private investigators illegal
accesses to sensitive PII. Sentenced to 4 years in jail.
Matteo Cavallini CeCOSVI 2012 - Prague
20. A Last Piece... from Clusit Report
One major event
Matteo Cavallini CeCOSVI 2012 - Prague
21. What to expect in the near future?
1 A growth of Financial 4 Monetization of non
Malware on social and financial data
mobile channels
2 A growth of the 5 A growth in Hacktivism
non-Financial Targets
3 Achievement of the 6 Efficient sharing of data –
“Fraud-as-a-Service” effectiveness in
model countering botnets and
cybergangs
Matteo Cavallini CeCOSVI 2012 - Prague
22. My worst nightmare
will we see this fusion in the future?
Matteo Cavallini CeCOSVI 2012 - Prague