Die Präsentation wird geladen. Bitte warten

Die Präsentation wird geladen. Bitte warten

CYCO and MELANI – SwiNOG Meeting 2007

Veröffentlicht von:Poldie Lehn Geändert vor über 10 Jahren

Ähnliche Präsentationen

Präsentation zum Thema: "CYCO and MELANI – SwiNOG Meeting 2007"—  Präsentation transkript:

1 CYCO and MELANI – SwiNOG Meeting 2007
Marc Henauer Head of Unit MELANI/Cybercrime Eidgenössisches Justiz- und Polizeidepartment (EJPD)

2 MoU between Cantons and Federation Proportional Distribution of Costs
SCOCI – KOBIK – CYCO MoU between Cantons and Federation Proportional Distribution of Costs Competences stay the same Le SCOCI est donc issu d‘un accord entre les administrations fédérales et cantonales. Ceux-ci se partagent les coûts et les compétences. Les clients du SCOCI sont en premier lieu les polices cantonales, les autorités judiciaires et les fournisseurs d‘accès Internet. Le but final est de exploiter les synergies. Clients: Police, Justice, ISP, Public Open-Up Synergies Eidgenössisches Justiz- und Polizeidepartment (EJPD)

3 KSBS KKJPD KKPKS fedpol Governing Board CYCO fedpol DAP CYCO
Organisation Organisation KSBS KKJPD KKPKS fedpol Governing Board CYCO fedpol DAP CYCO Monitoring OSINT Clearing / Analysis MELANI Eidgenössisches Justiz- und Polizeidepartment (EJPD)

4 1) Reception, Viewing, Securing and first Analysis of an Anouncement
How does Cyco work ? 1) Reception, Viewing, Securing and first Analysis of an Anouncement 2) Active Research = Monitoring In both cases CYCO produces a file, showing criminal intent and sends it to the judicial authorities of the cantons. Eidgenössisches Justiz- und Polizeidepartment (EJPD)

5 Announcements Monitoring Criminal Files Prevention, Analysis Mission
fedpol KKPKS Mission KSBS KKJPD Governing Board Means Internet CLEMONA Lawyers, Developers, Network Specialists, Police, Journalist, IT-Security Experts,…. Services Announcements Monitoring Products Criminal Files Prevention, Analysis Clients Eidgenössisches Justiz- und Polizeidepartment (EJPD) Public Cantons Federation FL Interpol

6 High Resonance Eidgenössisches Justiz- und Polizeidepartment (EJPD)

7 Example - Grooming Eidgenössisches Justiz- und Polizeidepartment (EJPD)

8 Eidgenössisches Justiz- und Polizeidepartment (EJPD)

9 What is getting reported?
Eidgenössisches Justiz- und Polizeidepartment (EJPD)

10 CYCO Cases 2006 Eidgenössisches Justiz- und Polizeidepartment (EJPD)

11 ~ 90% Investigation are opened and a house search is made.
Does it Work ? ~ 90% Investigation are opened and a house search is made. ~ 80% Illegal material is seized. Problems: Time, Cybercafé, Chat ~ 85% Lead to a conviction Problems: Chat, Intent Eidgenössisches Justiz- und Polizeidepartment (EJPD)

12 400 – 600 Announcements per Month
So Below the line… 400 – 600 Announcements per Month Clear Necessity for an active Monitoring Clients are Happy – But also Demanding Key to Success Motivated Team Cooperation Innovation Eidgenössisches Justiz- und Polizeidepartment (EJPD)

13 MELANI Eidgenössisches Justiz- und Polizeidepartment (EJPD)

14 MELANI – A PPP for the Protection of the NCII
MELANI – Melde- und Analysestelle Informationssicherung Situation and intelligence centre of the Federal Government for the protection of the critical information infrastructure Provides operators of critical infrastructures, such as energy suppliers banks telcos and so forth... with information and resources coming from intelligence law enforcement national CERT (Computer Emergency Response Team) Eidgenössisches Justiz- und Polizeidepartment (EJPD)

15 MELANI: Functionalities – Co-operation Partners
Intelligence – Service for Analysis and Prevention (SAP) with the Federal Office of Police (fedpol) cybercrime (Cybercrime Co-ordination Unit, CYCO) politically motivated hacking and national security well established co-operation with the private sector CERT – Swiss Education & Research Network (SWITCH) experience in running a CERT access to the world-wide network of CERTs (FIRST, ...) Supervision – Federal Strategy Unit for IT (FSUIT) active in CIIP since 1997 relations to relevant CIIP organisations abroad Eidgenössisches Justiz- und Polizeidepartment (EJPD)

16 MELANI: Organizational Model
FSUIT MELANI fedpol Head MELANI Ruedi Rytz SWITCH Information Head Situation Centre Marc Henauer Head SWITCH-CERT Serge Droz MELANI Analyst Scientific Staff Eidgenössisches Justiz- und Polizeidepartment (EJPD)

17 MELANI-Network: National Contact Point
Switzerland World-Wide Co-operation Federal Office for Information Security (BSI) National Infrastructure Security Co-ordination Centre (CPNI) Department of Homeland Security (DHS) CIIP-Network / Policy Makers (FSUIT) Intelligence (fedpol: SAP) „Club de Berne“ Intelligence Community MELANI Operators of Critical Infrastructures High Tech Crime Units Europol, Interpol Cyber Crime Convention (Council of Europe) High-Tech Crime (fedpol: CYCO) European Government CERTs (EGC) Task Force CSIRT (TF-CSIRT) Forum of Incident Response and Security Teams (FIRST) CERT (SWITCH) Eidgenössisches Justiz- und Polizeidepartment (EJPD)

18 Services for MELANI open
Daily business Announcement of warnings, and information („tips“) in „appropriate form“ (language D, F, I, technical details) Publication of material for incident prevention (e.g. good practices e.g. for e-banking, operating systems, …) Possibility to report incidents and attacks In case of an incident Hints on problem resolution Expert advice on law enforcement Eidgenössisches Justiz- und Polizeidepartment (EJPD)

19 Closed Constituency (Mai 2007)
Critical Infrastructure # Companies Telecommunications: 5 Energy Supply: 4 Finance: Transportation: 2 Health Care: 1 Public Administration: 4 Total: (~ 70 people) Eidgenössisches Justiz- und Polizeidepartment (EJPD)

20 Services for the CC - Example: Espionage – Trojan Horse
Seemingly useful program containing hidden functions. Such functions can be used for the purpose of espionage, for the remote control of the PC, for sending spam, and so forth. Trojan horses may find their way to the PC by „voluntary“ installation exploiting vulnerabilities Eidgenössisches Justiz- und Polizeidepartment (EJPD)

21 Warning for the Closed Constituency
As an example, the warning of January 2007 The advisory contains pieces of information on detected attack vectors. System administrators may use them in order to verify whether they are affected. Eidgenössisches Justiz- und Polizeidepartment (EJPD)

22 MELANI-Net: Incident handling
Adding comments incl. file attachments Description of the incident (Visibilty depends on the user) Comments Eidgenössisches Justiz- und Polizeidepartment (EJPD)

Herunterladen ppt "CYCO and MELANI – SwiNOG Meeting 2007"

Ähnliche Präsentationen

Weinviertel-Südmähren-Westslowakei

Weinviertel-Südmähren-Westslowakei
Cadastre for the 21st Century – The German Way

Cadastre for the 21st Century – The German Way
Service Oriented Architectures for Remote Instrumentation

Service Oriented Architectures for Remote Instrumentation
PRESENTATION HEADLINE

PRESENTATION HEADLINE
An new European Power Network: Student Power

An new European Power Network: Student Power
Environmental Assessment in Germany Environmental Assessment in Federations: Current Dynamics and Emerging Issues September 13 -15, 2009 Ottawa, Canada.

Environmental Assessment in Germany Environmental Assessment in Federations: Current Dynamics and Emerging Issues September , 2009 Ottawa, Canada.
PSI and Competition The General Framework

PSI and Competition The General Framework
The „Metropolitankonferenz Zürich“ – a new model for regional co-operation? AER Summerschool 2010 23.08.2010 Wilfried Anreiter Amt für Verkehr Kanton.

The „Metropolitankonferenz Zürich“ – a new model for regional co-operation? AER Summerschool Wilfried Anreiter Amt für Verkehr Kanton.
Guten Tag! Good morning! ¡Buenos días! Bongiorno!.

Guten Tag! Good morning! ¡Buenos días! Bongiorno!.
E-Solutions mySchoeller.com for Felix Schoeller Imaging

E-Solutions mySchoeller.com for Felix Schoeller Imaging
Themenportal Europäische Geschichte / Web portal European History

Themenportal Europäische Geschichte / Web portal European History
Ekkehard Nuissl ACE-Staff: Field, Activities, Competences, European Conference Qualifying the Actors in Adult and Continuing Education. Trends and Perspectives.

Ekkehard Nuissl ACE-Staff: Field, Activities, Competences, European Conference Qualifying the Actors in Adult and Continuing Education. Trends and Perspectives.
DNS-Resolver-Mechanismus

DNS-Resolver-Mechanismus
P R O B e r u f ProBeruf e.V. Angelika Bühler Arbeitstreffen EP-EvaluatorInnen und der Programm-Evaluation EQUAL, 15. / 16. Dez. 2004, Berlin Mehrwert.

P R O B e r u f ProBeruf e.V. Angelika Bühler Arbeitstreffen EP-EvaluatorInnen und der Programm-Evaluation EQUAL, 15. / 16. Dez. 2004, Berlin Mehrwert.
Forschungsdatenzentrum der Bundesagentur für Arbeit im Institut für Arbeitsmarkt- und Berufsforschung Two Issues on Remote Data Access.

Forschungsdatenzentrum der Bundesagentur für Arbeit im Institut für Arbeitsmarkt- und Berufsforschung Two Issues on Remote Data Access.
R. Zankl – Ch. Oelschlegel – M. Schüler – M. Karg – H. Obermayer R. Gottanka – F. Rösch – P. Keidler – A. Spangler14.01.2008 6th Expert Meeting Business.

R. Zankl – Ch. Oelschlegel – M. Schüler – M. Karg – H. Obermayer R. Gottanka – F. Rösch – P. Keidler – A. Spangler th Expert Meeting Business.
Herzlich Willkommen zum Informations-Forum: SAP Interoperabilität

Herzlich Willkommen zum Informations-Forum: SAP Interoperabilität
© 2006 Open Grid Forum OGF26 - Chapel Hill, May 2009 Addressing Metadata Challenges OGF Digital Repositories RG.

© 2006 Open Grid Forum OGF26 - Chapel Hill, May 2009 Addressing Metadata Challenges OGF Digital Repositories RG.
An OGC Standards Driven Geodata Online Access for DLRs National Remote Sensing Data Library (NRSDL) Torsten Heinen German Remote Sensing Data Center (DLR/DFD)

An OGC Standards Driven Geodata Online Access for DLRs National Remote Sensing Data Library (NRSDL) Torsten Heinen German Remote Sensing Data Center (DLR/DFD)
First Seminar in Brussels, 15th of December 2010

First Seminar in Brussels, 15th of December 2010

Ähnliche Präsentationen

Google-Anzeigen