cyber-crime as a service - york university...q3. why is it difficult to catch cyber criminals ? a....

22

Cyber-crime as a Service CaaS analysis report Y. Zheng A. Chaudhry

Upload: others

Post on 25-May-2020

3 views

Category:

Documents

1 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Cyber-crime as a Service

CaaS analysis report

Y. Zheng A. Chaudhry

Page 2: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

What is Cyber-cime ?

• Crimes that target computer networks or devices

• Crimes that use computer networks to advance other criminal activities

Page 3: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Page 4: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Page 5: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

What is Cyber-crime as a Service (CaaS) ?

• Software-as-a-service (SaaS)

• Platform-as-a-service (PaaS)

“THE provision of services to others to facilitate their commission of cyber-crimes”

Page 6: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Types of Cyber-Crime-as-a-Service

• Online Money Laundering

• Dark Web Market

• DDoS ‘as s service’

• Exploits ‘as a service’

• Ransomware ‘as a service’

Page 7: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Online Money Laundering(Currency)

Page 8: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Dark Web Market(Platform)

Hacker Online Market Buyer

Page 9: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

DDosS ‘as s service’(Product)

DDoS Attack

Page 10: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Exploits ‘as s service’(Product)

Page 11: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Exploits Kits Trends(Product)

Page 12: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Impact on Enterprise

Page 13: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

What Enterprise Can do

Data Gathering

Feature Selection

Model Building

Classification Detection

Page 14: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Ransomware ‘as s service’

Page 15: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Ransomware Trends

Page 16: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Why Criminals Love Ransomware

$ 3,000,000 Reward

Page 17: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Catch me if you CAN

Principality of Sealand

Page 18: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Page 19: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Q & A

Q1. Which one of the following is/are considered to be the possible CaaS provider ?

A. 16-year-old pimply kid in his mom’s basement hacking between World of Warcraft and Call of duty.

B. Traditional organized crime group with multinational background hackers

C. Data centered committed to protect privacyD. All of the above

Page 20: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Q & A

Q2. Which one of the following is not considered as ransomware’s behavior ?

A. overwrites the Master Boot Record, causing BSoDB. Grab the IP packets and modify protocolC. Lock up your computer and ask for payment to unlockD. exploit vulnerable Web servers

Page 21: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Q & A

Q3. Why is it difficult to catch cyber criminals ?

A. The difficulties of tracking them through the internetB. It is usually too late when people realize and report the situationC. One internet, many lawsD. All of the above

Page 22: Cyber-crime as a Service - York University...Q3. Why is it difficult to catch cyber criminals ? A. The difficulties of tracking them through the internet B. It is usually too late

Reference

https://www.symantec.com/content/dam/symantec/docs/reports/2016-norton-cyber-security-insights-report.pdf

http://www.bankinfosecurity.com/cybercrime-as-a-service-economy-stronger-than-ever-a-9396

http://documents.trendmicro.com/assets/guides/executive-brief-exploits-as-a-service.pdf

https://www.technologyreview.com/s/520501/the-secrets-of-online-money-laundering/

https://securityintelligence.com/cybercrime-as-a-service-poses-a-growing-challenge/

https://www.mcafee.com/uk/resources/reports/rp-quarterly-threats-mar-2016.pdf

http://documents.trendmicro.com/assets/resources/ransomware-as-a-service.pdf

https://www.forbes.com/special-report/2012/126-billion-forbes-cover.html?v=3

http://www.pcquest.com/cybercrime-service-a-very-modern-business/

https://www.fbi.gov/wanted/cyber/evgeniy-mikhailovich-bogachev

https://www.techopedia.com/definition/2387/cybercrime

https://en.wikipedia.org/wiki/Principality_of_Sealand

https://www.wikiwand.com/en/The_Pirate_Bay

http://securityaffairs.co/wordpress/33916

CYBER-ENABLED CRIMEfiles.acams.org/pdfs/2019/ACAMS_Cyber-Enabled_Crime_Course_Syl… · law enforcement in the identification and capture of cyber criminals 2. Know the hunters: Describe

Menace 2 the Wires Advances in the Business Models of Cyber Criminals - Guillaume Lovet

Cyber Security in Canada96bda424cfcc34d9dd1a-0a7f10f87519dba22d2dbc6233a731e5.r41.… · against cyber criminals. Our objective with this report is to examine the Canadian cyber security

Menace 2 the Wires Advances in the Business Models of Cyber Criminals - Guillaume Lovet

Risk & Regulatory Series - KPMG … · 2014/01/15/e-bazaar-crooks-hawk-your- ... 1.3 Cyber security | The cyber criminals Petty Criminals / Motives: Financial gain. Hacktivists

Why cyber-criminals target Healthcare - Panda Security

Understanding Cyber Criminals and Measuring Their …eprints.lancs.ac.uk/...Understanding_cyber_criminals_and_measuring... · Understanding Cyber Criminals and Measuring Their Future

Australia’s 2020 Cyber Security Strategy · Cyber Security Centre’s ability to disrupt cyber criminals by targeting the proceeds of cybercrime derived both domestically and internationally

Why can’t police catch cyber criminals

SECURING THE CYBER-PHYSICAL SYSTEMS OF CRITICAL …...groups could be targeted by nation states or cyber criminals at a time ... digital and physical layers of protection. Cyber-physical

The Economic Threat Landscape from Cyber Criminals

Cyber Security & Insider Threats · •The first allegations of military cyber attacks occur in Estonia (2007) and Georgia (2008) 2000s •The battle between cyber criminals and cyber

Sophisticated Groups and Cyber Criminals Set Sights on ......White Paper Sophisticated Groups and Cyber Criminals Set Sights on Lucrative Financial Sector By Threat Hunter Team Introduction

TRACKING THE TRAILS OF CYBER CRIMINALS · TRACKING THE TRAILS OF CYBER CRIMINALS e ... At e-Crime Bureau, we trace the digital footprints of cyber crimi- ... including the ICCID and

How Cyber Criminals Steal Passwords via Pass-the-Hash and Other Attack Methods

Cyber Kill Chain vs. Cyber Criminals

Enjoy Safer Technology and Defeat Cyber Criminals

July 2020 - nciipc.gov.in · Criminals Targeting Hospitals and Banking Apps by Exploiting COVID Pandemic Source: The CBI has alerted all the state police about cyber criminals increasingly

Elevated Prevalence of left handedness in: Autism Schizophrenia Alcoholism Criminals Lawyers Sleep difficulties Stutterers Immune disorders Math prodigies

The Four Stages of a Cyber Attack, and How Cyber Criminals are Targeting SMBs

Cyber Security in Canadafiles.constantcontact.com/5a74eb21101/9a915cd8-6a74-43da...against cyber criminals. Our objective with this report is to examine the Canadian cyber security

How Cyber-Criminals Steal and Profit from your Datablog.hcpd.com/wp-content/uploads/2017/01/SBS-Cybersecurity.pdf · How Cyber-Criminals Steal and Profit from your Data ... Consulting

Escape the notice of cyber-criminals! Keep your business data safe

BFL CANADA Cyber Resilience SME · Vulnerability to Cyber Risks SMALL AND MEDIUM ENTERPRISES (SME) ARE THE MOST TARGETED BY CYBER CRIMINALS COMPROMISING YOUR COMPANY AND YOUR ENTIRE

CYBER ATTRIBUTION USING UNCLASSIFIED DATAcyber criminals initiated criminal cyber activity against US based cyber systems. We found that there is a benefit to accurate attribution

Cybercrime Threat Landscape: Cyber Criminals Never Sleep

CYBER THREATS - A ROMANIAN PERSPECTIVE...STATE ACTORS CYBER CRIME CYBER EXTEMISM CYBER TERRORISM Cyber criminals are mainly aiming to obtain financial gains from online sales and banking

Defence and Backup - Blucando€¦ · Staying ahead of the cyber criminals Just as technology advances, so too do the malicious programmes used by hackers and criminals. Blucando

Masquerading for Cyber Espionage and Fraudulent Transactions · Cyber Espionage Case Study: Iran’s Newscaster Cyber criminals, for financial and espionage purposes, are us-ing SNSs

Beating Cyber Criminals & Terrorists

Stephen Wares Cyber Risk Practice Leader EMEA Marsh Cyber Risk Are criminals and terrorists a threat to supply security?

Types of Cyber-aTTaCks — and How To prevenT THem€¦ · 5 Cyber-attack strategy #2 Infect networks with different forms of malware Cyber-criminals use different types of attack

Cyber Criminals Responsible for the Biggest Attacks

The Cyber Threat to Sports Organisations · 2 days ago · The primary cyber threat to sports organisations comes from cyber criminals with a financial motive. Survey data, quantitative

When would you need Cyber Insurance? · Each year more and more Kiwi businesses are targeted by cyber criminals. Cyber insurance is there to protect your business against exposure