FBI Albany Protect the United States from terrorist attack Protect the United States against foreign intelligence operations and espionage Protect the United States against cyberbased attacks and high-technology crimes New York State Police Multi-State ISAC NY State Office of Cyber Security NY State Department of Homeland Security The “old school” hacker Characteristics Notoriety Break technological barriers Unorganized Not typically motivated by money The “neo” hacker Characteristics Professionals Organized Eastern Europe and Asia GOAL – Money Common Scams Lottery Over payment for products “I’m stranded overseas, send cash” Trolling large call centers Phishing Same look and feel as a website or e-mail you may be accustomed to seeing Attempt to gain usernames, passwords, CC information, etc Example of Phishing (website) http://citibusinessonline.da.us.citibank.com.citionline.ru Example of Phishing (e-mail) Orphaned / Counterfeit Hardware USB flash drives containing malware DVD/CD containing malware ▪ Utilizing AutoPlay “Free” Computers Bargain priced equipment which has been altered ▪ Routers ▪ Desktop/Laptop systems Also referred to as Viruses, Trojans, Spyware Key Logging Remote access Screen capturing processes Most common malware SpyEye Zeus (aka Zbot) Qakbot All have ability to log keystrokes and provide remote access to malicious actors. Qakbot can propagate itself across a local network. Sources of Malware Phishing e-mails Phishing websites Children’s games Hacking, torrent, piracy websites Pornographic websites Intrusive advertising for fraudulent Anti-Virus and Anti-Malware products Usually prompts for payment and/or personal information Almost always a sign of an “infected” system Persistent even after closing web browser Victims involved two academic institutions and one sole proprietorship. Losses ranged from $70,000 to $500,000 – and in every case the losses were never recovered. All involved malware on a windows system, with at least one instance involving Zeus and another involving Qakbot. All matters involved actors overseas, and in one case, the investigation contributed to the arrest of bad actors residing in these countries. In each case, employees were doing something they were not supposed to be doing, or did not have sufficient realtime malware protection in place. You may acquire malware just by viewing a website or opening an e-mail (without even opening attachment) There is no patch available for the vulnerability Times Union website, advertising images FACEBOOK, LINKEDIN, MYSPACE, TWITTER, ETC May supply potential crooks with personal information used to exploit or extort Very few laws to protect personal content Limit access to personal information and photographs Local School Student created 120 duplicate facebook accounts of other students Created an intricate network of pictures, updates, statuses, chats Most profiles were not well protected, or were completely public Damaging to students reputations, fear to parents Local businessman Extorted by actors overseas, based on information provided on social network sites Involved co-workers and family in order to become more convincing Prevention Internet Golden Rule: “if it sounds too good to be true…” Monitor your children’s activities on the computer Try to keep one system “pure” for online banking, and personal business – have another for recreational activities Update your Malware/Virus definitions on your network Educate end users on Social Networking tactics and other common exploits Wireless security – Avoid open networks and WEP encryption Physical security – Protect physical resources and information Never trust a “free” public wi-fi network Consider a 3G/4G wi-fi solution for true protected access Never access your financial institution from a public computer at a hotel, library or public wireless access point Standalone system Not attached to local network Used for one purpose ONLY Possibly non-standard Operating System Bootable / Flash drive browsers and Operating Systems Contained on a CD/DVD or flash drive Impervious to most malware Web traffic monitoring/blocking Block keywords (Websense) Filter traffic and e-mail attachments (based on type, size, hash) Shred your documents Don’t leave your trash out Don’t leave your mail out, or consider a PO Box Opt for electronic statements Get regular credit reports, check statements Watch for skimming devices at the pump and ATM machine Talk to your bank about EFT transactions Microsoft Windows 88% desktop market share Primary target for hackers; most “bang for the buck” Although vulnerable, very robust security features Mac OS X 7% desktop market share Less secure overall than windows May appear more secure due to low market share Linux 1% desktop market share Secure, but may not practical for mainstream users Mobile Devices (iPhone, Android, etc) Not ideal for hackers due to small population of devices iPhone 2%, Android .64% Partnership between the FBI, National White Collar Crime Center, and Bureau of Justice Assistance Receive, Develop, Refer complaints for internet related crimes Tips, current schemes Partnership between the FBI and the private sector Businesses, Academic Institutions, State/Local Authorities, Critical Infrastructure, and other participants www.infragardalbany.com