"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Cybercrime and Business Process Hacking
1. Cyber Crime
Prepare for the next wave:
Business Process Hacking
Richard Stiennon – Chief Research Analyst, IT-Harvest
2. The Rise of Cybercrime
INHIBITORS
Better security
International cooperation (or not)
BPH!
Organization
Insider recruitment
30 million bots
Success (profits)
Market for identities
New vulnerabilities
Ubiquitous Internet DRIVERS
IT-Harvest 2011
14. Pump and dump
• Break in to online trading account
• Sell off owner’s portfolio
• Purchase penny stocks
• Dump attacker’s holdings when stock price jumps
• Leave account holder with worthless portfolio
• Canadian attacks thwarted $11 million frozen in
Lithuanian bank.
IT-Harvest 2011 14
15. E-ticketing fraud
• Indian railway reservations. Scalpers use software to
corner the market for tickets and resell them at a
mark up.
• Concert tickets. Scammers snipe tickets when they
go on sale using elaborate hacks to avoid fraud
detection schemes. They resell them immediately on
sites such as StubHub.com or TicketsNow.com
($1,000)
• Even better: scammers buy seats and block others
from getting seats.
IT-Harvest 2011 15
16. Carbon credits
• 2010 Phishing attack against dozens of companies
• Seven out of 2,000 German companies fall for it
• Carbon credits transferred to two accounts owned by
attackers
• $4 million stolen
• 2011 1.6 million carbon credits stolen from the Romanian
branch of Swiss cement company Holcim. $36 million.
IT-Harvest 2011 16
The purpose of this presentation is to depict a scenario. It is only through imagining the worst that we can prepare for it and hopefully curtail the chances of a particular scenario playing out in real life. \n\nThe cyber crime scenario is fueled by the lack of balance between the fundemental drivers and the countervailing inhibitors. \nDRIVERS\nCriminals historically prey on their immediate neighbors. The Internet changes all that\nThe monthly barrage of vulnerability announcements, particularly from MSFT give cyber criminals the opportunities they need. Total impact of Vista will be…ZERO\nOnline trading sites for identities create a market for thieves to sell to more sophisticated criminals.\nSuccess (profits) breeds more success. Just as eBay created a new generation of garage sale entrepreneurs, Cyber crime is sucking in more and more players. \nLarge botnets, in particular a million member army being prepped for the holiday season indicate growing power. \nOrganized crime is turning to bribery and infiltration to steal identities. \n
The Wild West, Chicago in the 20’s, the Caribbean previous centuries and Columbia as well as aspects of Russia and Italy today are all examples of where unchecked crime can lead. This is the scenario that we must avoid. \n
\n
\n
Since May 30, Memorial Day weekend, Israel’s business community has been in an uproar. Here is a snapshot of the outbreak of a major industrial espionage incident. Spyware plays a crucial role in this fiasco. \n\nThis slide depicts the targets, the perpetrators, and the Private Investigators that carried off these invasions. The story started when an Israeli author noticed that his unpublished works were being posted to the Internet. Suspecting his step-daughters ex-husband he called in the Israeli police. The police discovered the HotWar Trojan on his home computer. Files, emails, and everything the author typed were being sent to FTP servers in Germany, the UK and the US. When those servers were seized by local authorities in each country they were found to contain internal documents from dozens of companies in Israel including the state owned telephone company, Bezeq, a cell phone company, a car dealer, satellite TV company(Hot!), a cell phone company (Patner), a water company (Gal-Al), a defense contractor and more. \n\nIt turns out that at least a dozen companies in Israel had hired Private Investigators to gather competitive intelligence on their counterparts. The PI’s had purchased software from Michael Hephrati in the UK and sent it to the targets disguised as a legitimate email proposal. While 22 people are under arrest, one was indicted this week (June 20), and the investigation continues.:\n-The CEO of one of the PI firms through himself down a stairwell at the police station and is in critical condition with multiple head and spine injuries. \n-The private firms that were in the process of purchasing Bezeq have asked for a new sale to take place. \n-The water company that was hacked lost documents that detailed heavy water extraction techniques. Heavy water is critical to the manufacture of H bombs. \n-Israeli authorities themselves have been using spyware to gather information from PC of the wife of the Syrian President. \nStay tuned. \n