Comments
Description
Transcript
West Midlands Regional Cyber Crime Unit
West Midlands Regional Cyber Crime Unit Detective Inspector Rob Harris Detective Sergeant Gary Sirrell [email protected] Twitter:- @WMROCU 1 Why are we here? • Police cannot tackle this alone • Working partnerships and collaborations • Industry & Academia has a key role • Difficult Landscape • Under Reporting • Confidence in Law Enforcement Local Policing Structures • 43 Separate Forces • Mainly Operating Independently • Range from 973 in Warwickshire up to 33,367 in London (Met Police) Regional and National Policing Structures • 10 Regional Organised Crime Units (ROCU’s) History of Hacking • 1820 - Factory workers sabotaging new loom technology • 1903 - Nevil Maskelyne hijacked Marconi’s demo of wireless broadcast • 1957 - Phone Phreaking discovered by 7 year old Joe Engressia Later using the name ‘Joybubbles’ discovered he could whistle at 2600Hz, ‘hacking’ the telephone system • Others began experimenting and John Draper discovered a plastic whistle given away in cereal boxes could also work History of Hacking • Draper started experimenting and began building electronic devices that became known as a ‘Blue Box’ • 2 friends with an interest in technology began developing and selling these • Steve Wozniak and Steve Jobs first business was selling devices to hack phone systems! History of Hacking • • • • • • • • • • 1969 - Internet created 1972 - A bank worker uses a computer to embezzle over $2million 1976 - Queen sends her first email 1978 - 1st Spam email 1981 - 1st conviction in USA for a ‘computer crime’. Ian Murphy hacked into AT&T’s systems and changed the system clock to get discounted rates 1984 - 1st organised hacking group formed, and ‘Hacker’ magazine launched 1986 - 1st Virus ‘Pakistan Brain’ begins infecting IBM computers 1989 - World Wide Web, Sir Tim Berners-Lee 1999 – 248,000,000 users Ability to commit crime on an industrial scale Types of Hackers • Hacktervism • Fame / Kudos (Experimenters & Gamers) • Financial (Theft, Fraud, Blackmail – DDOS ) • Business - IP & Competitive Advantage • State Policing the Digital World "There is no reason anyone would want a computer in their home." Ken Olsen, founder of Digital Equipment Corporation, 1977 • Began with Fraud Squads late 1980’s • Hi-Tech Crime Units grew through 1990’s • National Cyber Security Program 2008/09 • Expansion of roles (eForensic Officers, Digital Media Advisors, Data Recovery Officers, Mobile Phone Technicians) • Specialist Roles - Cyber Crime Units Investigation Technical Intelligence Protect The Cyber Crime ‘Protect’ Role, The 4P’s, and other useful facts… Detective Sgt Gary Sirrell [email protected] Twitter:- @WMROCU Cyber Crime Strategy – The Four P’s PROTECT – Ensure adequate protection against the threat. PREPARE – Reduce the impact where it does take place. PREVENT – Stop people from engaging in criminal activity. PURSUE – Identify, disrupt, and take action against those engaged in criminal activity. My role is predicated on the premise that 80% of all Cyber Crime is preventable by the implementation of basic advice and controls. What do I do… There is a ‘Protect’ Officer in every ROCU Policing area (10 in E&W), and together we form a nationwide ‘Protect Network’ to coordinate ‘Protect’, and elements of ‘Prevent’ and ‘Prepare’ activity. Work with Police Forces, Local Authorities, other agencies, Business etc to collate best practice around Cyber Crime prevention / source material already available, and share and signpost this to others within the Region, and if appropriate, Nationally. Assist in the training and up-skilling of Police officers, staff, and volunteers to ensure they are prepared to tackle all things ‘Cyber’. Work with schools to support lesson planning and activity around Cyber safety, Cyber bullying etc. Engage in all forms of activity to help educate the public around Cyber Safety. Work in partnership with businesses, business groups, and academia. Coordinate Media activity and education in the region around Cyber Crime prevention CISP Champion and promoter of Cyber Essentials One Stand of the ‘Protect’ work. Getting Police Officers to ‘think Cyber’. The ‘Crime scene’: It’s not just fingerprints, CCTV, and DNA any more… Why is this so important? Q to Bond in ‘Skyfall’… “I can do more damage on my laptop sitting in my pyjamas, before my first cup of Earl Grey than you can do in a year in the field…” *It is predicted that by 2020, 200 billion smart devices will exist in the world. *The UK is one of the most advanced digital economies in the world, with 12.5% of our economy online. This affords great opportunities but makes us vulnerable to Cyber attacks. *90% of large businesses, and 74% of SMEs reported a breach in the past year. The average cost of a severe breach for big firms is £1.5 million, and for SMEs it is over £300,000 (the ‘Talk Talk’ breach has cost in excess of £60 million to date). *Last Summer GCHQ reported twice as many incidents against networks of national significance, and the volume and sophistication of attacks is increasing. What support is out there to the public and for business? Resources – Get Safe Online Resources – Cyber Street Wise Resources – CESG – 10 Steps Resources – Cyber Essentials CiSP Cyber Information Sharing Partnership What is the Cyber-security Information Sharing Partnership (CiSP)? • CiSP is a joint industry and government scheme based in CERT-UK. CiSP is an online social networking tool and enables its members to exchange information on threats and vulnerabilities as they occur in real time. Reporting – Action Fraud What is Cyber Crime? • Number of offences ranging from specific computer crimes under the Computer Misuse Act, to traditional crimes like Fraud and Harassment • Cyber Enabled – traditional crime now being committed over the internet, or • Cyber Dependant – ‘New’ crimes that could only be committed with a computer Key Threats • Large scale harvesting of personal and business data to commit fraud offences against UK individuals and organisations • Targeted compromise of UK networked systems to modify, delete or steal data to gain competitive advantage, undermine user confidence, inflict reputational damage, or to gain control of infrastructure • Targeted disruption of access to UK networked systems and services • Increasing volume of cyber dependent criminality due to ‘traditional’ crime groups using ‘as-a-service’ options • Support services (cyber enablers) critical to cyber-dependant crime success extending the gap between law enforcement and criminal capacity and capability Policing the Internet Current Challenges • • • • • • • • • • • Digital Crime Scene New sources of evidence Digital threat and risk Limited Capabilities in Digital Forensics ACPO Guidelines & ISO standards Challenge of outdated laws and rules (grey areas) Internet of Things – explosion of devices Geographical Issues – Bulletproof Hosting Remote or Hidden Storage Cryto-Currencies Dark Web Current Work • DDOS • Botnets • Hactavists • Enablers • National support – NCA & International • Local Forces Support – Joint Visits • Prepare & Protect – SME Engagement • CTU Collaboration Case Studies Questions Detective Inspector Rob Harris Detective Sergeant Gary Sirrell