THE GLOBILIZATION OF CYBERCRIME
THE GLOBILIZATION OF CYBERCRIME
Former NSA Director, General Keith Alexander: The loss of industrial information and intellectual property through cyber espionage constitutes the "Greatest Transfer of Wealth in History"
How to report Cybercime? So who investigates Cybercrime? What do you do if you become a victim of Cybercrime? How do you report Cybercrime if your business falls victim, or even where to go if you're just not sure? To answer these basis questions you must first be able to answer even more basic questions such as:
Does your situation meet the any investigative or prosecutorial thresholds?
Is there a high enough monetary loss ( prosecuting attorney's offices will calculate compensatory losses not punitive losses)
Is it a case with a community impact?
Is it a breach of a business or are you a personal victim of cybercrime?
Reporting business cyber intrusions and personally becoming a victim of cybercrime share some similarities, however in most cases:
Cybercrimes affecting businesses should be reported to federal law enforcement agencies
Cybercrimes affecting Individuals should be reported to local law enforcement agencies and federal reporting centers like the FTC and IC3.
Cybersecurity and Incident Response Planning for Businesses: As cyber incidents rapidly spread across the nation’s financial and critical infrastructure an effective response requires close coordination from multiple stakeholders affected by the incident. A well-defined and organized response to a cyber incident requires a team effort. Getting the right people involved is essential to properly responding, coordinating, mitigating, and investigating your incident.
Knowing who to involve in your initial response
Containing the problem while investigating the incident
Collecting and reporting the facts
Cyber Security for Executives of Companies: The following three (3) key points are what every executive should want to know about their company’s information technology presence.
Securing your data against a cyber-attack
Taking a holistic and layered approach to cybersecurity
Having a cybersecurity response plan
- The common cause of the problem is a lack of understanding by CEOs as to their role in cyber defense and their delegation to others in the organization.
- These lawsuits are the beginning of a groundswell of litigation that will pit corporate CEOs against the public where they will have to defend their behavior of reduction of IT costs vs. taking reasonable care in the handling of their security.
The vulnerabilities of remotely accessing your business: Remote Desktop, Log Me In, Team Viewer, mailservers etc.
Hi-jacked Bank Accounts
Intellectual Property Theft
Stolen Credit Cards
Keylogger in Hotels: The malicious actors were able to utilize a low-cost, high impact strategy to access a physical system, stealing sensitive data from hotels and subsequently their guest’s by downloading a keylogger on publicly available business center computers. This particular type of criminal activity highlights the importance of the need for physical and network security to work together as they are dependent on each other.
Physical events can have cyber (logical data flow) consequences
Cyber events can have physical consequences.
We are all in the this fight together:
- Users - home user and business user whose data is targeted and don't have the where with all to protect their systems. See CPE fixes Dr. Paul Vixie and Web based attacks targeting home routers.
- Private Sector businesses - who control the majority of access to the internet yet view cybercrime in a managed business context instead of a security risk. Internet touches half million routes.
- Software AV vendors - who develop software for business use and not for security, while AV vendors are losing the battle to zero-day malware.
- Internet Service Providers (ISPs) - who manage the network yet allow blantant criminal element to abuse Internet Service use agreement. See list of top ISPs
- Domain name registrars and regulators - who determine if a domain is allowed to be registered and potentially have the power to de-register a domain that is used to commit fraud or other criminal activity, including, for example, the distribution of malware. an established Regional Internet Registry (RIR) or National Internet Registry (NIR) such as ARIN, RIPE, AFRINIC, APNIC, LACNIC or KRNIC or direct RIR allocations. ICANN list of accredited registrars.
- Law enforcement - which investigates and prosecutes cybercrime violations yet don't gear the proper resources overseas to combat cybercrime globally. The way of a warrant youtube.
- Government agencies - have a role to manage risks and developing national and international policies combat cybercrime.
THE GOVERNEMTS COMPREHENSIVE NATIONAL CYBERSECURITY INITIATIVE HISTORY:
1998 - President Clinton issues PDD-63 with the goal of public and private organizations being able to maintain continuity of the U.S. critical infrastructure in the event of a terrorist attack. Critical infrastructure includes the physical and cyber-based systems that are essential for the economy and the government to operate at a minimum level.
2002 -The Federal Information Security Management Act was passed as legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats.
2003 - PDD-63 was specifically superseded by HSPD-7, Critical Infrastructure Identification, Prioritization, and Protection. HSPD-7, issued by President George W. Bush on December 17, 2003, establishes a national policy for federal departments and agencies to identify and prioritize critical U.S. infrastructure and key resources and to protect them from terrorist attacks.
2004 - Homeland Security Presidential Directive 12 (HSPD-12) was issued by President George W. Bush which calls for a mandatory, government-wide standard for secure and reliable forms of ID issued by the federal government to its employees and employees of federal contractors for access to federally-controlled facilities and networks.
2008 - Shortly after taking office, President Obama ordered a thorough Cyberspace Policy Review of federal efforts to defend the U.S. information and communications infrastructure and the development of a comprehensive approach to securing America’s digital infrastructure. The recommendations of the Cyberspace Policy Review were build on an unclassified summary of the Comprehensive National Cybersecurity Initiative (CNCI) launched by President George W. Bush in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/ HSPD-23) in January 2008.
The CNCI consists of a number of mutually reinforcing initiatives with the following major goals designed to help secure the United States in cyberspace:
To establish a front line of defense against todays immediate threats by creating or enhancing shared situational awareness of network events within the Federal Government To defend against the full spectrum of threats by enhancing U.S. counterintelligence capabilities To strengthen the future cybersecurity environment by expanding cyber education
2013 - President Obama issued Presidential Policy Directive 21: Critical Infrastructure Security and Resilience. President Obama issued Executive Order (EO) 13636 on improving critical infrastructure cybersecurity. PPD-21 re-aligned the HSPD-7 critical infrastructure sectors and reduced the number from 18 to 16. The 16 critical infrastructure sectors are chemical; commercial facilities; communications; critical manufacturing; dams; defense industrial base; emergency services; energy; financial services; food and agriculture; government facilities; healthcare and public health; information technology; nuclear reactors, materials, and waste; transportation systems; and water and wastewater systems.
2013 - EO 13636 directed NIST to work with stakeholders to develop a voluntary framework – based on existing standards, guidelines, and practices - for reducing cyber risks to critical infrastructure. The Framework for Improving Critical Infrastructure Cybersecurity helps organizations, regulators and customers can use to create, guide, assess or improve comprehensive cybersecurity programs.
2014 - The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
Other Notable Laws - Federal Information Processing Standards (FIPS) are publicly announced standardizations developed by the United States federal government for use in computer systems by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract.
References and Resources:
Copyright 2007.Company Inc. All Rights Reserved.