Why Can’t Police Catch Cyber Criminals

Chip ThornsburgAlamo Cyber Security, LLC

Short Bio

Police Officer with City of Helotes, Texas

Owner, Alamo Cyber Security

Member Electronic Crimes Task Force

Taught at River City College, Southern Careers and North Texas State College

Degrees in Management, Criminal Justice / Law Enforcement, Criminology and MBA in progress

SARCASM = Greatest Spiritual Gift

First Hack = Angelo State University

Why Can’t Police Catch Cyber Criminals NOLACON 2016

DISCLAIMER

This presentation is for information purposes only. Nothing included is intended to be legal advice. Contact a Licensed Attorney or Local District Attorney’s Office if you have specific questions.

Why Can’t Police Catch Cyber Criminals NOLACON 2016

All Prices plus TT&L

Art for illustration purposes only

Past performance is no guarantee of future performance

See Store for Details

The Costs of Cyber Crime

445 Billion to 1 Trillion Annually

160 Successful Cyber Attacks per Week

Why Can’t Police Catch Cyber Criminals NOLACON 2016

April 2016

55 Million Voters in Philippines

93 Million Voters in Mexico

1.1 Million Users of Beautiful People .com

Ransomware in Healthcare & Schools

Why Can’t Police Catch Cyber Criminals NOLACON 2016

The Current State of Law Enforcement Investigations

Computer as a Tool/Target

Identity Theft

Breach of Computer Security

Fraud

IP Theft

Pirating Movies / Software

Child Pornography

Solicitation of Minors

Cyber Bullying

Why Can’t Police Catch Cyber Criminals NOLACON 2016

Computer has Evidence

Theft

Fraud

Murder

Sexual Assault

Prescription Forgery

Narcotics / Drug Offenses

Credit / Debit Card Abuse

Individual Victims

Identity Theft

Credit / Debit Card Abuse

Card “Cracking”

Ransomware

Challenge #1

Patrol Officers lack Specialized Training and Experience to document Cyber Crimes

Identity Theft

332,646 Reports in 2014

17.6 Million Americans in 2014 (est)

$16 - $18 Billion in Losses

54% were resolved within 24hrs

Why Can’t Police Catch Cyber Criminals NOLACON 2016

Resolved = Victim’s Money Returned to their Account

Challenge #2

Overlapping and Unclear Jurisdictions between Federal, State, County and Local Police Departments

Why Can’t Police Catch Cyber Criminals NOLACON 2016

Card “Cracking”

• Targeting < 25 yrs population

• New Spin on an Old Con

• Victims contacted via Social Media

• “Get Paid to Party!”

• Send Debit Card & PIN

• Bogus Counter Checks Deposited

• ATM Withdrawals across the Country

Victims of Fraud are often embarrassed and uncooperative

Challenge #3

Victims of Fraud often refuse to cooperate with an Investigation or refuse prosecution.

No Victim = No Crime

Corporate Victims

IP Theft

Insider Threats (Malicious Damage)

Denial of Service

PCI Theft

Ransomware

Insider Threats

Un-Happy Employees can cause serious damage before finally exiting the Company.

Quick Call IT to get things back up and running!!

32% of Incidents Reportedinvolved Insiders

NO EVIDENCE = NO CRIME

Challenge #4

Digital Evidence is Volatile. Through efforts to restore services much of the digital trail is lost, corrupted or the Chain of Custody is so poor the evidence is unusable in a Court.

Some Counties consider Employee Damage a Civil Matter

PCI Theft

Payment Card Information

0.0000

5.0000

10.0000

15.0000

20.0000

2010 2011 2012 2013 2014 2015

Price to Earnings Ratio

Wal-Mart Target

In 2014 Target sustained a $252 Million Loss due to Breach

Challenge #5

Lack of Timely Reporting by Corporations increases the victim pool and decreases the likelihood of finding the original offenders and source of the leak.

Intentional ?

Oversight ?

Challenge #6

Lack of Personnel. Law Enforcement Salaries are some of the lowest of the professions and most Technologists know how much their skills are worth in the private sector.

San Antonio, Texas

1.4 Million Residents

7th Largest City in US

Second to D.C in Cyber

How many Trained Officers for Cyber Crime Investigations?

Challenge #7

Lack of specific resources at the local level

State Grants

Federal Grants

University Partnerships

Secret Service: ECTF

FBI: ICAC

Challenge #8

The True Scope of the Problem is UNKNOWN

Less than 20% of

Crimes are Reported to

Law Enforcement

What can You do?

Create LEO Reporting Threshold as part of your Critical Incident Response Plan

Try to preserve evidence, if possible and limit access for Chain of Custody

4th Amendment Issues

User Agreements allow Companies Latitude that Law Enforcement does not have.

Remember patrol officers may not be very helpful

Prior to an incident reach out of local DA’s office or LEA’s White Collar Crime Unit

Join the Regional Task Force (U.S. Secret Service)

Report Criminal Acts

Questions?

Resources

United States Secret Service – Electronic Crimes Task Force / Financial Crimes Task ForceTask Force Locator: http://www.secretservice.gov/investigation/#field

Federal Bureau of Investigation (FBI) – Cyber Task Forceshttps://www.fbi.gov/about-us/investigate/cyber/cyber-task-forces-building-alliances-to-

improve-the-nations-cybersecurity-1

FBI Cyber Action Team – 48 Hour Response time for major incidents

https://www.fbi.gov/about-us/investigate/cyber/cyber-action-team

Internet Crime Complaint Center – to file a complaint

https://www.ic3.gov/default.aspx

National White Collar Crime Center – Investigation Resources and Training

https://www.ic3.gov/default.aspx

References

Identity Theft Resource Center, ITRC. (2016, March 3). Identity Theft #1 Consumer Complaint of 2015.Retrieved from Identity Theft Resource Center: http://www.idtheftcenter.org/attachments/article/985/ITRC%20Identity%20Theft%20No.1%20Consumer%20Complaint%2015%20Consecutive%20Years%20Whitepaper.pdf

Morgan, L. (2016, May 5). List of Data Breaches and Cyber Attacks in April 2016. Retrieved from IT Governance Blog: https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-april-2016-156687282-records-stolen/

Nakashima, E. a. (2014, June 9). Report: Cybercrime and Espionage Costs $445 Billion Annually. Retrieved from The Washington Post: https://www.washingtonpost.com/world/national-security/report-cybercrime-and-espionage-costs-445-billion-annually/2014/06/08/8995291c-ecce-11e3-9f5c-9075d5508f0a_story.html

Walters, R. (2015, November 18). Cyber Attacks on U.S. Companies Since November 2014. Retrieved from The Heritage Foundation: http://www.heritage.org/research/reports/2015/11/cyber-attacks-on-us-companies-since-november-2014

Wiles, J. (2009, January 9). US Secret Service Electronic Crimes Task Force - We Need You to Join Us! Retrieved from SC Magazine: http://www.scmagazine.com/us-secret-service-electronic-crimes-task-force--we-need-you-to-join-us/article/30731/