YOUR SPEAKER – • 2016 CHIEF SECURITY OFFICER – PRAETORIAN CONSULTING INTERNATIONAL (CYBER SECURITY AUTOMATION) • 2014 HEAD OF INFORMATION SECURITY – WORLDLINE (ATOS GROUP) (LEVEL ONE SERVICE PROVIDER) • 2014 CISO LEVEL SECURITY, RISK & COMPLIANCE CONSULTANCY ACROSS EUROPE – DVV SOLUTIONS • 2013 INFORMATION SECURITY & PCIDSS ASDA & GEORGE (LEVEL ONE MERCHANT) • 2011 -2013 INFORMATION SECURITY & PCIDSS MANCHESTER AIRPORTS GROUP (LEVEL THREE MERCHANT) • 2006-2011 INFORMATION SECURITY & PCIDSS HOMELOAN MANAGEMENT LIMITED (LEVEL ONE SERVICE PROVIDER) • 2006 ECOMMERCE SECURITY – THOMAS COOK SCHEDULED BUSINESS
SUMMARY – In 2015, 62 per cent of law firms reported they had suffered from a security incident, up from 45 per cent in 2014, • QUICK LOOK AT BUSINESS FRAUD ‘THE WHAT’ according to figures from accountants PwC. • WIRE TRANSFER Director of intelligence and investigations at the Solicitors • CONVEYANCING Regulation Authority (SRA), reveals cyber criminals have • QUICK LOOK AT WHAT ‘THE HOW’ caused substantial losses to 50 law firms this in 2015, ranging from £50,000 to £2 million, and a further 20 firms had fallen • MALWARE victim to e-mail redirection scams , involving very substantial • MONEY MULES amounts of money. • QUICK LOOK AT ‘ THE FIGHT BACK ’ • RIGHT PEOPLE Over the last couple of years, Action Fraud said there have been • RIGHT PROCESSES 91 reports of the crime, which amounts to more than £10million of losses. • ANY REASONABLE TECHNOLOGY
35 Quick look at business fraud
CLASSIC – THE CEO WIRE TRANSFER • NOT A NEW FRAUD, BUT IN THE NEWS • AS AN ATTACK, THE CEO EMAIL WIRE FRAUD ATTACK COULDN’T BE SIMPLER. THERE’S NO MALWARE TO WRITE AND NO MALICIOUS CODE OR LINKS TO IMPLANT. IT’S A TEXT ONLY EMAIL, PLAIN AND SIMPLE –BUT IT’S THE SOCIAL ENGINEERING THAT MAKES IT WORK.
THE RISING COST OF CEO WIREFRAUD • JAN 2016 – 54M USD • FEB 2016 – 70M EURO
THE INDUSTRY SPECIAL – CONVEYANCING • EXAMPLE 1 – TARGET THE SELLER • “HACKING INTO EMAIL ACCOUNTS AND IMPERSONATING THE OWNERS TO STEAL MONEY, INFORMATION OR BOTH IS A GROWING FORM OF CRIME THAT ALMOST COST THIS FAMILY THE ENTIRE PROCEEDS OF THEIR PROPERTY SALE.” • NICOLE BLACKMORE, DAILY TELEGRAPH
THE INDUSTRY SPECIAL – CONVEYANCING • FIRST EXAMPLE • FIRST EXAMPLE ISSUES • TAKEOVER THE SELLERS EMAIL ACCOUNT. • SELLER RESPONSIBLE FOR THEIR MAILBOX SECURITY • WAIT FOR BANK INSTRUCTIONS TO GO • BANK ONLY USES SORT CODES AND ACCOUNT NUMBERS TO SET UP FUNDS TO CONVEYANCINGFIRM • SEND NEW EMAIL SAYING THERE HAS TRANSFER BEEN A MISTAKE AND THAT THE PROCEEDS FROM THE SALE NEED TO GO • THERE IS A VERY SMALL WINDOW OF TIME TO FREEZE A BANKACCOUNTAND TO A DIFFERENT ACCOUNT RESTORE FUNDS ON DISCOVERING THIS TYPE OF ATTACK. (<72HRS)
THE INDUSTRY SPECIAL – CONVEYANCING • EXAMPLE 2 – TARGET THE BUYER • “SOLICITORS ARE CONTINUING TO EXPOSE HOME BUYERS AND SELLERS TO THE RISK OF A GROWING FORM OF FRAUD, EMAIL HACKING. THE PROCEEDS OF PROPERTY TRANSACTIONS ARE AT RISK, IN MANY CASES RUNNING TO HUNDREDS OF THOUSANDS OF POUNDS.” • NICOLE BLACKMORE, DAILY TELEGRAPH
THE INDUSTRY SPECIAL – CONVEYANCING • SECOND EXAMPLE • SECOND EXAMPLE ISSUES • SHORTLY BEFORE COMPLETION THEY RECEIVED AN • SOLICITORS REFUSED TO ADMIT EMAIL HAD BEEN HACKED AND DENIED ALL EMAIL FROM THE SOLICITORS SAYING THAT ITS LIABILITY FOR THE EMAIL FROM THEIR DOMAIN ASKING FOR THE CHANGE OF LLOYDS BANK ACCOUNT WAS BEING AUDITED, SO BANK DETAILS THE COUPLE NEEDED TO TRANSFER THEIR FUNDS TO THE FIRM’S NATWEST ACCOUNT. • EXTRA FEES INCURRED BY SELLERS TRYING TO GET FUNDS BACK • WANTING TO MAKE SURE THE REQUEST WAS GENUINE, MR JOHN DOE REPLIED ASKING FOR • WHERE INSURANCE PAYOUTS INCREASE, THEN SO DOES THE COST OF CONFIRMATION OF THEIR UNIQUE CLIENT ID PROFESSIONAL INDEMNITY – WHICH IN TURN COULD INCREASE THE COSTS OF NUMBER. HE RECEIVED A REPLY WITH THE CORRECT CONVEYANCING DETAILS AND SO, ON THE THURSDAY BEFORE COMPLETION, THE COUPLE WENT TO THEIR LOCAL BARCLAYS BANK AND TRANSFERRED £299,000 TO THE NATWEST ACCOUNT.
35 Quick look at ‘The How’
HOW – • A SPOKESPERSON FOR THE GOVERNMENT AGENCY, ACTION FRAUD, SAID: "THROUGH MALWARE OR THROUGH INSECURE NETWORKS THE FRAUDSTERS WILL BE ABLE TO VIEW A PERSON’S EMAIL EXCHANGES AND T HEIR ACTIVITY ONLINE, THIS WILL ALLOW THEM TO FIND OUT INFORMATION ABOUT PEOPLE, READ THEIR EMAILS AND ASCERTAIN THAT THEY ARE IN THE PROCESS OF BUYING A HOUSE."
COFFESHOP WIFI • Q: HOW DO PEOPLES PERSONAL EMAIL ACCOUNTS GET COMPROMISED ? • A: A CLASSIC WAY IS THROUGH INSECURE NETWORK CONNECTIONS, FOR EXAMPLE, FREE WIFI IN COFFEE SHOPS AND HOTELS
MALWARE BY EMAIL
MALWARE REMOTE ACCESS TROJAN
MONEY MULE –
35 ‘Fighting Back’
TELEGRAPH REPORTER’S ADVICE– • USE A STRONG PASSWORD FOR YOUR EMAIL ACCOUNT THAT IS DIFFERENT FROM YOUR OTHER ONLINE ACCOUNTS. CHANGE IT REGULARLY. • PROTECT YOUR DEVICES WITH SECURITY SOFTWARE AND REGULARLY INSTALL UPDATES. • CONSIDER USING ENCRYPTED EMAILS AND ASK YOUR CONVEYANCINGSOLICITOR TO DO THE SAME. • MAKE IT CLEAR TO YOUR SOLICITOR THAT YOU HAVE NO INTENTION OF CHANGING YOUR BANK ACCOUNT DETAILS. TELL THEM THAT ANY INSTRUCTIONS TO USE A DIFFERENT ACCOUNT – THEIRS OR YOURS – MUST BE GIVEN IN PERSON
PEOPLE AND PROCESSES • EDUCATED YOUR STAFF ON • PHISHING IN GENERAL • EMAIL FRAUD IN GENERAL • WIRE FRAUD AND CONVEYANCING SCAMS • HAVE EFFECTIVE INTERNAL PROCESSES THAT PREVENT • USING CHANGES SUBMITTED BY EMAIL THAT HAVE NOT BEEN VERIFIED BY CONTACTING THE PEOPLE INVOLVED • HAVE A TESTED “INCIDENT RESPONSE” PLAN FOR WHEN THINGS GO WRONG • KNOW WHO TO CONTACT INTERNALLY AND EXTERNALLY • BANKING TEAM, LAW ENFORCEMENT, ACTION FRAUD, PUBLIC RELATIONS, RISK DIRECTOR, INSURANCE COMPANY
TECHNOLOGY – THE BASICS • THE BASICS • ANTIVIRUS • ANTIMALWARE/SPYWARE • WEBPROXY • REMOVE LOCAL ADMIN ACCESS WHERE POSSIBLE • PATCH APPLICATIONS • PATCH OPERATING SYSTEM • NSA HACKER ADVICE • HTTPS://WWW.YOUTUBE.COM/WATCH?V=BDJB8WOJYDA
TECHNOLOGY – WHEN THINGS GO WRONG • HAVE A TESTED “INCIDENT RESPONSE” PLAN FOR WHEN THINGS GO WRONG • HTTPS://OTALLIANCE.ORG/SYSTEM/FILES/FILES/RESOURCE/DOCUMENTS/2016-OTA-BREACHGUIDE_UPDATE5-16.PDF • HTTPS://OTALLIANCE.ORG/SYSTEM/FILES/FILES/INITIATIVE/DOCUMENTS/OTA-2014-EMAILINTEGRITYAUDIT.PDF
TECHNOLOGY – THE STANDARDS • AUSDSDTOP 35 & CPNI TOP20 • HTTP://WWW.ASD.GOV.AU/INFOSEC/MITIGATIONSTRATEGIES.HTM • HTTPS://WWW.CPNI.GOV.UK/ADVICE/CYBER/CRITICAL-CONTROLS/
WEB REFS – • HTTP://WWW.RAWSTORY.COM/2016/06/THIS-IS-HOW-HACKERS-CAN-STEAL-MILLIONS-FROM-YOUR-COMPANY-WITH-JUST-ONE-EMAIL/ • HTTP://WWW.TELEGRAPH.CO.UK/FINANCE/PERSONALFINANCE/BORROWING/MORTGAGES/11605010/FRAUDSTERS-HACKED-EMAILS-TO-MY-SOLICITOR-AND-STOLE-340000-FROM-MY-PROPERTY-SALE.HTML • HTTP://WWW.TELEGRAPH.CO.UK/FINANCE/PERSONALFINANCE/BORROWING/MORTGAGES/11632304/EMAIL-HACKING-ANOTHER-HOME-SELLER-ROBBED-OF-270000.HTML • HTTP://WWW.TELEGRAPH.CO.UK/FINANCE/PERSONALFINANCE/BORROWING/MORTGAGES/11715616/OUR-300000-HOUSE-BUYING-MONEY-WAS-STOLEN.HTML • HTTP://WWW.EXPRESS.CO.UK/FINANCE/PERSONALFINANCE/632064/HOMEBUYERS-WARNED-OF-NEW-DEPOSIT-SCAM-AFTER-DEVASTATED-COUPLE-LOSE-45000 • HTTP://WWW.LANCASHIRETELEGRAPH.CO.UK/NEWS/14565802.JAIL_THREAT_TO_MAN_WHO_LAUNDERED_ALMOST___100K_INTO_BANK_ACCOUNT_IN_NATIONAL_SCAM/?REF=MR&LP=3 • HTTP://WWW.PROPERTYINDUSTRYEYE.COM/WARNING-NEW-CASES-COME-TO-LIGHT-ABOUT-EMAIL-HACKING-PROPERTY-SCAM/ • HTTP://WWW.THETIMES.CO.UK/TTO/NEWS/UK/CRIME/ARTICLE4521334.ECE • HTTP://WWW.PCWORLD.COM/ARTICLE/3025391/AIRCRAFT-PART-MANUFACTURER-SAYS-CYBERCRIME-INCIDENT-COST-IT-54-MILLION.HTML • HTTPS://WWW.BRUSSELSTIMES.COM/BELGIUM/4944/BELGIAN-BANK-CRELAN-HIT-BY-A-70-MILLION-EUR-FRAUD • HTTP://LIFEHACKER.COM/5853483/A-GUIDE-TO-SNIFFING-OUT-PASSWORDS-AND-COOKIES-AND-HOW-TO-PROTECT-YOURSELF-AGAINST-IT • HTTP://CODEBUTLER.COM/FIRESHEEP/ • HTTP://WWW.GLOCALVANTAGE.COM/PREVENT-REMOTE-ACCESS-TROJAN/ • HTTPS://WWW.PROOFPOINT.COM/US/IMPOSTOR-EMAIL-THREATS-INFOGRAPHIC • HTTPS://WWW.IAD.GOV/IAD/CUSTOMCF/OPENATTACHMENT.CFM?FILEPATH=/IAD/LIBRARY/IA-GUIDANCE/ASSETS/PUBLIC/UPLOAD/TOP-10-IAD-MITIGATION-STRATEGIES- 2015.PDF&WPKES=AF6WOL7FQP3DJIXDXWFBTC2AV9XHQLYTZ6CUUG
Time is precious, thank you for yours https://uk.linkedin.com/in/jmck4cybersecurity @CisoAdvisor
Recommend
More recommend
