Download - 3 CiberCrime Bernik
-
7/27/2019 3 CiberCrime Bernik
1/25
KriminalitetukibernetskomprostoruSuvremeneoblike
IgorBernik,UniverzavMariboru,Fakultetazavarnostnevede
-
7/27/2019 3 CiberCrime Bernik
2/25
Informacijskailikibernetskasigurnost
Revolucijainfrastrukture Eksplozijapodataka Stalnoukljuen,stalnoprikljuenukibernetskiprostor Buduefinancije-cashilie-payment,subs@tu@? Nove,stroeregulacijeistandardi Vieinternetazemljanijejedna,zemljajevie? Novimodeliiden@teteipoverenja?(newiden@tyand
trustmodels)
evolucijailirevolucija
-
7/27/2019 3 CiberCrime Bernik
3/25
Kibernetskikriminalitet
Ins@tucijeizakonodaja,medunarodnausaglaenost Izvriocikibernetskogkriminala,mo@vi,klasifikacijaizvrioca Kiberne@kainfrastrukturazavrenjerazlii@hkrivinih
djela
Za@tasistemaodnapada Novipojavnioblicikibernetskogkriminaliteta Strahpredkibernetskimkriminalitetom Istraivanjekibernetskogkriminaliteta
umodernomsvjetu
-
7/27/2019 3 CiberCrime Bernik
4/25
Introduction of topic
What do we understand as cybercrimeWhat is particularly cyber about it?We belive: Criminal acts is punishable by law.For most of criminal acts conducted in cyberspace
we use classic legislation (theft, abuse, childpornograpy, etc.).
Cybercrime is the use of information technologyto carry criminal acts.
-
7/27/2019 3 CiberCrime Bernik
5/25
Awareness and Fear
Its all about a personal perception of the threat ofcybercrimes.
Decreasing fear of cybercrime can only beachieved by educating users of the cyberspace.
How users conduct themselves in cyberspacedepends on how well they are informed about its.
Awareness of cybercrime and fear of it aretherefore related to the users knowledge aboutcyber threats lurking in cyberspace.
-
7/27/2019 3 CiberCrime Bernik
6/25
What now?
To reduce fear of cyber crime and rise awarenessof cybercrime problem, users should be informedabout all its various types, e.g.:web defacementunauthorized network access, cyber-stalking, Internetfraudidentity theftchild pornographyinterception and fabrication of e-mailstheft of passwords etc.
Informing and educating about the dangers ofcybercrime must become widespread, commonand continuous at all level of society.
-
7/27/2019 3 CiberCrime Bernik
7/25
Guidelines
To ensure protection against cyber criminals, toreduce endangerment and avoid possibleconsequences, it is important to adhere to thefollowing basic guidelines:
Be careful when opening links received by e-mail(Trojan horse malware, phishing etc.).Be aware that your personal data can be used to
profile your activities, thus making you vulnerable tomanipulation and/or identity theft.
Try to check the identity of anyone who wishes toacquire your personal data.Be careful which data and software application you
load onto your computer or mobile device. Someapplications enable theft of personal or
business data.
-
7/27/2019 3 CiberCrime Bernik
8/25
Guidelines, cont.
Make sure that your anti-virus program is regularlyupdated and that a firewall is installed.
Protect your passwords, and take notice of anyone whois shoulder surfing while you type them in.
Periodically change your passwords, choose strongpasswords.
Most importantly: use your common sense.Informing and educating about the dangers of cybercrime must become widespread, common andcontinuous at all level of society.
Users will know how to use this technology rationallyand responsible, and will not be afraid of it.
-
7/27/2019 3 CiberCrime Bernik
9/25
Conclusion
Users are relatively well informed about thevarious types of cybercrime, but the public is moreaware of threats exposed by the news media, than
of those from which they should truly protectthemselves.
Better security and thus greater safety can only beensured, if users conduct themselves responsibly
in cyberspace.
Lack of understanding translates into inadequatesecurity.
-
7/27/2019 3 CiberCrime Bernik
10/25
Informacijskaikibernetskaborba
Informacijeikibernetskiprostor,snagainformacijaiinformacijskikonflikt
Tehnike,izvriociirtveinformacijskeborbe Dravnoizvajanjeinformacijskeborbe,pijunaa,ak@vnaborba,
asimetrina,borba,informacijskeoperacije,propaganda
Ulogaorganizacijaiindustrijskapijunaa Ulogadravavinformacijskembojevanju;SAD,Kineska,Rusija,
Izrael,...poloajmalihzemalja
Medunarodnazakonodavstvo,odbrana Poli@koiideolokomo@viranegrupe
poznatoilinovodogadganje
-
7/27/2019 3 CiberCrime Bernik
11/25
ICT and Internet
Daily work
Crucial operations
Business
Cyber crime
Information warfare
Economic loss,
physical impact
-
7/27/2019 3 CiberCrime Bernik
12/25
EU
NATO
United Nations
INTERPOL
EUROPOL
Council of Europe
International war operations
Information Warfare
-
7/27/2019 3 CiberCrime Bernik
13/25
Information warfare
Information warfare = warfare for information power.
Right information are basic capital of arganization!?
Military, state, organizational and NGOs.
Asimetric warfare.
-
7/27/2019 3 CiberCrime Bernik
14/25
Nature of information warfare
STATE IW CORPORATE IW CIVIL IW
Espionage (Echelon) Harassment Cyber terrorismKinetic war (NCW, GIG) Industrial espionage Hacktivism
Information operations ECD
Propaganda Animal, environment
rights group
-
7/27/2019 3 CiberCrime Bernik
15/25
Information warfare leaders?
USA
World superpower, common cyber attacks,strong offensive and defensive information warfare techniques.
CHINA
Asymmetric warfare (information warfare centers).
RUSSIA
First information war (Estonia, Poland, Georgia).
NORTH KOREA
Low dependence on technology, selective internet traffic and strongdefense mechanisms.
SOME OTHERS?
-
7/27/2019 3 CiberCrime Bernik
16/25
Recommendations for counterfeiting
1. Information security politics should consider ISO standards.
2. Implementation of latest technology.
3. National strategy of information (cyber) security.
4. Mandatory information security standards for all organizations.
5. Safety classifications of valuable information.
6. International cooperation.
-
7/27/2019 3 CiberCrime Bernik
17/25
What needs to be done for improvement?
National level
1. Universal definition.
2. Definition of acceptable usage of ICT.
3. International harmonization.
4. Abolish legal constraints.
5. Trained law agencies.
-
7/27/2019 3 CiberCrime Bernik
18/25
Organizational level:
1. Business ethics.
2. Security awareness.
3. Data classification and personal limitation.
4. Risk management and uninterrupted business.
Further research: understanding, protection.
-
7/27/2019 3 CiberCrime Bernik
19/25
Kibernetskiterorizam
Kibernetksiterorizamiliklasikikibenetksikriminalitet Nivoikibernetskogterorizma,kibernetskiprostoriteroris@keakcije Izvriociklasikogkibernetskogkriminalitetaiteroris@ Riskmanagementnapodrojukibernetskogterorizma Posljedicekibernetskogterorizma,preven@vnemjere Mjerepro@vkibernetskimteroris@kimnapadima Ak@vnos@naravniorganizacija,drava,EU,NATO,
globalno
tajekibernetskoguterorizmu
-
7/27/2019 3 CiberCrime Bernik
20/25
Cyber Terrorism - facts
IS are a basic support element of every organizationalstructure - organizations cannot achieve their visionswithout them
Companies feels necessity of securing IS Protection; risk management system - allows us to know
our enemy
Threats to IS are multiple and constant. Reason forprotecting our IS is to defend it from external malware -one of those vicious attacks is also CT.
-
7/27/2019 3 CiberCrime Bernik
21/25
Cyber Terrorism sum
Definition: Cyber Terrorism is carefully planned,politically motivated attack on information,computer system, programs and data.
Cyber Terrorism causing fear, damage or evendeath using attack with the enterprise IS
influencing the (global) society and mediaattention.
-
7/27/2019 3 CiberCrime Bernik
22/25
Cannotcausedeathorinjury-indirectrisks.Consequencesandactsarethereforeindirect.
Computerscontrolcri@calinfrastructure:storageofvitalinforma@on-damageorlosscanleadtolossoflives(ex:
medicalenvironment).
Differencewithclassicformofterrorism:
HighlevelofcomputerknowledgeHighlevelofmo@va@on(possibilityofrecrui@nghackersforterroristneeds)
Differenceisalsoseenintheusageofcomputers-atthemomentcomputersareusedasasupportforplanningandexecu@ngclassicalterrorista`acks-thatwillchangeinthefuture.
Computers as weapon
-
7/27/2019 3 CiberCrime Bernik
23/25
Psychological Physical EconomicThemostexposedcriEcalareas:informa@onand
communica@ons,electricalnetwork,gasandoil
(storage,transport,extrac@on),bankingandfinances,transport,watersupplysystems,
governmentservices.Wemustphysicalseparate
criEcalISfrominternet.
Cyber Terrorism consequences
-
7/27/2019 3 CiberCrime Bernik
24/25
Countriesandorganiza@onsmusttakeproac@vemeasuramentsforprotec@ngISandcri@cal
infrastructurefromCT
Riskmanagementsystemisunavoidable(similarasclassicsystem-consequencesarethemost
importantfactor)
Decisionregardingtheformofprotec@onisdependentoneveryorganiza@onbyitself
Protection
-
7/27/2019 3 CiberCrime Bernik
25/25
Cyberterrorismis(s@ll)misunderstood. [email protected]@onsofterrorists
arebornininforma@onsociety.TheywillpossesknowledgeofICTandcombineitwithhighlevelofmo@va@on.
Damagecausedbythesea`ackscanbebigger. Highlevelofsafetycultureinorganiza@onsshowsusthattheyarewellprepared.
Cybercrimeandterrorismareunavoidablethreats.Whatcanwedo?
Preparebe`erprocessofrecoveryincaseofincident. Preven@veac@ons,educa@onandraisingsafetyculturewillleadstoimproving
informa@onsecurity.
Riskmanagementprocess-wemustknowourthreatstofightthem. Following trends of security and threat development is necessary
Conclusion