Current situation of cyber crime in China - PowerPoint PPT Presentation

About This Presentation
Title:

Current situation of cyber crime in China

Description:

Hacking case: HOW? ... The suspect know nothing about hacking technology. ... Personal computers become the major part of victim in computer crime in recent year. ... – PowerPoint PPT presentation

Number of Views:379
Avg rating:3.0/5.0
Slides: 25
Provided by: Fall8
Category:

less

Transcript and Presenter's Notes

Title: Current situation of cyber crime in China


1
(No Transcript)
2
The development of Internet
A cow was lost in Jan 14th 2003. If you know
where it is, please contact with me. My QQ number
is 87881405. QQ is one of the most popular IM in
China.
3
Number of cases
4
Age of the offenders
5
Computer Crime Vs Computer facilitated crime
6
Major categories of cyber facilitated crime
7
Hacking case HOW?Major categories of intrusion
technology used by hackers in the cases we
investigated
8
Hacking case HOW?
  • The following intrusion methods increased rapidly
    in recent year and became one of the major
    intrusion technology
  • Large-scale intrusion by exploiting vulnerability
    of client software
  • Large-scale intrusion by decoying users to
    install malicious code through P2P, IM, Email
    network

9
Case example
  • A virus on QQ (a most popular IM) were created to
    spread malware in order to creat an IRC botnet
    60,000 hosts were infected.

Wi.ourmid.com
Please visit wi.ourmidi.com
10
How did the criminal (hackers) occupy the
victim hosts?
Those who dont know a lot about technology make
profit by damage the network security
directly. Those who know technology make profit
by selling technology.
11
Hacking without knowledge of technologyCase
example Netbank accounts stealing
  • Case outline
  • In August, a malicious code were widely
    distributed and more than 300 Netbank accounts
    were stolen.
  • The suspect intruded into a website and put
    malicious code on the main webpage.
  • When users browsing the website, the malicious
    code will be installed automatically onto the
    users hosts.
  • The malicious code will steal all kind of Netbank
    accounts and post onto another website hacked by
    the suspect.
  • However
  • The suspect know nothing about hacking
    technology.
  • The suspect bought the malicious code and victim
    websites totally from other hackers.
  • The suspect only working step by step according
    to the manual provided by other hackers.

12
Hacking cases WHY?
13
Hacking cases WHERE?How did they connected to
Internet?
Mobile/Wireless crime increased at the same time.
14
Hacking cases TARGET?
  • Personal computers become the major part of
    victim in computer crime in recent year.

15
Preference of hackers
Damage to Internet Security
Small damage Less profit. (Newbie) Severe damage Less profit. ( Exploit buyer)
Small Damage More Profit (Experienced hacker) Severe damage More profit. (Almost none)
Profit
16
Why did they become criminal?
  • They think
  • Its not a crime, its just a game.
  • A lot of people do it on Internet, so I can do
    it.
  • I know its a crime, but I need money.
  • I can hide myself very well.
  • No one will investigate it.

17
What we learn from these data
  • Computer crime and traditional crime are
    intermingle with each other.
  • XSS vulnerability with phishing
  • DDOS/IRC botnet with extortion
  • Current protection technology have not
    successfully protect against following attack
    yet.
  • Sql injection
  • XSS
  • Distribute malware over P2P/IM network
  • Social engineering

18
What we learn from these data
  • Those who dont know a lot of technology cause
    most of the damage to Internet directly.
  • Their major aim is to make profit by stealing
    identity, Netbank account, online stock account,
    online game account etc.
  • Most of them dont realized that there activity
    cause severe damage to Internet security.

19
What we learn from these data
  • Exploit/Malicious code seller is one of the most
    big threat to cyber security.
  • Investigation of exploit and malicious code
    should be emphasized by cyber police.
  • Personal computer is becoming the major target of
    computer crime.
  • Antivirus software will play a more important
    role in cyber protection.

20
How can anti-virus industry help cyber police?
  • Report to police authority before publishing the
    detail information about the malcode/virus
  • We have investigate the source of several virus
    this year.
  • However, the detail information about the virus
    were published and the suspect never access the
    related network resource anymore.
  • If you reporting to us beforehand, the source of
    most identity stealing malicious code can be
    revealed.

21
How can anti-virus industry help cyber police?
  • Save the trail of virus.
  • When we try to investigate a Botnet in 2003, we
    try to trace the source of the malicious code.
  • However, malicious codes on a lot of victim hosts
    were killed by the anti-virus software.
  • For example, save the following information
  • Time stamp
  • Hash value.
  • Etc.

22
How can anti-virus industry help cyber police?
  • Compare the character of different kinds of virus
    in order to find out the virus produced by the
    same author.
  • A criminal is not grown up in one day.
  • They always create more than one kind of virus.

23
How can anti-virus industry help cyber police.
  • Integrate basic forensic analysis function into
    antivirus software.
  • For example, extract the automatic running
    program list, there time stamp and hash value.
  • When the user report an incident to anti-virus
    company, you will get more chance to collect the
    malicious code.
  • Integrate antivirus technology into popular P2P,
    IM, Email and WEB server.
  • Just kill the malicious code on personal computer
    fail to throttle the spread of malicious code.
  • The malicious code distributed through P2P, IM,
    Email and WEB server can hardly be monitored and
    throttled.

24
Game Over
  • Bye bye!
Write a Comment
User Comments (0)
About PowerShow.com