HUMBERSIDE POLICE PC ALISTAIR KENNEDY CYBERCRIME INVESTIGATION - - PowerPoint PPT Presentation

HUMBERSIDE POLICE

PC ALISTAIR KENNEDY CYBERCRIME INVESTIGATION TEAM PREVENT/PROTECT OFFICER

Ok what is Hacking? Simply it is the unauthorized access to a computer system or causing damage to that system.

Fraud v’s Hacking

Fraud is deceiving somebody for gain. This does not need to involve a computer. Hacker will use computers as a tool to commit fraud/theft or cause damage.

Types of Hackers

Black hat Hackers :- Criminal Hacker. White hat Hacker :- Ethical Hackers, Normally Pen Testers doing lawful hacking. Grey hat Hackers : - Hacker involved in political/or other causes. Not normally for personal gain. Often can illegally test systems.

How a hacker works.

• The Kill Chain……

Lockheed Martin’s cyber kill chain breaks down a cyberattack into 7 distinct steps: Reconnaissance :- Intruder picks a target, researches it, and looks for vulnerabilities. Weaponization :- Intruder develops malware designed to exploit the vulnerability. Delivery :- Intruder transmits the malware via a phishing email or another medium.

7 Steps continued

Exploitation :- The malware begins executing on the target system. Installation:- The malware installs a backdoor or other ingress accessible to the attacker Command and Control:- The intruder gains persistent access to the victim’s systems/network Actions on Objective:- Intruder initiates end goal actions, such as data theft, data corruption, or data destruction

Reconnaissance

Intruder picks a target, researches it, and looks for vulnerabilities.

Weaponization :-

Intruder develops malware designed to exploit the vulnerability.

Delivery :-

• Intruder transmits the malware via a phishing email or

another medium.

Exploitation :-

• The malware begins executing on the target system.

Installation:- The malware installs a backdoor or other ingress accessible to the attacker

Command and Control:-

• The intruder gains persistent access to the

victim’s systems/network.

Actions on Objective:-

Intruder initiates end goal actions, such as data theft, data corruption, or data destruction

How to Spot a Hacker?

NO

A Computer hacker can look like anybody

How do you protect against?

Well Simple Cyber security knowledge can help.

• Target Harden yourself.
• Lock down social Media to private.
• Install good internet security software.
• Have good internet habits with strong passwords.
• Be Phishing, Smishing and Vishing aware.

What Is the Dark Web?

• The Dark Web is a term that refers specifically to a collection of

websites that exist on an encrypted network and cannot be found by using traditional search engines or visited by using traditional browsers. The Dark Web is a place where criminals work.. DO WE NEED TO GO THERE?.......... NO! There are lawful uses of the darkweb but will never be required in this Country

Phishing

This is normally a Email from a known or unknown contact asking you to :- Open an attachment (contains Malware or Spyware) Click a link (to a malicious or fake website)

• The malicious website may download malware/spyware or may

prompt you to enter your credentials which are then ‘harvested’.

£££

Remote Access Data & Credentials

Have a nice day!

Smishing Scam

Smishing & Vishing

Anyone trust this?

NCSC successfully launched its suspicious email reporting service (SERS)

report@phishing.gov.uk

Send Suspicious Texts to ‘SPAM’ 7726

Anti Virus software

Anti virus tools are great but they need to be up to date. Most Operating systems have a level of security but this relies upon updates being installed..

Free WIFI? Use a VPN

Digital footprints

Already compromised?

Already compromised?

www.actionfraud.police.uk

www.cyberaware.gov.uk

www.takefive-stopfraud.org.uk

https://www.thinkuknow.co.uk/

PC Alistair Kennedy

CYBERCRIME INVESTIGATION TEAM HUMBERSIDE POLICE

Thank you

@HP_Cyber

SPOCCyberCrimeUnit@humberside.pnn.police.uk

Humberbeat Cyber Crime