This document discusses cybercrime and provides information on various related topics. It begins with definitions of cybercrime and descriptions of some notorious cybercriminals. Statistics on the top 20 countries for cybercrime are presented from a Symantec report. Cyber attacks are analyzed based on motivation and technique. The document also summarizes the major Bangladesh Bank cyber heist in 2016 and the security and policy implications. Finally it outlines some common cyber security measures.
2. statistics and probability (STA-133)
Submitted to
Tajmary Mahfuz
Submitted by
S.M.Mustofa Kauser
143-15-4515
Mahhud Sowrov
143-15-41528
Bib Yammin
143-15-4598
Md. Rezwanul Islam
143-15-4574
Sabbir Ahmed
143-15-4520
3. Presentation Topics
Cybercrime- About cybercrime, Definition, What kind of
people do this.
Crime Graph- Top twenty list & explanation.
Cyber Attacks- Attack Techniques, Motivations
Behind Attacks, Industry & Organization Drill-Down
Bangladesh Bank Tragedy- How to hack, bank
governor resigns
Cyber security- Security measures, Step to cyber
security.
4. About Cybercrime
Computer crime, or cybercrime, is crime that involves a computer and a
network.
The computer may have been used in the commission of a crime, or it may be
the target. Internationally, both governmental and non-state actors
engage in cybercrimes, including espionage, financial thif, and other
cross-border crimes.
5. Cyber’s Most Wanted
Evgeniy Bogachev
Conspiracy to racketeering
activity related to Zeus malware
Peteris Sahurovs
Unauthorized access to
protected computer; wire
fraud
6.
7. Crime Graph
Symantec has ranked 20 countries that face, or cause, the
most cybercrime. In compiling such a list, Symantec was able to
quantify software code that interferes with a computer's normal
functions, rank zombie systems, and observe the number of
websites that host phishing sites, which are designed to trick
computer users into disclosing personal data or banking account
information. The highest rate of cybercrime was found to be in the
United States which may mainly contribute to the broad range of
available broadband connections, which are those that allow
uninterrupted internet connectivity.
All of the contributing factors allowed Symantec to effectively rank
a top 20 list of countries that have the most cybercrime.
8. List of Top 20 Countries with the highest rate of
Cybercrime (source: Business Week/Symantec)
Each country lists 6 contributing factors, share of malicious
computer activity, malicious code rank, spam zombies rank, phishing web
site hosts rank and attack origin, to substantiate its cybercrime ranking.
1. United States of America
Share of malicious computer activity: 23%
Malicious code rank: 1
Spam zombies rank: 3
Phishing web site hosts rank: 1
Attack origin rank: 1
9. 2. China
Share of malicious computer activity: 9%
Malicious code rank: 2
Spam zombies rank: 4
Phishing web site hosts rank: 6
Attack origin rank: 2
3. India
Share of malicious computer activity: 3%
Malicious code rank: 3
Spam zombies rank: 11
Phishing web site hosts rank: 22
Attack origin rank: 19
10. Cyber Attacks
It’s now time to publish the statistics derived from the Cyber Attacks
Timelines of February
Cyber Crime ranks on top of the Motivations Behind Attacks chart with
62.7%, substantially stable and in line with January (was 60.6%).
Hacktivism ranks at number two, nearly with the same value reported in
January (28% vs 27.7%).
11. Cyber Espionage ranks at number three with 5.3% (was 7.4% in
January), while attacks motivated by Cyber Warfare are equally
substantially stable with 4% (was 4.3% in January).
12. The Attack Techniques were unknown in 41.3% of the cases. Account
Hijackings are immediately behind with 12%, and SQLi achieve an
impressive 10.7%. Impressive are also the percentages of targeted attacks
(9.3%) and malware (6.7%).
13.
14. Bangladesh Bank Tragedy
The recent cyber attack on Bangladesh's central bank that let hackers stole
over $80 Million from the institutes' Federal Reserve bank account was
reportedly caused due to the Malware installed on the Bank's computer s
ystems. The criminal group was able to steal a total value of about $81
Million from the Federal Reserve's Bangladesh account through a s
eries of fraudulent transactions, but a typo in some transaction
revented a further $850 Million Heist.
15. A further $81m went to four accounts in the Philippines, purportedly for
payments in relation to Bangladeshi infrastructure projects, including
bridges, a power station and the Dhaka metro. That money then
disappeared into the casino industry and has yet to be recovered.
16. In both Bangladesh and the Philippines, politicians and government
officials are furious at the bankers for failing to stop the crime. Emmanuel
Dooc, a lawyer for the Anti-Money Laundering Council (AMLC) in the
Philippines, said the country urgently needed regulatory reform. “The
lesson we learnt from this is unmistakable … There are gaping holes in our
laws.”
Atiur Rahman, Bangladesh Bank governor, left, resigned on Tuesday; Maia
Santos Deguito, manager of the Jupiter Street branch Of RCBC, right, invoked her
right to silence at hearing into the heist to avoid any self-incrimination
17. Bangladesh central bank governor resigns over $81m cyber heist
Bangladesh’s central bank governor, Atiur Rahman, said on Tuesday he had
resigned after $81m (£75m) was stolen from the bank’s account at t
he Federal Reserve Bank of New York in one of the largest cyber-
heists in history.
18. Cyber Security
“What is causing even more concern is that the origin of these
crimes is widely based abroad in countries including China, Pakistan,
Bangladesh and Algeria among others,” D.S Rawat, secretary general,
ASSOCHAM said while releasing the joint ASSOCHAM-Mahindra SSG study
“Cyber and Network Security Framework”.
These attacks have been observed to be originating from the cyber s
pace of a number of countries including the US, of Europe, Brazil,
Turkey, China, Pakistan, Bangladesh, Algeria and the UAE, h
ighlighted the study.
19. Security measures
A state of computer "security" is the conceptual ideal, attained by the use of
the three processes: threat prevention, detection, and response. These
processes are based on various policies and system components, which
include the following:
User account access controls and cryptography can protect systems files and
data, respectively.
Intrusion Detection System (IDS) products are designed to detect
network attacks in-progress and assist in post-attack forensics,
while audit trails and logs serve a similar function for Individual s ystems.