Cyber crime trends
How to protect your business
April 2017
DCI Andy Fyfe
Current / Emerging trends inCybercrime
• 3.6 Million fraud incidents a year; 2 million cyber crimes(England & Wales Crime survey – 2016)
• Cyber enabled frauds – 70% of all reported frauds(Where a computer is used to enable a fraud)
EG
– CEO fraud
- Computer Software Service frauds
- Online shopping frauds
• Cyber dependent crime(Where the attack is against a computer system itself)
Eg
- Malware
- Hacking
- DDOS
- Ransomware
CEO/ Mandate Fraud
• The biggest Cybercrime affecting:
• Large corporates
• Public sector bodies
• SMEs
• CEO impersonated, seeking payments to suppliers
• 3996 reports in last 6 months
• £14.7 Million loss in Feb alone
Mostly cyber enabled crime
- Social engineering
- Phishing emails
- Social media compromise
- Attacking “weakest links”
But can be cyber dependent
- Hacking
- Malware infestation
Cyber enabled Frauds
• Computer Software frauds – 17000 victims in 6 months;
£2.5 Million losses in March 2017
• Online Shopping Frauds –21000 victims in 6 months;
£3.3 Million losses in Feb 2017.
Reported Cybercrime – Last 6 months
Cyber Dependent crime
• Computer Virus \ Malware \ Spyware - 4984
• Denial of Service Attack - 286
• Hacking - Server & extortion - 959
• Hacking - PBX / Dial Through - 265
Reported losses in March 2017 : £5 million
**Ransomware is recorded as either hacking or malware**
Regional and National Policing Structures
43 Separate Forces
10 Regional Organised Crime
Units (ROCU’s)
National Cyber
Security Centre
(NCSC)
Cyber crime - example
“Talk Talk hacked by cybercriminals –
what to do if you have been affected”“The phone and broadband provider Talk Talk which has over 4 million UK
customers have that said banking details and personal information could
have been accessed by hackers in a recent cyber attack.”
(ACTION Fraud & ALL news bulletins – October 2015)
• NOT a difficult / sophisticated hack!!
• What if this was YOU??
• Mitigation steps / engage law enforcement / media strategy
Advice for businesses
Businesses can stay relatively safe from cyber attacks by doing the
following:
– Keep computer systems up to date – update patches and current anti-virus software
– Educate staff – password discipline, phishing emails and social engineering
– understand your threat landscape – who might want to harm you, steal from you, or
spy on you – and adjust your levels of protection accordingly.
Further useful advice
• www.getsafeonline.org
• www.ncsc.gov.uk
• www.cyberaware.gov.uk
• www.actionfraud.police.uk
How Secure is your password?Howsecureismypassword.net
Andrew – 0 seconds!
Andrew100 – 42 minutes
IJTLSO20/04/2017 – 6 Billion years
eBayIJTLSO20/04/2017 – 51 Quadrillion years (!)
NOT PROTECTIVELY MARKED
Cloned Website
NOT PROTECTIVELY MARKED
Original Website
Questions?