Detective Sergeant Gary Sirrell

Detective Sergeant

Martin Taylor

Rccu@west-midlands.pnn.police.uk

Twitter:- @ROCUWM

Why are we here ?

• Police cannot tackle this alone

• Develop working partnerships and collaborations

• The BCS and others outside of law enforcement have a key role to play

• Difficult Landscape

• Under Reporting

Following review, it’s now 1.9 billion!

Local Policing Structures

• 43 Separate Forces

• Mainly Operating Independently

• Range from 973 in Warwickshire up to 33,367 in London (Met Police)

Regional & NationalPolicing Structures

10 Regional Organised Crime Units (ROCU's)

Hacking Motivations

Who is doing this computer hacking and why?

Threats / Motivation• Hacktivism

• Fame / Kudos (Experimenters and Gamers• Financial (Theft, Fraud, Blackmail – DDOS )• Insider• Business - IP & Competitive Advantage• State

Common Reports

• RANSOMWARE Malicious emailsRDP Vulnerabilities

• INSIDER THREAT Account privilegesSuspension/Termination

• DDoS Motive?• BANKING MALWARE Malicious Emails

Often a combination of attacks and data sources

Human vulnerability is often the biggest threat

The video used is

https://www.youtube.com/watch?v=lc7scxvKQOo

‘This is how hackers hack you using simple social engineering’

Hackers don’t just hack computers. This video shows hacking a Human through ‘Vishing’. There’s also Phishing & Smishing!

Cyber Crime Strategy… The four P’s

PROTECT – Ensure adequate protection against the threat. (Think of this as traditional Crime Prevention)

PREPARE – Reduce the impact where it does take place (Encryption, Backups, Exercising, Plans etc)

PREVENT – Stop people from engaging in criminal activity. (Diversion from Crime, offer alternatives)

PURSUE – Identify, disrupt, and take action against those engaged in criminal activity. (You know this one)

RCCU Structure

The ‘Protect’ Role

• My role is predicated on the premise that 80% of all Cyber Crime in relation to the public and small businesses is preventable by the implementation of basic advice and controls.

• In the physical world we are pretty good at security. This is reflected in the fact that traditional crime is falling. Yet Cyber Crime is a massive problem, is under reported, and is growing.

Passwords really are the keys to the Kingdom..

• Video Used is

• https://www.youtube.com/watch?v=opRMrEfAIiI

• Search Youtube on ‘What is your Password.. Jimmy Kimmel Live

Some examplesof the basic advice I give…

• Password Hygiene• Anti Malware / Internet Security Software• Firewall• Update and Migrate• Data Recovery (Backups)• Staff Awareness• Secure your website• Data Encryption• Managing User Accounts and Privileges• Cyber Liability Insurance

Did I mention privacy settings?

• Video Used is • https://www.youtube.com/watch?v=yrjT8m0hcKU

• Search Youtube on ‘How private is your personal information? Action Fraud’.

What support is out there for the public and for business?

ResourcesGet Safe Online (www.getsafeonline.org)

ResourcesCyber Aware (www.cyberaware.gov.uk)

Resources

Cyber Essentials(www.cyberaware.gov.uk/cyberessentials)

Resources

WWW.NCSC.GOV.UK/CISP

CiSP is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK business.

Reporting…Cyber Crime is under reported…We encourage the reporting of Cyber Crime through the National Reporting mechanism….Online:- www.actionfraud.police.uk (24 hours)Telephone:- 0300 123 2040

Current Challenges

• Digital Crime Scene• New sources of evidence - OS, Servers, DBs• Digital threat and risk - encryption• Limited Capabilities in Digital Forensics - Cost & Scale• ACPO Guidelines & ISO standards• Challenge of outdated laws and rules - grey areas• Internet of Things – explosion of devices• International co-operation• Bulletproof Hosting/Regulation• Remote & Hidden Storage• Cryptocurrencies and confiscation• Attribution• Dark Web

Digital Crime Scene

Digital Currencies andthe challenge to Policing…

• 1BTC = £1335.00 (01/05/17) - was £465.05 in Aug 2016

Case Studies

Detective Sergeant Gary Sirrell

DS Martin Taylor

Rccu@west-midlands.pnn.police.uk

Twitter:- @ROCUWM

Questions?