Upload
luc-beirens
View
846
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Presentation given by FCCU at press conference on internet banking fraud at Febelfin on 13 june 2012 febelfin fccu persconferentie
Citation preview
Belgian Federal Judicial Police
Federal Computer Crime Unit
© Luc Beirens
« Security in e-banking is a shared responsiblity »
© 2012 FCCU - Luc Beirens
Topics
Scheme
2007-2012 Evolution
Victims
Money mules
Criminals
Future
© 2012 FCCU - Luc Beirens
e-banking fraud is only part of the cybercrime
© 2012 FCCU - Luc Beirens
Cybercriminals working together
© 2012 FCCU - Luc Beirens
4 Activity spying Keylogging
Fake Company
Proxy
Spam
Money collector
Money Mule
eBank user Bank site
Money Mule
10
5
11
7
12 13
Trojan distribution campain
Hackers
Knowledge
database
1
Local storage
2 Use of intermediate systems to control network
Bank account transfer
3
© Luc Beirens
6
Surfing to banking website & Authentication
8 Preparation
Money transfer order
Proxy
Confirmation :
Screen injects
Telephone calls
2007-2012 e-banking cases
Experiences e-Banking cases 2007 : handled seperately
Start of Federal Police - Febelfin cooperation Complaints => centralized information & analysis
Engagement Police – Justice Federal Prosecutor’s office coordinating Local Prosecutors
Investigating ICT traces : FCCU
Investigating Financial traces : DJF and FJP Bxl
Cooperation with Europol & Eastern European countries
Success Most with financial traces => money launderers
○ Several money mules brought to court in BE & abroad
Some coders / hackers still under investigation abroad
© 2012 FCCU - Luc Beirens
Success ?
BE : less than 200.000 euro in 2011 Compared to 36 million euro in Netherlands
Well protected BE payment systems
Fast collaboration => know how criminals work
Fast adaptation of techniques for detection, avoidance, damage control
Awareness to large public Press releases / information sessions
Websites on e-security
© 2012 FCCU - Luc Beirens
Victims
ALL of them were infected with Trojans
Some of them had several hunderds Trojans
Very often no AV products
Operating system / applications not updated
Unaware of risks / methods
© 2012 FCCU - Luc Beirens
Who are behind the fraud ?
Horizontal organized crime : specialized teams
Trojan developers
Botnet managers
Financial operators => information / operations
Money launderers => operations department
Underground economy
Place where criminal specialists meet
Using encryption / hiding techniques
© 2012 FCCU - Luc Beirens
Underground exhange services
Market of Trojans and botnets
Zeus, SpyEye
Self configurable Trojan kits with support
Infection ways : mail, social media, P2P, web
Integration of functionalities Read, write, install access to harddisk
Internet connection interception and code injection
Keylogging
Screen captures
Webcam & microphone activation
Managed over botnets
© 2012 FCCU - Luc Beirens
Money mules
Several levels of money mules 1st level => in BE / 2nd level => after money transfert
Organizers Recruitment and managing money mules
Organizing – laundering operations
New schemes to enable money laundering Large expensive orders to shops / hotels – cancelled
New dating friends asking for money transfers
Money mules used for different purposes E-banking / Internet fraud
© 2012 FCCU - Luc Beirens
Evolution
Trojans and botnets : multipurpose tool for cyber crime
Cooperation Febelfin-Police : detect new modus
Focus on awareness Responsiblity of every party concerned
Focus European and BE police strategy Taking away the weapens of the criminals
Disrupting / dismantle botnets
Together with all other partners
© 2012 FCCU - Luc Beirens
Contact information
Belgian Federal Judicial Police
Direction for economical and financial crime
Federal Computer Crime Unit Notelaarstraat 211 - 1000 Brussels – Belgium
Tel office : +32 2 743 74 74
Fax : +32 2 743 74 19
Head of Unit : [email protected]
Twitter : @LucBeirens
© 2012 FCCU - Luc Beirens