DOCSLIB.ORG

Internet Organised Crime Threat Assessment (Iocta) 2017

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Internet Organised Crime Threat Assessment (Iocta) 2017 INTERNET IOCTA ORGANISED CRIME 2017 THREAT ASSESSMENT INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2017 This publication and more information on Europol are available online: www.europol.europa.eu Twitter: @Europol and @EC3Europol PHOTO CREDITS All images © Shutterstock except pages 6, 20, 26, 33, 35, 36, 44 and 59 © Europol. ISBN 978-92-95200-80-7 ISSN 2363-1627 DOI 10.2813/55735 QL-AL-17-001-EN-N © European Union Agency for Law Enforcement Cooperation (Europol), 2017 Reproduction is authorised provided the source is acknowledged. For any use or reproduction of individual photos, permission must be sought directly from the copyright holders. IOCTA 2017 4 IOCTA 2017 INTERNET ORGANISED CRIME THREAT ASSESSMENT CONTENTS IOCTA 2017 5 FOREWORD 7 ABBREVIATIONS 8 EXECUTIVE SUMMARY 10 KEY FINDINGS 12 RECOMMENDATIONS 14 INTRODUCTION 17 AIM 17 SCOPE 17 METHODOLOGY 17 ACKNOWLEDGEMENTS 17 CRIME PRIORITY: CYBER-DEPENDENT CRIME 18 KEY FINDINGS 19 KEY THREAT – MALWARE 19 KEY THREAT – ATTACKS ON CRITICAL INFRASTRUCTURE 25 KEY THREAT – DATA BREACHES AND NETWORK ATTACKS 27 FUTURE THREATS AND DEVELOPMENTS 30 RECOMMENDATIONS 32 CRIME PRIORITY: CHILD SEXUAL EXPLOITATION ONLINE 34 KEY FINDINGS 35 KEY THREAT – SEXUAL COERCION AND EXTORTION (SCE) OF MINORS 35 KEY THREAT – THE AVAILABILITY OF CSEM 36 KEY THREAT – COMMERCIAL SEXUAL EXPLOITATION OF CHILDREN 38 KEY THREAT – BEHAVIOUR OF OFFENDERS 39 FUTURE THREATS AND DEVELOPMENTS 39 RECOMMENDATIONS 41 CRIME PRIORITY: PAYMENT FRAUD 42 KEY FINDINGS 43 KEY THREAT – CARD-NOT-PRESENT FRAUD 43 KEY THREAT – CARD-PRESENT FRAUD 44 FUTURE THREATS AND DEVELOPMENTS 46 RECOMMENDATIONS 46 CRIME PRIORITY: ONLINE CRIMINAL MARKETS 48 KEY FINDINGS 49 KEY THREAT – DARKNET MARKETS 49 FUTURE THREATS AND DEVELOPMENTS 51 RECOMMENDATIONS 51 THE CONVERGENCE OF CYBER AND TERRORISM 52 KEY FINDINGS 53 FUTURE THREATS AND DEVELOPMENTS 54 RECOMMENDATIONS 54 CROSS-CUTTING CRIME FACTORS 55 KEY FINDINGS 56 SOCIAL ENGINEERING 56 CRIMINAL COMMUNITIES AND CRIME-AS-A-SERVICE 58 CRIMINAL FINANCES 60 COMMON CHALLENGES FOR LAW ENFORCEMENT 62 RECOMMENDATIONS 64 THE GEOGRAPHIC DISTRIBUTION OF CYBERCRIME 66 AFRICA 67 THE AMERICAS 68 ASIA 68 EUROPE 69 OCEANIA 69 APPENDIX 72 CYBER ATTACKS IN THE CONTEXT OF/AGAINST ELECTIONS 72 REFERENCES 76 6 IOCTA 2017 INTERNET ORGANISED CRIME THREAT ASSESSMENT IOCTA 2017 7 FOREWORD am pleased to present the 2017 Internet Organised Crime topics to inform the definition of operational actions for EU law Threat Assessment (IOCTA), the fourth annual presentation enforcement in the framework of the EU Policy Cycle. These of the cybercrime threat landscape by Europol’s European include concrete actions under EC3’s three main mandated areas Cybercrime Centre (EC3). – child sexual exploitation online, cyber-dependent crime, and I payment fraud, as well as cross-cutting crime enablers. The report provides a predominantly law enforcement focused as- sessment of the key developments, changes and emerging threats As in previous years, the 2017 IOCTA will inform the setting in the field of cybercrime over the last year. It relies on the invalu- of priorities and help streamline resources within the EU and able contributions of the EU Member States, and our partners in internationally to respond to cybercrime in an effective and private industry, the financial sector and academia, as well as the concerted manner. Law enforcement continues to demon- expert input of Europol staff. strate that a coordinated, intelligence-led and adaptive ap- proach by competent authorities, involving multiple sectors This year’s report highlights how cybercrime continues to grow and partners can result in significant success in preventing and evolve, taking new forms and directions, as demonstrated cybercrime and mitigating its impact. in some of the attacks of unprecedented scale of late 2016 and mid-2017.It further highlights the progressive convergence of cyber and serious and organised crime, supported by a professional underground service economy. The report also describes some of the key challenges faced by law enforcement in terms of investigation and prosecution of cybercrime, highlighting many cross-cutting issues such as e-evidence challenges, and the need for adequate and harmonised legislation to address the specificities of cybercrime. The report goes on to list a number of key recommendations to address Rob Wainwright the phenomenon of cybercrime and identifies several priority Executive Director of Europol 8 IOCTA 2017 INTERNET ORGANISED CRIME THREAT ASSESSMENT ABBREVIATIONS ACS Automated Card Shop IPv4 Internet Protocol version 4 ADSL Asymmetric Digital Subscriber Line IRC Internet Relay Chat AIOTI Alliance for Internet of Things Innovation IRU EU Internet Referral Unit APT Advanced Persistent Threat IS Islamic State APWG Anti-Phishing Working Group ISDN Integrated Services Digital Network AQ al-Qaeda ISP Internet service provider ATM automated teller machine IT information technology AV anti-virus IWF Internet Watch Foundation AVC Automated Vending Card J-CAT Joint Cybercrime Action Taskforce BEC Business Email Compromise KYC Know Your Customer CaaS Crime-as-a-Service LDCA Live-Distant Child Abuse CAM child abuse material LEA law enforcement agency CEO chief executive officer MBR Master Boot Record CERT computer emergency response team MO modus operandi CGN Carrier-Grade Network Address Translation MOTO Mail Order/Telephone Order CI critical infrastructure mTAN Mobile Transaction Authentication Number CJEU European Court of Justice NAT Network Address Translation CNP card-not-present NCMEC National Center for Missing and Exploited Children CSE child sexual exploitation NFC Near Field Communication CSEM child sexual exploitation material NGO non-governmental organisation CSIRT Computer Security Incident Response Team NIS network and information systems CVV Card Verification Value NPS new psychoactive substances DDoS Distributed Denial of Service OCG organised crime group DEA United States Drug Enforcement Agency OPSEC operations security DNS Domain Name System OSINT open-source intelligence DRD Data Retention Directive OTP one-time pad EAST European Association for Secure Transactions P2P peer to peer, or people to people EBF European Banking Federation PBX Private Branch Exchange ECTEG European Cybercrime Training and Education Group PIN personal identification number EC3 European Cybercrime Centre PoS point-of-sale EIO European Investigation Order QKD Quantum Key Distribution EMAS Europol Malware Analysis System RAT Remote Access Trojan EMMA European Money Mule Actions EMPACT European Multidisciplinary Platform Against SCADA supervisory control and data acquisition systems Criminal Threats SCE sexual coercion and extortion EMV Europay, MasterCard and Visa SEPA Single Euro Payments Area ENISA European Union Agency for Network and SGIM self-generated indecent material Information Security SGSEM self-generated sexually explicit material EUCTF European Cybercrime Task Force SIENA Secure Information Exchange Network Application EUIPO European Union Intellectual Property Office SOCTA Serious and Organised Crime Threat Assessment FBI United States Federal Bureau of Investigation SWIFT Society for Worldwide Interbank Financial GAAD Global Airport Action Day Telecommunications GDPR General Data Protection Regulation TAN Transaction Authentication Number GSM Global System for Mobile Communications THB trafficking in human beings HDFS Hadoop Distributed File System Tor The Onion Router I2P Invisible Internet Project UCC United Cyber Caliphate IAP Internet Access Provider URL uniform resource locator ICS Industrial Control Systems VIDTF Victim Identification Task Force ICSE Interpol International Child Sexual Exploitation database VoIP Voice-over-Internet Protocol ICT information & communications technology VPN virtual private network IOCTA Internet Organised Crime Threat Assessment IoT Internet of Things IP Internet Protocol IPC3 Intellectual Property Crime Coordinated Coalition IPR intellectual property rights IOCTA 2017 9 10 IOCTA 2017 INTERNET ORGANISED CRIME THREAT ASSESSMENT EXECUTIVE SUMMARY he 2017 Internet Organised Crime Threat Assessment tems in power plants and heavy industry. However, it is clear (IOCTA) reports how cybercrime continues to grow and that a greater variety of critical infrastructures are more vul- evolve. While many aspects of cybercrime are firmly nerable to ‘every-day’ cyber-attacks, highlighting the need for established, other areas of cybercrime have witnessed a coordinated EU law enforcement and cross-sector response Ta striking upsurge in activity, including attacks on an unprece- to major cyber-attacks on critical infrastructure. dented scale, as cybercrime continues to take new forms and new directions. A handful of cyber-attacks have caused wide- Law enforcement and industry action has led to a decline in spread public concern but only represented a small sample of the use of exploit kits. This has resulted in a shift towards al- the wide array of cyber threats now faced. ternative malware delivery methods, including spam botnets and social engineering. Along with technical attacks, social en- Because of the similar tools and techniques used, it is some- gineering techniques have become an essential tactic for the times difficult to attribute cyber-attacks to particular groups, commission of many, often complex, cyber-dependent and cy- for example, financially motivated cybercriminals and Ad- ber-facilitated crimes, including payment fraud and online child vanced Persistent Threat (APT) groups.
Load more

Recommended publications
  • An Evolving Threat the Deep Web
    8 An Evolving Threat The Deep Web Learning Objectives distribute 1. Explain the differences between the deep web and darknets.or 2. Understand how the darknets are accessed. 3. Discuss the hidden wiki and how it is useful to criminals. 4. Understand the anonymity offered by the deep web. 5. Discuss the legal issues associated withpost, use of the deep web and the darknets. The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online ‘dark’ marketplaces. Operation Onymous, coordinated by Europol’s Europeancopy, Cybercrime Centre (EC3), the FBI, the U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI) and Eurojust, resulted in 17 arrests of vendors andnot administrators running these online marketplaces and more than 410 hidden services being taken down. In addition, bitcoins worth approximately USD 1 million, EUR 180,000 Do in cash, drugs, gold and silver were seized. —Europol, 20141 143 Copyright ©2018 by SAGE Publications, Inc. This work may not be reproduced or distributed in any form or by any means without express written permission of the publisher. 144 Cyberspace, Cybersecurity, and Cybercrime THINK ABOUT IT 8.1 Surface Web and Deep Web Google, Facebook, and any website you can What Would You Do? find via traditional search engines (Internet Explorer, Chrome, Firefox, etc.) are all located 1. The deep web offers users an anonym- on the surface web. It is likely that when you ity that the surface web cannot provide. use the Internet for research and/or social What would you do if you knew that purposes you are using the surface web.
    [Show full text]
  • Internet Infrastructure Review Vol.15 -Infrastructure Security
    1. Infrastructure Security The Revised Unauthorized Computer Access Law In this volume we examine the revised Unauthorized Computer Access Law, and discuss the DNS Changer malware as well as the Ghost Domain Name issue relating to DNS. Infrastructure Security 1.1 Introduction This report summarizes incidents to which IIJ responded, based on general information obtained by IIJ itself related to the stable operation of the Internet, information from observations of incidents, information acquired through our services, and information obtained from companies and organizations with which IIJ has cooperative relationships. This volume covers the period of time from January 1 to March 31, 2012. Following on from the previous period, with an increase in the number of smartphone users, there have been an increasing number of problems related to the handling of information on the devices and user information. Hacktivism-based attacks such as those by Anonymous also continued to occur, and the number of attacks on companies and government agencies remained at a high level. In Middle-Eastern countries and Israel there were a series of hacking incidents and information leaks, as well as DDoS attacks on websites including critical infrastructure. Regarding vulnerabilities, an issue was discovered and fixed in multiple cache DNS server implementations including BIND. As seen above, the Internet continues to experience many security-related incidents. 1.2 Incident Summary Here, we discuss the IIJ handling and response to incidents Other 19.7% Vulnerabilities 20.6% that occurred between January 1 and March 31, 2012. Figure 1 shows the distribution of incidents handled during this period*1.
    [Show full text]
  • Introduction Points
    Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database) TORLINKS Directory for .onion sites, moderated. Core.onion - Simple onion bootstrapping Deepsearch - Another search engine. DuckDuckGo - A Hidden Service that searches the clearnet. TORCH - Tor Search Engine. Claims to index around 1.1 Million pages. Welcome, We've been expecting you! - Links to basic encryption guides. Onion Mail - SMTP/IMAP/POP3. ***@onionmail.in address. URSSMail - Anonymous and, most important, SECURE! Located in 3 different servers from across the globe. Hidden Wiki Mirror - Good mirror of the Hidden Wiki, in the case of downtime. Where's pedophilia? I WANT IT! Keep calm and see this. Enter at your own risk. Site with gore content is well below. Discover it! Financial Services Currencies, banks, money markets, clearing houses, exchangers. The Green Machine Forum type marketplace for CCs, Paypals, etc.... Some very good vendors here!!!! Paypal-Coins - Buy a paypal account and receive the balance in your bitcoin wallet. Acrimonious2 - Oldest escrowprovider in onionland. BitBond - 5% return per week on Bitcoin Bonds. OnionBC Anonymous Bitcoin eWallet, mixing service and Escrow system. Nice site with many features. The PaypalDome Live Paypal accounts with good balances - buy some, and fix your financial situation for awhile. EasyCoin - Bitcoin Wallet with free Bitcoin Mixer. WeBuyBitcoins - Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more. Cheap Euros - 20€ Counterfeit bills. Unbeatable prices!! OnionWallet - Anonymous Bitcoin Wallet and Bitcoin Laundry. BestPal BestPal is your Best Pal, if you need money fast. Sells stolen PP accounts.
    [Show full text]
  • Darpa Starts Sleuthing out Disloyal Troops
    UNCLASSIFIED (U) FBI Tampa Division CI Strategic Partnership Newsletter JANUARY 2012 (U) Administrative Note: This product reflects the views of the FBI- Tampa Division and has not been vetted by FBI Headquarters. (U) Handling notice: Although UNCLASSIFIED, this information is property of the FBI and may be distributed only to members of organizations receiving this bulletin, or to cleared defense contractors. Precautions should be taken to ensure this information is stored and/or destroyed in a manner that precludes unauthorized access. 10 JAN 2012 (U) The FBI Tampa Division Counterintelligence Strategic Partnership Newsletter provides a summary of previously reported US government press releases, publications, and news articles from wire services and news organizations relating to counterintelligence, cyber and terrorism threats. The information in this bulletin represents the views and opinions of the cited sources for each article, and the analyst comment is intended only to highlight items of interest to organizations in Florida. This bulletin is provided solely to inform our Domain partners of news items of interest, and does not represent FBI information. In the JANUARY 2012 Issue: Article Title Page NATIONAL SECURITY THREAT NEWS FROM GOVERNMENT AGENCIES: American Jihadist Terrorism: Combating a Complex Threat p. 2 Authorities Uncover Increasing Number of United States-Based Terror Plots p. 3 Chinese Counterfeit COTS Create Chaos For The DoD p. 4 DHS Releases Cyber Strategy Framework p. 6 COUNTERINTELLIGENCE/ECONOMIC ESPIONAGE THREAT ITEMS FROM THE PRESS: United States Homes In on China Spying p. 6 Opinion: China‟s Spies Are Catching Up p. 8 Canadian Politician‟s Chinese Crush Likely „Sexpionage,‟ Former Spies Say p.
    [Show full text]
  • Computer Science 161 Fall 2020 Weaver Misc Topics 2
    Computer Science 161 Fall 2020 Weaver Misc Topics 2 1 Pre Lecture Facepalm... From just a year ago! Computer Science 161 Fall 2020 Weaver Welcome to Hell Week.... Computer Science 161 Fall 2020 Weaver • Mental pressure of "Curl up in a ball with a rifle" vs "Pretend everything is normal" continues... • Highly likely Biden will be the winner: But we won't know for sure for another few days at least.... • Really a massive screwup: We should just have preliminary results announced on Friday at once for all states • Today is More Off Topic Stuff: • Nukes • Tor Hidden Services • Sidechannels 3 And Checking In With Everyone Again... How Are You on the Fauci Scale? Computer Science 161 Fall 2020 Weaver 4 The Interesting Problem: Limiting Use Computer Science 161 Fall 2020 Weaver • Who might use a nuke without authorization? • Our "allies" where we station our nukes • Original motivation: Nukes stored in Turkey and Greece • Someone who can capture a nuke • This is what sold the military on the need for the problem: We had nukes in Germany which would be overrun in case of a war with the USSR • Our own military • General Jack D Ripper scenario • The mandated solution: • Permissive Access Link (PAL) 5 Nuke Safety Features Computer Science 161 Fall 2020 Weaver • One-point safety – no nuclear yield from detonation of one explosive charge. • Strong link/weak link – • strong link provides electrical isolation; • weak link fails early under stress (heat, etc.) • Environmental sensors – detect flight trajectory. • Unique signal generator – digital signal used for coupling between stages. • Insulation of the detonators from electrical energy.
    [Show full text]
  • Piracy Versus Privacy: an Analysis of Values Encoded in the Piratebrowser
    International Journal of Communication 9(2015), 818–838 1932–8036/20150005 Piracy Versus Privacy: An Analysis of Values Encoded in the PirateBrowser BALÁZS BODÓ University of Amsterdam, Institute for Information Law The Netherlands The PirateBrowser is a Web browser that uses Tor privacy-enhancing technology to circumvent nationally implemented Internet filters blocking access to The Pirate Bay. This article analyzes the possible consequences of a mass influx of copyright pirates into the privacy domain. The article addresses the effects of the uptake of strong privacy technologies by pirates on copyright enforcement and on free speech and privacy technology domains. Also discussed are the norms and values reflected in the specific design choices taken by the developers of the PirateBrowser. Keywords: piracy, privacy, Tor, privacy-enhancing technologies, policy Introduction Tor (The Onion Router), “endorsed by Egyptian activists, WikiLeaks, NSA, GCHQ, Chelsea Manning, Snowden” (Dingledine & Appelbaum, 2013), is a volunteer network of computers that relays Web traffic through itself to provide anonymous, unobserved, and uncensored access to the Internet. It has about 4,000 relays and about 1,000 exit nodes. Tor users connect to the network, and their Web traffic is channeled through the internal relays to reach its final destination through one of the exit nodes. This arrangement makes the identification and surveillance of Tor users difficult. Anonymity is promised by the difficulty of tracing the Web traffic that appears on the exit node back to the individual who initiated the traffic, as long as there is a sufficient number of internal hops in between. Protection from surveillance is granted by the fact that each link in the communication chain is encrypted.
    [Show full text]
  • Munkavállalói Adatok Szivárogtak Az Nvidiatól
    Munkavállalói adatok szivárogtak az Nvidiatól 2015.01.05. 09:58 | Csizmazia Darab István [Rambo] | Szólj hozzá! Címkék: nvidia jelszó incidens security adatszivárgás jelszócsere breach welivesecurity.com A nagy adatlopási ügyek mellett történnek azért rendre "kisebb" horderejű, de azért szintén fontos biztonsági incidensek is, amelyek szintén nem tanulság nélkül valóak. Ezúttal az Nvidia háza táján történt olyan, dolgozói adatokat érintő adatlopás még decemberben, amely miatt a cég jelszóváltoztatásra és óvatosságra figyelmeztette saját munkavállalóit. A Forbes beszámolója szerint a jelszavak azonnali megváltoztatása mellett arra is kiemelten felhívták a figyelmet, hogy fokozott óvatossággal kezeljenek minden kéretlen levélben érkező adathalász próbálkozást. Ilyen esetekben ugyanis a kiszivárgott személyes információk birtokában sokszor testre-szabott, személyes hangvételű banki vagy látszólag munkatársak, barátok nevében érkező, és jelszavainkkal kapcsolatos kéréseket tartalmazó phishing megkeresések is érkezhetnek. A fenti hamis megkeresési trükkök mellett a dolgozóknak érdekes módon általában nehezükre esik elfogadni a valóságos belső fenyegetés veszélyét is, pedig a támadások, adatszivárgások alkalmával számos esetben van valamilyen belső szál is. Emellett emlékezetes lehet, hogy annak idején több mint 20 olyan embert azonosítottak, akik simán megadták az azonosítójukat és a jelszavukat Snowdennek, aki kollégái hozzáférését is felhasználta az adatgyűjtései és kiszivárogtatásai során. Mivel az eset több, mint 500 dolgozót is érinthetett,
    [Show full text]
  • Siber Güvenlik Ve Savunma STANDARTLAR Ve UYGULAMALAR
    Siber Güvenlik ve Savunma STANDARTLAR ve UYGULAMALAR Editör Prof. Dr. Şeref SAĞIROĞLU Yazarlar Prof. Dr. Şeref SAĞIROĞLU - Onur AKTAŞ A. Oğuzhan ALKAN - Bilgehan ARSLAN Dr. Öğr. Üyesi Atila BOSTAN - Dr. Öğr. Üyesi Eyüp Burak CEYHAN Dr. Öğr. Üyesi İsmail Fatih CEYHAN Dr. Öğr. Üyesi Onur ÇAKIRGÖZ Dr. Öğr. Üyesi Mehmet DEMİRCİ - Sedef DEMİRCİ Doç. Dr. Gülüstan DOĞAN Dr. Öğr. Üyesi Muharrem Tuncay GENÇOĞLU Doç. Dr. Ali Hakan IŞIK - Burak ÖZÇAKMAK Dr. Öğr. Üyesi A. Nurdan SARAN - Doç. Dr. Gökhan ŞENGÜL Seda YILMAZ - Özgür YÜREKTEN Ankara 2019 Siber Güvenlik ve Savunma: Standartlar ve Uygulamalar Editör Prof. Dr. Şeref SAĞIROĞLU Yazarlar Prof. Dr. Şeref SAĞIROĞLU Doç. Dr. Gökhan ŞENGÜL Doç. Dr. Ali Hakan IŞIK Doç. Dr. Gülüstan DOĞAN Dr. Öğr. Üyesi Atila BOSTAN Dr. Öğr. Üyesi Eyüp Burak CEYHAN Dr. Öğr. Üyesi İsmail Fatih CEYHAN Dr. Öğr. Üyesi Onur ÇAKIRGÖZ Dr. Öğr. Üyesi Mehmet DEMİRCİ Dr. Öğr. Üyesi Muharrem Tuncay GENÇOĞLU Dr. Öğr. Üyesi A. Nurdan SARAN Onur AKTAŞ A. Oğuzhan ALKAN Bilgehan ARSLAN Sedef DEMİRCİ Burak ÖZÇAKMAK Seda YILMAZ Özgür YÜREKTEN ISBN: 978-605-2233-42-9 1. Baskı Aralık, 2019 / Ankara 1500 Adet Yayınları Yayın No: 334 Web: grafikeryayin.com Kapak, Sayfa Tasarımı, Baskı ve Cilt Grafik-Ofset Matbaacılık Reklamcılık San. ve Tic. Ltd. Şti. 1. Cadde 1396. Sokak No: 6 06520 (Oğuzlar Mahallesi) Balgat-ANKARA Tel : 0 312. 284 16 39 Pbx - Faks : 0 312. 284 37 27 E-posta : [email protected] Web : grafiker.com.tr Bu kitap HAVELSAN'ın katkılarıyla basılmıştır. İÇİNDEKİLER EDİTÖRDEN ........................................................................................................................................................... 11 BİLGİ GÜVENLİĞİ DERNEĞİ'NDEN ............................................................................. 15 ÖN SÖZ ........................................................................................................................................................................... 19 1. BÖLÜM SİBER GÜVENLİK MATEMATİĞİ 1.1.
    [Show full text]
  • An Analysis of the Nature of Groups Engaged in Cyber Crime
    International Journal of Cyber Criminology Vol 8 Issue 1 January - June 2014 Copyright © 2014 International Journal of Cyber Criminology (IJCC) ISSN: 0974 – 2891 January – June 2014, Vol 8 (1): 1–20. This is an Open Access paper distributed under the terms of the Creative Commons Attribution-Non- Commercial-Share Alike License, which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited. This license does not permit commercial exploitation or the creation of derivative works without specific permission. Organizations and Cyber crime: An Analysis of the Nature of Groups engaged in Cyber Crime Roderic Broadhurst,1 Peter Grabosky,2 Mamoun Alazab3 & Steve Chon4 ANU Cybercrime Observatory, Australian National University, Australia Abstract This paper explores the nature of groups engaged in cyber crime. It briefly outlines the definition and scope of cyber crime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups. The paper gives examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cyber crime and different forms of criminal organization are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organizational structures are involved in cyber crime. Enterprise or profit-oriented activities, and especially cyber crime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command. Keywords: Cybercrime, Organized Crime, Crime Groups; Internet Crime; Cyber Offenders; Online Offenders, State Crime.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Technical and Legal Overview of the Tor Anonymity Network
    Emin Çalışkan, Tomáš Minárik, Anna-Maria Osula Technical and Legal Overview of the Tor Anonymity Network Tallinn 2015 This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non- profit and non-commercial purpose, provided that copies bear a full citation. www.ccdcoe.org [email protected] 1 Technical and Legal Overview of the Tor Anonymity Network 1. Introduction .................................................................................................................................... 3 2. Tor and Internet Filtering Circumvention ....................................................................................... 4 2.1. Technical Methods .................................................................................................................. 4 2.1.1. Proxy ................................................................................................................................ 4 2.1.2. Tunnelling/Virtual Private Networks ............................................................................... 5
    [Show full text]
  • Cisco 2017 Midyear Cybersecurity Report
    Cisco 2017 Midyear Cybersecurity Report 1 Executive Summary Table of Contents Executive Summary ..........................................................03 Vulnerabilities update: Rise in attacks following key disclosures ................................................................ 47 Major Findings ..................................................................05 Don’t let DevOps technologies leave the Introduction ......................................................................07 business exposed ............................................................ 50 Attacker Behavior .............................................................09 Organizations not moving fast enough to patch Exploit kits: Down, but not likely out ................................. 09 known Memcached server vulnerabilities ......................... 54 How defender behavior can shift attackers’ focus ...........11 Malicious hackers head to the cloud to shorten the path to top targets ..................................................... 56 Web attack methods provide evidence of a mature Internet ............................................................. 12 Unmanaged infrastructure and endpoints leave organizations at risk ......................................................... 59 Web block activity around the globe ................................ 13 Security Challenges and Opportunities Spyware really is as bad as it sounds............................... 14 for Defenders ...................................................................61
    [Show full text]