Criminal Computer Intrusion Unit (CCIU) - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

Criminal Computer Intrusion Unit (CCIU)

Description:

... Phishing attacks that contain malicious code Traditional Eastern European OC groups recruiting hackers Wireless hacking Change Is Good Proactive vs ... – PowerPoint PPT presentation

Number of Views:24
Avg rating:3.0/5.0
Slides: 11
Provided by: itsaUflEd
Category:

less

Transcript and Presenter's Notes

Title: Criminal Computer Intrusion Unit (CCIU)


1
Criminal Computer Intrusion Unit (CCIU)
  • Supervisory Special Agent
  • Scott Janezic
  • FBIHQ Cyber Division
  • scott.janezic_at_ic.fbi.gov

2
Cyber Division Mission
  • The mission of the Cyber Division is to detect,
    prevent, and investigate cyber based attacks and
    high technology crimes.

3
CCIU Mission
  • Provide administrative and operational support
    and guidance to field offices investigating
    federal violations in which computer systems
    and/or networks are exploited as the principal
    instruments or targets of criminal activity.
  • Coordinate criminal computer intrusion
    investigations by various entities.
  • 56 Field Offices/59 Legats
  • Large cities have dedicated cyber squads
  • STAS

4
CCIU Goals for FY 05
  • Identify and neutralize botnets
  • Identify and neutralize significant malicious
    code authors and distributors
  • Identify and neutralize significant Eastern
    European hacking groups
  • PBX Intrusions
  • Enhance relationships with other government
    entities, educational institutions, the private
    sector, and international law enforcement

5
Cyber Intrusion Statistics
  • FY 03 - Restitution 9m, Recovery 2m
  • 64 Convictions, 10
  • FY 04 - Restitution 6m, Recovery 1.5m
  • 68 Convictions, 10
  • FY 05 - Restitution 7m, Recovery 270K
  • 79 Convictions, 10

6
Trends
  • DDoS Extortion is the FOTM
  • Information Extortion (Stealing and Encrypting)
  • gt Ego
  • Vulnerability announcement gt exploit release has
    dramatically decreased
  • Malware sophistication
  • -Ability to circumvent security solutions
  • -Obfuscation techniques impede malware analysis
  • Increasingly organized (i.e., Agobot Dev Team)
  • Phishing attacks that contain malicious code
  • Traditional Eastern European OC groups recruiting
    hackers
  • Wireless hacking

7
Change Is Good
  • Proactive vs Reactive for botnets
  • ISP Policies (i.e. customers, machines and
    traffic on their network)
  • Customers are losing connectivity, because their
    machine is spamming
  • Automated notification system for compromised
    hosts (International)
  • Use the identification of compromised hosts to
    reach out to universities private companies
  • Cyber Tool Development
  • Aid in the identification of the subject(s)

8
In the News
  • Mytob/Zotob
  • Moscow
  • Search
  • MVD Exchange

9
The Things That Work
  • Cultivate and develop relationships with Federal,
    State and local LE partners, International LE,
    educational institutions and the private sector
  • Aggressively pursue cases with an international
    nexus
  • Thorough and expeditious malware/intrusion
    analysis
  • Utilize creative undercover operations and
    sophisticated investigative techniques
  • Cyber Investigator, Forensic Examiner, Malcode
    Training
  • Informant Information

10
? scott.janezic_at_ic.fbi.gov
Write a Comment
User Comments (0)
About PowerShow.com