Documente Academic
Documente Profesional
Documente Cultură
- Human Hacking
- Deception
- Manipulation
Online Presence leads to Cybercrime
1. Cybercrime
a. Cost Benefit Analysis
i. Bank Robber
1) Profit : 5m
2) Members : 10
3) CAPEX: 50k x 10
4) Detection Time : ~mins
5) Risks: Serious Injuries and Death
6) Share: 450k
7) Job opportunity: once a year
ii. Cyber criminals
1) Profit: 50m
2) Members: 5
3) Capex: 50k x 5
4) Detection time: ~ up to 9 months
5) Risks: none , to slap on the wrist lol (nakakawala)
6) Share: 9.75 m
7) Job: once per hr
b. PNP Anti Cybercrime
i. Online paluwagan, scams
c. Anonymity
i. Criminals are never anonymous given time and resources
2. Social Engg
a. Something to manipulate people
b. Physical manipulation people
3. Evil thought processes ( SE attack)
a. Step 0 : preparation
i. Law 29 , 47 - 48 laws of power
b. Step 1: choose the right victim (the fraud triangle)
i. Fraud triangle
1) Pressure/incentive
2) Opportunity - devs focus on this (logs, pw auth)
3) Rationalization
ii. 7 deadly sins to profile people
c. Step 2: establish Friendship
i. Insinuation
ii. Temptation
d. Step 3: Attack
i. Ransomware
1) Bitcoin
ii. Phishing
1) RA 10175
iii. Payload malware
1. Fraud Tree
a. Bribery and Corruption
b. Asset Misappropriation
2. Fraud Triangle
a. Opportunity has external/internal threats - Technology
3. Common Areas of Fraud
a. Purchase To Pay
b. Corporate CC
c. Payroll
d. Sales & Receivables
e. Financial Reporting
f. IS and Critical Data
4. Prevent Fraud
a. Confidentiality
b. Integrity
c. Availability
d. Accountability
e. Traceability
f. Non-Repudiation
5. Risk Assessment
a. IT Security - internal
b. Cyber security - internal and external enterprise
c. Risks
i. Operational
ii. Financial
iii. Compliance
iv. Reputational
v. Strategic
d. Controls (CyberSecurity)
i. Technical - OSI layer
ii. Physical - perpetrator gains access to assets
iii. Administrative - use technology to enforce policy
e. Security
i. Outside in
ii. Inside out - cores
1) Encryption
2) Secure Programming
3) Server Hardening
Speaker 4