A "vision" of Cyber Crime in Italy by Matteo Cavallini

8/2/2019 A "vision" of Cyber Crime in Italy by Matteo Cavallini

1/23

Matteo Cavallini

A vision of cybercrime in Italy


2/23

Matteo Cavall ini CeCOSVI 2012 - Prague

About me

Current ly I am the Head of Security in Consip SpA, a company ownedsolely by the Italian Minist ry of Economy, with the mission of providingconsult ancy and proj ect support , organizat ional and technologicalservices aimed at the innovat ion of Public Administ rat ion.

Since 2007 I have been the Head of the Local Security Unit (LSU)MEF/Consip, t he internal CERT of t he Ital ian Minist ry of Economy

I am also the VP of t he Cloud Security All iance Italy Chapter


3/23


Tech. & SecurityProviders

so we built an operational network

Associat ions

Italian National CERT is on its wayyet


4/23


We gathered pieces of info from public sources andour peers in order to. .. create our vision

Italian National CERT is on its wayyet


5/23


Some Pieces.. . f rom Clusit Report

Hacktivism

Ransomware

Cyberbullying

Phishing

Child pornography

DDOS

Cyber at tacks

Growing t rends


6/23


Hundreds of fake bil ls

sent to Italian cit izensclaiming that therehas been an access to

some bannedpornographic photos.PC is crippled by themalware and there isa request of 100 to

pay.

Police Ransomware in Italy

Sources are F-Secure and TrendMicro


7/23


Some Pieces.. . f rom Clusit Report

Target distribution


8/23


Some Pieces.. . f rom Our Team

Monit oring open sources with spefic toolsdeveloped by our team, we found early t racesof many at tacks against Italian and Europeanwebsit es, enabling us to give our cont ribut ionto contain the incident . Here some examples:

www.qualitapa.gov.it

appsrv.ice.gov.it


9/23


Symantec-Ponemon Report

What about the costs of a breach?


10/23


A Direct Consequence

According to EECTF Survey, companies arereluctant to report at tacks


11/23


Some Pieces.. . f rom UCAMP

Central Off ice for Means of Payment Fraud (UCAMP) isresponsible for Euro counterfeit ing and preventing fraud commit tedthrough the use of payment means other than cash

Italy is st ill a small market

010

20

30

40

50

60

70

Italy 2010

Euro Area 2009

EU 27 2009

Paymentmeans other than cash


12/23


0%

10%

20%

30%

40%

50%

60%

70%

80%

Italy UK France Australia

In Country

Abroad

Unrecognized transactions by area

0,000%

0,010%

0,020%

0,030%

0,040%

0,050%

0,060%

Italy Australia France

2009

2010

Losses causedbyfrauds

Italy is st ill a small market ... also for carders!

Some Pieces.. . f rom UCAMP


13/23


Some Pieces... from UCAMP

Preliminary data for 2011confirm the trends.

Unrecognized t ransactions involvingcards in It aly (organized by type)

ATM

25%

POS

70%

Internet

5%

2009

ATM

30%

POS

63%

Internet

7%

2010

In Italy the maj ority of f rauds are made via POS


14/23


Total

inspections

Total

complaints

Average

amount

People

charged

Fake

banks

Phishingin 2011

Some Pieces.. . f rom the Italian Police


15/23


Beyond Off icial Data.. . Here are Some Trends

Phishing and f inancial malware targets private companiesand publicadminist rationsmore then ever

In cyberf rauds, there are some special abilit ies related to ethnic groups

At the moment, in Italy:

Most of financial malware is a variant of ZeuS

On average, every 100 wire t ransfersmade by fraudsters, 80 are blockedbefore being sent .

Most of money mules are abroad


16/23


Efficiency in cross border payments is

st rongly increased by the inst it ut ion ofthe Single Euro Payment Area (SEPA).Most of these payments are nowexecuted within 1 day.

Also criminals take advantage of thissit uat ion so, most of the money mulesare abroad.

Italian Police is reinforcing it s directcontacts with other LEAs of the SEPAcount ries to increase efficiency.

Beyond Off icial Data.. . Here are Some Trends


17/23


Identity theftin 2011

Totalcomplaints

Totalinspections

Peoplecharged

Other Pieces.. . f rom the Italian Police


18/23


From figures to real crimes...

They steal thedigital signatureand put the

company of anunsuspect ingbusinessman intheir name:busted by the

Financial Police -03-26-2012


19/23


Here another example.. .

Many govagencies

hacked.Drop-zone was inMalesia.

An interest ing case of an Italian hacker t hat sent a lot a spear-phishing emails to users of t he local and cent ral PA. Using the

stolen password he sold to private invest igators il legalaccesses to sensit ive PII. Sentenced to 4 years in j ail .


20/23


A Last Piece... from Clusit Report

One major event


21/23


What to expect in the near future?

A growth of FinancialMalware on social and

mobile channels

1

A growth of the

non-Financial Targets

2

Achievement of the

Fraud-as-a-Servicemodel

3

Monetization of non

financial data

4

A growth in Hacktivism5

6 Efficient sharing of data

effectiveness in

countering botnets and

cybergangs


22/23


My worst nightmare

will we see this fusion in the future?


23/23

A "vision" of Cyber Crime in Italy by Matteo Cavallini

Documents

Transcript of A "vision" of Cyber Crime in Italy by Matteo Cavallini