SlideShare a Scribd company logo

A Day In The Life Of A Cyber Syndicate

J
Jacqueline Fick

A view into the daily operations of a South African cyber syndicate, written in diary form. Based on the experience on the presenter during her investigation and prosecution of cyber cases.

1 of 25
A day in the life of a cyber syndicate* ACFE SA Chapter Annual Conference 24-26 August 2009, Sandton Adv Jacqueline Fick: PwC Advisory *connectedthinking 
Contents Meet The Boss A day from the diary of The Boss How to ruin The Boss’ day Conclusion Disclaimer: The names, contact details, addresses and telephone numbers used in this presentation are fictitious. The sequence of events as contained in the diary entries are based on the experience and knowledge of the presenter, gained during the investigation and prosecution of cyber syndicates.
Meet The Boss Resume • I am a thirty seven year old South African male, but do have a passport from another country. • My skills include: - Computer skills, including programming, network administration, thorough knowledge of operating systems (Microsoft and open source) - Ability to network - Well-developed interpersonal skills - Entrepreneurial skills - Sound financial management skills A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 3
Meet The Boss Education Graduated from Malini High School with honours. • Completed a degree in Computer Science. - Completed several IT courses to stay up to date. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 4
Meet The Boss Career History Owned and taught at a computer college in Pietermaritzburg: • Average student count was 100 per year. • Also presented several training workshops for government departments. Owned and operated a travel agency: • Offices in Durban, Johannesburg and Botswana. Free-lance computer expert: • Programming, computer repairs, network administration. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 5
A day from the diary of The Boss An hourly account of his activities
The day starts … To do: Time: 7:00 1. Check email download of log files. 2. Analyse data. 3. Check for new version of spy software. 4. Check bank account. Errands: 1. Arrange trip to London and Botswana. Calls: 1. Phone Mpimpi for appointment at 12:00 (0723670545). 2. Phone Shooter for appointment at 13:00 (0798685409). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 7
Business intelligence To do: Time: 8:00 1. Breakfast with Mr. SASSA and Doc Health at 8:15. 2. Discuss rewards and way forward. Errands: 1. Pick up the goods before breakfast and place new order. Calls: 1. Phone Big Daddy to confirm goods are ready. 2. Phone Ms Works about BAS (011 555 7890). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 8
Meet the team To do: Time: 9:00 1. Meet with the boys. 2. Discuss action plan for the week. 3. Feedback on operations. Errands: 1. Get cards before meeting. Calls: 1. Phone Mr. Stationary to confirm meeting at 15:00. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 9
Disciplinary matters To do: Time: 10:00 1. Meeting with Shooter. 2. Agree on plan of action to sort out leaks and enforce discipline. Errands: 1. Transfer money: account 406067558 (R10 000). 2. Get gift for Big Daddy and hand to Shooter. Calls: 1. Phone Mr. Fuzz to confirm meeting and venue. 2. Phone Mpimpi to confirm meeting. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 10
Taking stock of business To do: Time: 11:00 1. Update business plan. 2. Draft contingency plan and do cash flow analysis. Errands: 1. Check emails for log files. Calls: 1. Call Mr. Parlour to catch up on things. 2. Call Mpumalanga. 3. Call Gangsters Paradise. 4. Call North West to confirm arrangements. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 11
Sorting out troublesome employees To do: Time: 12:00 1. Meeting with Mpimpi (take Shooter with) to review commitment to organisation. Errands: 1. Pick up CD’s and hand to Mpimpi. Calls: 1. Call Big Bucks and Easy Cash and confirm venue for meeting. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 12
New business opportunities To do: Time: 13:00 1. Meeting with Big Bucks and Easy Cash. 2. Determine amount of financial assistance they need for their children’s bursaries. 3. Discuss future business opportunities in new market. Errands: 1. Get cards and payment schedule from Ms Organised. Calls: 1. Phone Lady Network to tell her cards are ready (084 577 7871). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 13
Contingency planning To do: Time: 14:00 1. Meeting with Mr. Fuzz. 2. Buy him a big lunch and confirm regular appointments. Errands: 1. Fax update report on dockets and trials to La Law. Calls: 1. Call Big Daddy to inform about meeting with Mr. Fuzz. 2. Phone La Law about retainer and update on trials. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 14
Closing a deal To do: Time: 15:00 1. Meeting with Mr. Stationary and Mama Big Meals. 2. Agree on business transaction and involvement of other parties. Errands: 1. Get update on BAS entities. Calls: 1. Call Mr. Learning Curve to confirm BAS (082 2225676). 2. Call Mr SITA to get update on security (012 555 6667). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 15
Interview shortlist To do: Time: 16:00 1. Identify gaps and skills shortages in business plan. Errands: 1. Email business plan to Big Daddy for his input. Calls: 1. Call Big Daddy about possible new IT recruit and to establish what building material he needs for his house. 2. Phone Ms HR to hear who might be interested in new business opportunities. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 16
Review operations To do: Time: 17:00 1. Check email for reports on new installations. Errands: 1. Order building material for Big Daddy and send details to Mr. Stationary. Calls: 1. Phone Ulundi about installations. 2. Phone the boys for update report. 3. Phone Mr. SASSA for update. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 17
Reconciliations To do: Time: 18:00 1. Do recon on bank statements. 2. Do recon on log files. 3. Check for updates on software. Errands: 1. Go to Mama Big Meals to confirm menu for dinner. Calls: 1. Phone Shooter for feedback report on assignment. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 18
The day ends… To do: Time: 19:00 1. Meet with Sassy Mama at garage. Errands: 1. Pick up payment. 2. Pick up Dudu’s car. Calls: 1. Call Sassy Mama to confirm venue for meeting. 2. Call to Mr. Fuzz to follow up on hooter and flash. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 19
How to ruin The Boss’ day Look for the things that are not there Benefits of effective public private partnerships Prevention is better than prosecution
How to ruin The Boss’ day Look for the things that are not there Investigating cyber crime calls for a new approach: • Look for the things that are not there. • Follow the money. • Pro-active versus re-active. • Why would cyber criminals target your business/government department? • Don’t think that criminals prefer businesses over government. • Combining the old and the new. • Value of intelligence, informants and section 204 witnesses. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 21
How to ruin The Boss’ day Benefits of effective public private partnerships Fight cyber criminals with what they are after: Information. • Sharing of information within the business/government department. • Industry forums. • Cooperation between government and private sector. • Sharing of information and cooperation between government, private sector and law enforcement. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 22
How to ruin The Boss’ day Prevention is better than prosecution Successfully investigating and prosecuting cyber crime has proven difficult: • Focus on prevention rather than on waiting until you become a victim. • Start at home. • Make cyber security a business objective and integrate into business strategy and planning. • De-mystify cyber security. • Information Assurance and a Defence in Depth strategy: - Prevent, detect, react and recover. - Layered defence approach. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 23
Conclusion • Cyber criminals are intelligent, educated and well-versed in the skill of social engineering. • Often have close ties with traditional crime syndicates. • Leave their cyber fingerprint behind. • Well-organised, highly resourced and not afraid to resort to violence. • Criminals do not distinguish between private and public sector and neither should we! • Prevention is better than prosecution. • Benefits of effective public private partnerships. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 24
We are only as strong as the weakest link amongst us! A special word of thanks to Inspectors Sunethe Potgieter and Stephan Gouws of the Commercial Branch Pietermaritzburg and my former Scorpions team, who work tirelessly to put cyber syndicates behind bars. © 2009 PricewaterhouseCoopers Inc. All rights reserved. “PricewaterhouseCoopers” refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity. PricewaterhouseCoopers Inc is an authorised financial services provider. 

Recommended

Confidential resume of lisa campbell (5)
Confidential resume of lisa campbell (5)Confidential resume of lisa campbell (5)
Confidential resume of lisa campbell (5)Lisa Campbell
 
Recover Deleted Outlook Emails
Recover Deleted Outlook EmailsRecover Deleted Outlook Emails
Recover Deleted Outlook EmailsDataNumen, Inc.
 
Segunda evaluación
Segunda evaluaciónSegunda evaluación
Segunda evaluaciónmavimun
 
Le meilleur promoteur de condos à Québec
Le meilleur promoteur de condos à QuébecLe meilleur promoteur de condos à Québec
Le meilleur promoteur de condos à QuébecNorplex Ca
 
Vigilancia de mosquitos vectores 2003
Vigilancia de mosquitos vectores 2003Vigilancia de mosquitos vectores 2003
Vigilancia de mosquitos vectores 2003Jorge González
 
9 класс интернет
9 класс интернет9 класс интернет
9 класс интернетHelen2015
 
2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"
2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"
2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"DataNumen, Inc.
 
Your Country Needs You! Communicators in the US Government
Your Country Needs You! Communicators in the US GovernmentYour Country Needs You! Communicators in the US Government
Your Country Needs You! Communicators in the US GovernmentDavid Caruso
 

Recommended

Confidential resume of lisa campbell (5)
Confidential resume of lisa campbell (5)Confidential resume of lisa campbell (5)
Confidential resume of lisa campbell (5)Lisa Campbell
 
Recover Deleted Outlook Emails
Recover Deleted Outlook EmailsRecover Deleted Outlook Emails
Recover Deleted Outlook EmailsDataNumen, Inc.
 
Segunda evaluación
Segunda evaluaciónSegunda evaluación
Segunda evaluaciónmavimun
 
Le meilleur promoteur de condos à Québec
Le meilleur promoteur de condos à QuébecLe meilleur promoteur de condos à Québec
Le meilleur promoteur de condos à QuébecNorplex Ca
 
Vigilancia de mosquitos vectores 2003
Vigilancia de mosquitos vectores 2003Vigilancia de mosquitos vectores 2003
Vigilancia de mosquitos vectores 2003Jorge González
 
9 класс интернет
9 класс интернет9 класс интернет
9 класс интернетHelen2015
 
2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"
2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"
2 Ways to Fix Outlook Error "the file xxxx.pst is not a personal folders file"DataNumen, Inc.
 
Your Country Needs You! Communicators in the US Government
Your Country Needs You! Communicators in the US GovernmentYour Country Needs You! Communicators in the US Government
Your Country Needs You! Communicators in the US GovernmentDavid Caruso
 
Cloud+PostPC Project Presentation
Cloud+PostPC Project PresentationCloud+PostPC Project Presentation
Cloud+PostPC Project PresentationAmi Hollander
 
Lettura
LetturaLettura
Letturacentro-sinapsi
 
Disturbi dello Spettro Autistico
Disturbi dello Spettro AutisticoDisturbi dello Spettro Autistico
Disturbi dello Spettro Autisticocentro-sinapsi
 
Chiffres de l'emploi et du chômage des personnes handicapées 2015
Chiffres de l'emploi et du chômage des personnes handicapées 2015Chiffres de l'emploi et du chômage des personnes handicapées 2015
Chiffres de l'emploi et du chômage des personnes handicapées 2015Handirect 05
 
Constitución segundo y tercer ciclo
Constitución segundo y tercer cicloConstitución segundo y tercer ciclo
Constitución segundo y tercer ciclomavimun
 
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...Kinesis CEM, LLC
 
Disabilità Intellettiva
Disabilità IntellettivaDisabilità Intellettiva
Disabilità Intellettivacentro-sinapsi
 
Raciocínio lógico e matemática msgás - completa
Raciocínio lógico e matemática msgás - completaRaciocínio lógico e matemática msgás - completa
Raciocínio lógico e matemática msgás - completaNeon Online
 
Mi primer quijote (fragmentos)
Mi primer quijote (fragmentos)Mi primer quijote (fragmentos)
Mi primer quijote (fragmentos)jmarmar
 
NodeGrid Flex
NodeGrid FlexNodeGrid Flex
NodeGrid Flexzpeofficial
 
Starting category management in an organization
Starting category management in an organizationStarting category management in an organization
Starting category management in an organizationBenjamin Vanopbroeke
 
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XIPowerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XIwisnuwms
 
Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringJacqueline Fick
 
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaJacqueline Fick
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile LawJacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Jacqueline Fick
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsJacqueline Fick
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 

More Related Content

Viewers also liked

Cloud+PostPC Project Presentation
Cloud+PostPC Project PresentationCloud+PostPC Project Presentation
Cloud+PostPC Project PresentationAmi Hollander
 
Disturbi dello Spettro Autistico
Disturbi dello Spettro AutisticoDisturbi dello Spettro Autistico
Disturbi dello Spettro Autisticocentro-sinapsi
 
Chiffres de l'emploi et du chômage des personnes handicapées 2015
Chiffres de l'emploi et du chômage des personnes handicapées 2015Chiffres de l'emploi et du chômage des personnes handicapées 2015
Chiffres de l'emploi et du chômage des personnes handicapées 2015Handirect 05
 
Constitución segundo y tercer ciclo
Constitución segundo y tercer cicloConstitución segundo y tercer ciclo
Constitución segundo y tercer ciclomavimun
 
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...Kinesis CEM, LLC
 
Disabilità Intellettiva
Disabilità IntellettivaDisabilità Intellettiva
Disabilità Intellettivacentro-sinapsi
 
Raciocínio lógico e matemática msgás - completa
Raciocínio lógico e matemática msgás - completaRaciocínio lógico e matemática msgás - completa
Raciocínio lógico e matemática msgás - completaNeon Online
 
Mi primer quijote (fragmentos)
Mi primer quijote (fragmentos)Mi primer quijote (fragmentos)
Mi primer quijote (fragmentos)jmarmar
 
Starting category management in an organization
Starting category management in an organizationStarting category management in an organization
Starting category management in an organizationBenjamin Vanopbroeke
 
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XIPowerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XIwisnuwms
 

Viewers also liked (12)

Cloud+PostPC Project Presentation
Cloud+PostPC Project PresentationCloud+PostPC Project Presentation
Cloud+PostPC Project Presentation
 
Lettura
LetturaLettura
Lettura
 
Disturbi dello Spettro Autistico
Disturbi dello Spettro AutisticoDisturbi dello Spettro Autistico
Disturbi dello Spettro Autistico
 
Chiffres de l'emploi et du chômage des personnes handicapées 2015
Chiffres de l'emploi et du chômage des personnes handicapées 2015Chiffres de l'emploi et du chômage des personnes handicapées 2015
Chiffres de l'emploi et du chômage des personnes handicapées 2015
 
Constitución segundo y tercer ciclo
Constitución segundo y tercer cicloConstitución segundo y tercer ciclo
Constitución segundo y tercer ciclo
 
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
Not All Customer Experience Variation is Equal - Common Cause vs. Special Cau...
 
Disabilità Intellettiva
Disabilità IntellettivaDisabilità Intellettiva
Disabilità Intellettiva
 
Raciocínio lógico e matemática msgás - completa
Raciocínio lógico e matemática msgás - completaRaciocínio lógico e matemática msgás - completa
Raciocínio lógico e matemática msgás - completa
 
Mi primer quijote (fragmentos)
Mi primer quijote (fragmentos)Mi primer quijote (fragmentos)
Mi primer quijote (fragmentos)
 
NodeGrid Flex
NodeGrid FlexNodeGrid Flex
NodeGrid Flex
 
Starting category management in an organization
Starting category management in an organizationStarting category management in an organization
Starting category management in an organization
 
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XIPowerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
Powerpoint Global Warming (Pemanasan Global) Fisika Kelas XI
 

More from Jacqueline Fick

Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringJacqueline Fick
 
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Jacqueline Fick
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaJacqueline Fick
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile LawJacqueline Fick
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateJacqueline Fick
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Jacqueline Fick
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsJacqueline Fick
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 

More from Jacqueline Fick (8)

Organised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeeringOrganised crime and presenting evidence on racketeering
Organised crime and presenting evidence on racketeering
 
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...
 
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South AfricaCyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
Cyber Crime 101: The Impact of Cyber Crime on Higher Education in South Africa
 
International Trends in Mobile Law
International Trends in Mobile LawInternational Trends in Mobile Law
International Trends in Mobile Law
 
A Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber SyndicateA Day In The Life Of A Cyber Syndicate
A Day In The Life Of A Cyber Syndicate
 
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
Prevention Is Better Than Prosecution: Deepening the defence against cyber c...
 
Cybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnershipsCybercrime In South Africa and the benefits of public private partnerships
Cybercrime In South Africa and the benefits of public private partnerships
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
 

A Day In The Life Of A Cyber Syndicate

  • 1. A day in the life of a cyber syndicate* ACFE SA Chapter Annual Conference 24-26 August 2009, Sandton Adv Jacqueline Fick: PwC Advisory *connectedthinking 
  • 2. Contents Meet The Boss A day from the diary of The Boss How to ruin The Boss’ day Conclusion Disclaimer: The names, contact details, addresses and telephone numbers used in this presentation are fictitious. The sequence of events as contained in the diary entries are based on the experience and knowledge of the presenter, gained during the investigation and prosecution of cyber syndicates.
  • 3. Meet The Boss Resume • I am a thirty seven year old South African male, but do have a passport from another country. • My skills include: - Computer skills, including programming, network administration, thorough knowledge of operating systems (Microsoft and open source) - Ability to network - Well-developed interpersonal skills - Entrepreneurial skills - Sound financial management skills A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 3
  • 4. Meet The Boss Education Graduated from Malini High School with honours. • Completed a degree in Computer Science. - Completed several IT courses to stay up to date. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 4
  • 5. Meet The Boss Career History Owned and taught at a computer college in Pietermaritzburg: • Average student count was 100 per year. • Also presented several training workshops for government departments. Owned and operated a travel agency: • Offices in Durban, Johannesburg and Botswana. Free-lance computer expert: • Programming, computer repairs, network administration. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 5
  • 6. A day from the diary of The Boss An hourly account of his activities
  • 7. The day starts … To do: Time: 7:00 1. Check email download of log files. 2. Analyse data. 3. Check for new version of spy software. 4. Check bank account. Errands: 1. Arrange trip to London and Botswana. Calls: 1. Phone Mpimpi for appointment at 12:00 (0723670545). 2. Phone Shooter for appointment at 13:00 (0798685409). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 7
  • 8. Business intelligence To do: Time: 8:00 1. Breakfast with Mr. SASSA and Doc Health at 8:15. 2. Discuss rewards and way forward. Errands: 1. Pick up the goods before breakfast and place new order. Calls: 1. Phone Big Daddy to confirm goods are ready. 2. Phone Ms Works about BAS (011 555 7890). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 8
  • 9. Meet the team To do: Time: 9:00 1. Meet with the boys. 2. Discuss action plan for the week. 3. Feedback on operations. Errands: 1. Get cards before meeting. Calls: 1. Phone Mr. Stationary to confirm meeting at 15:00. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 9
  • 10. Disciplinary matters To do: Time: 10:00 1. Meeting with Shooter. 2. Agree on plan of action to sort out leaks and enforce discipline. Errands: 1. Transfer money: account 406067558 (R10 000). 2. Get gift for Big Daddy and hand to Shooter. Calls: 1. Phone Mr. Fuzz to confirm meeting and venue. 2. Phone Mpimpi to confirm meeting. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 10
  • 11. Taking stock of business To do: Time: 11:00 1. Update business plan. 2. Draft contingency plan and do cash flow analysis. Errands: 1. Check emails for log files. Calls: 1. Call Mr. Parlour to catch up on things. 2. Call Mpumalanga. 3. Call Gangsters Paradise. 4. Call North West to confirm arrangements. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 11
  • 12. Sorting out troublesome employees To do: Time: 12:00 1. Meeting with Mpimpi (take Shooter with) to review commitment to organisation. Errands: 1. Pick up CD’s and hand to Mpimpi. Calls: 1. Call Big Bucks and Easy Cash and confirm venue for meeting. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 12
  • 13. New business opportunities To do: Time: 13:00 1. Meeting with Big Bucks and Easy Cash. 2. Determine amount of financial assistance they need for their children’s bursaries. 3. Discuss future business opportunities in new market. Errands: 1. Get cards and payment schedule from Ms Organised. Calls: 1. Phone Lady Network to tell her cards are ready (084 577 7871). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 13
  • 14. Contingency planning To do: Time: 14:00 1. Meeting with Mr. Fuzz. 2. Buy him a big lunch and confirm regular appointments. Errands: 1. Fax update report on dockets and trials to La Law. Calls: 1. Call Big Daddy to inform about meeting with Mr. Fuzz. 2. Phone La Law about retainer and update on trials. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 14
  • 15. Closing a deal To do: Time: 15:00 1. Meeting with Mr. Stationary and Mama Big Meals. 2. Agree on business transaction and involvement of other parties. Errands: 1. Get update on BAS entities. Calls: 1. Call Mr. Learning Curve to confirm BAS (082 2225676). 2. Call Mr SITA to get update on security (012 555 6667). A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 15
  • 16. Interview shortlist To do: Time: 16:00 1. Identify gaps and skills shortages in business plan. Errands: 1. Email business plan to Big Daddy for his input. Calls: 1. Call Big Daddy about possible new IT recruit and to establish what building material he needs for his house. 2. Phone Ms HR to hear who might be interested in new business opportunities. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 16
  • 17. Review operations To do: Time: 17:00 1. Check email for reports on new installations. Errands: 1. Order building material for Big Daddy and send details to Mr. Stationary. Calls: 1. Phone Ulundi about installations. 2. Phone the boys for update report. 3. Phone Mr. SASSA for update. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 17
  • 18. Reconciliations To do: Time: 18:00 1. Do recon on bank statements. 2. Do recon on log files. 3. Check for updates on software. Errands: 1. Go to Mama Big Meals to confirm menu for dinner. Calls: 1. Phone Shooter for feedback report on assignment. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 18
  • 19. The day ends… To do: Time: 19:00 1. Meet with Sassy Mama at garage. Errands: 1. Pick up payment. 2. Pick up Dudu’s car. Calls: 1. Call Sassy Mama to confirm venue for meeting. 2. Call to Mr. Fuzz to follow up on hooter and flash. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 19
  • 20. How to ruin The Boss’ day Look for the things that are not there Benefits of effective public private partnerships Prevention is better than prosecution
  • 21. How to ruin The Boss’ day Look for the things that are not there Investigating cyber crime calls for a new approach: • Look for the things that are not there. • Follow the money. • Pro-active versus re-active. • Why would cyber criminals target your business/government department? • Don’t think that criminals prefer businesses over government. • Combining the old and the new. • Value of intelligence, informants and section 204 witnesses. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 21
  • 22. How to ruin The Boss’ day Benefits of effective public private partnerships Fight cyber criminals with what they are after: Information. • Sharing of information within the business/government department. • Industry forums. • Cooperation between government and private sector. • Sharing of information and cooperation between government, private sector and law enforcement. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 22
  • 23. How to ruin The Boss’ day Prevention is better than prosecution Successfully investigating and prosecuting cyber crime has proven difficult: • Focus on prevention rather than on waiting until you become a victim. • Start at home. • Make cyber security a business objective and integrate into business strategy and planning. • De-mystify cyber security. • Information Assurance and a Defence in Depth strategy: - Prevent, detect, react and recover. - Layered defence approach. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 23
  • 24. Conclusion • Cyber criminals are intelligent, educated and well-versed in the skill of social engineering. • Often have close ties with traditional crime syndicates. • Leave their cyber fingerprint behind. • Well-organised, highly resourced and not afraid to resort to violence. • Criminals do not distinguish between private and public sector and neither should we! • Prevention is better than prosecution. • Benefits of effective public private partnerships. A day in the life of a cyber syndicate August 2009 PricewaterhouseCoopers Slide 24
  • 25. We are only as strong as the weakest link amongst us! A special word of thanks to Inspectors Sunethe Potgieter and Stephan Gouws of the Commercial Branch Pietermaritzburg and my former Scorpions team, who work tirelessly to put cyber syndicates behind bars. © 2009 PricewaterhouseCoopers Inc. All rights reserved. “PricewaterhouseCoopers” refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity. PricewaterhouseCoopers Inc is an authorised financial services provider. 