Cyber Security & Cyber Criminality: ~ The Facts ~ - Sgt Phil Cobley
Firstly, an apology + + =
What shall we discuss What is Cyber Crime? What are the current threats? What is the capability of local and regional Cyber Crime Investigations? What support is out there to assist? Cyber Essentials Scheme Innovation Voucher Scheme CiSP and How you can contribute
Who is this guy? Sergeant Phil Cobley Over 10 years experience in the Police Was the Digital Forensics & Cyber Crime Investigations Manager at Bedfordshire Police for 3 years Practitioner? - Yes Expert? - No Currently studying BSc in Software Development Was the Bedfordshire Police Force Practitioner Lead on Cyber Crime Guest Lecturer at University of Bedfordshire on Cyber Crime Sit on the National ISO 17025 Standards Expert Network Published in the law Journal Cyber Security Law & Practice Co-authored the recently released ebook produced by the NCCR A Practical Guide to Coping with Cyberstalking
(Shameless Plug)
So what is Cyber Crime?
Cyber crime in the UK is The adopted definition of Cyber Crime is: Cyber Dependent Crimes, where a digital system is the target as well as the means of attack. These include attacks on computer systems to disrupt IT infrastructure, and stealing data over a network using malware (the purpose of the data theft is usually to commit further crime). Cyber Enabled Crimes. Existing crimes that have been transformed in scale or form by their use of the Internet. The growth of the Internet has allowed these crimes to be carried out on an industrial scale. The use of the Internet to facilitate drug dealing, people smuggling and many other 'traditional' crime types.
Think Digital What are the lines of enquiry?
Think Digital What are the lines of enquiry?
Which of these is a cyber threat? Common house hold smart goods are now being hacked and used in Spam and DDOS activity
Social Engineering
Is it really such a big deal?
We now live our lives online 3bn people will be using the internet worldwide by 2016 and by the end of the year, networked devices will outnumber people by six to one On average each household has 3 internet enabled devices and 2/5 adults have smart phones 8% of GDP generated through the internet economy 121bn in 2010 with Household annual retail sales worth 2.6bn with 30% year on year growth
Estimated cost of Cyber Crime- 27billion 2% GDP (Detica 2011) 21 billion to business 2.2 billion to government 3.1 billion to Jo Public 44m cyber attacks in 2011 in UK National Security Strategy Tier 1 threat
Measuring the Cost of Cyber Crime (Anderson et al Feb 2013) Cyber is now the typical volume crime in the UK The Economic Cost of Cyber Crime up to $500 billion (McAfee July 2013)
Crime Survey for England & Wales 2012 In the previous 12 months 1/3 adults suffered online crime 1/5 adults suffered offline crime Federation of Small Business (21/05/12) From May 2011 to May 2012 41% of members suffered cyber crime at a cost of 800m 20% had taken no steps to protect themselves
What do you think? The 2014 Information Breaches Survey reported that 81% of large organisations and 60% of small businesses had security breaches. 1) What is the average monetary loss for small businesses? 65k - 115k 2) What is the average monetary loss for large businesses? 600k - 1.5 million
What do you think? The 2015 Information Breaches Survey reported that 90% of large organisations and 74% of small businesses had security breaches. 1) What is the average monetary loss for small businesses? 75k - 311k (Up from 65k - 115k in 2014) 2) What is the average monetary loss for large businesses? 1.46m - 3.14m (Up from 600k - 1.5m in 2014)
What about the ethical and social responsibilities? You are a business in the UK You collect data about: customers, employees, yourself, suppliers, manufacturers, partners etc That data includes: names, addresses, phones numbers, bank details, pension arrangements, scanned ID documents, diaries/schedules, financial status/forecast, purchases, credit history etc What would the impact be on those individuals if their data was lost, stolen or altered? What is your responsibility as a business to those people and businesses, and also to the overall security of the UK and our partners? Would customers give you data if they knew you wouldn t secure it?
And now for some good news!! GCHQ reported in 2014 that in terms of Cyber Crime 80% is easily preventable
So talking of the national picture How does Law Enforcement work in the UK?
The National, Regional & Local Picture
The National, Regional & Local Picture National/ International NCA Cross Border Regional Organised Crime Units (ERSOU) First Responders & Local Investigations Local Forces (Beds, Herts, Cambs, Norfolk, Suffolk & Essex)
Some Examples Local Investigation: SME Insider Threat ICT Manager Data deletion / Website Defaced / Malicious Transactions Regional Investigation: Large Corporation 14m worth of data extracted over several months Multiple offenders across several regions working as a gang Numerous attack vectors Elsewhere in the UK: SME targeted Really good Cyber Security Physical server attack
Ask yourself Do you know the value of your data? Reputational Damage/IP/Trust what if these were affected? Do you know where you data is stored? Who has access to your data? Do you have backups? Do you really know your employees? (Proper vetting, single point of failure?) Do you have suitable business continuity and disaster recovery in place? What would you do if you lost all your data tonight? Do you know what your responsibilities are if you have a data breach?
What support is out there?
Get Safe Online
Cyber Streetwise
CESG 10 Steps
Cyber Essentials Scheme
Cyber Security Innovation Vouchers **Round 14 is now OPEN as of November 2015!!!**
CiSP Cyber Information Sharing Partnership
CiSP Cyber Information Sharing Partnership What is the Cyber-security Information Sharing Partnership (CiSP)? CiSP is a joint industry and government scheme based in CERT-UK. CiSP is an online social networking tool and enables its members to exchange information on threats and vulnerabilities as they occur in real time.
Basic Steps to Stay in Control
My Vision of the Future Law Enforcement Tackling the UK Cyber Threat Academia Industry & Business
Who do I contact and how? Action Fraud 0300 123 2040 Urgent Incidents 999 or 101 (local Force response) Non urgent incidents 101 / Action Fraud Non urgent in office hours Local Force Cyber Crime Unit (email me for details) Regional Unit will pick up incidents/cases through a tasking process that local Forces initiate Action Fraud will disseminate cases and investigations across to Forces following research and analysis of information provided
What we discussed What is Cyber Crime? What are the current threats? What is the capability of local and regional Cyber Crime Investigations? What support is out there to assist? Cyber Essentials Scheme Innovation Voucher Scheme CiSP and How you can contribute
Thank you! Sergeant Phil Cobley Regional Cyber Protect Coordinator Regional Cyber Crime Unit Eastern Region Special Operations Unit (ERSOU) (+44) 07507 684387 phil.cobley@ersou.pnn.police.uk