Security Challenges Against E-crime In México

Similar documents
Crime Statistics in. Crime Statistics in British Columbia, Table of Contents. Ministry of Justice Police Services Division

Crime Location Crime Type Month Year Betting Shop Criminal Damage April 2010 Betting Shop Theft April 2010 Betting Shop Assault April 2010

Cyber-safety Agreements are also an educative tool and shall be used as a resource to support the professional development of the school community.

Fighting Cyber Crime in the Telecommunications Industry. Sachi Chakrabarty

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009

CERIAS Tech Report GETTING PHYSICAL WITH THE DIGITAL INVESTIGATION PROCESS. Brian Carrier & Eugene H. Spafford

Getting Physical with the Digital Investigation Process

Global Alliance against Child Sexual Abuse Online Report of Republic of Serbia

Research Topics in the National Cyber Security Research Agenda

CYBERCRIME AND THE LAW

POLICIES TO MITIGATE CYBER RISK

British Columbia, Crime Statistics in. Crime Statistics in British Columbia, Table of Contents

Digital Forensics. Larry Daniel

Lecture outline. Computer Forensics and Digital Investigation. Defining the word forensic. Defining Computer forensics. The Digital Investigation

Legal Framework to Combat Cyber Crimes in the Region: Qatar as a Model. Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.

INTRODUCTION DEVELOPMENT AND PHENOMENA

An Overview of Cybersecurity and Cybercrime in Taiwan

Years 3-7 Acceptable Use Policy & Agreement

Battling Current Technological Trends

MEXICO S CRIMINAL JUSTICE SYSTEM A GUIDE FOR U.S. CITIZENS ARRESTED IN MEXICO

Forensic Challenge V2.0 UNAM-CERT RedIRIS

ICT POLICY AND PROCEDURE

Table Incident-based crime statistics, by detailed violations and police services, Territories annual (number unless otherwise noted)

Establishing a State Cyber Crimes Unit White Paper

An Introduction to Cyber Crime and Terrorism: Problems and the Challenges

CYBERCRIMES CERTIFICATIONS COURSE

Cyber Crime and Data Retention

Virginia Primary School Learning Together, Learning for our Future

Protecting critical infrastructure from Cyber-attack

Certified Cyber Security Analyst VS-1160

Incident Response and Computer Forensics

110 Explain locard's principle of transference of trace materials at a crime scene. Unit/Standard Number

The City reserves the right to inspect any and all files stored in private areas of the network in order to assure compliance.

Addressing Cyber Risk Building robust cyber governance

This innovative project (FIIP) will provide invaluable tools for investigators to prioritise targets in the area of child sexual exploitation.

MSc Computer Security and Forensics. Examinations for / Semester 1

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

Into the cybersecurity breach

National Cyber Crime Unit

Promoting a cyber security culture and demand compliance with minimum security standards;

CTC Special Meeting on Communications and IT New York May Thank you very much. I am very pleased to be here to participate in

WILLIAM OETTINGER PHONE (702)

Mexican Efforts Towards Building a Design Basis Threat for Radiological and Nuclear Environment.

C HFI C HFI. EC-Council. EC-Council. Computer Hacking Forensic Investigator. Computer. Computer. Hacking Forensic INVESTIGATOR

So why is the head of a federal agency with jurisdiction over customs, immigration, and border crimes appearing at a

Cyber Security Strategy

Presented by Evan Sylvester, CISSP

PHILADELPHIA POLICE DEPARTMENT DIRECTIVE 4.1

now as a Distribution Partner

APPENDIX B ABOUT U.S. CUSTOMS AND BORDER PROTECTION: MISSION AND CORE VALUES

IRC Forensic Basics. by: James Guess. Internet Relay Chat (IRC) first met the world in the late 1980 s. It was the first

Cyber Security in Japan (v.2)

Digital Forensics for Attorneys Overview of Digital Forensics

How To Solve A Violent Home Invasion With A United Force

Certified Cyber Security Analyst VS-1160

Large Scale Cloud Forensics

24/7 High Tech Crime Network

THE WORLD IS MOVING FAST, SECURITY FASTER.

Computer Facilitated Crimes Against Children International Law Enforcement Training

SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100

Design and Implementation of a Live-analysis Digital Forensic System

Industry Oriented Training and Capacity Building Program on Cyber Crimes, Ethical hacking, Cyber Security, Forensics and Cyber Laws

Digital Forensics: The aftermath of hacking attacks. AHK Committee Meeting April 19 th, 2015 Eng. Jamal Abdulhaq Logos Networking FZ LLC

AN INVESTIGATION INTO THE METHODS USED FOR TRAFFICKING OF CHILD ABUSE MATERIAL

Computer Storage. Computer Technology. (S1 Obj 2-3 and S3 Obj 1-1)

BEST PRACTICES IN CYBERCRIME INVESTIGATION IN THE REPUBLIC OF KOREA

Best Practices. For Seizing Electronic Evidence. v.3 A Pocket Guide for First Responders. United States Secret Service

Trends and Tactics in Cyber- Terrorism

ITU Session Two: Conduct a forensically safe investigation Mounir Kamal Mkamal@Qcert.org Q-CERT

CRIMINAL JUSTICE PROGRAM

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

Promoting Network Security (A Service Provider Perspective)

The European Response to the rising Cyber Threat

LODI POLICE DEPARTMENT David J. Main, Chief of Police

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

New Horizons Regional Education Centers (C&T) Pacing Guide

Criminal Law. We re on your side. Petherbridge Bassra. Your Local Solicitors

New Horizons Regional Education Centers (C&T) Pacing Guide

User Guide. Laplink Software, Inc. Laplink DiskImage 7 Professional. User Guide. UG-DiskImagePro-EN-7 (REV. 5/2013)

C HFI C HFI. EC-Council. EC-Council. Computer Hacking Forensic Investigator. Computer. Computer. Hacking Forensic INVESTIGATOR

ASSEMBLY COMMITTEE ON PUBLIC SAFETY Bill Quirk, Chair. AB 8 (Gatto) As Introduced December 1, 2014

Cybercrime in Canadian Criminal Law

McGraw-Hill Technology Education McGraw-Hill Technology Education

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

Dallas Police Department Computer Crimes Unit Cyber-Bullying Sexting And Criminal Consequences

Digital Forensics for IaaS Cloud Computing

Irene Barath Ontario Police College Criminal Investigations Training Unit (519)

Transcription:

Security Challenges Against E-crime In México Juan Carlos Guel López March 2011 1 1

AGENDA Introduction E-Crime Unit at Secretariat of Public Security E-crime in Mexico Technological Challenges Conclusion 2 2

Introduction 3 3

According to the Mexican Internet Association (AMIPCI), Mexican users profile is as follows: 32 million users; Internet is already accesible to all socioeconomic levels; 93% of 6.9 million accounts set up for Internet access are broadband; Connections in Mexico (in millions) : PC s - 19.3 PC s with Internet - 12.5 Cellphones - 80+ 62% of PC s installed in Mexico are connected to the Internet ; Internet Access: 48% - Home 34% - Internet Cafe 19% - Work 11% - Study 4% - Relative s home 1% - Other Fuente: http://www.amipci.org.mx/estudios/ 4 4

SOCIAL ACTIVITIES Send and receive e-mail - 70% Send / receive instant messages - 58% Enter a 'chat room' - 41% Share videos or photos - 34% LEISURE ACTIVITIES Download Music - 49% Adult Entertainment - 10% Fuente: http://www.amipci.org.mx/estudios/ 5 5

INTRODUCTION Recent investigations in Mexico have shown advanced use of technologies like cloud computing, cryptography, etc. on typical crimes like drug traffic, kidnapping, robbery, money laundring, fraud, children pornography among others. E-crime in Mexico has been steadily growing over the last years as shown on the following graph. 6 6

INTRODUCTION Denouncements 7 7

INTRODUCTION 2011 Denouncement Trends 8 8

INTRODUCTION Some of the typical technics and tools to fight E-crime have been surpassed by those used by criminals. Nowadays we face big challenges in public security matter in Mexico in order to fight E-Crime. As criminals make use of some state-ofthe-art technologies, law enforcement agencies must do so. 9 9

E-CRIME UNIT SECRETARIAT OF PUBLIC SECURITY 10 10

The E-Crimes Coordination, of the Scientific Division, of Mexican Federal Police, arises from the Official Journal of the Federation Diary, on May 17th, 2010. 11 11

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY CYBERCRIME UNIT 12 12

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY ELECTRONIC INVESTIGATION LABORATORIES 13 13

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY ELECTRONIC INVESTIGATION LABORATORIES It is possible to recover information from unplugged RAM (volatile) memory. Partial Information can be retained even after 10 minutes of disconnection if memory is frozen. 14 14

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY ELECTRONIC INVESTIGATION LABORATORIES 78L05 10µF + + 47µF + 470µF + 10µF + 10µF + 10µF MAX 232 15 15

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY ELECTRONIC INVESTIGATION LABORATORIES Possible scenario of analized devices. C Canal 2 R 2 A D R 1 R 3 Canal 1 Estación Base/ Repetidores Radios móviles B Alcance de transmisión 16 16

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY NATIONAL CENTER FOR CRIMES AGAINST CHILDREN 1. National Database of missing children 2. National Database of sexual offenders 3. National Database for children offenders Legal support Investigation of crimes against children Psychological support 17 17

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY COMPUTER EMERGENCY RESPONSE TEAM 18 18

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY Facilities - Headquarters 19 19

E-CRIME UNIT - SECRETARIAT OF PUBLIC SECURITY 20 20

E-Crime in Mexico 21 21

E-CRIME IN MEXICO Operation Tequila Operation Tequila was a DoS attack lead by #Anonymous hackers group on February 9th & 11th 2011 against local news website. This group called internet users for a new DoS operation against government websites (Secretariat of Communications and Transport website & Presidency of the Republic website) on February 17th 2011. 22 22

E-CRIME IN MEXICO Operation Tequila 23 23

E-CRIME IN MEXICO Ciber Protesta Mexicana Ciber Protesta Mexicana (CPM) launched a simultaneous hacking operation against many Mexican Government websites on September 15th 2010, regarding the Bicentennial Celebration of Independence. This group is still attacking websites in Mexico nowadays, though some of the members have been identified. 24 24

E-CRIME IN MEXICO Ciber Protesta Mexicana 25 25

E-CRIME IN MEXICO Organized Crime 41 cellphones 3 netbooks Phone contacts Hard disk Results SMS & calls Multi media Image Processing Analysis 26 26

ARTHUR LELAND SAYLER CASE Arthur Leland Sayler, Canadian that used to operate from Tijuana, Baja California. He was arrested in possession of 4 million images and videos of child pornography, stored in different mass storage devices. A. P. PGR/FEVIMTRA-C/VCM/010/03-08 25 Hard drives 29 DVD s 4205.5 Gb 133 Gb Analysis results 2 Flash memories 9 floppys 96 CD-ROMs 80 Mb 12.6 Mb 67.2 Gb 4.40 Tb 27 27

ARTHUR LELAND SAYLER CASE Analysis results 3 Websites, broadcasting live 6 Websites in Mexico (disabled) 30 Websites in USA, (research) Catalogs of images of child pornography, from babies to children under 17 years of age. Subscription service to export and import images into the network Internet Service Provider Teléfonos del Noroeste Webserver: Fedora Core 6 O. S. IP 201.170.83.123 28 28

GARY MICHAEL FEROGLIA CASE Gary Michael Feroglia, American citizen who was arrested for his responsibility in the commission of crimes of child pornography, against health and possession of weapons used exclusively by the military. A. P. PGR/SIEDO/UEITMIO/552010. Operation: Ice Gatekeeper IP address Analysis results 40,000 images of child pornography Manzanillo, Colima 29 29

GARY MICHAEL FEROGLIA CASE Analysis results Hard drive 400 Gb More than 4 million digital files, related to child pornography 1 firearm 1 magazine 8 rounds of ammunition 1 smoking pipe A bag with white powder Hard drive 80 Gb 30 30

Actions taken against E- Crime by Mexican Government 31 31

Actions taken against E-Crime by Mexican Govt. Gabinete de Seguridad Nacional National Security Committee has established the need for the creation of a National Security Strategy against cybercrime in Mexico. 32 32

Actions taken against E-Crime by Mexican Govt. Define an Information Security General Policy for the Mexican Federal Government. To create and operate a Computer Security Incident Response Team (CSIRT) at Mexican Government level. 33 33

Actions taken against E-Crime by Mexican Govt. Cybersecurity Roadmap E-Crime Unit Governm ent Militar CERT -PRESIDENCY -SEGOB -SEDENA -SEMAR - -PGR -SCT -SRE -SFP -CISEN -SHCP -ENERGY Privately held co. -CARRIERS -ISP -TELEPHONE COMPANIES Academic CERT Financial CERT CERT-MX -LABORATORIES -CYBERCRIME -CENADEM -SEDENA -UNAM-CERT -ABM 34 34

Technological Challenges 35 35

Technological Challenges Strong cryptography used by criminals makes hard to investigate on electronic evidence. Forensic tools for hard disk cloning and indexing are not fast enough to fullfill the time Law Enforcement Agencies have in Mexico to deliver evidence to Public Ministery before releasing a suspect from custody. 36 36

Technological Challenges Need to correlate all of the information collected in order to provide intelligence to Mexican Federal Police. Need to automatically identify individuals found in pictures as evidence. Need to trace IPs addresses to Geographical location accurately. Need to monitor criminals on social networks with automated tools. 37 37

CONCLUSION Work to do To have better cooperation with national and International Entities (Government, Privately held companies, Law Enforcement Agencies, Universities, ISPs). To promote changes to Mexican Legislation according to the challenges we face day to day. To identify and to acquire new Technology that enables the E-Crime Unit to fight the organized crime in Mexico. 38 38

CONTACT Comisario Jefe Juan Carlos Guel López HEAD OF MEXICAN FEDERAL POLICE E-CRIME COORDINATION E-mail: carlos.guel@ssp.gob.mx 39 39

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information