Technology & CrimeCyber – Mini Conference
ADIL ILYASCYBER CRIME CONSULTANT – CID HQ
Agenda• Status:-Situational Analysis of Cyber Crimes in the
country. • Threats:- Current and Future Threats & Threat
Sources• Trends:-Patterns and roadways of Cyber Crimes in
the country• Challenges:- Technical to Administrative
Challenges• Solutions:- A way forward Case Studies
Introductions• Technology is a double-edge sword, and it's a good
idea to understand how both sides of the blade cut.• The Good Part: Medicine, Education,
Communication, Trade/Commerce, Entertainment and much more
• It facilitates crime but it has been also mobilized to successfully combat crimes, even in Tanzania. There are negative externalities brought about by the increased use of technology and some of these pose serious challenges on the course of our daily lives.
Cyber Crime - Explained
Any electronic Device that can either STORE, PROCESS or COMMUNICATE can be used to either commission an offense or be used as a target of an Offense.
Technological Enabled Crimes ( Cyber Crimes )o Traditional Crimes using new technology.o Examples: - Fraud, Counterfeiting, Tax Evasion, Money
Laundering
Computer Crimeso Crimes brought fourth by new technology
Hacking, Denial of Service Attacks, System Manipulation, Phishing, Spamming
Tools• Regular Phones, Smart Phones• Computers• Storage Devices ( Flash Disk, CDs etc)
Who can commit an offense ?• Over 18 million people in Tanzania are
connected to Mobile Phone Networks• Over 8 million people in Tanzania are
connected to the internet, with or without knowledge of their connection state.
• More than 7% of the population owns a PC• Anyone of these can commit an offense• Mostly likely they will use the same available
technology to facilitate that offense.• Practically they have the weapon for the
offense.
Our StatusQuick Fact :-• The beauty about technology it does not wait for a country or region
to fully mature into a developed state, but rather its instantaneously available across globe. The same technology may impact regions differently and bring about positive and negative outcomes.
Noticeable Government Efforts• TCRA Harmonized Communication Sector ( Pricing, Service Structure,
Resource Management )• Tanzania Police Force – Cyber Crime Unit.
o Newly Revamped Departmento Covers: Computer & Mobile Forensics, Hi-Tech Crimes, Research & Emerging
Crimes, First Responders, Stake Holder Liason, Cyber Prosecution o Continuous Training Efforts :- Over 250 First Responders / Officers have been
trained
• CERT – Establishment in progress.• Establishment of eGA• Establishment of EPOCA, and ongoing process of
Establishing Cyber Law
Our StatusCommunication Sector:-• Mobile Subscriber Registration has helped in
identifying culprits misusing the technology. But still some phones continue to operate un-registered and other with false pre-registered information
• Storage of Corroborative Evidence as CDRs with mobile operators has helped a great deal in combating crimes, but Most Operators fail to retain DHCP Logs on internet activities.
• Insider collaboration, SIM Swapping and Soft Engineering on victims has been the latest trend in Mobile Money Theft.
Our Status …
Financial Sector• Tanzania has over 26 Banks; all these banks use
the latest technology available in the market to offer services. Some of these banks even inter-connect their services to Mobile Communication Networks.
• Banks have been in the frontline of attacks by both Locals and Foreigners
• Technology used against banks are :- Key Loggers, Skimmers, ATM Cloners, Insiders, Sniffers, Identity Theft, Card Trading
Threats & Threat Sources ..Threat Source
Description & Technology used
Typical Threats Posed
Organized Criminal Groups
Criminal groups seek to attack systems for monetary gain. Key Loggers ATM Skimmers Card Cloners Identify Theft Computer & Computer
Software SMS ID Manipulation GSM Gateways Internet
Fraud Theft Forgery &
Counterfeiting Money Laundering Tax Evasion Call Termination Fraud Email Scams, Fake
Websites Denial of Service
Attacks Piracy Defamation and
Offensive Content Impersonation
Threats & Threat Sources ..Threat Source
Description & Technology used
Typical Threats Posed
Amateur Offenders
Offenders with various motivations some monetary gains while others focus on personal agendas Mobile Phones Computers Internet
Harassment & Threats
Theft Defamation Impersonation
Threats & Threat Sources ..Threat Source
Description & Technology used
Typical Threats Posed
Insiders The disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to steal system data.
Theft Fraud Denial of Service
Attacks Theft of Information
In order to commit the offense
MOTIVATION & OPPORTUNITY
MOTIVATORStFINANCIAL
PERSONAL MOTIVATIONS
ADVENTURE / POWER
HI-TECH
Motivators
FINANCIAL GAIN(fraud, theft, scams,
forgery)
REVENGE(against people,
communities, corporates,
governments, countries)
CURIOSITY(knowledge, sensation,
intellectual challenge);
FAME
(media attention, boasting, political).
Opportunities• 7 YEARS AGO
AllyDar Es Salaam
JoanithaArusha
Opportunities• 4 YEARS AGO
AllyDar Es Salaam
JoanithaArusha
MPESA MPESA
Opportunities• 1 YEAR AGO
AllyDar Es Salaam
JoanithaArusha
MPESA TIGO PESA
Opportunities• NOW
AllyDar Es Salaam
JoanithaArusha
CRDB BANKNMB BANK
MPESA
TIGO PESAMPESA
OR MOBILE BANKING
CARDLESS WITHDRAWO
Opportunities for Criminals• Increased volume of E-Commerce and online
corporate transactions• Increased connectivity for both targets and
offenders• Increased vulnerability of targets• Convergence of Technologies
Typical Offenses• Fraud• Call Termination Fraud• Credit/Debit Card Trading• Organized Scams• Terrorism• Money Laundering• Denial of Services• Piracy• Counterfeiting• Tax Evasion• Impersonation and concealment of identity• Illegal Interception of Communication
Administrative Challenges• Enactment of Cyber Laws that will encompass all aspects of Cyber
Crimes and Computer Related Offenses• Delay Educational Sectors to introduce Disciplines in Cyber Crimes• Lack National Strategy in Combating Cyber Crimes• Consumer & End User Education on New Products• Admissibility of Electronic Evidence in Courts• Education and Training to Law Enforcement Officers, Prosecutors
and Judicial• Retaining of Corroborative Evidence by Third Party Providers• Stakeholder collaboration still a challenge• No Standard Operating Procedures or Best Practices Adopted• Working IN Border but fighting a borderless crime• Costs
Technical Challenges• Many Offenses are never detected• Many detected Offenses are never reported• Difficult to Quantify offenses• Distributed Systems make search and seizure difficult• Encryption• Skills sets required to Investigate and Forensically
extract ESI• Difficult to Police Cyber Space• Convergence of Technologies• The Constantly Evolving Technological Landscape
and Emerging Crime ware Technique
Tools• Using Hardware based Key loggers. A common
method across Asia/African Markets
Card Cloning /SkimmingCard Cloning /Skimming
ATM Fraud
ATM Fraud
ATM Fraud
ATM Fraud
Way Forward• On a more holistic level, a multifaceted approach
is certainly required in order to comprehensively deal with the problem most effectively.o EDUCATION
• Educating information technology users including individuals, corporate entities and organizations is a largely preventative measure.
• Universities & Institutions should accommodate Information Security
o PUBLIC & PRIVATE PARTNERSHIPS• Both are inter-dependent on one another.
o DEFENSIVE TECHNOLOGY• Monitoring & Forensic Technology