Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • ISACA Cyber Crime in Uganda

    Enviado por

    Mustapha Mugisa
    80 visualizações28 páginas
    The problem of cyber crime in Uganda is a reality. Every time you connect to the Internet, you get exposed to risks of cyber crime including hacking. In this presentation, Mustapha Mugisa explains the common cyber crime scheme and countermeasures

    Título original

    ISACA cyber Crime in Uganda

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    The problem of cyber crime in Uganda is a reality. Every time you connect to the Internet, you get exposed to risks of cyber crime including hacking. In this presentation, Mustapha Mugisa explains the common cyber crime scheme and countermeasures

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    80 visualizações28 páginas

    ISACA Cyber Crime in Uganda

    Enviado por

    Mustapha Mugisa
    The problem of cyber crime in Uganda is a reality. Every time you connect to the Internet, you get exposed to risks of cyber crime including hacking. In this presentation, Mustapha Mugisa explains the common cyber crime scheme and countermeasures

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 28

    ISACA event

    26 June 2013, Hotel Africana, Kampala.

    Cybercrime in Uganda
    are you prepared?
    The extent of the problem, and way forward Mustapha B. Mugisa, CFE, CHFI, CISA, MBA
    Founder & CEO, Summit Consulting Ltd.
    www.summitcl.com Forensic. Advisory. Fraud.

    Perspective
    How much do you estimate is the risk of cyber crime to Uganda today?
    Image credit, ACFE.com

    Forensic. Advisory. Fraud

    Why care? Perspective

    Cybercrime and espionage are the top two challenges to USA national security today and in the future,
    President Barak Obama, March 2013.

    What does this mean to Uganda?


    www.summitcl.com Forensic. Advisory. Fraud.

    Are you safe online..


    If your security was breached, do you have the tools and expertise to proof it?
    Forensic. Advisory. Fraud
    Photo credit: UNCTAD photo

    Image credit, ACFE.com

    Lets talk cybercrime cases are sensitive


    Are you getting value for money from your pen tests?
    www.summitcl.com Forensic. Advisory. Fraud.

    Why care?

    Cyber crime vectors Computer related offenses Content related offenses Copyright related offenses Attack on security (CIA) is denial
    www.summitcl.com Forensic. Advisory. Fraud.

    Why care?

    Internet photo.

    The problem is huge for Africa, and Uganda. Not even mechanisms exists to quantify it!
    www.summitcl.com Forensic. Advisory. Fraud.

    Why care?

    Lots of attack vectors; Ugandans highly exposed


    www.summitcl.com

    http://qz .com/16 717/chin esecybercriminals -caughtlaunderi ng-48mlnthroughonlinegames/

    Forensic. Advisory. Fraud.

    Why care?
    http://w ww.obse rver.ug/i ndex.php ?option= com_con tent&vie w=article &id=245 89:ugandarevenueauthority -hackersjailed-12years
    Forensic. Advisory. Fraud.

    The URA hacking case is still fresh


    www.summitcl.com

    Why care? Cyber attack on Uganda Non-official websites come


    top on the search of the word museveni. How can NITA let this be!!!!

    www.summitcl.com

    Forensic. Advisory. Fraud.

    Why care? content Unacceptable

    www.summitcl.com

    Forensic. Advisory. Fraud.

    Why attacks care? in many ways Cyber


    1. Spam 2. Viruses, including key loggers common attack 3. Hacking; m-i-m attacks 4. Intellectual property theft 5. Phishing & identity theft 6. Denial of service most common 7. Data harvesting.
    www.summitcl.com Forensic. Advisory. Fraud.

    Why attacks care? in many ways Cyber


    1. Over 20 cases involving computer and mobile phones reported weekly to Uganda Police CID department:

    Cases of anonymous email

    investigations; Facebook identify theft, Bank fraud; Hacking into computer Systems esp on-line banking; and intellectual property theft
    Forensic. Advisory. Fraud.

    www.summitcl.com

    Why attacks care? in many ways Cyber


    All crimes reported at Police now involve use of computers or mobile phones Recent cases involve cyber stalking; cyber harassment and fraud

    www.summitcl.com

    Forensic. Advisory. Fraud.

    Recommended solutions
    Are you getting value for money from your pen tests?
    www.summitcl.com Forensic. Advisory. Fraud.

    Laws are in place, can you use them? Uganda Cyber Laws are three currently: 1. Computer Misuse Act, 2011 2. Electronic Transactions Act, 2011 3. Electronic Signatures Act, 2011
    Forensic. Advisory. Fraud

    All laws commenced in April 2011.

    Image credit, ACFE.com

    E.g. computer misuse long tittle


    Unauthorized access to private computers and network systems, deliberate corruption or destruction of other peoples data, disrupting the network or systems, introduction of viruses or disrupting the work of others; the creation and forwarding of defamatory material, infringement of copyright, as well as the transmission of classified data or other material to outside organizations etc any crime involving a computer.
    Forensic. Advisory. Fraud

    Image credit, ACFE.com

    Total ICT security


    #2. Empowering you to be secure! 96% of Government staff are not IT trained. Only 4% of are IT security professionals Where is your weakest link?

    For 96% of staff --- they must become Certified Secure Computer User (CSCU).
    www.summitcl.com Forensic. Advisory. Fraud.

    Total ICT security


    #2. Empowering you to be secure!

    For your 4% of staff --- they must attain Certified Ethical Hacker (CEH); Computer Hacking Forensic Investigator (CHFI); Certified Fraud Examiner (CFE) and Licensed Pen Tester (LPT).

    www.summitcl.com

    www.eccouncil.org

    Forensic. Advisory. Fraud.

    Our solution to you


    #3. Partner with our forensic lab Dont be held by staff at ransom!
    Know the smallest thing that was the source of the problem who, what, when, where and how & why and let us take care of all the legal issues involved. That is the objective of a forensic investigation

    www.summitcl.com

    Forensic. Advisory. Fraud.

    #3.1 Cyber crime investigations


    Insurance Claims Investigations

    Credit Card Fraud Tracking

    Global Asset Tracing

    Banking Frauds Investigations

    Cyber Crime Investigations

    Global Debt Recovery Investigations

    Organized Financial Crime Investigations

    Litigation Support

    Financial Data Theft

    #3.2 Online Brand Protection & Reputation Management


    Blogs/Forums Removal Online Counterfeit/Fake Products Tracking Reducing Visibility of Defaming Content
    www.summitcl.com

    Defaming removal Defaming Defaming Defaming

    Social Networking posts Blog Postings Removal Articles Removal website Removal

    Tracing suspected websites, blogs, forums abusers Getting information of people behind websites, blogs, forums Removal Actions for such websites
    Reduction in rankings of defaming content by positive SEO Reduction in rankings of defaming content by proprietary methods Increasing Positive content with right SEO techniques Forensic. Advisory. Fraud.

    #3.3 Total reactive solution


    Data Leakage Prevention

    Cyber Reputation Management

    Cyber Solutions to government

    Cyber Crime Investigations

    Smartphone, Laptops Security

    #3.4 Total security solution

    Regulatory Intelligence

    Cyber weaponry & defense

    Political Intelligence and cyber surveillance

    We can set up a lab to create, use and manage cyber weaponry for uplifting CIRT system Ugandas set up national security.

    Ensure effective investigations


    Digital forensic solutions investigations: Anything digital, weve the solutions.

    Specialized Training in fraud, IT security and forensic & risk management

    www.summitcl.com

    Forensic. Advisory. Fraud.

    Next steps
    You should 1. Sponsor staff for training in ethical hacking, digital forensics and CSCU 2. Require all staff using computers to be CSCU, to avoid data leakage and ensure accountability 3. Set a forensic services fund and we train all law enforcement as a PPPs something's are better centralized 4. Coopt private sector players to advise on key implementations e.g. CIRT, CWDS (cyber weaponry & defense system) etc
    www.summitcl.com Forensic. Advisory. Fraud.

    Next steps
    SCL productivity solutions Unified secure messaging system ERP Incident reporting and whistleblowing system E-Learning platform for in-house training
    Call us today
    www.summitcl.com Forensic. Advisory. Fraud.

    Q&A
    We take pride in doing the right thing, rather than what is right for the profitability of SCL.

    Thank you!

    www.summitcl.com

    Forensic. Advisory. Fraud.

    Você também pode gostar