1. Delivering the best in z services, software, hardware and training.Delivering the best in z services, software, hardware and training.
World Class z Specialists
Cyber Crime – The New
World Order
Rui Miguel Feio – Senior Technical Lead

2. Agenda
Conclusion
Summary of what
was discussed and
key points to
remember
Questions
Ask away any
questions that you
may have!
The value of data
Why is data being targeted
in the cyber world? The
relevance and importance
of ’knowing’
The Dark Web
How the Dark Web has been
helping the cyber criminals to
take control of the cyber world
Cyber Crime
How criminal
organisations are taking
advantage of the cyber
world
Society &Technology
Evolution of society and
technology and the ever
more dependency on the
online world

3. Who Am I?
RUI MIGUEL FEIO
• Working with RSM since 2010
• Working with mainframes for the past 17 years
• Started with IBM as an MVS Sys Programmer
• Specialises in mainframe security
• Experience in other platforms
Bio:
SENIOR TECHNICAL LEAD

4. Society and Technology

5. Evolution of man

6. Evolution of technology

7. “Technology made large populations possible; large
populations now make technology indispensable.”
Joseph Wood Krutch

8. Evolution of business

9. Value of online business
* https://www.emarketer.com/Article/Worldwide-Retail-Ecommerce-Sales-Will-Reach-1915-Trillion-This-Year/1014369

10. Evolution of crime

11. Evolution of crime

12. Cyber Crime

13. Cyber Crime
• 80% of Hackers work with or are part of an organised crime group *
• Cyber crime organisations:
– Are highly organised
– Adopt a business approach (Cybercrime Inc.)
– Use typical corporate strategies
– Use anonymity methods:
• Crypto currencies
• Dark Web
* 2014 study by the Rand Corporation

14. Cybercrime Inc. - Business model
• Take advantage of ‘anonymous’ services to advertise and sell their
‘normal’ products and services online
• Some of the new ‘business’ opportunities:
• Identity theft
• Intellectual property theft
• Trade secrets
• Industrial espionage
• Sensitive data theft
• Online extortion
• Financial crime
• Data manipulation

15. Cybercrime Inc. - Tactics used
• Some of the tactics and methods used by Cybercrime Inc:
– Phishing and spear phishing
– Man-in-the-middle
– Vulnerabilities
– Trojan horse software
– Spam
– Botnets
– Scareware
– Ransomware
– Malware
– DoS and DDoS

16. CyberCrime Inc. - Example
* http://www.zdnet.com/article/carbanak-hacking-group-steal-1-billion-from-banks-worldwide/

17. Cybercrime Inc. – Example
http://www.itv.com/news/2016-11-09/tesco-bank-pays-out-2-5m-to-9-000-customers-after-hacking-attack/

18. New World Order - Hackers
http://coed.com/2016/10/21/new-world-hackers-dyns-ddos-attack-denial-of-service-information-updates-facts/

19. Cost of Cyber Crime (UK)
https://www.getsafeonline.org/news/fraud-cybercrime-cost-uk-nearly-11bn-in-past-year/

20. The Dark Web

21. The Dark Web
• Is a set of anonymously hosted websites
• That requires a special browser to view them
• The most popular browser is TOR (www.torproject.org)
• TOR is all about online privacy
• Typically associated with bad and illegal activities (cyber crime)

22. Crypto currencies help cyber crime

23. Hacking-as-a-Service
http://5eme2auqilcux2wq.onion/

24. Hacking-as-a-Service
http://hacker4hhjvre2qj.onion/

25. Hacker for Hire – Prices
http://hacker4hhjvre2qj.onion/

26. The Value of Data

27. Let me ask you something…
• How much do you value your privacy?
• How about your friends and family’s privacy?
• What do you think could happen if your data was misused?
• Have you ever searched or visited an online website that you would
rather like to keep it a ‘secret’?
• I know I have J

28. Who would want your data?
• Everyone! Every single company wants it!
• Why?
– Because now they have a way of profiling you
– They know who you are, what you like, what you don’t like,
what you do, whom you do it with, who are your friends, what
your habits are…
– An insurance company knows your habits, and can now decide if
you are ‘worthy to be insured’
– A financial bank can decide if it will lend you money or not
– They know you from your ‘online’ profile!

29. What do they have in common?

30. Interesting facts
• On a daily basis Google processes around 24 Petabytes of data
• This data is then stored and sold for advertisement
• The use of Cookies:
– Fingerprints that allow you to be traced and catalogued
• What you see online is customised for you based on your ‘online
profile’

31. Value of a Company
• Why do you think Facebook or Google are worth billions of dollars?
• A study published by the Wall Street Journal on Facebook:
– Each long-term user is worth $80.95
– Each friendship is worth $0.62
– Your profile page is worth $1,800
– A business page and associated ad revenues are worth $3.1
million

32. Interesting facts
• Data broker company Acxiom Corporation:
– Has more than 23,000 servers
– These servers collect, collate and analyse more than 50 trillion
unique data transactions per year
– 96% of American households are in its DBs
– Has more than 700 million user profiles from around the world
– Each profile has more than 1,500 specific traits
• One quote stated ‘This is the age of the stalker economy’…

33. Data breaches
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

34. Conclusion

35. Everyone is a target

36. Targets
• Organisations of all sizes (companies, governments)
• Individuals
• Mobile devices
• IoT devices
• SCADA devices
• GPS Systems
• Tracking Systems
• Implanted medical devices (IMDs)
• And so many more!!...

37. Shodan
https://www.shodan.io

38. Shodan

39. Have you been pwned?
https://haveibeenpwned.com

42. Questions?

43. Rui Miguel Feio, RSM Partners
ruif@rsmpartners.com
mobile: +44 (0) 7570 911459
linkedin: www.linkedin.com/in/rfeio
www.rsmpartners.com
Contact