Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
Cyber security and CybercrimeBackground & Global outlook
Jan KERKHOFS
Council of Europe ExpertFederal Magistrate, Federal Prosecutor’s Office, Belgium
Addis Ababa, Ethiopia, 11-12 April 2018
GLACY+Global Action on Cybercrime ExtendedAction globale sur la cybercriminalité elargie
www.coe.int/cybercrime - 1 -
African Union Commission – Council of Europe Joint Programme”Cyber Security and Cybercrime Policies for African Diplomats”
Cyber Security and cybercrime:hand in hand
www.coe.int/cybercrime - 2 -
Cyber Security and cybercrime:what is it?
www.coe.int/cybercrime - 3 -
Cyber Security• Cyber security refers to
the technologies andprocesses designed toprotect computers,networks and data fromunauthorized access,vulnerabilities andattacks delivered via theInternet by (cyber)criminals
Cybercrime• Criminal activities
carried out by means ofcomputers or theInternet (Oxford Dictionary)
• Computer crime, ICTcrime, high tech crime,computer/ICT/high techenabled crime, …
Cyber security and Cybercrime
- 4 -
What is at stake? - Criticalinfrastructures
www.coe.int/cybercrime - 5 -
• 3500 BC: the abacus
• 1820: the first cybercrime!
• 1978: first spam-mail via Arpanet
• 1982: the first virus installed on an Apple
A brief history
www.coe.int/cybercrime - 6 -
• 1969 – ARPANET– Militaire Advanced Research Projects Agency
(ARPA) – cold war– Dynamic Rerouting
• The first step in cyberspace:– “That's one small step for a man, one giant leap
for crime.“• Build so it can not be blocked or seized
A brief history
www.coe.int/cybercrime - 7 -
A brief history
www.coe.int/cybercrime - 8 -
ARPANET anno 1974
How the internet works:dynamic rerouting
www.coe.int/cybercrime - 9 -
AZ
AZ
How the internet works:dynamic rerouting
www.coe.int/cybercrime - 10 -
AZ -> A en Z
A en Z ->AZ
www.coe.int/cybercrime
Information Society
http://blog.oxforddictionaries.com/2015/03/cyborgs-cyberspace-csi-cyber/, 27/11/2016 - 12 -
• A part of the daily life of the citizens• workplace,• home• most of the leisure moments
• There is no physical distances between people indifferent places in the world
• Political frontiers are indifferent to the cyber world
www.coe.int/cybercrime
Information Society
http://blog.oxforddictionaries.com/2015/03/cyborgs-cyberspace-csi-cyber/, 27/11/2016 - 13 -
• Information is open and available to everybody
• No States sovereignty
• Cyberspace is independent, anarchic andungovernable
• It is everywhere and it is nowhere
• Any person can express himself
Internet of things (IoT)
www.coe.int/cybercrime - 14 -
• Around 40% of the worldpopulation has an internetconnection today. In 1995, itwas less than 1%.
www.coe.int/cybercrime
Internet Users
http://www.internetlivestats.com/internet-users/, 27/11/2016 - 15-
• The number ofInternet usershas increasedtenfold from1999 to 2013.
• The first billionwas reached in2005. Thesecond billionin 2010. Thethird billion in2014.
11 April 2018, 5:04 pm
Global digital snapshot
https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 16-
Annual growth
https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 17 -
Quarterly growth
https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 18 -
Internet Use: Regional overview
https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 19 -
Time spent on the Internet
https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 20 -
Social Media use
https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 21 -
Social Media regional overview
https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 22 -
Active Users by Platform
https://www.slideshare.net/wearesocialsg/global-digital-statshot-q3-2017 - 23 -
Time spent on Social Media
https://www.slideshare.net/wearesocialsg/digital-in-2017-global-overview - 24 -
The regional African situation
https://www.slideshare.net/wearesocialsg/digital-in-2017-northern-africa - 25 -
Information Society and Cybercrime
• New illegal activities are being “invented” everyday• within the networks
• using the networks
• against the networks
• A global crime
• Always multiple territorial connections• the action of the criminals reach computers and victims in
countries other than their countries
• inherent to the nature of cybercrime
• because of the expansion of the networks it is impossible, toeach country, to act alone against this problem
www.coe.int/cybercrime - 26 -
Information Society and Cybercrime
• Crimes are committed remotely• Evidence is volatile and often on the “cloud”
• National law enforcement agencies are limited to theirgeographical borders
• International assistance in criminal investigations requireproper legal channels
• No jurisdiction online, if outside national borders
• International cooperation deals with very distant countrieswith different cultures, with different legal tradition anddifferent criminal law frameworks
www.coe.int/cybercrime - 27 -
How criminals use Technology
TECHNOLOGY AS AVICTIM
Traditionally considered to be true “computer crime” and involvessuch offences as hacking, denial of service attacks and thedistribution of viruses.
TECHNOLOGY ASAN AID TO CRIME
Computers and other devices are used to assist in the commissionof traditional crimes, for example, to produce forged documents,to send death threats or blackmail demands or to create anddistribute illegal material such as images of child abuse.
TECHNOLOGY AS ACOMMUNICATIONTOOL
Criminals use technology to communicate with each other in wayswhich reduce the chances of detection, for example by the use ofencryption technology
TECHNOLOGY AS ASTORAGE DEVICE
Intentional or unintentional storage of information on devices usedin any of the other categories and typically involves the data heldon computer systems of victims, witnesses or suspects
TECHNOLOGY AS AWITNESS TOCRIME
Evidence contained in IT devices can be used to support evidenceto which it is not obviously related, for example to prove ordisprove an alibi given by a suspect or a claim made by a witness.
www.coe.int/cybercrime - 28 -
Europol IOCTA – key findings
Europol IOCTA Report 2017 - 29 -
EURO
POL
Inte
rnet
Orga
nise
d Cr
ime
Thre
atAs
sess
men
t
RANSOMWARE - MALWARE
ONLINE CHILD SEXUAL EXPLOITATION
PAYMENT FRAUD
SOCIAL ENGINEERING
DATA BREACHES AND NETWORK ATTACKS -DDOS
ATTACKS ON CRITICAL INFRASTRUCTURES- DDOS
CRIMINAL ACTIVITIES ONLINE – ONLINECRIMINAL MARKETS
BIG DATA, IOT AND THE CLOUD
TERRORISM
A few examples: cybercrime and -threats today
www.coe.int/cybercrime - 30 -
dinsdag 17 april 2018 Slim omgaan met het internet 31
32
How to make moneyon the internet
www.coe.int/cybercrime - 33 -
Information viaPhishing
Sell theinformation
SocialEngineer
Malwarecreator
Malwareuser
Data seller
dinsdag 17 april 2018 Slim omgaan met het internet 34
Phishing – social engeneering
www.coe.int/cybercrime - 35 -
The cybercrime threat map
https://www.europol.europa.eu/iocta/2017/index.html - 36 -
Succes factors
• Cyber security policy – Cybercrime legislation –legal framework• CERT – Cyber Emergency Plan
• Malabo Convention, 2014
• Budapest Convention, 2001
• Capacity building• Skill and competence development
• Research and development
• International cooperation
www.coe.int/cybercrime - 37 -
Questions?
www.coe.int/cybercrime - 38 -
Thank you
Jan KERKHOFS
Council of Europe ExpertFederal Magistrate, Federal Prosecutor’s Office, Belgium
Addis Ababa, 11-12 April 2018
GLACY+Global Action on Cybercrime ExtendedAction globale sur la cybercriminalité elargie
www.coe.int/cybercrime - 39 -