Cyber Crime & Investigation

Presented by:Arnel C. Reyes

IT Security Consultant

Fast Growth of Cyber Crime

Converged Telecom and Information TechnologiesFrequent Transnational CommunicationHighly Organized and Globalized Management of Crime RingsIneffective Investigation with Joint Effort of Multi-countries

Globalized Cyber Crime

Where is the swindler?

Cloud Computing = Network ComputingThrough Internet, computers can cooperate with each other, or services are available more far-reaching...

Globalized Cyber Crime

Source: http://www.darkgovernment.com/news/fbi-warning-cyber-threat-bigger-than-ever

Common Cyber Crime Features

Criminals

Internet

Technical Skills

Criminal Model

Emerging ICT Technologies

Internet as primary criminal tools, places, or targets

High technical skill at all online and network services

Predict and profile the characteristics of unknown criminal subjects or offenders

New Converged ICT Technologies

Investigation on Criminals

e-Positioning Tracking

Monitoring Lawful Intercept

Victim & Witness Interview Interrogation

Database Lookup Warrant & Confiscation

Traditional investigation on criminals is commonly applied in cyber crime events quite often.

How to Identify Criminal Hard to Conduct Analysis of Large Volume of Data

Hard to Track Transnational Communication

Hard to Maintain Integrity of Data

Difficulties of Investigation

Hard to Locate Network Route Hard to Identify Anonymity or Dummy Account

Different Investigation Processes

Process Flow for Cyber Investigation

Primary Data Sourcing

Primary Data Study &

Deeper Source Collection

Further Investigation

Suspects Arrest & Evidence Collection

Follow-up

Clues, informer, case claim, daily crime information collection and integration, sourcing

Study primary data, cross check databases in Police Department, Google on Internet and confirm crime type in order to prepare investigation

Phone record, lawful intercept, tracking, location positioning, knowledge of crime organization and members

Arrest all suspects, confiscate all evidences, check all computers, telephone record, booking record etc...

Follow-up investigation on related targets & evidence and hunting for clues from other members to combat all gangsters

e-Detective Tactical ServerBest Tactical Solution for:

Network Protocol Decoding and Content ReconstructionAuditing and Record Keeping with ISO 27001, SOX, HIPPA etc…Internet Surveillance/Monitoring & Network Behavior RecordingForensics Analysis and Cyber Investigation

Internet Surveillance and Forensics Analysis System

Lawful Interception Solution

Corporate Interception Solution

INTERNET

HTTPS MITM(ED2S)

Targeted Users HTTPS traffic needs tobe routed or redirected to this

MITM system.

GatewayRouter

L3 Core Switch

(Re-routing Function)

Web/Mail ServerHTTPS/SSL

1

2

Target Users

HTTPS/SSL Interception Solution

e-Detective is Easy to Operate

1. Just use IE Browser login system from local or remote2. Uses https protocol for security protection3. Multi password, user’s name and User’s Group for

system login control

e-Detective: Homepage

e-Detective: Email – POP3/SMTP/IMAP

e-Detective: Web Mail (Read)

e-Detective: Web Mail (Sent)

e-Detective: IM/Chat - Yahoo

e-Detective: File Transfer - FTP

e-Detective: File Transfer – P2P

e-Detective: HTTP – Link/Content

e-Detective: HTTP Upload/Download

e-Detective: HTTP Video Stream

e-Detective: Search – Condition/Parameter

e-Detective: Search – Association/Relation

External Storage (SAN/NAS/CD/DVD)for preserving digital assets &

for future recovery of DATA(Backup CD Reader SW is provided)

e-Detective: Backup Storage

Types Of Companies Need E-Detective Aside from Government

Companies that install E-Detective as a Deterrent, will inform their staffs that Internet activities are being fully monitored.

Financial, Banking and Investment Companies such as derivatives, futures, etc. All transactions to be monitored.

Companies like marketing, design house, high technologies, which critically need to prevent leakage of data. Staffs communicate with customers or vendors through web-based system need E-Detective to archive data.

Who Needs e-Detective?

Crackdown on Fraud Rings

Thailand

China

IndonesiaMalaysia

Philippines

Taiwan

Europe

Vietnam

US

Africa

DECISION GROUP INC.

E-DetectiveWireless-Detective

E-Detective Decoding Centre

Data Retention Management System

NIT (Network Investigation Toolkit)Network Packet Forensic Analysis Training

FIT (Forensics Investigation Toolkit)VoIP DetectiveHTTPS/SSL Interceptor

E-Detective LEMFCentralized Management System

Enterprise Data Guard System

National Security Surveillance TrainingCyber Crime Investigation Training

Network Forensics and Lawful Interception

Thank you!!!

I hope you find it informative…

Email Me @a.reyes@tasaheelglobal.com

Visit our website @www.tasaheelglobal.com