FBI Albany

Protect the United States from terrorist attack

Protect the United States against foreign intelligence operations and espionage

Protect the United States against cyber-based attacks and high-technology crimes

New York State PoliceMulti-State ISACNY State Office of Cyber SecurityNY State Department of Homeland

Security

The “old school” hackerCharacteristics

Notoriety Break technological barriers Unorganized Not typically motivated by money

The “neo” hackerCharacteristics

Professionals Organized Eastern Europe and Asia

GOAL – Money

Common Scams Lottery Over payment for products “I’m stranded overseas, send cash” Trolling large call centers

Phishing Same look and feel as a website or e-

mail you may be accustomed to seeing Attempt to gain usernames, passwords,

CC information, etc

Example of Phishing(website)

http://citibusinessonline.da.us.citibank.com.citionline.ru

Example of Phishing(e-mail)

Orphaned / Counterfeit Hardware USB flash drives containing malware DVD/CD containing malware▪ Utilizing AutoPlay

“Free” Computers Bargain priced equipment which has

been altered▪ Routers▪ Desktop/Laptop systems

Also referred to as Viruses, Trojans, Spyware

Key LoggingRemote accessScreen capturing processes

Most common malware SpyEye Zeus (aka Zbot) Qakbot

All have ability to log keystrokes and provide

remote access to malicious actors. Qakbot can

propagate itself across a local network.

Sources of Malware Phishing e-mails Phishing websites Children’s games Hacking, torrent, piracy websites Pornographic websites

Intrusive advertising for fraudulent Anti-Virus and Anti-Malware products

Usually prompts for payment and/or personal information

Almost always a sign of an “infected” system

Persistent even after closing web browser

Victims involved two academic institutions and one sole proprietorship.

Losses ranged from $70,000 to $500,000 – and in every case the losses were never recovered.

All involved malware on a windows system, with at least one instance involving Zeus and another involving Qakbot.

All matters involved actors overseas, and in one case, the investigation contributed to the arrest of bad actors residing in these countries.

In each case, employees were doing something they were not supposed to be doing, or did not have sufficient real-time malware protection in place.

You may acquire malware just by viewing a website or opening an e-mail (without even opening attachment)

There is no patch available for the vulnerability

Times Union website, advertising images

FACEBOOK, LINKEDIN, MYSPACE, TWITTER, ETC

May supply potential crooks with personal information used to exploit or extort

Very few laws to protect personal content

Limit access to personal information and photographs

Local School Student created 120 duplicate facebook accounts of other

students Created an intricate network of pictures, updates, statuses,

chats Most profiles were not well protected, or were completely

public Damaging to students reputations, fear to parents

Local businessman Extorted by actors overseas, based on information provided

on social network sites Involved co-workers and family in order to become more

convincing

Prevention

Internet

Golden Rule: “if it sounds too good to be

true…”

Monitor your children’s activities on the computer

Try to keep one system “pure” for online banking, and personal business – have another for recreational activities

Update your Malware/Virus definitions on your network

Educate end users on Social Networking tactics and other common exploits

Wireless security – Avoid open networks and WEP encryption

Physical security – Protect physical resources and information

Never trust a “free” public wi-fi network Consider a 3G/4G wi-fi solution for true

protected access

Never access your financial institution from a public computer at a hotel, library or public wireless access point

Standalone system Not attached to local network Used for one purpose ONLY Possibly non-standard Operating System

Bootable / Flash drive browsers and Operating Systems Contained on a CD/DVD or flash drive Impervious to most malware

Web traffic monitoring/blocking Block keywords (Websense) Filter traffic and e-mail attachments (based on type, size,

hash)

Shred your documents Don’t leave your trash out Don’t leave your mail out, or consider a

PO Box Opt for electronic statements Get regular credit reports, check

statements Watch for skimming devices at the

pump and ATM machine Talk to your bank about EFT

transactions

Microsoft Windows 88% desktop market share Primary target for hackers; most “bang for the buck” Although vulnerable, very robust security features

Mac OS X 7% desktop market share Less secure overall than windows May appear more secure due to low market share

Linux 1% desktop market share Secure, but may not practical for mainstream users

Mobile Devices (iPhone, Android, etc) Not ideal for hackers due to small population of devices iPhone 2%, Android .64%

Partnership between the FBI, National White Collar Crime Center, and Bureau of Justice Assistance

Receive, Develop, Refer complaints for internet related crimes

Tips, current schemes

Partnership between the FBI and the private sector

Businesses, Academic Institutions, State/Local Authorities, Critical Infrastructure, and other participants

www.infragardalbany.com