Cybercrime Prevention from the Perspective of Anti-Cyber-Attack Technology ——The Thinking and Practice of the Enterprise
Total Page:16
File Type:pdf, Size:1020Kb
Cybercrime Prevention from the Perspective of Anti-cyber-attack Technology ——the Thinking and Practice of the Enterprise Dr. Liyun HAN 360 Dipper Research, the Future Security Labs 2020.07.29 @ UN IEG ConFerence The Overall Scale of Cyber Underground Economy Top companies paying for cyber security $25/min vulnerabilities per minute in 2018 Global economic loss per minute $ 2.9 million/min due to cybercrime in 2018 Estimated global economic loss per minute $ 222184/min due to ransomware attacks in 2019 From:The Cybersecurity Law Research Center of the Third Research Institute of the Ministry of Public Security P.R.C. 02. 360 Mobile Guard Statistics: Mobile Malware Unit:10 thousand 03. 360 Mobile Guard Statistics: Internet Fraud 04. How to Understand Cyber crime? Typical Cybercrime Typical Characteristic Industrialization, the chain is long and tight ① Traditional E-crime • The upper reaches: the hackers to provide technologies • The middle reaches: black production gangs • The lower reaches: various related organizations who support Tech:Fake IP address, URL redirection, botnet black production gangs. Crime:Telecom fraud, Internet gambling, spreading pornography via chatroom, online social suicide, Grouped Form copyright infringement It involves cross-department, cross-industry, cross-platform and even cross-border criminal actions, forming a close network loop Crime enabled by hacking and defense ② technology Tech :exploiting Vulnerabilities, ransomware, Increasingly enhanced technical means Malicious Trojan and anti-reconnaissance capabilities Crime :Illegal intrusion, control, and destruction of computer information systems, stealing data, production and spread of viruses, and paralysis of 05. systems Long Chain Attack by Hacker Penetration Target to attack Serious security incidents may happen thoughthe the hacker’s behavior in the intranet environment seems to be legal. Criminal Intranet Exploiting vulnerability Send messages Obtain legal with legal identity credentials to Production Smart entry Appliances shutdown Get phone permissions by Malicious OA server Industrial Trojan Control Server Obtain valid credentials and legally entry 06. Employee’s phone Black Production Chain of Malware 01 Exploiting the malicious Trojan ① Remote control ② Traffic hijacking 03 ③ Botnet ④ Hacking 02 ⑤ Malicious downloading Main types of cybercrime Spreading via smartphone ① DDOS attack, traffic hijacking ① Downloading maliciously implanted viruses ② Illegal trading of personal through APP information stolen by malicious ② Spreading malware through mobile web pages programs ③ Spreading malware through scanning QR codes ③ Use malware as tools to by mobile phone users implement fraud and extortion ④ Spreading through communication software email 07. Three Key Steps for Cyber Crime Governance 1 Individual 2 Governance of Public 3 The judicial Protection Network Environment punishment Prevention can kill crime in the cradle The key influencing factor of prevention is the capability Network attack and defense tech To Improve the pre-capability and the capability of identifying, detecting, responding and controlling 08. Case:Anti-phishing Websites Protection Protection Detection § All round blocking phishing websites § Accurately detecting phishing sites § For PCs and mobile devices § Detecting the rogue base station § Blocking phishing websites through threat intelligence sharing mechanism and reporting in real time Investigation & Analysis § Real-time query of phishing websites § Malicious sample storage 09. § Customized report Technology-driven Cybercrime Prevention Big data analysis Security analysis and response Identification, detection, platform interception during anti-fraud, Multi-dimensional detection anti-gambling, anti-pornography Financial fraud prevention engine and others underground economy platform industry combating process Vulnerability mining Telecom fraud prevention PC & mobile endpoint Security enhancement in protection technology industrial internet and various Microscope APP fields of information scanning platform Traffic monitoring infrastructure, such as BFSI, server provider, Energy and Deception defense Cloud security service others. Technology Platform Crime prevention scenario 010. Cases and efforts of 360 1 Malware Blocking 110 million times per day Discovered more than 2,000 CVE vulnerabilities from mainstream global vendors including Apple, Google, Microsoft, 2 Vulnerability Discovering Huawei, Qualcomm, VMWare, etc, and assisted them in vulnerability location and repair, which can reduces the possibility of criminals exploiting vulnerabilities to commit crimes Committed to cybersecurity education for 3 360 University of Cybersecurity users and cyber security practitioner in China and some developing countries 011. Responsibility · Cooperation · Ecosystem 预防与打 击结合 Combination High-level responsibility of Prevention promote the industrial safety ecosystem l The Security + Internet Combating Multi- Public Responsibility participating Innovative And l Prevent cybercrime Technology collaborative 多方 Platform ecosystem 协同 Industry Collaboration 合作 创新型 l Security data sharing 技术平台 l Promote industry safety standards 产学界 Platform Responsibility 交流 Communication l Security technology operation and maintenance with Academia l Platform information governance and Industry 012. We are looking forward to the further discussion and research with you. Email: Dr. HAN Liyun [email protected] THANKS For academic cooperation please contact via: [email protected] FUTURE SECURITY LABS the infinite future.