SlideShare a Scribd company logo

Incident Response Case in Cyber-Fraud by Lee Jeong Min

APNIC
APNIC

A presentation given at the first APCERT session of APRICOT 2015 on Wednesday, 4th March 2015.

Internet
1 of 28
Incident Response Case in Cyber-Fraud -Case of Republic of Korea-
Case Study : Bypass SRS Contents KISAI Current States of Cyber-FraudII Response systems for Cyber-Fraud IV III
1. KOREA INFORMATION & SECURITY AGENCY(KISA)
KISA(www.kisa.or.kr) • Korea Information & Security Agency • History – In 1996, Korea Information Security Center was established. – In 2001, KISC grew to the Korea Information Security Agency. – In 2009, 3 government bodies, KISA, NIDA and KIICA were united into Korea Internet and Security Agency.
Major Duties of KISA • Information Security, Broadcast and Communication Improvement, – ICT International Cooperation • KISA is empowered by Ministry of Science, ICT and Future Planning – ‘Act on Promotion of Information & Communications Network Utilization and Information Protection, etc.’
2.CURRENT STATES OF CYBER- FRAUD
What is Phishing? • Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. -http://en.wikipedia.org/wiki/Phishing-
Cyber-Fraud in S.Korea • Voice Phishing – The criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward. • Smishing – Use cell phone text messages to deliver the bait to induce people to divulge their personal information. In the text message may be a website URL. http://www.wikipedia.org/
Smartphone Penetration Rate in S.Korea 43% 61% 69% 72% 0% 20% 40% 60% 80% 2011 2012 2013 2014
Number of Reports - 5,000 10,000 15,000 20,000 25,000 30,000 35,000 2011 2012 2013 2014.6 Voice SMS from National Police
Annual Damages 102 60 55 37 - 0.6 6 0.3 - 20 40 60 80 100 120 2011 2012 2013 2014.6 (1,000,000$) Voice SMS from National Police
3. RESPONSE SYSTEMS FOR CYBER- FRUAD
Forged caller’s phone number Block Service - VOICE No Forgednumber (02-1234-0112) Yes Exist? Voice Phishing Forged caller’s phone number Block Service International Call Telecommunication Company Block Public Company BANK Law Enforcement Phone Numbers Phone Numbers Phone Numbers International Call Block DB [Company Name, Phone Number]
Block SMS text Server Receiver Try to find phone number in Phone Number DB 3 4 Matching sender’s [Company Name, Phone No.] ⇒ PASS Bank A (1599-9999) Bank B (1599-5000) Company’s Data KISA  Company [Name, Phone Number] : Using Forged-Number for hiding identification ( 02-1599-9999) KB국민은행입 니다. 보이스피싱 주 의경보 발령(피 해신고는112) KB국민은행입니 다. 고객님의개인정 보가 유출되었으 니보안승급바랍 니다.kbbenk.com Normal SMS Text2 Mismatching sender’s [Company Name, Phone No.] ⇒ Block 4 SMS Server MMO’s Message Center Sending SMS Text ReceiveSMS Sending company by Internet Fake SMS Message Using URL2 [Phone Number DB]1 Phone Record : about 0.6 M [ Phone Number DB ] [Phone Number DB] Forged caller’s phone number Block Service - SMS
Statistics of forged caller’s phone number Block Service Voice : 2013.1~, SMS : 2013.9~ - 1,000,000 2,000,000 3,000,000 4,000,000 5,000,000 Voice SMS 2013 2014 from KISA
Smishing Response System(SRS) [Mobile Network Operator] Confirm by Human In KISA Brief Report KISC Analyze SMS Text Message 118 Call Center (24/7) SMS text Message URL Block Request [ISP/MSO] Confirm By Human Outside KISA Result Confirm Request [Law Enforcement] Collect Suspicious URL Analyze Confirm Block Download& Analyze Server Suspicious URL KISC : Korea Internet Security Center Suspicious URL
0 300,000 600,000 900,000 1,200,000 Jan. Feb. March April May June July August Sep. Oct. Nov. Dec. # of detected Smishing Message from KISA
# of malicious App. 0 100 200 300 400 500 600 Jan. Feb. March April May June July August Sep. Oct. Nov. Dec. from KISA
# of blocked URL 0 2,500 5,000 7,500 10,000 Jan. Feb. March April May June July August Sep. Oct. Nov. Dec. from KISA
4. Case Study : Bypass SRS
Avoiding Filter & Block 토요일에 결혼식 잊지말고 축복하러 와주세요 웨딩사진첩 "t.c*/R*tvvTv*w" 토요일z결혼식f잊q지o말고w축복하러f 와주세요k웨딩z사진첩 "t.c*/R*tvvTv*w" 구매하신 물품이 정상처리 되셨습니다. https://dl.dropboxusercontent.com/s/xfx*ty0n9qz *boz/map.apk
Using CAPTCHA Code • CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) – Type of challenge-response test used in computing to determine whether or not the user is human <Example of CHPTCHA> http://www.wikipedia.org/
Using User Input Ask to input user’s phone number
Checking Connection Method http://www.spo.go.kr/ Phishing Site (http://www.spo1.co.kr/) http://goo.gl/zn9t0H SRS Mobile
Counter Measure 1. Increasing Text Filter ability 2. Induction Image Comparing Tech. 3. Build malicious app gathering system in mobile area
Conclusion • Cyber-Fraud will be increasing • Move to Instant Messenger (Line, Kakao, QQ etc) • Preparing Fin-Tech • No perfect technical-solution for preventing Cyber-Fraud yet
Q/A jmlee@kisa.or.kr
Thank You

Recommended

Topshop potential threats
Topshop potential threatsTopshop potential threats
Topshop potential threatsdaisy_maggs
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Forensic Investigations and Staff Dishonesty in Cameroon
Forensic Investigations and Staff Dishonesty in CameroonForensic Investigations and Staff Dishonesty in Cameroon
Forensic Investigations and Staff Dishonesty in CameroonSARON MESSEMBE OBIA
 
Ukraine: Cybercrmes and Privacy
Ukraine: Cybercrmes and PrivacyUkraine: Cybercrmes and Privacy
Ukraine: Cybercrmes and PrivacyAxon.Partners
 
Cybercriminality
CybercriminalityCybercriminality
CybercriminalityChantal Abam
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
Phish phry operation
Phish phry operationPhish phry operation
Phish phry operationMohamed Zahran
 

Recommended

Topshop potential threats
Topshop potential threatsTopshop potential threats
Topshop potential threatsdaisy_maggs
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Forensic Investigations and Staff Dishonesty in Cameroon
Forensic Investigations and Staff Dishonesty in CameroonForensic Investigations and Staff Dishonesty in Cameroon
Forensic Investigations and Staff Dishonesty in CameroonSARON MESSEMBE OBIA
 
Ukraine: Cybercrmes and Privacy
Ukraine: Cybercrmes and PrivacyUkraine: Cybercrmes and Privacy
Ukraine: Cybercrmes and PrivacyAxon.Partners
 
Cybercriminality
CybercriminalityCybercriminality
CybercriminalityChantal Abam
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
Phish phry operation
Phish phry operationPhish phry operation
Phish phry operationMohamed Zahran
 
Cellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile CommunicationsCellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile CommunicationsPaul Parke
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Alan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?TelcoBridges Inc.
 
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Hafizah Jupri
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarNeeraj Ahirwar
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdfMariGogokhia
 
Mobile security issues & frauds in India
Mobile security issues & frauds in IndiaMobile security issues & frauds in India
Mobile security issues & frauds in IndiaYogesh Lolge
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsGabor Szathmari
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021lior mazor
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceDulanja Liyanage
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeNitin Kanaujia
 
Cybercrime: A Primer
Cybercrime: A PrimerCybercrime: A Primer
Cybercrime: A Primerfwscholl
 
Presentation1 1.pptx
Presentation1 1.pptxPresentation1 1.pptx
Presentation1 1.pptxHimanshuKansal22
 
Cyber security lifting the veil of hacking webinar
Cyber security lifting the veil of hacking webinarCyber security lifting the veil of hacking webinar
Cyber security lifting the veil of hacking webinarAssociation for Project Management
 
Cyber crime and security in pakistan
Cyber crime and security in pakistanCyber crime and security in pakistan
Cyber crime and security in pakistanFahad Abbasi
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for studentsKandarp Shah
 
Telecom Cambodia - SIM Box Issue 2013
Telecom Cambodia - SIM Box Issue 2013Telecom Cambodia - SIM Box Issue 2013
Telecom Cambodia - SIM Box Issue 2013Firdaus Fadzil
 
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxSJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxAalbert Albert
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 

More Related Content

Similar to Incident Response Case in Cyber-Fraud by Lee Jeong Min

Cellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile CommunicationsCellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile CommunicationsPaul Parke
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Alan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?TelcoBridges Inc.
 
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Hafizah Jupri
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarNeeraj Ahirwar
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
Mobile security issues & frauds in India
Mobile security issues & frauds in IndiaMobile security issues & frauds in India
Mobile security issues & frauds in IndiaYogesh Lolge
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsGabor Szathmari
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021lior mazor
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceDulanja Liyanage
 
Cybercrime: A Primer
Cybercrime: A PrimerCybercrime: A Primer
Cybercrime: A Primerfwscholl
 
Cyber crime and security in pakistan
Cyber crime and security in pakistanCyber crime and security in pakistan
Cyber crime and security in pakistanFahad Abbasi
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for studentsKandarp Shah
 
Telecom Cambodia - SIM Box Issue 2013
Telecom Cambodia - SIM Box Issue 2013Telecom Cambodia - SIM Box Issue 2013
Telecom Cambodia - SIM Box Issue 2013Firdaus Fadzil
 
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxSJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxAalbert Albert
 

Similar to Incident Response Case in Cyber-Fraud by Lee Jeong Min (20)

Cellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile CommunicationsCellcrypt - An Introduction to Secure Mobile Communications
Cellcrypt - An Introduction to Secure Mobile Communications
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
 
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj Ahirwar
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdf
 
Mobile security issues & frauds in India
Mobile security issues & frauds in IndiaMobile security issues & frauds in India
Mobile security issues & frauds in India
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scams
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cybercrime: A Primer
Cybercrime: A PrimerCybercrime: A Primer
Cybercrime: A Primer
 
Presentation1 1.pptx
Presentation1 1.pptxPresentation1 1.pptx
Presentation1 1.pptx
 
Cyber security lifting the veil of hacking webinar
Cyber security lifting the veil of hacking webinarCyber security lifting the veil of hacking webinar
Cyber security lifting the veil of hacking webinar
 
Cyber crime and security in pakistan
Cyber crime and security in pakistanCyber crime and security in pakistan
Cyber crime and security in pakistan
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for students
 
Telecom Cambodia - SIM Box Issue 2013
Telecom Cambodia - SIM Box Issue 2013Telecom Cambodia - SIM Box Issue 2013
Telecom Cambodia - SIM Box Issue 2013
 
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxSJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
 

More from APNIC

APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 

More from APNIC (20)

APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 

Recently uploaded

Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663Call Girls Mumbai
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 

Recently uploaded (20)

Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 

Incident Response Case in Cyber-Fraud by Lee Jeong Min

  • 1. Incident Response Case in Cyber-Fraud -Case of Republic of Korea-
  • 2. Case Study : Bypass SRS Contents KISAI Current States of Cyber-FraudII Response systems for Cyber-Fraud IV III
  • 3. 1. KOREA INFORMATION & SECURITY AGENCY(KISA)
  • 4. KISA(www.kisa.or.kr) • Korea Information & Security Agency • History – In 1996, Korea Information Security Center was established. – In 2001, KISC grew to the Korea Information Security Agency. – In 2009, 3 government bodies, KISA, NIDA and KIICA were united into Korea Internet and Security Agency.
  • 5. Major Duties of KISA • Information Security, Broadcast and Communication Improvement, – ICT International Cooperation • KISA is empowered by Ministry of Science, ICT and Future Planning – ‘Act on Promotion of Information & Communications Network Utilization and Information Protection, etc.’
  • 6. 2.CURRENT STATES OF CYBER- FRAUD
  • 7. What is Phishing? • Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. -http://en.wikipedia.org/wiki/Phishing-
  • 8. Cyber-Fraud in S.Korea • Voice Phishing – The criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward. • Smishing – Use cell phone text messages to deliver the bait to induce people to divulge their personal information. In the text message may be a website URL. http://www.wikipedia.org/
  • 9. Smartphone Penetration Rate in S.Korea 43% 61% 69% 72% 0% 20% 40% 60% 80% 2011 2012 2013 2014
  • 10. Number of Reports - 5,000 10,000 15,000 20,000 25,000 30,000 35,000 2011 2012 2013 2014.6 Voice SMS from National Police
  • 11. Annual Damages 102 60 55 37 - 0.6 6 0.3 - 20 40 60 80 100 120 2011 2012 2013 2014.6 (1,000,000$) Voice SMS from National Police
  • 12. 3. RESPONSE SYSTEMS FOR CYBER- FRUAD
  • 13. Forged caller’s phone number Block Service - VOICE No Forgednumber (02-1234-0112) Yes Exist? Voice Phishing Forged caller’s phone number Block Service International Call Telecommunication Company Block Public Company BANK Law Enforcement Phone Numbers Phone Numbers Phone Numbers International Call Block DB [Company Name, Phone Number]
  • 14. Block SMS text Server Receiver Try to find phone number in Phone Number DB 3 4 Matching sender’s [Company Name, Phone No.] ⇒ PASS Bank A (1599-9999) Bank B (1599-5000) Company’s Data KISA  Company [Name, Phone Number] : Using Forged-Number for hiding identification ( 02-1599-9999) KB국민은행입 니다. 보이스피싱 주 의경보 발령(피 해신고는112) KB국민은행입니 다. 고객님의개인정 보가 유출되었으 니보안승급바랍 니다.kbbenk.com Normal SMS Text2 Mismatching sender’s [Company Name, Phone No.] ⇒ Block 4 SMS Server MMO’s Message Center Sending SMS Text ReceiveSMS Sending company by Internet Fake SMS Message Using URL2 [Phone Number DB]1 Phone Record : about 0.6 M [ Phone Number DB ] [Phone Number DB] Forged caller’s phone number Block Service - SMS
  • 15. Statistics of forged caller’s phone number Block Service Voice : 2013.1~, SMS : 2013.9~ - 1,000,000 2,000,000 3,000,000 4,000,000 5,000,000 Voice SMS 2013 2014 from KISA
  • 16. Smishing Response System(SRS) [Mobile Network Operator] Confirm by Human In KISA Brief Report KISC Analyze SMS Text Message 118 Call Center (24/7) SMS text Message URL Block Request [ISP/MSO] Confirm By Human Outside KISA Result Confirm Request [Law Enforcement] Collect Suspicious URL Analyze Confirm Block Download& Analyze Server Suspicious URL KISC : Korea Internet Security Center Suspicious URL
  • 17. 0 300,000 600,000 900,000 1,200,000 Jan. Feb. March April May June July August Sep. Oct. Nov. Dec. # of detected Smishing Message from KISA
  • 18. # of malicious App. 0 100 200 300 400 500 600 Jan. Feb. March April May June July August Sep. Oct. Nov. Dec. from KISA
  • 19. # of blocked URL 0 2,500 5,000 7,500 10,000 Jan. Feb. March April May June July August Sep. Oct. Nov. Dec. from KISA
  • 20. 4. Case Study : Bypass SRS
  • 21. Avoiding Filter & Block 토요일에 결혼식 잊지말고 축복하러 와주세요 웨딩사진첩 "t.c*/R*tvvTv*w" 토요일z결혼식f잊q지o말고w축복하러f 와주세요k웨딩z사진첩 "t.c*/R*tvvTv*w" 구매하신 물품이 정상처리 되셨습니다. https://dl.dropboxusercontent.com/s/xfx*ty0n9qz *boz/map.apk
  • 22. Using CAPTCHA Code • CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) – Type of challenge-response test used in computing to determine whether or not the user is human <Example of CHPTCHA> http://www.wikipedia.org/
  • 23. Using User Input Ask to input user’s phone number
  • 24. Checking Connection Method http://www.spo.go.kr/ Phishing Site (http://www.spo1.co.kr/) http://goo.gl/zn9t0H SRS Mobile
  • 25. Counter Measure 1. Increasing Text Filter ability 2. Induction Image Comparing Tech. 3. Build malicious app gathering system in mobile area
  • 26. Conclusion • Cyber-Fraud will be increasing • Move to Instant Messenger (Line, Kakao, QQ etc) • Preparing Fin-Tech • No perfect technical-solution for preventing Cyber-Fraud yet