1 / 34

an e-crime combating strategy a public and private task team perspective

an e-crime combating strategy a public and private task team perspective. i-week presentation - spring 2004. A task team of different sectors were applied. SAPS Banks Audit Companies Cell-phones IT Legal Crime Combating Agents. The Need. An effective and sustainable solution for

kolton
Download Presentation

an e-crime combating strategy a public and private task team perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. an e-crime combating strategya public and private task team perspective i-week presentation - spring 2004

  2. A task team of different sectors were applied • SAPS • Banks • Audit Companies • Cell-phones • IT • Legal • Crime Combating Agents

  3. The Need An effective and sustainable solution for combating e-crime at an industry level, nationally and internationally, through public private partnership networking

  4. The strategic approach to find a solution was • Understanding The Problem • Addressing The Problem • Typical Partners & Associates

  5. UNDERSTANDING THE PROBLEM

  6. Computer and Network Attack Taxonomy ATTACKS TOOLS VULNER- ABILITIES ACTIONS TARGETS RESULTS OBJECTIVES HACKER PHYSICAL ATTACK DESIGN PROBE ACCOUNT INCREASED ACCESS CHALLENGE, THRILL, STATUS SPY INFO EXCHANGE IMPLEMENT ATION SCAN PROCESS DISCLOSED INFO POLITICAL GAIN TERRORIST USER COMMAND CONFIGUR ATION FLOOD DATA CORRUPT INFO FINANCIAL GAIN CORP RAIDER AUTHENTI- CATE COMPONENT DENIAL OF SERVICE SCRIPT OR PROGRAM DAMAGE CRIMINAL AUTONOMY AGENT BYPASS COMPUTER THEFT OF RESOURCES OBTAIN INFO VANDAL TOOLKIT SPOOF INTERNET NETWORK VOYEUR DISTRIBUTED TOOL READ DATA TAP COPY STEAL MODIFY Source: Howard & Longstaff (1998:16) DELETE

  7. Attack Sophistication vs Intruder Technical Knowledge Attack Sophistication High Distributed attack tools “Stealth”/advanced scanning techniques Denial of service WWW attacks Automated probes/scans Packet spoofing Graphical user interface Sniffers Network management diagnostics Sweepers Back doors Hijacking sessions Disabling audits Burglaries Password cracking Exploiting known vulnerabilities Intruder Knowledge Self-replicating code Password guessing Low 1980 1985 1990 1995 2000 Source: Carnegie Mellon University, 2000

  8. Active wiretapping 1.00% Telecoms eavesdropping 6.00% Telecoms fraud 6.00% Theft of other hardware 40.00% Spoofing attacks 13.00% Unauthorised website access/misuse 18.00% Theft of laptops 77.00% Attacks, e.g. denial of service 20.00% Theft or propriety info 15.00% Financial fraud 16.00% Virus attacks 67.00% Sabotage of data or networks 9.00% Source: NHTCU Percentage of organisations that have experienced specific computer-related crimes - 2003

  9. What do respondents consider to be the single most serious impact of a computer enabled crime on an organisation? 7% Finances of company 4% Share price of your company 23% Public image or reputation of company 34% Ability of company to operate 32 % Ability of company to do business Source: NHTCU

  10. Formulating an applicable e-crime definition “E-crime is any crime committed by means of any electronic device or interface or programme code” • The following applies explicitly as criminal offences in the RSA: • Electronic Communications and Transactions Act 25 of 2002, Cybercrime ; Sections 86 – 88 • Unauthorised access to, interception of or interferences with data • Computer-related extortion, fraud and forgery • Attempt, and aided abetting The Common Law Offences on Theft

  11. The following is also understood as e-crime • Where a computer (or system) is the subject of a criminal attack (e.g. Hacking/cracking, Denial of service, Virus, Spamming, Spoofing) • Where a computer is used to commit a criminal offence (e.g. Fraud, money-laundering, tax evasion, trafficking, extortion, illegal funds transfers) • Where evidence of criminal activity is stored on a computer or other electronic storage media (e.g. Details of fraud dealing) Obviously, these categories are not mutually exclusive.

  12. Interpol’s definitions of e-crime offencesare also incorporated • Unauthorized access and interception • Alteration of computer data • Computer Related Fraud • Unauthorized reproduction • Computer sabotage • Computer-related crime (Other)

  13. The critical e-crime issues that need to be addressed 1. Preventing/combating “Digital Identity” theft 2. Preventing/combating “Denial of Services” threat 3. Establishing an effective reporting procedure of e-crime incidents to SAPS 4. Improving the speed of law-enforcement responses to e-crime incidents 5. Establishing effective legal procedures for seizing evidence information 6. Understanding and dealing with International Jurisdiction limitations 7. Educating the industry on handling e-crime incidents, minimize crime risk, resolve incidents in an effective manner

  14. The critical issues to be addressed (cont’d) • Addressing the need for higher sanctions on statutory offences • Resolving the lack of tracking capability (Stemming from lack of legislation) • Overhauling of the Criminal Procedures Act • Upgrading the limited expertise to deal with e-crime in both public and private sector • Keeping abreast with expanding technology • Establishing of “joint” training sessions with SAPS & CJS departments on e-crime matters 14. Improving co-operation between relevant role players (SAPS, ISPs, Tel & Cell-phone Companies)

  15. Criminal Operating Environment No global boundaries Real-time execution Knowledge & Skills Lack of knowledge & skills Lack of professional standards Crime Combating Cooperation No real co-operation & co-ordination Fragmented Intelligence Law Enforcement E-crime’s priority not high enough (Specific SAPS, NPA, Justice) Limited knowledge of e-crime importance/impact/intervention required Legislation Shortfalls Legal protection lacking & lagging International laws not in synch Business Risk At risk & vulnerable Countering e-crime technology expensive E-crime: as-is description Exposed Limited deterrent Lacking Insufficient Fragmented Business at Risk Key take-outs

  16. Criminal Operating Environment Penetrations traceable No tolerance towards criminals Knowledge & Skills Available knowledge & skills Applied professional standards Crime Combating Cooperation Effective co-operation & co-ordination Effective Intelligence network Effective PPP ties Law Enforcement Effective SAPS & Justice support The ability to combat e-crime should have higher priority Legislation Shortfalls Effective Legislation International laws in synch Business Risk Reduced business risk Capitalising on Economy of Scale opportunities to counter e-crime E-crime: to-be description Effective Law Enforcement Controlled & Policed Experts on Tap Effective Legislation United Front Reduced Business Risk

  17. Business Laws Policing Environ- ment Know- ledge Co- operation To-be As-is Business Prosperity Business At Risk Effective Policing Effective Legislation Insufficient Legislation Policing Shortfall Controlled Environment United Front Against E-Crime Expert Knowledge Available Hostile Environment Insufficient Knowledge Poor Cooperation Gaps between as-is and to-be

  18. Desired end-state A national expert core (real and/or virtual) e-crime combating coordinating centre (ec³) with an effective private and public network of partnerships, supporting its stakeholders in countering e-crime effectively and efficiently

  19. ADDRESSING THE PROBLEM

  20. The main purpose of the proposed strategy To establish a real-time e-crime combating centre, through private public partnerships to enable expertise information exchange between the partners, clients, law enforcers and e-crime experts, on a national and international level, to combat e-crime effectively and efficiently

  21. The main thrust of the proposed strategy • Real-time response • Support & enhance SAPS e-crime combating capability • Coordinating & support e-crime combating • Real-time e-crime attack notification & alerts • On-line e-crime Intelligence services • Expert guidance on tap • Joint e-crime training of associates • Setting of e-crime minimum industry norms • Lobby for effective legislation • Standards for e-crime professionals • Offer business economy-of-scale opportunities in combating e-crime attacks

  22. The key strategic issues that needs to be addressed Escalating Threat Knowledge Shortfall Inadequate Legislation Key take-outs

  23. The key strategic issues (cont) Long Way to Go Limited Coordination Escalating Risks

  24. if these are the key strategic issues, what are the likely key success factors in combating e-crime?

  25. The key success factors in combating e-crime Contained Threat Knowledge on Tap Effective Legislation

  26. The key success factors in combating e-crime (cont) Win - Win Intelligence Sharing Controlled Risk

  27. Crime Intelligence Minimum Security Requirements Crime Combating Strategies Industry Unity & Diligence • Crime scenarios • Criminal Intelligence • Crime combating network • Crime victimization risks • Security standards • Effective technology • Sufficient knowledge • Required skills • Effective regulations • Effective strategic alliances • Effective strategies • Timeous alerts • Shared synergistic strategies • Multi-level strategies • Minimum Industry Standards • Effective legislation • Effective Prosecuting Authority • Effective law enforcement • Effective crime containment • Affordable crime containment The Value Chain to combat e-crime

  28. Proposed strategic objectivesto combat e-crime

  29. Proposed Goals for the ec3 to Attend To

  30. Proposed Goals for the ec3 to Attend To (cont’d)

  31. PARTNERS & ASSOCIATES

  32. Typical networking partners & associates for an e-crime combating centre (ec³)

  33. Questions? Views on are we pointing in the right direction? WHO ELSE CAN / SHOULD CONTRIBUTE … AND IS WILLING TO JOIN FORCES? Contact: Jac Spies 011 847 3133 jacs@sabric.co.za

  34. Thank you for the opportunity to address such an influential and learned gathering on such an urgent matter

More Related