cyber crime osint
play

Cyber Crime & OSINT Will your business be victorious or a - PDF document

Apr 11, 2024 •154 likes •676 views

Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill drshill@gmx.co.uk We believe that data is the phenomenon of our time. It is the worlds new natural resource. It is the new basis of competitive advantage,

  1. Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill drshill@gmx.co.uk We believe that data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true – even inevitable – then cyber crime, by definition, is the greatest threat to every profession, every industry, every company in the world. Ginni Rometty IBM Corp. ’s Chairman, President & CEO 1

  2. Who Would Attack You & Why? ▪ Cyber Criminal – attack organisations and steal information such as credit cards and bank details for financial gain ▪ Hackers – attack IT systems and online services for financial gain or to break the security on a website (‘hacktivists’ for example) ▪ Insiders – disgruntled or dishonest staff who steal or destroy to cause embarrassment, disruption or financial gain by selling data for personal profit ▪ State Sponsored – attacks on business or government organisations to gain information on bids or planned acquisitions for commercial advantage or financial/political gain … What is Cybercrime? Cyber Dependent Crime Cyber Enabled Crime Home Office and National Cyber Crime Unit 2

  3. Cyber Dependent Crime Cyber dependent crimes are offences that can only be committed using a computer, computer networks or other form of information communication technology These acts include: ▪ Malware/spyware ▪ Hacking ▪ Viruses ▪ Distributed Denial of Service attacks (DDoS) Cyber dependent crimes are primarily acts directed against computers or network resources… Cyber Dependent Crime Denial of Service attacks 3

  4. Cyber Enabled Crime Cyber enabled crimes are traditional crimes that are increased in scale or reach by the use of computers, computer networks or other information communication technology Cyber enabled crimes include : ▪ Grooming ▪ Theft ▪ Fraud ▪ Hate crime Cyber enabled crimes can be committed both on and offline… Cyber Enabled Crime CEO/Mandate Fraud 4

  5. 10 Title of presentation https://www.fireeye.com/cyber-map/threat- map.html 5

  6. 5 Reasons Why Attacks Are Possible 1 End user didn’t think before clicking 2 Weak password/default password in use 3 Insecure configuration 4 Use of legacy or un-patched hardware or software 5 Lack of basic network security protection/segmentation… Tools & Techniques for Cyber Attack Social Media Exploitation Phishing DDOS Attack, Hacking Insider Threats Techniques Malicious Software Source: ICAEW 6

  7. Ransomware ▪ Ransomware stops you from using your PC ▪ There are different types of ransomware ▪ It effectively holds your PC or files for "ransom“ typically until a payment is made ▪ Ransomware can: ▪ Prevent you from accessing your operating system ▪ Encrypt files so you can't use them ▪ Stop certain apps from running (like your web browser) … Ransomware Attacks 7

  8. Ransomware ▪ No guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again! ▪ So - Protect yourself from ransomware ▪ Use reputable antivirus software and a firewall ▪ Exercise caution ▪ Back up often ▪ Enable your popup blocker ▪ Disconnect from the Internet (if under attack) ▪ Report it to the police … Phishing Attacks 8

  9. The Web Explained 9

  10. Dark Net Surface vs Dark Website (surface) From the address we can derive: ▪ The domain name (and associated registration details) ▪ ▪ The IP address (and thus the physical location and registered owner) Darknet hosted website From the address we can derive nothing: ▪ ▪ No physical location No owner details ▪ NB: A darknet allows the hosting of content or services in a way that makes it difficult to identify who is running a server and where it is thus making it a challenge to take any lawful action against … 10

  11. Darknet Markets A darknet market or cryptomarket is a commercial website on the dark web that operates via darknets such as Tor or I2P Dark Market – price guide 11

  12. Security experts say health data is showing up in the black market more and more While prices vary, this data is more expensive than stolen credit card numbers 12

  13. The Hidden Wiki The hidden wiki is a Wikipedia for the Darknet 13

  14. The Hidden Wiki The Hidden Wiki 14

  15. Website Examples 15

  16. 16

  17. Dark Market Search Engine 17

  18. Hidden Services 18

  19. Surface Web Open Source Intelligence (OSINT) Intelligence from publicly available sources – open refers to ‘overt’ Open-Source Intelligence (OSINT) refers to “a broad array of information and sources that are generally available, including information obtained from the media (newspapers, radio, television, etc.), professional and academic records (papers, conferences, professional associations, etc.), and public data (government reports, demographics, hearings, speeches, etc. )” 19

  20. Google – Index Search https://www.google.com.au Google – Index Search https://www.google.co.nz 20

  21. Google – Index Search (Regional) https://www.google.co.uk ‘Bubbling & Tracking’ 21

  22. Google – Time Filter Google – Time Filter 22

  23. Google – Cache Google – Cache http://webcache.googleusercontent.com/search?q=cache:efj0Wj8fzxUJ:dfk.com/+ &cd=1&hl=en&ct=clnk&gl=au 23

  24. Google Image Search Google Image Search 24

  25. Google Image Search Google Image Search – Face Filter 25

  26. Google Image Search Google Image Search 26

  27. Bing https://www.bing.com 27

  28. StartPage https://startpage.com 28

  29. 29

  30. DuckDuckGo http://duckduckgo.com 30

  31. DuckDuckGo Bangs https://duckduckgo.com/bang 31

  32. Semantic Search www.cluuz.com 32

  33. Semantic Search Semantic Search www.cluuz.com/ 33

  34. 34

  35. 35

  36. Classifieds - A Criminal Hotspot? 36

  37. 37

  38. Paste Sites – What Could You Find? ▪ Paste sites are websites allowing users to upload text for public viewing. ▪ Originally designed for software developers who needed a place to store large amounts of text ▪ Links would be created to the text and the user could share the link with other programmers to review the code. ▪ Many hacking groups use this area of the Internet to store compromised data. ▪ Most popular site – ‘Pastebin’ Searching Paste Sites 38

  39. Searching Paste Sites http://pastebin.com/dJ8BZS9T Finding Archived Web Pages https://archive.org/web 39

  40. Internet Archive http://archive.org/web 40

  41. Tools for Social Media Intelligence 41

  42. People Search https://pipl.com 42

  43. Geo-Location Search https://app.echosec.net 43

  44. 44

  45. Hiding Your Identity Online Disguising your ID ▪ Every time you surf the Internet, your IP address is publicly visible to everyone on target network resources ▪ It is important therefore not to leave a digital footprint... 45

  46. Disguising Your Online ID Proxy and VPN services re-route your internet traffic and change your IP A Proxy is like a web filter ▪ Proxy will only secure traffic via the internet browser using the proxy server settings A VPN encrypts all of your traffic ▪ VPN’s replace your ISP and route all traffic through the VPN server, including all programs and applications... TOR https://www.torproject.org 46

  47. TOR “Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: It prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol” . So – to wrap up on security ▪ Install firewalls onto your IT systems to prevent outside parties from gaining access to information ▪ Keep anti-virus and anti-spyware software up-to-date and download the latest security updates ▪ Use encryption to protect information contained in emails or stored on laptops or other portable devices such as memory sticks or PDAs ▪ Destroy old computers, backup tapes memory sticks etc using a specialist 'shredding' application or seek the services of a reputable third party contractor ▪ Clear out temporary Internet files, cache and history files (also monitor third party cookies)... 47

  48. How Transparent are You? https://panopticlick.eff.org Email Exposed? https://breachalarm.com 48

  49. LastPass Guidance Get Safe Online https://www.getsafeonline.org 49

  50. “Half of all UK adults now access the Internet on their mobile phone” Source: OFCOM 50

  51. Computer Security Rules! 1st Rule of Computer Security Don’t buy a computer! 2nd Rule of Computer Security If you do don’t turn it on! Dark Avenger – legendary virus writer Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill drshill@gmx.co.uk 51

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
International Cyber Crime Logan Hendershot Outline CSI International Cyber Crime

International Cyber Crime Logan Hendershot Outline CSI International Cyber Crime

International Cyber Crime Logan Hendershot Outline CSI International Cyber Crime Challenges of Cyber Crime International Aspects Conclusion/My Opinion Cyber Crime Example Reported Directly to FBI Challenges of Cyber Crime

372 views • 10 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
Cyber Crime Candice Sutherland (Lady_Liabs) WHAT IS CYBER CRIME Any criminal activity that

Cyber Crime Candice Sutherland (Lady_Liabs) WHAT IS CYBER CRIME Any criminal activity that

Cyber Crime Candice Sutherland (Lady_Liabs) WHAT IS CYBER CRIME Any criminal activity that involves a computer or the Internet NORTON Advancements in the healthcare industry, many of which are driven by technology, have resulted in

405 views • 12 slides
Cyber Crime & IT Fraud Could your organisation survive if it lost $20,000? $50,000? Or $1

Cyber Crime & IT Fraud Could your organisation survive if it lost $20,000? $50,000? Or $1

Speaker: Stuart Hutcheon (Partner - StewartBrown) Cyber Crime & IT Fraud Could your organisation survive if it lost $20,000? $50,000? Or $1 million overnight? Overview History Categories of Cyber Crime Contents and Outline

320 views • 19 slides
OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL

OSINT OPEN-SOURCE INTELLIGENCE OSINT Offensive OSINT * 1 Whoami Adam Nurudini CEH, ITIL V3, CCNA, CCNP, CASP, PCI-DSS, BSC-IT Lead Security Researcher @ Netwatch Technologies Project Consultant, Information Security Architects Ltd

454 views • 17 slides
Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer

Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer

Protecting your business from Cyber Crime Presented by Jennie Williams Cyber Protect Officer Jennie.williams_cyber@titan.pnn.police.uk www.titanrocu.org.uk TITAN-ROCU @titanrocu TITAN-ROCU Cyber Dependant Crime (Pure Cyber Crime) Cyber

749 views • 15 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of

Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of

Think Like a Hacker: Learn How to Use OSINT to Defend Your Organization Rosa L. Smothers SVP of Cyber Operations KnowBe4, Inc. The worlds most popular integrated Security Awareness Training and Simulated Phishing platform Based

296 views • 25 slides
Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and

Fighting Cyber Crime Introduction Regional Cyber Protect Officer for SEROCU To engage with, and develop relationships with companies and organisations within the region to promote cyber security and the role of the SEROCU CCU. The Regional

217 views • 18 slides
Scams, Fraud and Cyber Crime PC Tom Lee See here the Take five to stop fraud video: YouTube More

Scams, Fraud and Cyber Crime PC Tom Lee See here the Take five to stop fraud video: YouTube More

Scams, Fraud and Cyber Crime PC Tom Lee See here the Take five to stop fraud video: YouTube More information on the Take five website. 1.0 million 3.4 million Cyber crime and Fraud 4.4 million All other crime 6.2 million 0 1000 2000

672 views • 53 slides
Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime

Cyber Security: The Current Threat T/Detective Chief Inspector Paul Peters Regional Cyber Crime Unit RCCU-Tarian@south-wales.pnn.police.uk The criminal landscape is changing OFFICIAL Why worry about Cybercrime? Reduce Threat

330 views • 30 slides
Cyber Crime & Fraud What does it mean to you? Tom Lyes | Key Relationship Manager The

Cyber Crime & Fraud What does it mean to you? Tom Lyes | Key Relationship Manager The

Cyber Crime & Fraud What does it mean to you? Tom Lyes | Key Relationship Manager The Practical Vision Network Who we are Lawyer Checker Launched in 2013 223bn in property transactions exchanged every year Growing product portfolio

254 views • 21 slides
Cyber Crime Cyber bullying Social Media misuse Every Teacher and Student had this input

Cyber Crime Cyber bullying Social Media misuse Every Teacher and Student had this input

Cyber Crime Cyber bullying Social Media misuse Every Teacher and Student had this input 125 to 150 students at a time 2 Hour tutor input before presentation Whos on the other end Wheres Klaus Tutor time slide 1 to 15 You are

1.79k views • 46 slides
Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December

Italys Surveillance Toolbox Riccardo Coluccini @ORARiccardo 34C3 27th-30th December 2017 OSINT OSINT Google Search VAT numbers OSINT Payments by Ministry of Interior due to transparency law n33/2013 OSINT Google

399 views • 36 slides
This presentation has been created by the Center for Cyber Safety and Education with the help of

This presentation has been created by the Center for Cyber Safety and Education with the help of

This presentation has been created by the Center for Cyber Safety and Education with the help of the worlds leading cybersecurity professionals: the certified global members of (ISC) 2 . Expectations Awareness About You Do you mostly ...

353 views • 31 slides
05/20/20 Webinar Resources and Additional information NC DPS Emergerncy Management Cyber Unit

05/20/20 Webinar Resources and Additional information NC DPS Emergerncy Management Cyber Unit

NC State Office of the Controller 05/20/20 Webinar Resources and Additional information NC DPS Emergerncy Management Cyber Unit North Carolinas Fusion Center (NC ISAAC) NC Department of Information Technology How To Report Major Ongoing

397 views • 37 slides
Ayr State High School BYOx 2015 Parent Presentation Session Aims Explain the benefits of

Ayr State High School BYOx 2015 Parent Presentation Session Aims Explain the benefits of

Ayr State High School BYOx 2015 Parent Presentation Session Aims Explain the benefits of BYOx Outline the operation of the BYOx program at Ayr SHS Explain the use of vendor portals Outline the location of additional information

928 views • 36 slides
Cyber and Fraud Prevention is better than cure Kent County Council Schools Finance Information

Cyber and Fraud Prevention is better than cure Kent County Council Schools Finance Information

Cyber and Fraud Prevention is better than cure Kent County Council Schools Finance Information Group Gill Pegrum October 2018 This presentation aims to assist to minimise the impact of fraud on your business. However, relying on the

664 views • 31 slides
Complete Document Solu lutions CDS Work rks For You. Com omplete plete Do Docum ument ent

Complete Document Solu lutions CDS Work rks For You. Com omplete plete Do Docum ument ent

Complete Document Solu lutions CDS Work rks For You. Com omplete plete Do Docum ument ent Sol olution utions For over 20 years and across eight offices, Complete Document Solutions has helped thousands of companies with a wide range of

211 views • 17 slides
Introducing the Samsung Chromebook. A Chromebook is a laptop that runs a web browser. With a

Introducing the Samsung Chromebook. A Chromebook is a laptop that runs a web browser. With a

Introducing the Samsung Chromebook. A Chromebook is a laptop that runs a web browser. With a Chromebook, the computer is a web browser, and thats where you run your applications (apps). Applications and files are stored in the cloud

425 views • 9 slides
Recent Breaches: California Dept. Newman Marcus Of Child Support Services Target Michaels

Recent Breaches: California Dept. Newman Marcus Of Child Support Services Target Michaels

Recent Breaches: California Dept. Newman Marcus Of Child Support Services Target Michaels Federal Reserve University of Nebraska Living Social Evernote Facebook Global Payments Company Citi of Texas Adobe IRS JP Morgan Chase in NY

215 views • 19 slides
PRO T EC T I NG YO UR BUSI NESS D AT A T Y T O K EEP Y O UR B USINESS U P AND RANSFER AND O T

PRO T EC T I NG YO UR BUSI NESS D AT A T Y T O K EEP Y O UR B USINESS U P AND RANSFER AND O T

PRO T EC T I NG YO UR BUSI NESS D AT A T Y T O K EEP Y O UR B USINESS U P AND RANSFER AND O T HER SEC URIT IPS T R UNNING WHO I S T I M BURNET T ? WHO I S T I M BURNET T ? I AM A G EEK I HAVE BEEN PRO G RAMMING FO R O VER

470 views • 21 slides

More recommend