ISACA cyber Crime in Uganda

Published on May 2016 | Categories: Types, Presentations | Downloads: 85 | Comments: 0 | Views: 486
of 28
Download PDF   Embed   Report

The problem of cyber crime in Uganda is a reality. Every time you connect to the Internet, you get exposed to risks of cyber crime including hacking. In this presentation, Mustapha Mugisa explains the common cyber crime scheme and countermeasures

Comments

Content

ISACA event
26 June 2013, Hotel Africana, Kampala.

Cybercrime in Uganda
are you prepared?
The extent of the problem, and way forward Mustapha B. Mugisa, CFE, CHFI, CISA, MBA
Founder & CEO, Summit Consulting Ltd.
www.summitcl.com Forensic. Advisory. Fraud.

Perspective
How much do you estimate is the risk of cyber crime to Uganda today?
Image credit, ACFE.com

Forensic. Advisory. Fraud

Why care? Perspective



“Cybercrime and espionage are the top two challenges to USA national security today and in the future”,
President Barak Obama, March 2013.

What does this mean to Uganda?
www.summitcl.com Forensic. Advisory. Fraud.

Are you safe online..
If your security was breached, do you have the tools and expertise to proof it?
Forensic. Advisory. Fraud
Photo credit: UNCTAD photo

Image credit, ACFE.com

Let’s talk cybercrime cases are sensitive…
Are you getting value for money from your pen tests?
www.summitcl.com Forensic. Advisory. Fraud.

Why care?

Cyber crime vectors • Computer related offenses • Content related offenses • Copyright related offenses • Attack on security (CIA) is denial
www.summitcl.com Forensic. Advisory. Fraud.

Why care?

Internet photo.

The problem is huge for Africa, and Uganda. Not even mechanisms exists to quantify it!
www.summitcl.com Forensic. Advisory. Fraud.

Why care?

Lots of attack vectors; Ugandans highly exposed…
www.summitcl.com

http://qz .com/16 717/chin esecybercriminals -caughtlaunderi ng-48mlnthroughonlinegames/

Forensic. Advisory. Fraud.

Why care?
http://w ww.obse rver.ug/i ndex.php ?option= com_con tent&vie w=article &id=245 89:ugandarevenueauthority -hackersjailed-12years
Forensic. Advisory. Fraud.

The URA hacking case is still fresh…
www.summitcl.com

Why care? Cyber attack on Uganda … Non-official websites come
top on the search of the word “museveni”. How can NITA let this be!!!!

www.summitcl.com

Forensic. Advisory. Fraud.

Why care? content… Unacceptable

www.summitcl.com

Forensic. Advisory. Fraud.

Why attacks care? in many ways… Cyber
1. Spam 2. Viruses, including key loggers – common attack 3. Hacking; m-i-m attacks 4. Intellectual property theft 5. Phishing & identity theft 6. Denial of service – most common 7. Data harvesting.
www.summitcl.com Forensic. Advisory. Fraud.

Why attacks care? in many ways… Cyber
1. Over 20 cases involving computer and mobile phones reported weekly to Uganda Police CID department:

• Cases of anonymous email

investigations; Facebook identify theft, Bank fraud; Hacking into computer Systems esp on-line banking; and intellectual property theft
Forensic. Advisory. Fraud.

www.summitcl.com

Why attacks care? in many ways… Cyber
• All crimes reported at Police now involve use of computers or mobile phones • Recent cases involve cyber stalking; cyber harassment and fraud

www.summitcl.com

Forensic. Advisory. Fraud.

Recommended solutions…
Are you getting value for money from your pen tests?
www.summitcl.com Forensic. Advisory. Fraud.

Laws are in place, can you use them? “Uganda Cyber Laws” are three currently: 1. Computer Misuse Act, 2011 2. Electronic Transactions Act, 2011 3. Electronic Signatures Act, 2011
Forensic. Advisory. Fraud

All laws commenced in April 2011.

Image credit, ACFE.com

E.g. computer misuse long tittle
“Unauthorized access to private computers and network systems, deliberate corruption or destruction of other people’s data, disrupting the network or systems, introduction of viruses or disrupting the work of others; the creation and forwarding of defamatory material, infringement of copyright, as well as the transmission of classified data or other material to outside organizations… etc… any crime involving a computer.”
Forensic. Advisory. Fraud

Image credit, ACFE.com

Total ICT security…
#2. Empowering you to be secure! • 96% of Government staff are not IT trained. • Only 4% of are IT security professionals • Where is your weakest link?

For 96% of staff --- they must become Certified Secure Computer User (CSCU).
www.summitcl.com Forensic. Advisory. Fraud.

Total ICT security…
#2. Empowering you to be secure!

For your 4% of staff --- they must attain Certified Ethical Hacker (CEH); Computer Hacking Forensic Investigator (CHFI); Certified Fraud Examiner (CFE) and Licensed Pen Tester (LPT).

www.summitcl.com

www.eccouncil.org

Forensic. Advisory. Fraud.

Our solution to you…
#3. Partner with our forensic lab Don’t be held by staff at ransom!
Know the smallest thing that was the source of the problem… who, what, when, where and how & why – and let us take care of all the legal issues involved. That is the objective of a forensic investigation

www.summitcl.com

Forensic. Advisory. Fraud.

#3.1 Cyber crime investigations
Insurance Claims Investigations

Credit Card Fraud Tracking

Global Asset Tracing

Banking Frauds Investigations

Cyber Crime Investigations

Global Debt Recovery Investigations

Organized Financial Crime Investigations

Litigation Support

Financial Data Theft

#3.2 Online Brand Protection & Reputation Management
Blogs/Forums Removal Online Counterfeit/Fake Products Tracking Reducing Visibility of Defaming Content
www.summitcl.com

• Defaming removal • Defaming • Defaming • Defaming

Social Networking posts Blog Postings Removal Articles Removal website Removal

• Tracing suspected websites, blogs, forums abusers • Getting information of people behind websites, blogs, forums • Removal Actions for such websites
• Reduction in rankings of defaming content by positive SEO • Reduction in rankings of defaming content by proprietary methods • Increasing Positive content with right SEO techniques Forensic. Advisory. Fraud.

#3.3 Total reactive solution
Data Leakage Prevention

Cyber Reputation Management

Cyber Solutions to government

Cyber Crime Investigations

Smartphone, Laptops Security

#3.4 Total security solution

Regulatory Intelligence

Cyber weaponry & defense

Political Intelligence and cyber surveillance

We can set up a lab to create, use and manage cyber weaponry for uplifting CIRT system Uganda’s set up national security.

Ensure effective investigations
Digital forensic solutions –investigations: Anything digital, we’ve the solutions.

Specialized Training in fraud, IT security and forensic & risk management

www.summitcl.com

Forensic. Advisory. Fraud.

Next steps…
You should 1. Sponsor staff for training in ethical hacking, digital forensics and CSCU 2. Require all staff using computers to be CSCU, to avoid data leakage and ensure accountability 3. Set a forensic services fund – and we train all law enforcement as a PPPs – something's are better centralized 4. Coopt private sector players to advise on key implementations e.g. CIRT, CWDS (cyber weaponry & defense system) etc…
www.summitcl.com Forensic. Advisory. Fraud.

Next steps…
SCL productivity solutions • Unified secure messaging system • ERP • Incident reporting and whistleblowing system • E-Learning platform for in-house training
Call us today
www.summitcl.com Forensic. Advisory. Fraud.

Q&A
We take pride in doing the right thing, rather than what is right for the profitability of SCL.

Thank you!

www.summitcl.com

Forensic. Advisory. Fraud.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close