Cybercrime in Belgium

Transcription

1 Cybercrime in Belgium anno 2013 Christian Van Heurck Coordinator Goal 2 1

2 Goal what is? what can we do? why report to? present threats anno 2013 raise awareness 3 Bottom line cyber security & cybercrime are a growing problem of our society 4 2

3 Bottom line we are LOSING the ba le 5 Bottom line awareness 6 3

4 What is? 7 What is? a service of operated by 8 4

5 What started it all? 9 What started? 10 5

6 Why Belnet? 11 Types of cyber threats cyber security cyber crime others 12 6

7 Focus on helping! 13 Dealing with crime 14 7

8 to help Belgian key resources, cri cal informa on providers and the Belgian public protect their IT- infrastructure by: providing informa on on incidents, helping them to handle incidents, coordina ng the response to major incidents, helping them develop their own CSIRT ac vi es, sharing data and knowledge. 15 What does do? Reactive (short term): Incident response & coordination Proactive (medium term): Raising awareness & inform Security Quality Management (long term): elevate the level of IT-security 16 8

9 What does do? 17 What does do? Brochure: h ps:// h ps:// h ps:// Flyer: h ps:// h ps:// h ps:// 18 9

10 Services Website: 19 Services Twitter en Delicious links:

11 assets experts interna onal network of trusted partners na onal partners agility neutrality confiden ality keyrole in.be cyberspace 21 threats lack of funding s ll evolving dangerous expecta ons no appropriate legal status yet legal issues regarding sharing of PII lack of awareness 22 11

12 Team core team = 10 FTE: 5 Security Analysts 1 Communication Expert 1 Coordinator Belnet: Logistics Belnet Experts Legal Administrative 23 Evolution of number of incidents

13 Evolution of number of incidents 25 Evolution of number of incidents 26 13

14 Evolution of number of incidents 27 Types of incidents in 2012 multiple 0,1% other 3,0% scans 26,1% system2incidents 24,1% vulnerability2reporting 0,7% worms2&2viruses 4,6% phishing 14,7% stolen2accounts 5,2% queries 4,3% SPAM2related 14,8% DoS2attacks 2,4% 28 14

15 Bottom line 1 cyber security & cyber crime are a growing problem of our society 29 Bottom line 2 awareness 30 15

16 Aimed towards the Belgian popula on also has the task to provide the Belgian popula on with informa on on computer security. This way everybody stays informed about threats and we provide ps to get online safely

17

18

19

20 Trends cyber security cyber crime others 39 Trends lack of awareness 40 20

21 Trends cyber security & cyber crime are a growing problem of our society 41 Trends 42 21

22 Trends Sophistication increases Mobile usage increases Digital trust is important Tools are not enough The internet of things Snowden 43 Trends Cloud Always online & Big data Weakest link Insider All of the old stuff is still there Hacktivism DDoS 44 22

23 Trends Legal obligations Lack of skills / experience Not enough reporting Not enough sharing It all happens in Belgium too We need more exercises 45 Trends Accounts compromised Sony 77 million from PlayStation Network 25 million from Sony Online Entertainment Estimated cost: $1 billion in investigation Average estimated cost: $214 per lost record! CISCO estimates the pay-off for spear phishing attacks to $ 40 more time than mass attacks Source: Communication of the ACM November

24 Anno Anno

25 Anno Anno

26 Anno Anno

27 Anno Anno

28 Trends 55 Anno 2013 Apple Microsoft Dropbox Belgacom 56 28

29 Trends 57 Trends 58 29

30 TLP 59 Trends 60 30

31 Trends 61 Trends 62 31

32 Trends 63 Conclusion It s ge ng worse 64 32

33 Conclusion Over here in Belgium too 65 Conclusion smarter defence 66 33

34 Trends lack of awareness 67 Trends Report your incidents 68 34

35 Q&A report an incident: informa on: communica on: website pro: website ci zen: rss feeds: newsle er: twi er: Flipboard: h ps:// h ps:// h ps:// on h ps:// er h ps://twi er.com/certbe h p://flip.it/hd0yv 69 35