training on “albanian and italian experience in investigation and prosecution of cybercrime”...
TRANSCRIPT
Training on“Albanian and Italian experience in investigation and prosecution
of Cybercrime”General Prosecutor Office, Tirana
10 June 2014
VQA Ivano GABRIELLIServizio Polizia Postale e delle Comunicazioni
C.N.A.I.P.I.C.
DIRECTORATE FOR ROAD POLICE, RAILWAY POLICE,COMMUNICATIONS POLICE AND FOR THE SPECIAL UNITS
OF THE ITALIAN NATIONAL POLICE
DEPARTMENT OF PUBLIC SAFETY
POSTAL AND COMMUNICATIONS POLICE SERVICE
Organization Chart
MINISTRY OF INTERIOR
Our main operational centres
POSTAL AND COMMUNICATIONS POLICE SERVICE
C N A I P I C C N C P O
Online Police Station
Provincial Branches
(Sezioni)
80
Regional Districts(Compartimenti)
20
Field Offices
•Cyber CrimeoHackingoCrimes affecting: -Home banking
-E-currency -E-Commerce
oCyber terrorismo Critical Infrastructure Protection
• Online Child Pornography• Offences against the person committed by means of the internet
oCyber stalkingoOnline threats, harassment and defamation
• Safeguarding Communications• Crimes affecting postal servicesoControls over telecommunication-related activities
• Enforcing Copyright protection law – Satellite piracy
Statutory areas of competence
Servizio Polizia Postale
C.N.C.P.O.Established by Law n.38 of February 6, 2006, the National Centre for Combating Online Child Pornography conducts and coordinates all online child abuse investigations and prevention activities. The Centre updates a blacklist of child pornography websites on a daily basis.
International cooperation
h/24 Monitoring
Reception and Notification
Blacklisting and Filtering
Relations with Financial Institutions
Image Analysis
Coordinating investigations
Servizio Polizia Postale
C.N.A.I.P.I.C.
Regulatory framework•Art. 7-bis of Law n.155 of 31 July 2005, “Conversion into law, with amendments, of the decree law n. 144 of 27 July 2005 on urgent measures to combat international terrorism” (also known as “Pisanu Law”)Internet and telecommunications security: «Without prejudice to the competences of Intelligence and Security Agencies, set forth in articles 4 and 6 of Law n. 801 of 24 October 1977, the body of the Ministry of Interior entrusted with the security and regularity of telecommunication services * ensures the protection of national critical information infrastructures, as indicated in a specific Decree of the Minister of Interior, availing itself of direct ICT connections with the infrastructures concerned and provided for by specific agreements.»
•Decree of the Minister of Interior of 9 January 2008 implementing art. 7 bis of decree law n. 144 of 27 July 2005. It defines and indicates Critical Information Infrastructures and establishes the CNAIPIC within the Postal and Communications Police Service - Department of Public Safety.
•Decree of the Chief of Police of 7 August 2008. It states the CNAIPIC’s mission and defines its organization.
8
CYBERCRIMEscenario
Internet users:In 2000 360,985,492Today 2,405,518,376
NEW FORMS OF CYBERCRIMEBASED ON
DIGITAL IDENTITY THEFTMAINLY TARGETING:
- ONLINE BANKING SERVICES - E-COMMERCE - KNOW-HOW THEFT AND INDUSTRIAL
ESPIONNAGE
DIFFERENT CASES DIGITAL IDENTITY THEFT
Identity Cloning Impersonation
Financial Identity Theft
Use of stolen credentials to obtain financial and economic advantages
Criminal Identity Theft
Use of stolen credentials to commit illegal activities
Attacks against users«Traditional» Phishing techniquesTheft of a few dozens of credentials
Attacks on users computer systemsNew generation Botnet - Phishing Theft of thousands of credentials
Attacks on large computer systemsData Breach
Theft of hundreds of thousands of credentials
DIGITAL IDENTITY THEFTSMain targets
12
CYBERCRIMEA case study
“Between 2005 and 2007 Albert Gonzalez, along with a team of hackers called ShadowCrew, managed to hack into the databases of some leading companies of the retail industry, thus gaining access to more than 180 million payment cards. According to estimates, the damage caused by Gonzalez and his team to the affected companies amounted to more than $ 400 million, including reimbursements, forensic investigations and legal expenses.”
Source: http://www.mcafee.com/it/resources/reports/rp-good-decade-for-cybercrime.pdf
CASE:
STRATFOR
CYBERCRIME
Yesterday, Today and…
CYBERCRIME
… Tomorrow
IDENTITYTHEFT
CYBERCRIMESaffecting home banking and e-currency
• represent a constantly evolving phenomenon• exploit increasingly sophisticated techniques and
technologies (theft of digital identity and codes through new pharming e phishing techniques, insidious crimeware such as trojan horses and botnets, more and more refined skimming technologies, illegal accesses to databases, etc.)• are put in place by cross-border criminal organizations• have transnational and cross-sector effects
Identity TheftCases in Italy
Identity theft : Home Banking, E-currency, E-commerce and Theft of non-financial services access codes – Number of cases resulting from complaints filed from 2009 to 2012
Source:Polizia Postale e delle Comunicazioni
2009 2010 2011 20120
10000
20000
30000
40000
50000
60000
70000
45807
65589
Our Activities from January 1 to May 31 2014
• Websites monitored 7252• Significant attacks detected 161• Alerts sent out relating to serious events 453• Investigations conducted 32• Individuals informed against to the J.A. 33• HTC Emergency Incoming requests 10• HTC Emergency Outgoing requests 18
BOTNETS
Source: http://www.team-cymru.org/Data refer to July 19th, 2012
ZEUS BOTNETInfections
Source: http://www.abuse.ch/?p=3499Data refer to October 2011 – first detection of Zeus variant c.d. P2P
ZEUS BOTNETAttack on mobile systems
UNDERGROUND ECONOMY
PREVENTION AND RESPONSE• synergic approach = public-private partnership =
shared security
• data and information sharing and circulation
• involvement of specialized law enforcement agencies
In particular
• creation of a public-private task force
• data and information sharing and circulation with a view to preventing and countering crimes and to providing appropriate security policies
• refining operational capacities and law enforcement response
• International cooperation
Thank you for your attention