office for combating cyber crime and digital forensic ... cyprus - (… · 28/11/2016...
TRANSCRIPT
![Page 1: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/1.jpg)
CYPRUS POLICE
Office for Combating Cyber Crime
and
Digital Forensic Laboratory
Cyprus Police Headquarters
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 2: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/2.jpg)
Agenda
• Establishment of Office Compating Cybercrimeand Digital Forensic Lab and responsibilities
• Type of cases we are facing in Cyprus
• Main legislation
• Cooperation
• Reporting
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 3: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/3.jpg)
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
Establishment of the Office for CombatingCyber Crime
• The Office for Combating Cyber Crime wasestablished in September 2007 based on the PoliceOrder 3/45.
• The Digital Forensic Laboratory (D.F.L.) is under thesame administration and was established in 2009.
• There are six (6) investigators working at the Officefor Combating Cyber Crime and nine (9) forensicanalysts working at the D.F.L. on shift basis.
![Page 4: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/4.jpg)
Duties
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
• Investigation of serious offences held via the internetand offences related to computers and data
• Cooperation with officers from other organizations
• Organizing training sessions
• Statistics preparation
• Participation in events and lectures
• Observing the evolution of technology
![Page 5: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/5.jpg)
DIGITAL FORENSIC LAB (D.F.L)
• D.F.L was established on 2009 and falls withinthe effective examination of electronicevidence. D.F.L is staffed with specializedpersonnel for collection of evidence anddigital forensic analysis of electronic devices
• It’s the only Government Computer ForensicLab in Cyprus
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 6: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/6.jpg)
D.F.L• Mission: Collection and forensic analysis of digital
devices as well as the presentation of scientifictestimony as expert before the court
• Responsibilities
– Collection of e-evidence at crime scenes
– Forensic examination of e-evidence andpresentation of scientific testimony before thecourt
– Training (police staff and other organization'sstaff)
Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος28/11/2016
![Page 7: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/7.jpg)
D.F.L
• Capabilities
– Forensic Imaging of e-evidence
– Forensic Analysis of e-evidences (FTK, EnCase, IEF,Atola, Virtualization)
• Index search
• Data Recovery
• Export
• Data analysis
• Data verification
Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος28/11/2016
![Page 8: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/8.jpg)
E-evidence admissibility
The basic principle of forensic examination of electronicevidence is the integrity of the original evidence, exceptin such circumstances where the action is fully justified
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 9: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/9.jpg)
Types of cases
• Child pornography (content related crimes)
• Attacks on information systems (hacking)
• Computer related forgery (phishing sites)
• Malwares
• Gambling
• Requests from other countries (Mutual LegalAssistance Treaty MLAT).
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 10: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/10.jpg)
Hacking
• Malware
– Ransomware
– Cryptolockers
– Email access and redirection
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 11: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/11.jpg)
Hacking
• Botnets and DDos attacks
– Bot infection
– DDos attacks
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 12: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/12.jpg)
Hacking
• VOIP Attacks
– PBX systems
– SIP accounts
– Redirection
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 13: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/13.jpg)
Phishing
• E-Banking Phishing sites
• Email Phishing
• Social Media Phishing
• Social Engineering
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 14: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/14.jpg)
The Law on the Retention of Telecommunicationdata for the investigation of serious offences, L.
183(I)/2007
•This Law forces the ISPs to store telecommunicationand traffic data (ip addresses, calling numbers andemails) for the purpose of investigation for the periodof six months
•The police is able to access these data (court warrant)during the investigation of serious crimes that arepunishable by the given legislation with imprisonmentmore than 5 years
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 15: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/15.jpg)
Law on the protection of the privacy of thecommunication and access to written communication
content, Law 92(i)/1996 and 216(i)/2015
•No possibility of tampering with privatecommunication up until now
•Possibility to access written communication content(emails, chats etc)
•The police is able to access these data (court warrant)during the investigation of serious crimes as describedwithin the article 17b of the constitution of theRepublic of Cyprus (murder, trafficking of humansbeings, child pornography, drugs and corruption)
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 16: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/16.jpg)
Cybercrime Legislation-Acts unique toinformation systems, in particular those related
to cyber attacks• Illegal access to a computer system L. 22(III)/2004,
article 4
• Illegal interception of computer data L. 22(III)/2004,article 5
• Illegal data interference L. 22(III)/2004, article 6
• Illegal system interference L. 22(III)/2004, article 7
• Misuse of devices L. 22(III)/2004, article 8 (Malware)
• Computer related forgery L. 22(III)/2004, article 9
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 17: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/17.jpg)
• Illegal data interference L. 147(I)/2015, article 5
Whoever intentionally and without right destroys,deletes, alters or conceals computer data or interruptthe access to such data commits an offense punishablewith imprisonment not exceeding five years or a finenot exceeding 34,172 euro or by both penalties.
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
Cybercrime Legislation-Acts unique toinformation systems, in particular those related
to cyber attacks
![Page 18: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/18.jpg)
Office for Combating Cyber CrimeActivities/Cooperation(cont.)
• Participation to Europol EC3:F.P Twins, Cyborg and Terminal 24/7 service
• Participation to EMPACTSChild Sexual Exploitation (CSE) and Cyber Attacks
• Europol Malware Analysis (EMAS)• Cooperation with O.C.E.C.P.R (Cyber security strategy)• Active member of EUROPOL, INTERPOL, EUROJUST, FBI• ECTEG (European Cybercrime Training and Education Group)• Also O.C.C is in close cooperation with
– ENISA (European Union Agency for Network and Information Security)
– CEPOL– CERT EU– European Commission– VCACITF (Violent Crimes Against Children International Task Force)
– Council of Europe (T-CY)28/11/2016
Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 19: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/19.jpg)
Reporting
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 20: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/20.jpg)
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 21: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/21.jpg)
Mobile Application
28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος
![Page 22: Office for Combating Cyber Crime and Digital Forensic ... Cyprus - (… · 28/11/2016 Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος Establishment](https://reader034.vdocuments.site/reader034/viewer/2022052010/6020ae8ac2f93c2b2b7fa615/html5/thumbnails/22.jpg)
Constantinos Anastasiou
Police Officer
Digital Forensic Laboratory
C.E.E.C.S
BSc Computer Science
MSc Business Administration
Tel. 22808988
Fax. 22808465
Γραφείο Καταπολέμησης Ηλεκτρονικού Εγκλήματος28/11/2016