Maarten J' Kleintjes National Manager Electronic Crime Laboratory New Zealand Police sherlock'holmes

1
Maarten J. KleintjesNational Manager Electronic
Crime Laboratory / New Zealand Policesherlock.ho
lmes_at_e-crime.govt.nz

• The Electronic Armed Hold-up
• FMOA Meeting - Auckland
• 26 May 2006  

2
Disclaimer

• Off the record
• Private details are changed
• Expressed views my own
• Could be disturbing

3
On the menu today.

• Police e-Crime Lab
• e-holdup/ e-extortion
• How does it work
• Phishing, Keystroke loggers, Trojan horses
• Getting the money out of NZ
• Solutions to stop it

4
E-Crime Laboratory
5
Related Offences.
Old crime in new bottles

• Drugs/ P-Labs
• Homicides
• National security
• Sexual - Indecency
• Fraud/ Burglary/ Theft
• Computer/ Cyber Crime

6
Year 2004 results.

• 1150 Cases/ 16300 exhibits

7
Exponential increase
8
Cybercrime

• The computer has become an integral part of
  our way of life. However, as our dependency on
  technology increases, so to does our
  vulnerability.

9
Armed hold-up.
Have been around ever since there were weapons
..and money
10
e-Hold-up.
Give me the scarf and no one gets hurt...
11
e-Hold-up.
Why bother with sawn-off shotguns, masks and
getaway cars..
12
e-Hold-up.
If you can do it from the comfort of your own
home..
from anywhere in the world..
13
Why are we targeted

• Were generally nice people who are very trusting

14
Why are we targeted

• Were generally nice people who are very trusting
• Purpose of the Internet to share data
• Internet Banking system open to attack
• Thats where the money is

15
How do they getinto our bank accounts.

• Keystroke loggers
• Trojan Horses (BankAsh-A)
• DTMF decoders
• Phishing/Spy ware
• ATM skimming

16
Phishing.

• The act of extracting secret data through
  cleverly designed hoax web sites
• Starts with spoofed email
• 15 emails are phishing attempts
• 17,877 attacks January 2006

17
(No Transcript)
18
Spoofed verification page.
19
Real site.
20
Spoofed site.
21
Phishing.

• Data goes to a compromised host somewhere in the
  world
• http//pakuranga.rotary.org.nz
• JPMorgan/Paraparaumu

22
Spy ware.

• Usernames/ passwords
• Websites visited
• Text typed in

23
(No Transcript)
24
(No Transcript)
25
ATM skimming

• Captures the card details
• PIN obtained through
• Pin hole camera
• Shoulder surfing
• Binoculars
• Money obtained overseas

26
Skimmer Example 1
Europe, 2003
27
Skimmer Example 2

• UK, Oct 2004

28
White label ATMs
Genuine ATM
Recovered ATM shells
Dismantled signage

• Canada, Dec 2002

29
Pin Hole Camera
Actual ATM
False Panel with camera
Camera oversees PIN Pad
UK, 2003
30
Pin hole Camera
Pin hole Camera
Battery Pack
Antenna
Europe, 2003
31
How do they getthe money out of NZ.

• Mules
• Employment scams
• Plasma TVs/ Travel Tour Guide
• e-Commerce
• On-line auctions
• Hotels/Motels
• Bookings
• Money order (Western Union/e-payment)

32
Dominion Post.
33
Why do we need to fix it

• The future is digital without a doubt
• New e-services in the future
• Restore confidence in online services
• Prevent Identity Fraud and Crime
• Be one step ahead

34
What can Police do.

• Real time e-counter attack
• Shutting down sites
• Follow the money trail
• Prosecute
• Educate

35
What can users do.

• Maintain a secure PC
• Firewall
• Anti virus/spyware
• msn Phishing filters
• Auto update OS
• www.netsafe.org.nz

36
What can Banks do.

• Improve online security (2 factor ID)
• Restore and build confidence
• Mandatory in US end 2006
• ASB/ BankDirect/BNZ/ HSBC/ RaboBank
• No privacy without security

37
2 factor identification

• Based on something you know and something you
  have
• One time password generator
• Entrust card
• Digipass

38
Do I use Internet Banking?

• Yes
• Just work around keystroke loggers
• Password anger
• Type in dangerously
• Delete d
• Delete ously
• Logger shows dangerouslyltdelgtltdelgt

39
Who will survive the online age

• Businesses who can positively identify customers
• Customers who can positively identify businesses
  

40
Thank you.Are there any questions ?...
Electronic Crime Laboratory sherlock.holmes_at_e-cri
me.govt.nz