Transcript Diapositiva 1

Training on
“Albanian and Italian experience in investigation and prosecution
of Cybercrime”
General Prosecutor Office, Tirana
10 June 2014
VQA Ivano GABRIELLI
Servizio Polizia Postale e delle Comunicazioni
C.N.A.I.P.I.C.
Organization Chart
MINISTRY OF INTERIOR
DEPARTMENT OF PUBLIC SAFETY
DIRECTORATE FOR ROAD POLICE, RAILWAY POLICE,
COMMUNICATIONS POLICE AND FOR THE SPECIAL UNITS
OF THE ITALIAN NATIONAL POLICE
POSTAL AND COMMUNICATIONS POLICE SERVICE
Our main operational centres
POSTAL AND COMMUNICATIONS POLICE SERVICE
CNAIPIC
CNCPO
Online Police Station
Field Offices
20
80
Regional Districts
(Compartimenti)
Provincial Branches
(Sezioni)
Statutory areas of competence
•Cyber Crime
oHacking
oCrimes affecting: -Home banking
-E-currency
-E-Commerce
oCyber terrorism
o Critical Infrastructure Protection
• Online Child Pornography
• Offences against the person committed by means of the internet
oCyber stalking
oOnline threats, harassment and defamation
• Safeguarding Communications
• Crimes affecting postal services
oControls over telecommunication-related activities
• Enforcing Copyright protection law – Satellite piracy
Servizio Polizia Postale
C.N.C.P.O.
Established by Law n.38 of February 6, 2006, the National Centre for Combating Online
Child Pornography conducts and coordinates all online child abuse investigations and
prevention activities. The Centre updates a blacklist of child pornography websites on a
daily basis.
h/24 Monitoring
Reception and Notification
Blacklisting and Filtering
Relations with Financial Institutions
Image Analysis
Coordinating investigations
International cooperation
Servizio Polizia Postale
C.N.A.I.P.I.C.
Regulatory framework
•Art. 7-bis of Law n.155 of 31 July 2005, “Conversion into law, with amendments, of the decree law n. 144
of 27 July 2005 on urgent measures to combat international terrorism” (also known as “Pisanu Law”)
Internet and telecommunications security: «Without prejudice to the competences of Intelligence and
Security Agencies, set forth in articles 4 and 6 of Law n. 801 of 24 October 1977, the body of the Ministry of
Interior entrusted with the security and regularity of telecommunication services * ensures the protection
of national critical information infrastructures, as indicated in a specific Decree of the Minister of Interior,
availing itself of direct ICT connections with the infrastructures concerned and provided for by specific
agreements.»
•Decree of the Minister of Interior of 9 January 2008 implementing art. 7 bis of decree law n. 144 of 27 July
2005. It defines and indicates Critical Information Infrastructures and establishes the CNAIPIC within the
Postal and Communications Police Service - Department of Public Safety.
•Decree of the Chief of Police of 7 August 2008. It states the CNAIPIC’s mission and defines its organization.
CYBERCRIME
scenario
Internet users:
In 2000 360,985,492
Today 2,405,518,376
8
NEW FORMS OF CYBERCRIME
BASED ON
DIGITAL IDENTITY THEFT
MAINLY TARGETING:
- ONLINE BANKING SERVICES
- E-COMMERCE
- KNOW-HOW THEFT AND INDUSTRIAL
ESPIONNAGE
DIGITAL IDENTITY THEFT
DIFFERENT CASES
Identity Cloning
Impersonation
Financial Identity
Theft
Use of stolen credentials to
obtain financial and
economic advantages
Criminal Identity
Theft
Use of stolen credentials to
commit illegal activities
DIGITAL IDENTITY THEFTS
Main targets
Attacks against users
«Traditional» Phishing techniques
Theft of a few dozens of credentials
Attacks on large computer systems
Attacks on users computer systems
Data Breach
New generation Botnet - Phishing
Theft of hundreds of thousands of credentials
Theft of thousands of credentials
CYBERCRIME
A case study
“Between 2005 and 2007 Albert Gonzalez, along with a team of hackers called
ShadowCrew, managed to hack into the databases of some leading
companies of the retail industry, thus gaining access to more than 180 million
payment cards.
According to estimates, the damage caused by Gonzalez and his team to the
affected companies amounted to more than $ 400 million, including
reimbursements, forensic investigations and legal expenses.”
Source: http://www.mcafee.com/it/resources/reports/rp-good-decade-for-cybercrime.pdf
12
CASE:
STRATFOR
CYBERCRIME
Yesterday, Today and…
CYBERCRIME
… Tomorrow
IDENTITY
THEFT
CYBERCRIMES
affecting home banking and e-currency
• represent a constantly evolving phenomenon
• exploit increasingly sophisticated techniques and
technologies
(theft of digital identity and codes through new
pharming e phishing techniques, insidious crimeware
such as trojan horses and botnets, more and more
refined skimming technologies, illegal accesses to
databases, etc.)
• are put in place by cross-border criminal organizations
• have transnational and cross-sector effects
Identity Theft
Cases in Italy
65589
70000
60000
45807
50000
40000
30000
20000
10000
0
2009
2010
2011
2012
Identity theft : Home Banking, E-currency, E-commerce and Theft of non-financial services access codes – Number of
cases resulting from complaints filed from 2009 to 2012
Source:Polizia Postale e delle Comunicazioni
Our Activities from January 1 to May 31 2014
•
•
•
•
•
•
•
Websites monitored
Significant attacks detected
Alerts sent out relating to serious events
Investigations conducted
Individuals informed against to the J.A.
HTC Emergency Incoming requests
HTC Emergency Outgoing requests
7252
161
453
32
33
10
18
BOTNETS
Source: http://www.team-cymru.org/
Data refer to July 19th, 2012
ZEUS BOTNET
Infections
Source: http://www.abuse.ch/?p=3499
Data refer to October 2011 – first detection of Zeus variant c.d. P2P
ZEUS BOTNET
Attack on mobile systems
UNDERGROUND ECONOMY
PREVENTION AND RESPONSE
• synergic approach = public-private partnership =
shared security
• data and information sharing and circulation
• involvement of specialized law enforcement agencies
In particular
•creation of a public-private task force
•data and information sharing and circulation with a
view to preventing and countering crimes and to
providing appropriate security policies
•refining operational capacities and law enforcement
response
•International cooperation
Thank you for your attention