Cyber Crime & OSINT Will your business be victorious or a - - PDF document

cyber crime osint
SMART_READER_LITE
LIVE PREVIEW

Cyber Crime & OSINT Will your business be victorious or a - - PDF document

Apr 11, 2024 154 likes •678 views

Cyber Crime & OSINT Will your business be victorious or a victim? Dr Stephen Hill drshill@gmx.co.uk We believe that data is the phenomenon of our time. It is the worlds new natural resource. It is the new basis of competitive advantage,

slide-1
SLIDE 1

1

Dr Stephen Hill

drshill@gmx.co.uk

Cyber Crime & OSINT

Will your business be victorious

  • r a victim?

We believe that data is the phenomenon of our

  • time. It is the world’s new natural resource. It is the

new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true – even inevitable – then cyber crime, by definition, is the greatest threat to every profession, every industry, every company in the world. Ginni Rometty IBM Corp.’s Chairman, President & CEO

slide-2
SLIDE 2

2

Who Would Attack You & Why?

▪ Cyber Criminal – attack organisations and steal information such as credit

cards and bank details for financial gain

▪ Hackers – attack IT systems and online services for financial gain or to

break the security on a website (‘hacktivists’ for example)

▪ Insiders – disgruntled or dishonest staff who steal or destroy to cause

embarrassment, disruption or financial gain by selling data for personal profit

▪ State Sponsored – attacks on business or government organisations to

gain information on bids or planned acquisitions for commercial advantage or financial/political gain…

Cyber Dependent Crime Cyber Enabled Crime

What is Cybercrime?

Home Office and National Cyber Crime Unit

slide-3
SLIDE 3

3

Cyber dependent crimes are offences that can only be committed using a computer, computer networks or other form of information communication technology

These acts include: ▪ Malware/spyware ▪ Hacking ▪ Viruses ▪ Distributed Denial of Service attacks (DDoS)

Cyber dependent crimes are primarily acts directed against computers or network resources…

Cyber Dependent Crime

Denial of Service attacks

Cyber Dependent Crime

slide-4
SLIDE 4

4

Cyber enabled crimes are traditional crimes that are increased in scale

  • r reach by the use of computers, computer networks or other

information communication technology Cyber enabled crimes include : ▪ Grooming ▪ Theft ▪ Fraud ▪ Hate crime Cyber enabled crimes can be committed both on and offline…

Cyber Enabled Crime

CEO/Mandate Fraud

Cyber Enabled Crime

slide-5
SLIDE 5

5

Title of presentation 10

https://www.fireeye.com/cyber-map/threat- map.html

slide-6
SLIDE 6

6 End user didn’t think before clicking Weak password/default password in use Insecure configuration Use of legacy or un-patched hardware or software Lack of basic network security protection/segmentation…

1 2 3 4 5

5 Reasons Why Attacks Are Possible Tools & Techniques for Cyber Attack

Techniques

Social Media Exploitation Phishing DDOS Attack, Hacking Insider Threats Malicious Software

Source: ICAEW

slide-7
SLIDE 7

7

Ransomware

▪ Ransomware stops you from using your PC ▪ There are different types of ransomware ▪ It effectively holds your PC or files for "ransom“ typically until a payment is made ▪ Ransomware can: ▪ Prevent you from accessing your operating system ▪ Encrypt files so you can't use them ▪ Stop certain apps from running (like your web browser)…

Ransomware Attacks

slide-8
SLIDE 8

8

Ransomware

▪ No guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again! ▪ So - Protect yourself from ransomware ▪ Use reputable antivirus software and a firewall ▪ Exercise caution ▪ Back up often ▪ Enable your popup blocker ▪ Disconnect from the Internet (if under attack) ▪ Report it to the police…

Phishing Attacks

slide-9
SLIDE 9

9

The Web Explained

slide-10
SLIDE 10

10

Dark Net

Website (surface)

From the address we can derive:

The domain name (and associated registration details)

The IP address (and thus the physical location and registered owner)

Darknet hosted website

From the address we can derive nothing:

No physical location

No owner details NB: A darknet allows the hosting of content or services in a way that makes it difficult to identify who is running a server and where it is thus making it a challenge to take any lawful action against…

Surface vs Dark

slide-11
SLIDE 11

11

Darknet Markets

A darknet market or cryptomarket is a commercial website

  • n the dark web that
  • perates via darknets

such as Tor or I2P

Dark Market – price guide

slide-12
SLIDE 12

12 Security experts say health data is showing up in the black market more and more While prices vary, this data is more expensive than stolen credit card numbers

slide-13
SLIDE 13

13

The Hidden Wiki

The hidden wiki is a Wikipedia for the Darknet

slide-14
SLIDE 14

14

The Hidden Wiki The Hidden Wiki

slide-15
SLIDE 15

15

Website Examples

slide-16
SLIDE 16

16

slide-17
SLIDE 17

17

Dark Market Search Engine

slide-18
SLIDE 18

18

Hidden Services

slide-19
SLIDE 19

19

Surface Web

Open Source Intelligence (OSINT) Intelligence from publicly available sources –

  • pen refers to ‘overt’

Open-Source Intelligence (OSINT) refers to “a broad array of information and sources that are generally available, including information obtained from the media (newspapers, radio, television, etc.), professional and academic records (papers, conferences, professional associations, etc.), and public data (government reports, demographics, hearings, speeches, etc.)”

slide-20
SLIDE 20

20

https://www.google.com.au

Google – Index Search

https://www.google.co.nz

Google – Index Search

slide-21
SLIDE 21

21

Google – Index Search (Regional)

https://www.google.co.uk

‘Bubbling & Tracking’

slide-22
SLIDE 22

22

Google – Time Filter Google – Time Filter

slide-23
SLIDE 23

23

Google – Cache Google – Cache

http://webcache.googleusercontent.com/search?q=cache:efj0Wj8fzxUJ:dfk.com/+ &cd=1&hl=en&ct=clnk&gl=au

slide-24
SLIDE 24

24

Google Image Search Google Image Search

slide-25
SLIDE 25

25

Google Image Search Google Image Search – Face Filter

slide-26
SLIDE 26

26

Google Image Search Google Image Search

slide-27
SLIDE 27

27

Bing

https://www.bing.com

slide-28
SLIDE 28

28 https://startpage.com

StartPage

slide-29
SLIDE 29

29

slide-30
SLIDE 30

30

DuckDuckGo

http://duckduckgo.com

slide-31
SLIDE 31

31

DuckDuckGo Bangs

https://duckduckgo.com/bang

slide-32
SLIDE 32

32

Semantic Search

www.cluuz.com

slide-33
SLIDE 33

33

Semantic Search Semantic Search

www.cluuz.com/

slide-34
SLIDE 34

34

slide-35
SLIDE 35

35

slide-36
SLIDE 36

36

Classifieds - A Criminal Hotspot?

slide-37
SLIDE 37

37

slide-38
SLIDE 38

38

Paste Sites – What Could You Find?

▪ Paste sites are websites allowing users to upload text for public viewing. ▪ Originally designed for software developers who needed a place to store

large amounts of text

▪ Links would be created to the text and the user could share the link with

  • ther programmers to review the code.

▪ Many hacking groups use this area of the Internet to store compromised

data.

▪ Most popular site – ‘Pastebin’

Searching Paste Sites

slide-39
SLIDE 39

39

Searching Paste Sites

http://pastebin.com/dJ8BZS9T

Finding Archived Web Pages

https://archive.org/web

slide-40
SLIDE 40

40

Internet Archive

http://archive.org/web

slide-41
SLIDE 41

41

Tools for Social Media Intelligence

slide-42
SLIDE 42

42

People Search

https://pipl.com

slide-43
SLIDE 43

43 https://app.echosec.net

Geo-Location Search

slide-44
SLIDE 44

44

slide-45
SLIDE 45

45

Hiding Your Identity Online

Disguising your ID

▪ Every time you surf the Internet, your IP address

is publicly visible to everyone on target network resources

▪ It is important therefore not to leave a digital

footprint...

slide-46
SLIDE 46

46

Disguising Your Online ID

Proxy and VPN services re-route your internet traffic and change your IP

A Proxy is like a web filter ▪ Proxy will only secure traffic via the internet browser using the proxy server settings A VPN encrypts all of your traffic ▪ VPN’s replace your ISP and route all traffic through the VPN server, including all programs and applications...

TOR

https://www.torproject.org

slide-47
SLIDE 47

47

TOR

“Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: It prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol”.

So – to wrap up on security

▪ Install firewalls onto your IT systems to prevent outside

parties from gaining access to information

▪ Keep anti-virus and anti-spyware software up-to-date and

download the latest security updates

▪ Use encryption to protect information contained in emails or

stored on laptops or other portable devices such as memory sticks or PDAs

▪ Destroy old computers, backup tapes memory sticks etc using

a specialist 'shredding' application or seek the services of a reputable third party contractor

▪ Clear out temporary Internet files, cache and history files (also

monitor third party cookies)...

slide-48
SLIDE 48

48

How Transparent are You?

https://panopticlick.eff.org

Email Exposed?

https://breachalarm.com

slide-49
SLIDE 49

49

LastPass Guidance

https://www.getsafeonline.org

Get Safe Online

slide-50
SLIDE 50

50

“Half of all UK adults now access the Internet on their mobile phone”

Source: OFCOM

slide-51
SLIDE 51

51

Computer Security Rules! 1st Rule of Computer Security Don’t buy a computer! 2nd Rule of Computer Security If you do don’t turn it on!

Dark Avenger – legendary virus writer

Dr Stephen Hill

drshill@gmx.co.uk

Cyber Crime & OSINT

Will your business be victorious

  • r a victim?