SlideShare ist ein Scribd-Unternehmen logo
1 von 23
Digital forensics for investigators
& prosecutors in financial crimes
All you need to know…
Forensic. Advisory. Fraud.www.summitcl.com
Mustapha B. Mugisa, CFE, CHFI, MBA
President, Association of Certified Fraud Examiners
Uganda Chapter.
Uganda Law Society
CLE Seminar, 10 June 2013,
Imperial Royale Hotel.
Forensic. Advisory. Fraud
How much money do you
estimate [banks in Uganda]
lose annually to fraud?
In which ways is it lost?
Imagecredit,
ACFE.com
Why care?
Forensic. Advisory. Fraud
“An average
organization loses
about 5% of its
annual revenue to
fraud”, ACFE Report
to The Nations 2012.
Total annual revenue (all
Uganda banks) in 2011
1.94/- Trillion
Ugx. 291
billion annually!
ACFE Uganda survey in
2011 revealed banks &
telecoms lose 15-25% of
annual revenue to fraud!
About 90% of financial
crime is aided by ICT!
Total cost of fraud to
banks in Uganda
#1: Lots of fraud in banking…
Or Ugx. 11.6bn per bank
#2: Cyber threat & ICT
security risks
Banks
Virus & Hacker
Attack
Data Leakage &
Network Abuse
Cyber Crime
Combat
Quality
Demand from
Clients
35%
65%
For Banks
65% of security
breaches are internal
35% of security breaches
are external.
You need tools to ensure real
time network monitoring?
Financial crimes increasing…
Credit/ debit
Card Fraud
Insurance
fraud
Money
laundering
Banking
Frauds
Cyber
Crimes
Loan Frauds
Organized
Financial
Crime
Corruption
Financial
Data Theft
Forensic. Advisory. Fraud.www.summitcl.com
#3: The people risks…
a) IP theft
b) DOS of key applications
– lots of downtime
c) About 2/3 leaving
employees steal data
d) Internet banking, credit
card and system frauds
e) Money laundering
Digital forensic
essentials
Forensic. Advisory. Fraud.www.summitcl.com
“Fraud will continue as long
as fraudsters know they
will not be caught, and if
caught, they will not be
prosecuted.” ACFE, 2012.
Forensic. Advisory. Fraud.www.summitcl.com
Answer questions
about digital events
so the results are
admissible in court.
Digital forensic investigation
Forensic. Advisory. Fraud.www.summitcl.com
Electronically stored info (ESI)
e-Discovery:
The legal discovery
(disclosure) of all
electronic documents and
data relevant to a case.
Forensic. Advisory. Fraud.www.summitcl.com
ESI examples
• Email (all kinds);
• Internet, intranet, blogs,
(plus cache files, slack
space data, cookies)
• Data on PDAs,
cellphones
• Hardware and software;
including data storage
media and cloud hosting
Forensic. Advisory. Fraud.www.summitcl.com
Why a forensic analysis?
a) ID the perpetrator.
b) ID the method/ vulnerability
c) Conduct a damage
assessment
d) Preserve the evidence for
legal action
e) What, when, where, who,
how and why.
Suspects Hide Evidence
1.Delete their files and
emails
2.Hide their files by
encryption, password
protection, or
embedding them in
unrelated files (jpg, os
etc.)
3.Use Wi-Fi networks and
cyber cafes to cover
their tracks
Forensic uncover it
1.Restore deleted files
and emails
2.Find the hidden files
through complex
password, encryption
programs, and
searching techniques
3.Track them down
through the digital trail
- IP addresses to ISPs
to the offender
How it works?
o Similar to traditional crime scenes
o Must acquire the evidence while
preserving its integrity
 No damage during collection,
transportation, or storage
 Document everything
 Collect everything the first
time; photograph scene
o Establish a chain of custody
o Clear investigation process
The computer crime scene…
Criminalization of ICT crimes
The Computer Misuse Act, 2011
o Sec.12 – Unauthorized Access (hacking,
interception, Man-In-The-Middle)
o Sec.14 – Unauthorized modification of
electronic content
o Sec.16 – Unauthorized obstruction of use
of computer System (Denial of Service)
o Sec.17 – Unauthorized disclosure of access
code (password leakage)
o Sec.18 – Unauthorized disclosure of
Information (breach of confidentiality)
o Sec. 26 – cyber stalking.
The tools you need
Forensic. Advisory. Fraud.www.summitcl.com
Forensic. Advisory. Fraud.www.summitcl.com
Lawful interception…
1) Total network traffic monitoring
2) Application(s) consuming most bandwidth
3) Network user(s) consuming most bandwidth
4) Packets, which slow down network
5) Content, which involves in business conduct
6) 360o audit of your enterprise IT governance
7) Location, where target user is
8) Interception of any inbound and outbound traffic
#1: Network Forensic Investigation &
incident reporting…
IM/Chat
(Yahoo,
MSN, ICQ,
QQ, IRC,
Google Talk
Etc.)
Email
Webmail
HTTP
(Link, Content,
Upload
Download,
Video FLV)
File Transfer
FTP, P2P
Others
Online Games
Telnet, VoIP,
Social Media etc.
Forensic. Advisory. Fraud.www.summitcl.com
Digital forensic tools…
#2. Computer forensic lab
You need the right tools…
Forensic. Advisory. Fraud.www.summitcl.com
Fraud detection & prevention tool
#3. Empower people to blow the whistle…
Effective web-based local
whistleblower solution
The skills you need
Forensic. Advisory. Fraud.www.summitcl.com
“It is doesn’t matter how
much resources you’ve, if
you don’t know how to use
them they still won’t be
enough.”
Forensic. Advisory. Fraud.www.summitcl.com
Digital forensic skills…
#1. Computer Hacking Forensic
Investigator
95% of all documents are first
created using computers. Only
10% get printed out. Good
prosecutors and investigators need
Computer Hacking Forensic
Investigator (CHFI)
www.eccouncil.org
Forensic. Advisory. Fraud.www.summitcl.com
You need investigation skills
CFE
overview
www.acfe.com
#2. Certified Fraud Examiner (CFE)
Forensic. Advisory. Fraud.www.summitcl.com
Next steps…
You should:
1. Recommend implementation of the local
whistleblower solution…
2. Become CFE and CHFI
3. Work with Summit Consulting for your
expert support and tools
Forensic. Advisory. Fraud.www.summitcl.com
Q&A
We take pride in
doing the right
thing, rather than
what is right for
the profitability
of SCL.
Thank you!
For more information:
www.summitcl.com or www.iifft.org or www.mustaphamugisa.com

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraKapil Mehrotra
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and securityAwais Haider
 
Cyber Security Awareness Month 2017
Cyber Security Awareness Month 2017Cyber Security Awareness Month 2017
Cyber Security Awareness Month 2017Chinatu Uzuegbu
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrimepatelripal99
 
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaZsolt Nemeth
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsOllie Whitehouse
 
Importance of cyber security in education sector
Importance of cyber security in education sectorImportance of cyber security in education sector
Importance of cyber security in education sectorSeqrite
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital FirmMohamad Fathi
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsGoutama Bachtiar
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Jim Geovedi
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT CollegesPotato
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trendsHadeel Sadiq Obaid
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 

Was ist angesagt? (20)

Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil Mehrotra
 
Internet Use, Privacy and security
Internet Use, Privacy and securityInternet Use, Privacy and security
Internet Use, Privacy and security
 
Cyber Security Awareness Month 2017
Cyber Security Awareness Month 2017Cyber Security Awareness Month 2017
Cyber Security Awareness Month 2017
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrime
 
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in AfricaThe Realities and Challenges of Cyber Crime and Cyber Security in Africa
The Realities and Challenges of Cyber Crime and Cyber Security in Africa
 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
Technical Challenges in Cyber Forensics
Technical Challenges in Cyber ForensicsTechnical Challenges in Cyber Forensics
Technical Challenges in Cyber Forensics
 
Cyber Threat Intel : Overview
Cyber Threat Intel : OverviewCyber Threat Intel : Overview
Cyber Threat Intel : Overview
 
Importance of cyber security in education sector
Importance of cyber security in education sectorImportance of cyber security in education sector
Importance of cyber security in education sector
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firm
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
State of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and SolutionsState of Cyber Crime in Banking Sector Today: Threats and Solutions
State of Cyber Crime in Banking Sector Today: Threats and Solutions
 
Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?Is Cyber-offence the New Cyber-defence?
Is Cyber-offence the New Cyber-defence?
 
Mobile security
Mobile securityMobile security
Mobile security
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
 
Cyber security threats and trends
Cyber security threats and trendsCyber security threats and trends
Cyber security threats and trends
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber of things 2.0
Cyber of things 2.0Cyber of things 2.0
Cyber of things 2.0
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For Mankind
 

Ähnlich wie Uganda lawsociety v2digitalforensics

Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness   (digital forensics)Lessons v on fraud awareness   (digital forensics)
Lessons v on fraud awareness (digital forensics)CA.Kolluru Narayanarao
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness   (digital forensics) [autosaved]Lessons v on fraud awareness   (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Kolluru N Rao
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docxAliAshraf68199
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxtalhajann43
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop newforensicsnation
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshopforensicsnation
 
Technology In Computer Forensics
Technology In Computer ForensicsTechnology In Computer Forensics
Technology In Computer ForensicsKatie Fernandez
 
Cyber crime - and digital device.pptx
Cyber crime - and digital device.pptxCyber crime - and digital device.pptx
Cyber crime - and digital device.pptxAlAsad4
 
Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Gol D Roger
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its toolsKathirvel Ayyaswamy
 
E security and payment 2013-1
E security  and payment 2013-1E security  and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Infa 610 Final Exam Solutions
Infa 610 Final Exam SolutionsInfa 610 Final Exam Solutions
Infa 610 Final Exam SolutionsChelsea Porter
 

Ähnlich wie Uganda lawsociety v2digitalforensics (20)

Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness   (digital forensics)Lessons v on fraud awareness   (digital forensics)
Lessons v on fraud awareness (digital forensics)
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness   (digital forensics) [autosaved]Lessons v on fraud awareness   (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
 
What is Digital Forensics.docx
What is Digital Forensics.docxWhat is Digital Forensics.docx
What is Digital Forensics.docx
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
 
03.fnc corporate protect workshop new
03.fnc corporate protect workshop new03.fnc corporate protect workshop new
03.fnc corporate protect workshop new
 
FNC Corporate Protect
FNC Corporate ProtectFNC Corporate Protect
FNC Corporate Protect
 
FNC Corporate Protect Workshop
FNC Corporate Protect WorkshopFNC Corporate Protect Workshop
FNC Corporate Protect Workshop
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
Technology In Computer Forensics
Technology In Computer ForensicsTechnology In Computer Forensics
Technology In Computer Forensics
 
Cyber crime - and digital device.pptx
Cyber crime - and digital device.pptxCyber crime - and digital device.pptx
Cyber crime - and digital device.pptx
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02
 
cyber forensics
cyber forensicscyber forensics
cyber forensics
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its tools
 
E security and payment 2013-1
E security  and payment 2013-1E security  and payment 2013-1
E security and payment 2013-1
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
 
Infa 610 Final Exam Solutions
Infa 610 Final Exam SolutionsInfa 610 Final Exam Solutions
Infa 610 Final Exam Solutions
 

Mehr von Mustapha Mugisa

The role of the board outside the Boardroom briefing.pptx
The role of the board outside the Boardroom briefing.pptxThe role of the board outside the Boardroom briefing.pptx
The role of the board outside the Boardroom briefing.pptxMustapha Mugisa
 
Fraud in banking_a heatmap.pptx
Fraud in banking_a heatmap.pptxFraud in banking_a heatmap.pptx
Fraud in banking_a heatmap.pptxMustapha Mugisa
 
Fraud risk maturity assessment.pptx
Fraud risk maturity assessment.pptxFraud risk maturity assessment.pptx
Fraud risk maturity assessment.pptxMustapha Mugisa
 
Effective Fraud risk management 101.pptx
Effective Fraud risk management 101.pptxEffective Fraud risk management 101.pptx
Effective Fraud risk management 101.pptxMustapha Mugisa
 
Key note presentation_amfiu conference
Key note presentation_amfiu conferenceKey note presentation_amfiu conference
Key note presentation_amfiu conferenceMustapha Mugisa
 
Whistleblower presentation
Whistleblower presentationWhistleblower presentation
Whistleblower presentationMustapha Mugisa
 

Mehr von Mustapha Mugisa (7)

The role of the board outside the Boardroom briefing.pptx
The role of the board outside the Boardroom briefing.pptxThe role of the board outside the Boardroom briefing.pptx
The role of the board outside the Boardroom briefing.pptx
 
Fraud in banking_a heatmap.pptx
Fraud in banking_a heatmap.pptxFraud in banking_a heatmap.pptx
Fraud in banking_a heatmap.pptx
 
Fraud risk maturity assessment.pptx
Fraud risk maturity assessment.pptxFraud risk maturity assessment.pptx
Fraud risk maturity assessment.pptx
 
Effective Fraud risk management 101.pptx
Effective Fraud risk management 101.pptxEffective Fraud risk management 101.pptx
Effective Fraud risk management 101.pptx
 
Key note presentation_amfiu conference
Key note presentation_amfiu conferenceKey note presentation_amfiu conference
Key note presentation_amfiu conference
 
Whistleblower presentation
Whistleblower presentationWhistleblower presentation
Whistleblower presentation
 
Scl profile v2
Scl profile v2Scl profile v2
Scl profile v2
 

Kürzlich hochgeladen

COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 

Kürzlich hochgeladen (20)

201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 

Uganda lawsociety v2digitalforensics

  • 1. Digital forensics for investigators & prosecutors in financial crimes All you need to know… Forensic. Advisory. Fraud.www.summitcl.com Mustapha B. Mugisa, CFE, CHFI, MBA President, Association of Certified Fraud Examiners Uganda Chapter. Uganda Law Society CLE Seminar, 10 June 2013, Imperial Royale Hotel.
  • 2. Forensic. Advisory. Fraud How much money do you estimate [banks in Uganda] lose annually to fraud? In which ways is it lost? Imagecredit, ACFE.com Why care?
  • 3. Forensic. Advisory. Fraud “An average organization loses about 5% of its annual revenue to fraud”, ACFE Report to The Nations 2012. Total annual revenue (all Uganda banks) in 2011 1.94/- Trillion Ugx. 291 billion annually! ACFE Uganda survey in 2011 revealed banks & telecoms lose 15-25% of annual revenue to fraud! About 90% of financial crime is aided by ICT! Total cost of fraud to banks in Uganda #1: Lots of fraud in banking… Or Ugx. 11.6bn per bank
  • 4. #2: Cyber threat & ICT security risks Banks Virus & Hacker Attack Data Leakage & Network Abuse Cyber Crime Combat Quality Demand from Clients 35% 65% For Banks 65% of security breaches are internal 35% of security breaches are external. You need tools to ensure real time network monitoring?
  • 5. Financial crimes increasing… Credit/ debit Card Fraud Insurance fraud Money laundering Banking Frauds Cyber Crimes Loan Frauds Organized Financial Crime Corruption Financial Data Theft
  • 6. Forensic. Advisory. Fraud.www.summitcl.com #3: The people risks… a) IP theft b) DOS of key applications – lots of downtime c) About 2/3 leaving employees steal data d) Internet banking, credit card and system frauds e) Money laundering
  • 7. Digital forensic essentials Forensic. Advisory. Fraud.www.summitcl.com “Fraud will continue as long as fraudsters know they will not be caught, and if caught, they will not be prosecuted.” ACFE, 2012.
  • 8. Forensic. Advisory. Fraud.www.summitcl.com Answer questions about digital events so the results are admissible in court. Digital forensic investigation
  • 9. Forensic. Advisory. Fraud.www.summitcl.com Electronically stored info (ESI) e-Discovery: The legal discovery (disclosure) of all electronic documents and data relevant to a case.
  • 10. Forensic. Advisory. Fraud.www.summitcl.com ESI examples • Email (all kinds); • Internet, intranet, blogs, (plus cache files, slack space data, cookies) • Data on PDAs, cellphones • Hardware and software; including data storage media and cloud hosting
  • 11. Forensic. Advisory. Fraud.www.summitcl.com Why a forensic analysis? a) ID the perpetrator. b) ID the method/ vulnerability c) Conduct a damage assessment d) Preserve the evidence for legal action e) What, when, where, who, how and why.
  • 12. Suspects Hide Evidence 1.Delete their files and emails 2.Hide their files by encryption, password protection, or embedding them in unrelated files (jpg, os etc.) 3.Use Wi-Fi networks and cyber cafes to cover their tracks Forensic uncover it 1.Restore deleted files and emails 2.Find the hidden files through complex password, encryption programs, and searching techniques 3.Track them down through the digital trail - IP addresses to ISPs to the offender How it works?
  • 13. o Similar to traditional crime scenes o Must acquire the evidence while preserving its integrity  No damage during collection, transportation, or storage  Document everything  Collect everything the first time; photograph scene o Establish a chain of custody o Clear investigation process The computer crime scene…
  • 14. Criminalization of ICT crimes The Computer Misuse Act, 2011 o Sec.12 – Unauthorized Access (hacking, interception, Man-In-The-Middle) o Sec.14 – Unauthorized modification of electronic content o Sec.16 – Unauthorized obstruction of use of computer System (Denial of Service) o Sec.17 – Unauthorized disclosure of access code (password leakage) o Sec.18 – Unauthorized disclosure of Information (breach of confidentiality) o Sec. 26 – cyber stalking.
  • 15. The tools you need Forensic. Advisory. Fraud.www.summitcl.com
  • 16. Forensic. Advisory. Fraud.www.summitcl.com Lawful interception… 1) Total network traffic monitoring 2) Application(s) consuming most bandwidth 3) Network user(s) consuming most bandwidth 4) Packets, which slow down network 5) Content, which involves in business conduct 6) 360o audit of your enterprise IT governance 7) Location, where target user is 8) Interception of any inbound and outbound traffic #1: Network Forensic Investigation & incident reporting… IM/Chat (Yahoo, MSN, ICQ, QQ, IRC, Google Talk Etc.) Email Webmail HTTP (Link, Content, Upload Download, Video FLV) File Transfer FTP, P2P Others Online Games Telnet, VoIP, Social Media etc.
  • 17. Forensic. Advisory. Fraud.www.summitcl.com Digital forensic tools… #2. Computer forensic lab You need the right tools…
  • 18. Forensic. Advisory. Fraud.www.summitcl.com Fraud detection & prevention tool #3. Empower people to blow the whistle… Effective web-based local whistleblower solution
  • 19. The skills you need Forensic. Advisory. Fraud.www.summitcl.com “It is doesn’t matter how much resources you’ve, if you don’t know how to use them they still won’t be enough.”
  • 20. Forensic. Advisory. Fraud.www.summitcl.com Digital forensic skills… #1. Computer Hacking Forensic Investigator 95% of all documents are first created using computers. Only 10% get printed out. Good prosecutors and investigators need Computer Hacking Forensic Investigator (CHFI) www.eccouncil.org
  • 21. Forensic. Advisory. Fraud.www.summitcl.com You need investigation skills CFE overview www.acfe.com #2. Certified Fraud Examiner (CFE)
  • 22. Forensic. Advisory. Fraud.www.summitcl.com Next steps… You should: 1. Recommend implementation of the local whistleblower solution… 2. Become CFE and CHFI 3. Work with Summit Consulting for your expert support and tools
  • 23. Forensic. Advisory. Fraud.www.summitcl.com Q&A We take pride in doing the right thing, rather than what is right for the profitability of SCL. Thank you! For more information: www.summitcl.com or www.iifft.org or www.mustaphamugisa.com