Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Cyber threats to law firm finance teams

234 Aufrufe

Veröffentlicht am

https://legalsecurityforum.com/

Veröffentlicht in: Technologie
  • ▲▲▲ https://tinyurl.com/y4urott2
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Your opinions matter! get paid BIG $$$ for them! START NOW!!.. ▲▲▲ https://tinyurl.com/realmoneystreams2019
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Have you ever heard of taking paid surveys on the internet before? We have one right now that pays $50, and takes less than 10 minutes! If you want to take it, here is your personal link ▲▲▲ https://tinyurl.com/make2793amonth
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Gehören Sie zu den Ersten, denen das gefällt!

Cyber threats to law firm finance teams

  1. 1. YOUR SPEAKER – • 2016 CHIEF SECURITY OFFICER – PRAETORIAN CONSULTING INTERNATIONAL (CYBER SECURITY AUTOMATION) • 2014 HEAD OF INFORMATION SECURITY – WORLDLINE (ATOS GROUP) (LEVEL ONE SERVICE PROVIDER) • 2014 CISO LEVEL SECURITY, RISK & COMPLIANCE CONSULTANCY ACROSS EUROPE – DVV SOLUTIONS • 2013 INFORMATION SECURITY & PCIDSS ASDA & GEORGE (LEVEL ONE MERCHANT) • 2011 - 2013 INFORMATION SECURITY & PCIDSS MANCHESTER AIRPORTS GROUP (LEVEL THREE MERCHANT) • 2006-2011 INFORMATION SECURITY & PCIDSS HOMELOAN MANAGEMENT LIMITED (LEVEL ONE SERVICE PROVIDER) • 2006 ECOMMERCE SECURITY– THOMAS COOK SCHEDULED BUSINESS
  2. 2. SUMMARY– • QUICK LOOK AT BUSINESS FRAUD ‘THE WHAT’ • WIRE TRANSFER • CONVEYANCING • QUICK LOOK AT WHAT HAPPENS ‘THE HOW’ • MALWARE • MONEY MULES • QUICK LOOK AT ‘THE FIGHT BACK’ • RIGHT PEOPLE • RIGHT PROCESSES • ANY REASONABLE TECHNOLOGY In 2015, 62 per cent of law firms reported they had suffered from a security incident, up from 45 per cent in 2014, according to figures from accountants PwC. Director of intelligence and investigations at the Solicitors Regulation Authority (SRA), reveals cyber criminals have caused substantial losses to 50 law firms this in 2015, ranging from £50,000 to £2 million, and a further 20 firms had fallen victim to e- mail redirection scams, involving very substantial amounts of money. Over the last couple of years, Action Fraud said there have been 91 reports of the crime, which amounts to more than £10million of losses.
  3. 3. Quick look at business fraud
  4. 4. CLASSIC – THE CEO WIRE TRANSFER • NOT A NEW FRAUD, BUT IN THE NEWS • AS AN ATTACK, THE CEO EMAIL WIRE FRAUD ATTACK COULDN’T BE SIMPLER. THERE’S NO MALWARE TO WRITE AND NO MALICIOUS CODE OR LINKS TO IMPLANT. IT’S A TEXT ONLY EMAIL, PLAIN AND SIMPLE – BUT IT’S THE SOCIAL ENGINEERING THAT MAKES IT WORK.
  5. 5. THE RISING COST OF CEO WIREFRAUD • JAN 2016 – 54M USD • FEB 2016 – 70M EURO
  6. 6. THE INDUSTRY SPECIAL – CONVEYANCING • EXAMPLE 1 – TARGET THE SELLER • “HACKING INTO EMAIL ACCOUNTS AND IMPERSONATING THE OWNERS TO STEAL MONEY, INFORMATION OR BOTH IS A GROWING FORM OF CRIME THAT ALMOST COST THIS FAMILY THE ENTIRE PROCEEDS OF THEIR PROPERTY SALE.” • NICOLE BLACKMORE, DAILY TELEGRAPH
  7. 7. THE INDUSTRY SPECIAL – CONVEYANCING • FIRST EXAMPLE • TAKEOVER THE SELLERS EMAIL ACCOUNT. • WAIT FOR BANK INSTRUCTIONS TO GO TO CONVEYANCING FIRM • SEND NEW EMAIL SAYING THERE HAS BEEN A MISTAKE AND THAT THE PROCEEDS FROM THE SALE NEED TO GO TO A DIFFERENT ACCOUNT • FIRST EXAMPLE ISSUES • SELLER RESPONSIBLE FOR THEIR MAILBOX SECURITY • BANK ONLY USES SORT CODES AND ACCOUNT NUMBERS TO SET UP FUNDS TRANSFER • THERE IS A VERY SMALL WINDOW OF TIME TO FREEZE A BANK ACCOUNT AND RESTORE FUNDS ON DISCOVERING THIS TYPE OF ATTACK. (<72HRS)
  8. 8. THE INDUSTRY SPECIAL – CONVEYANCING • EXAMPLE 2 – TARGET THE BUYER • “SOLICITORS ARE CONTINUING TO EXPOSE HOME BUYERS AND SELLERS TO THE RISK OF A GROWING FORM OF FRAUD, EMAIL HACKING. THE PROCEEDS OF PROPERTY TRANSACTIONS ARE AT RISK, IN MANY CASES RUNNING TO HUNDREDS OF THOUSANDS OF POUNDS.” • NICOLE BLACKMORE, DAILY TELEGRAPH
  9. 9. THE INDUSTRY SPECIAL – CONVEYANCING • SECOND EXAMPLE • SHORTLY BEFORE COMPLETION THEY RECEIVED AN EMAIL FROM THE SOLICITORS SAYING THAT ITS LLOYDS BANK ACCOUNT WAS BEING AUDITED, SO THE COUPLE NEEDED TO TRANSFER THEIR FUNDS TO THE FIRM’S NATWEST ACCOUNT. • WANTING TO MAKE SURE THE REQUEST WAS GENUINE, MR JOHN DOE REPLIED ASKING FOR CONFIRMATION OF THEIR UNIQUE CLIENT ID NUMBER. HE RECEIVED A REPLY WITH THE CORRECT DETAILS AND SO, ON THE THURSDAY BEFORE COMPLETION, THE COUPLE WENT TO THEIR LOCAL BARCLAYS BANK AND TRANSFERRED £299,000 TO THE NATWEST ACCOUNT. • SECOND EXAMPLE ISSUES • SOLICITORS REFUSED TO ADMIT EMAIL HAD BEEN HACKED AND DENIED ALL LIABILITY FOR THE EMAIL FROM THEIR DOMAIN ASKING FOR THE CHANGE OF BANK DETAILS • EXTRA FEES INCURRED BY SELLERS TRYING TO GET FUNDS BACK • WHERE INSURANCE PAYOUTS INCREASE, THEN SO DOES THE COST OF PROFESSIONAL INDEMNITY – WHICH IN TURN COULD INCREASE THE COSTS OF CONVEYANCING
  10. 10. Quick look at ‘The How’
  11. 11. HOW – • A SPOKESPERSON FOR THE GOVERNMENT AGENCY, ACTION FRAUD, SAID: "THROUGH MALWARE OR THROUGH INSECURE NETWORKS THE FRAUDSTERS WILL BE ABLE TO VIEW A PERSON’S EMAIL EXCHANGES AND THEIR ACTIVITY ONLINE, THIS WILL ALLOW THEM TO FIND OUT INFORMATION ABOUT PEOPLE, READ THEIR EMAILS AND ASCERTAIN THAT THEY ARE IN THE PROCESS OF BUYING A HOUSE."
  12. 12. COFFESHOP WIFI • Q: HOW DO PEOPLES PERSONAL EMAIL ACCOUNTS GET COMPROMISED ? • A: A CLASSIC WAY IS THROUGH INSECURE NETWORK CONNECTIONS, FOR EXAMPLE, FREE WIFI IN COFFEE SHOPS AND HOTELS
  13. 13. MALWARE BY EMAIL
  14. 14. MALWARE REMOTE ACCESS TROJAN
  15. 15. MONEY MULE –
  16. 16. ‘Fighting Back’
  17. 17. TELEGRAPH REPORTER’S ADVICE– • USE A STRONG PASSWORD FOR YOUR EMAIL ACCOUNT THAT IS DIFFERENT FROM YOUR OTHER ONLINE ACCOUNTS. CHANGE IT REGULARLY. • PROTECT YOUR DEVICES WITH SECURITY SOFTWARE AND REGULARLY INSTALL UPDATES. • CONSIDER USING ENCRYPTED EMAILS AND ASK YOUR CONVEYANCING SOLICITOR TO DO THE SAME. • MAKE IT CLEAR TO YOUR SOLICITOR THAT YOU HAVE NO INTENTION OF CHANGING YOUR BANK ACCOUNT DETAILS. TELL THEM THAT ANY INSTRUCTIONS TO USE A DIFFERENT ACCOUNT – THEIRS OR YOURS – MUST BE GIVEN IN PERSON
  18. 18. PEOPLE AND PROCESSES • EDUCATED YOUR STAFF ON • PHISHING IN GENERAL • EMAIL FRAUD IN GENERAL • WIRE FRAUD AND CONVEYANCING SCAMS • HAVE EFFECTIVE INTERNAL PROCESSES THAT PREVENT • USING CHANGES SUBMITTED BY EMAIL THAT HAVE NOT BEEN VERIFIED BY CONTACTING THE PEOPLE INVOLVED • HAVE A TESTED “INCIDENT RESPONSE” PLAN FOR WHEN THINGS GO WRONG • KNOW WHO TO CONTACT INTERNALLY AND EXTERNALLY • BANKING TEAM, LAW ENFORCEMENT, ACTION FRAUD, PUBLIC RELATIONS, RISK DIRECTOR, INSURANCE COMPANY
  19. 19. TECHNOLOGY – THE BASICS • THE BASICS • ANTIVIRUS • ANTIMALWARE/SPYWARE • WEBPROXY • REMOVE LOCAL ADMIN ACCESS WHERE POSSIBLE • PATCH APPLICATIONS • PATCH OPERATING SYSTEM • NSA HACKER ADVICE • HTTPS://WWW.YOUTUBE.COM/WATCH?V=BDJB8WOJYDA
  20. 20. TECHNOLOGY – WHEN THINGS GO WRONG • HAVE A TESTED “INCIDENT RESPONSE” PLAN FOR WHEN THINGS GO WRONG • HTTPS://OTALLIANCE.ORG/SYSTEM/FILES/FILES/RESOURCE/DOCUMENTS/2016-OTA-BREACHGUIDE_UPDATE5-16.PDF • HTTPS://OTALLIANCE.ORG/SYSTEM/FILES/FILES/INITIATIVE/DOCUMENTS/OTA-2014-EMAILINTEGRITYAUDIT.PDF
  21. 21. TECHNOLOGY – THE STANDARDS • AUSDSD TOP 35 & CPNI TOP20 • HTTP://WWW.ASD.GOV.AU/INFOSEC/MITIGATIONSTRATEGIES.HTM • HTTPS://WWW.CPNI.GOV.UK/ADVICE/CYBER/CRITICAL-CONTROLS/
  22. 22. WEB REFS–• HTTP://WWW.RAWSTORY.COM/2016/06/THIS-IS-HOW-HACKERS-CAN-STEAL-MILLIONS-FROM-YOUR-COMPANY-WITH-JUST-ONE-EMAIL/ • HTTP://WWW.TELEGRAPH.CO.UK/FINANCE/PERSONALFINANCE/BORROWING/MORTGAGES/11605010/FRAUDSTERS-HACKED-EMAILS-TO-MY-SOLICITOR-AND-STOLE-340000-FROM-MY-PROPERTY-SALE.HTML • HTTP://WWW.TELEGRAPH.CO.UK/FINANCE/PERSONALFINANCE/BORROWING/MORTGAGES/11632304/EMAIL-HACKING-ANOTHER-HOME-SELLER-ROBBED-OF-270000.HTML • HTTP://WWW.TELEGRAPH.CO.UK/FINANCE/PERSONALFINANCE/BORROWING/MORTGAGES/11715616/OUR-300000-HOUSE-BUYING-MONEY-WAS-STOLEN.HTML • HTTP://WWW.EXPRESS.CO.UK/FINANCE/PERSONALFINANCE/632064/HOMEBUYERS-WARNED-OF-NEW-DEPOSIT-SCAM-AFTER-DEVASTATED-COUPLE-LOSE-45000 • HTTP://WWW.LANCASHIRETELEGRAPH.CO.UK/NEWS/14565802.JAIL_THREAT_TO_MAN_WHO_LAUNDERED_ALMOST___100K_INTO_BANK_ACCOUNT_IN_NATIONAL_SCAM/?REF=MR&LP=3 • HTTP://WWW.PROPERTYINDUSTRYEYE.COM/WARNING-NEW-CASES-COME-TO-LIGHT-ABOUT-EMAIL-HACKING-PROPERTY-SCAM/ • HTTP://WWW.THETIMES.CO.UK/TTO/NEWS/UK/CRIME/ARTICLE4521334.ECE • HTTP://WWW.PCWORLD.COM/ARTICLE/3025391/AIRCRAFT-PART-MANUFACTURER-SAYS-CYBERCRIME-INCIDENT-COST-IT-54-MILLION.HTML • HTTPS://WWW.BRUSSELSTIMES.COM/BELGIUM/4944/BELGIAN-BANK-CRELAN-HIT-BY-A-70-MILLION-EUR-FRAUD • HTTP://LIFEHACKER.COM/5853483/A-GUIDE-TO-SNIFFING-OUT-PASSWORDS-AND-COOKIES-AND-HOW-TO-PROTECT-YOURSELF-AGAINST-IT • HTTP://CODEBUTLER.COM/FIRESHEEP/ • HTTP://WWW.GLOCALVANTAGE.COM/PREVENT-REMOTE-ACCESS-TROJAN/ • HTTPS://WWW.PROOFPOINT.COM/US/IMPOSTOR-EMAIL-THREATS-INFOGRAPHIC • HTTPS://WWW.IAD.GOV/IAD/CUSTOMCF/OPENATTACHMENT.CFM?FILEPATH=/IAD/LIBRARY/IA-GUIDANCE/ASSETS/PUBLIC/UPLOAD/TOP-10-IAD-MITIGATION-STRATEGIES- 2015.PDF&WPKES=AF6WOL7FQP3DJIXDXWFBTC2AV9XHQLYTZ6CUUG
  23. 23. Time is precious, thank you for yours https://uk.linkedin.com/in/jmck4cybersecurity @CisoAdvisor

×