isaca cyber crime in uganda
DESCRIPTION
The problem of cyber crime in Uganda is a reality. Every time you connect to the Internet, you get exposed to risks of cyber crime including hacking. In this presentation, Mustapha Mugisa explains the common cyber crime scheme and countermeasuresTRANSCRIPT
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 1/28
Cybercrime in Uganda are you prepared?
The extent of the problem, and way forward
Forensic. Advisory. Fraud.www.summitcl.com
Mustapha B. Mugisa, CFE, CHFI, CISA, MBA
Founder & CEO, Summit Consulting Ltd.
ISACA event
26 June 2013,
Hotel Africana, Kampala.
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 2/28
Forensic. Advisory. Fraud
How much do youestimate is the
risk of cyber crime to Ugandatoday?
I m
a g e c r e d i t ,
A C
F E . c o m
Perspective
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 3/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
“Cybercrime and espionageare the top two challenges
to USA national securitytoday and in the future”,
President Barak Obama, March 2013.
What does this meanto Uganda?
Perspective …
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 4/28
Forensic. Advisory. Fraud I m
a g e c r e d i t ,
A C
F E . c o m
If yoursecurity
wasbreached, doyou have the
tools andexpertise toproof it?
Are you safe online..
Photo credit: UNCTAD photo
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 5/28
Let’s talk cybercrime cases are sensitive…
Forensic. Advisory. Fraud.www.summitcl.com
Are you getting value for money from your pen tests?
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 6/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
Cyber crime vectors
• Computer related offenses
•
Content related offenses• Copyright related offenses
• Attack on security (CIA) is denial
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 7/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
The problem is huge for Africa, and Uganda.Not even mechanisms exists to quantify it!
Internetphoto.
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 8/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
Lots of attack vectors; Ugandans highlyexposed…
http://qz
.com/16
717/chin
ese-
cyber-
criminals
-caught-
launderi
ng-48-
mln-
through-
online-
games/
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 9/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
The URA hacking case is still fresh…
http://w
ww.obse
rver.ug/i
ndex.php
?option=
com_content&vie
w=article
&id=245
89:-
uganda-
revenue-authority
-hackers-
jailed-12-
years
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 10/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?Cyber attack on Uganda
… Non-official websites cometop on the search of theword “museveni”. How canNITA let this be!!!!
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 11/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?Unacceptable content…
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 12/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
1.Spam2.Viruses, including key loggers
– common attack3.Hacking; m-i-m attacks4.Intellectual property theft5.Phishing & identity theft6.Denial of service – most
common7.Data harvesting.
Cyber attacks in many ways…
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 13/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
1. Over 20 cases involving computer andmobile phones reported weekly toUganda Police CID department:
• Cases of anonymous email
investigations; Facebookidentify theft, Bank fraud;
Hacking into computerSystems esp on-line banking;and intellectual property theft
Cyber attacks in many ways…
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 14/28
Forensic. Advisory. Fraud.www.summitcl.com
Why care?
• All crimes reported at Police nowinvolve use of computers or mobilephones
• Recent cases involve cyber stalking;cyber harassment and fraud
Cyber attacks in many ways…
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 15/28
Recommendedsolutions…
Forensic. Advisory. Fraud.www.summitcl.com
Are you getting value for money from your pen tests?
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 16/28
Forensic. Advisory. Fraud
“Uganda Cyber Laws” are three currently:
1. Computer Misuse Act,2011
2. Electronic Transactions
Act, 20113. Electronic Signatures
Act, 2011
I m
a g e c r e d i t ,
A C F E . c o m
Laws are in place, can you usethem?
All lawscommencedin April 2011.
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 17/28
Forensic. Advisory. Fraud
“Unauthorized access to private computersand network systems, deliberate corruptionor destruction of other people’s data,
disrupting the network or systems,introduction of viruses or disrupting thework of others; the creation andforwarding of defamatory material,
infringement of copyright, as well as thetransmission of classified data or othermaterial to outside organizations… etc…any crime involving a computer.”
I m
a g e c r e d i t ,
A C F E . c o m
E.g. computer misuse long tittle
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 18/28
Forensic. Advisory. Fraud.www.summitcl.com
Total ICT security…
#2. Empowering you to be secure!
• 96% of Government staff are not ITtrained.
•
Only 4% of are IT security professionals• Where is your weakest link?
For 96% of staff --- they mustbecome Certified SecureComputer User (CSCU).
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 19/28
Forensic. Advisory. Fraud.www.summitcl.com
Total ICT security…
#2. Empowering you to be secure!
For your 4% of staff --- they mustattain Certified Ethical Hacker
(CEH); Computer Hacking ForensicInvestigator (CHFI); CertifiedFraud Examiner (CFE) andLicensed Pen Tester (LPT).
www.eccouncil.org
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 20/28
Forensic. Advisory. Fraud.www.summitcl.com
Our solution to you…
#3. Partner with our forensic lab
Don’t be held by staff at ransom!
Know the smallest thing that was the source
of the problem… who, what, when, where andhow & why – and let us take care of all thelegal issues involved. That is the objective of
a forensic investigation
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 21/28
#3.1 Cyber crime investigations
Credit CardFraud Tracking
InsuranceClaims
Investigations
Global AssetTracing
Banking FraudsInvestigations
Cyber CrimeInvestigations
Global DebtRecovery
Investigations
OrganizedFinancial CrimeInvestigations
LitigationSupport
Financial DataTheft
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 22/28
Forensic. Advisory. Fraud.www.summitcl.com
#3.2 Online Brand Protection & Reputation Management
• Defaming Social Networking postsremoval
• Defaming Blog Postings Removal
• Defaming Articles Removal
• Defaming website Removal
Blogs/ForumsRemoval
• Tracing suspected websites, blogs,forums abusers
• Getting information of people behindwebsites, blogs, forums
• Removal Actions for such websites
OnlineCounterfeit/FakeProducts Tracking
• Reduction in rankings of defaming content bypositive SEO
• Reduction in rankings of defaming content byproprietary methods
• Increasing Positive content with right SEOtechniques
Reducing Visibilityof Defaming
Content
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 23/28
#3.3 Total reactive solution
Cyber Solutions to
government
Data
LeakagePrevention
Cyber CrimeInvestigations
Smartphone,Laptops
Security
CyberReputation
Management
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 24/28
#3.4 Total security solution
RegulatoryIntelligence
Cyberweaponry &
defense
Political
Intelligenceand cyber
surveillance
CIRT systemset up
We can set up alab to create, useand managecyber weaponryfor uplifting
Uganda’snational security.
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 25/28
Forensic. Advisory. Fraud.www.summitcl.com
Ensure effective investigations
Digital forensic solutions–investigations:
Anything digital, we’ve thesolutions.
Specialized Training in
fraud, IT security andforensic & risk management
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 26/28
Forensic. Advisory. Fraud.www.summitcl.com
Next steps…
You should
1. Sponsor staff for training in ethical hacking,digital forensics and CSCU
2. Require all staff using computers to be CSCU, toavoid data leakage and ensure accountability3. Set a forensic services fund – and we train all
law enforcement as a PPPs – something's arebetter centralized
4. Coopt private sector players to advise on keyimplementations e.g. CIRT, CWDS (cyberweaponry & defense system) etc…
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 27/28
Forensic. Advisory. Fraud.www.summitcl.com
Next steps…
SCL productivity solutions
• Unified secure messaging system
• ERP• Incident reporting and
whistleblowing system•
E-Learning platform for in-housetraining
Call us today
7/14/2019 ISACA cyber Crime in Uganda
http://slidepdf.com/reader/full/isaca-cyber-crime-in-uganda 28/28
Forensic. Advisory. Fraud.www.summitcl.com
Q&A
We take pride indoing the right
thing, ratherthan what isright for theprofitability of SCL.
Thank you!