Cybercrime Oklahoma Association April 6, 2017 College .
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersApril 6, 2017About the PresenterCYBERCRIMEOklahoma Association of Collegeand University Business OfficersJeffrey Kline 26 years of information technology and information security experience Master of Science in Information Systems from Dakota State University Technology and Management Consulting with RSM Located in Sioux Falls, South Dakota April 6, 2017 2017 RSM US LLP. All Rights Reserved.Rapid Assessment Data Storage SMEVirtual Desktop InfrastructureMicrosoft Windows NetworkingVirtualization Platforms 2017 RSM US LLP. All Rights Reserved.Content - Outline History and introduction to cybercrimes Common types and examples of cybercrime Social Engineering Anatomy of the attackINTRODUCTION TOCYBERCRIME What can you do to protect yourself Closing thoughts 2017 RSM US LLP. All Rights Reserved.CybercrimeCybercrime is any type of criminalactivity that involves the use of acomputer or other cyber device. Computers used as the tool Computers used as the target 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.Long History of Cybercrime1971John Draper uses toy whistle from Cap’n Crunch cerealbox to make free phone calls1973Teller at New York Dime Savings Bank uses computer tofunnel 1.5 million into his personal bank account1981First convicted felon of a cybercrime – “Captain Zap”who broke into AT&T computers1983UCLA student used a PC to break into the DefenseDepartment’s international communication system1984Counterfeit Access Device and Computer Fraud andAbuse Act was passed 2017 RSM US LLP. All Rights Reserved.1
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersLong History of Cybercrime (continued)1994Russian hackers steal 10 million from Citibank anddistribute the money to bank accounts around the world1995European Trekies / hackers compromised Newscorp /SKY‐TV to allow illegal access to Star Trek re‐runs inGermany1999The Melissa worm was one of the first to automaticallypropagate via email2002British hacker accessed 97 US Air Force, Army, Navy,NASA, Pentagon, and DoD computers – looking forevidence of UFOs.2016Hacked American election? 2017 RSM US LLP. All Rights Reserved.April 6, 20172017’s Latest Trends in Cybercrime Politically-motivated attacks are on the rise Increased attention to public utilities being paid by foreignhackers Distributed denial of service (DDOS) attacks using the Internet ofthings (IoT) Increasing sophistication in spear phishing attacks Cyber criminals are using tools and techniques to make detectioneven more difficult Zero-day attacks are on the decline 2017 RSM US LLP. All Rights Reserved.Cybercrime FactsCrime-as-a-Service Cybercrime has recently surpassed illegal drug trafficking as a criminalmoney-maker Growing industry of hackers for hire A personal identity is stolen once every 3.1 seconds as a result ofcybercrime Nearly half of all cybercrimes are committed against small businesses Exponential growth in the number of potential victims including:smartphones, cars, railways, planes, power grids, security cameras,refrigerators, garage door openers, etc. Some countries, including the UK, see cybercrime surpassing all othertraditional crime 2017 RSM US LLP. All Rights Reserved.Crime-as-a-Service – Dark Web Hacking tools for sale Digital currency laundering services Hosting services designed for malware “Customer service” centers for ransomwareSkillMotivation The Dark Web is home to EBay-like clearinghouses for a huge array of criminal servicesand products 2017 RSM US LLP. All Rights Reserved.Digital Currencies Bitcoin is the most commonly used digitalcurrency Relies on a decentralized ledger called ablockchain New Bitcoins are created through minting Pseudonymous Bitcoin exchanges buy/sell Bitcoins Price fluctuates with exchange rateToday’s Exchange Rate: 1 Bitcoin 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.2
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersCybercrime is increasingApril 6, 2017High cost of lost data2016 saw aData breaches cost on averageincrease in data breaches over 2015,and 2017 is expected to have a largerincrease yetper lost record 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.Huge global costsData loss happens fast Global cost of cybercrime is estimated to hitof databreachesresult in theloss of datawithin the firstby 2019hours 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved. but our response is slowPersistent threatsAttackers are in a network an average ofof databreaches arediscoveredwithindays before being detectedhours of occurring 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.3
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersApril 6, 2017Reputation riskOnlyCOMMON TYPES OFCYBERCRIMEof breaches are self-detected by thecompromised organization 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.Business Email CompromiseBEC – Method 1 Targeted attack on a business Foreign Supplier Based on a compromise of legitimate business email account Relies on social engineering and/or data breach Mostly fraudulent wire transfers, but sometimes other forms ofpayment (checks) From January of 2015 to June 2016, there was a 1,300%increase in losses due to BEC Average loss is 130,000 2017 RSM US LLP. All Rights Reserved. Victim is usually a business that has along history and relationship with aforeign supplier Fraudulent request is made for invoicepayment to a different account Email request will very-closely spooflegitimate request and will be difficult toidentify as fraudulent Sometimes also conducted by phone callor fax. 2017 RSM US LLP. All Rights Reserved.BEC – Method 2BEC – Method 3 Business Executive Employee Email Email account of executive is eitherspoofed or hacked Wire transfer request is made by the“executive” to another employee Fraudulent request may also be made tothe company’s financial institution Request usually has an urgent nature 2017 RSM US LLP. All Rights Reserved.RSM US LLP A business employee has their emailhacked Employee’s email history and contactsare studied Fraudulent requests for payments aremade to other businesses with whom theemployee has relationships 2017 RSM US LLP. All Rights Reserved.4
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersApril 6, 2017BEC – Method 4BEC – Method 5 (emerging) Attorney Data Theft Fraudsters impersonate lawyers orrepresentatives of law firms Victims are pressured to act quickly andsecretly Funds transfers are requested Usually happens late in the day 2017 RSM US LLP. All Rights Reserved. Business executive email is used Victim is usually HR or payroll employee Fraudulent request is usually for W-2information or other personally identifiableinformation (PII) First began happening in 2016 2017 RSM US LLP. All Rights Reserved.Preventing Business Email CompromiseRansomware Educate and train employees Be wary of any urgent request or pressure to act quickly Develop processes for wire transfers that require multipletypes of authorization Ensure all wire transfers correspond to an active purchaseorder in your system Purchase all domain names that are easily mistaken variantsof your main domain name Create email rules that flag external email Sanitize websites and social media of sensitive information Do not allow the same employee to initiate and approve wiretransfers If you are a victim, contact your financial institution and lawenforcement immediately. Usually not targeted 2017 RSM US LLP. All Rights Reserved. Victim data is encrypted and a ransom is demanded to decryptdata Ransom is paid via Bitcoin, wire transfers, and MoneyPak – alldifficult or impossible to trace Numerous variants with more appearing regularly 167 times as much ransomware in 2016 compared to 2015 Paying the ransom usually results in the decrypting of data 2017 RSM US LLP. All Rights Reserved.Ransomware (continued)Ransomware (continued) Ransoms typically range from 1 or 2 bitcoins to 100 ormore bitcoins FBI estimates 24 million was paid in 2015 (U.S.) For 2016, that number increased to nearly 1 billion Paying victims have included: Average ransom per machine was 294 in 2015 City and county governmentsPolice and Sherriff departmentsSchool districtsHospitalsInternational state governmentsBusinesses and organizations of all sizesHome users Average ransom per machine was 679 in 2016 Over 400 variants in the wild at the end of 2016 Currently the payload of choice for malicious email campaigns Ransomware toolkits are available on the Dark Web Relative anonymous nature of digital currency helps protect criminalactivity Studies show that 64% of victims pay the ransom 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.5
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersRansomware Example – Locky (2016’s biggest) 2017 RSM US LLP. All Rights Reserved.Ransomware Example 2017 RSM US LLP. All Rights Reserved.Ransomware Example - Demonslay 2017 RSM US LLP. All Rights Reserved.RSM US LLPApril 6, 2017Ransomware Example - PRISM 2017 RSM US LLP. All Rights Reserved.Ransomware Example - TeslaCrypt 2017 RSM US LLP. All Rights Reserved.Ransomware Example – Demonslay (continued) 2017 RSM US LLP. All Rights Reserved.6
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersRansomware Example – CryptoLocker 2017 RSM US LLP. All Rights Reserved.April 6, 2017Ransomware Example – CryptoWall 2017 RSM US LLP. All Rights Reserved.Ransomware Example – CryptoWall variantPrepare for Ransomware It is not a matter of IF, but a matter of WHEN Excellent user training can help avoidproblems Refine and restrict permissions to network files Frequent backups stored off-line Detection tools Test backup capabilities Get a Bitcoin wallet – just in case!Prevent 2017 RSM US LLP. All Rights Reserved.Quisque gravida imperdiet imperdiet. Praesent semper odio auctor eros ornare eleifend.Sed vitae congue justo. Donec placerat sed orci hendrerit vehicula. Nunc vel molestie nisi.Vestibulum dignissim rutrum metus sed maximus. Integer elementum leo arcu, quistristique leo bibendum eget. Duis ut enim a eros blandit efficitur. Donec vitae arcu ac nibhrhoncus varius quis eget tortor. Integer eget vulputate leo. Curabitur vitae augue sem.Phasellus vitae aliquet urna, quis tempor leo. Donec auctor in ante sit amet mattis.Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae;Nam dignissim elit eu neque dapibus, nec semper quam fringilla. Donec vel purus a loremvolutpat gravida at eu sapien. Praesent interdum scelerisque enim id elementum. Proineuismod tempus urna, quis condimentum nulla. Integer interdum iaculis lacinia. Maecenasid nibh ac magna imperdiet lacinia. Sed porta libero sit amet pellentesque bibendum. Proinin viverra nibh, nec pharetra odio. Maecenas bibendum nisl est, ut placerat nisi finibus sitamet. Pellentesque interdum dictum tortor non interdum. 2017 RSM US LLP. All Rights Reserved.RSM US LLPRespond 2017 RSM US LLP. All Rights Reserved.MalvertisingLorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse auctor nunc acmolestie vestibulum. Sed quis mauris sit amet odio finibus porta sed gravida nisi. Nullaconsequat sollicitudin ante sed tincidunt. Maecenas in malesuada leo. Integer vitae egestasex, ac bibendum lacus. Pellentesque luctus, neque vel fringilla euismod, dolor sapienhendrerit purus, a eleifend quam ex at enim. Maecenas in sagittis justo. Nunc gravida turpisnec rutrum sodales. Nam in auctor erat, quis pulvinar purus. Etiam turpis risus, egestas aegestas vitae, cursus in mauris. Mauris condimentum orci in nisi placerat, mattis dictum duitristique.DetectMalvertising (continued)Bored employee finds clubbingbaby seals on the Internet.What he does next will blowyour mind Online ads and videos that contain malwareOften displayed alongside reasonably-safe contentVery easy for curious users to accidently click onSome malvertising doesn’t even require a click – itrelies on vulnerabilities in Adobe Flash, etc.4 to 5x increase in malvertising per yearDifficult to detectAt times, exceeds ransomware detections“Kovter” is the most widely seen variant 2017 RSM US LLP. All Rights Reserved.7
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersApril 6, 2017Malvertising (continued)SOCIAL ENGINEERING 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.Social Engineering DefinitionsSocial EngineeringAny act that influences a person to take an action that may or may not be intheir best interest. Used to initiate or perpetuate acybercrime Why do the hard work when someoneelse will do it for you? Relies on human psychology Human’s curiosity, greed, orwillingness to help is used againstthem Most successfully-used vulnerability Most frequently-used exploitAn attack vector that relies heavily on human interaction and often involvestricking people into breaking normal security procedures.The art and science of getting people to comply with your wishes.Using non-technical or low-technology means – such as lies, impersonation,tricks, bribes, blackmail, and threats – to attack information systems.Hacking using brains instead of computer brawn. 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.Classic Example – Greeks and the Trojan HorseClassic Example - William Thompson Source of the current security term,“Trojan horse” Caused the term “confidence man” (conman) to be coined Relied on the Trojan’s human nature tobring the war trophy inside their gates Operated in New York City in the late1840s That night, the hidden soldiers exitedthe horse and opened the gates of Troy,letting in the Greek soldiers Simply asked people on the street ifthey would have confidence in him tohold their watch or money untiltomorrow People assumed he was an oldacquaintance 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.8
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersClassic Example – Joseph “Yellow Kid” WeilApril 6, 2017Classic Example – Frank Abagnale Used Social Engineering to: Started out in the 1890s selling an Elixirthat was mainly just rainwater Said, “A chap who wants something fornothing usually winds up with nothing forsomething” Often targeted bankers Sold fake claims to oil-rich land Swindled Benito Mussolini out of 2 millionby selling land he didn’t own Sold talking dogs Stole over 8 million in his lifetime 2017 RSM US LLP. All Rights Reserved. Defraud his father Commit bank fraud Impersonate professions: Airline pilotTeaching assistantDoctorAttorney Life story inspired the film,Catch Me If You Can, aBroadway musical, and anautobiography 2017 RSM US LLP. All Rights Reserved.Recent Example – Alcona County, MichiganRecent Example - Target Alcona County, Michigan treasurerembezzled 1.25 million of the county’s 4 million operating budget in 2007 One of the largest attacks of 2013 Used the money to pay a 419 scammer Attackers gained access by using aphishing email sent to Target’s HVACsubcontractor Nigerian prince Spanish prisoner The treasurer believed the emails fromthe scammer Received 14 years in prison 2017 RSM US LLP. All Rights Reserved.Real World Examples Hackers stole 40 million credit cardnumbers from POS systems Illustrated that the weakest link can be athird-party contractor, supplier, orpartner 2017 RSM US LLP. All Rights Reserved.Personal Example Small Town 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.9
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersSocial Engineering may have changed the worldApril 6, 2017Types of Social Engineering Pretexting Diversion Phishing Vishing / Phone Phishing Spear Phishing Water Holing Baiting Quid Pro Quo Tailgating 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.Types of Social Engineering - PretextingTypes of Social Engineering - Diversion Social engineer creates a fabricatedscenario Social engineer tricks the victim intodelivering goods or data to an unsafelocation May pose as a representative of alegitimate business that needssensitive information False sense of trust created Can involve physical element –showing up and pretending to besomeone they are not 2017 RSM US LLP. All Rights Reserved. Common con in the physical worldwhere delivery drivers are told tochange the delivery to a place “aroundthe corner” Persuades victim to send data to alocation that results in theft of data 2017 RSM US LLP. All Rights Reserved.Types of Social Engineering - PhishingTypes of Social Engineering – Vishing (Phone Phishing) Most common form of social engineering Social engineer sends an email to a huge list ofpotential victims Phishing using a telephone Estimated that 200 million are sent each day15 million of which make it through spam filtersAround 1/3 of those are opened12% of those opening messages click on the links10% of those who clicked share their information (about80,000 people per day) Email attempts to look like legitimate correspondencefrom a bank, credit card company, PayPal, Ebay, etc. Malicious code in the email Directs victim to a fake site where credentials arestolen Downloads and installs malware / ransomware 2017 RSM US LLP. All Rights Reserved.RSM US LLP Real human caller War dialer Victims receive phone calls from socialengineers attempting to steal personal dataor money May use caller ID spoofing Inbound vishing uses sophisticated IVRsystems Close cousin – “smishing” uses the sameconcept, but with text messaging (SMS) 2017 RSM US LLP. All Rights Reserved.10
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersApril 6, 2017Types of Social Engineering – Spear PhishingTypes of Social Engineering – Water Holing Targeted phishing / vishing Social engineer does research tomake phishing attempts moresuccessful Social engineers target anindustry, interest group,organization, etc. Company website Blogs Social media Spear phishing is often how businessemail compromise starts Goal is the same as with phishing: Steal credentials Install malware for further attacks 2017 RSM US LLP. All Rights Reserved. Website commonly used byvictims is studied and ultimatelycompromised Malicious code is delivered tousers who visit the site Code is used to gain accessinto victims’ computers 2017 RSM US LLP. All Rights Reserved.Types of Social Engineering – BaitingTypes of Social Engineering – Quid Pro Quo Social engineer lures the victiminto opening a malicious file,usually relying on curiosity or greed Physical media is often used Left in bathrooms, parking lots,break rooms, elevators, etc. Online forms of baiting includemalvertising, free downloads, etc. Payload usually gives attackersaccess to victims’ computers Social engineer tricks the victiminto doing something in exchangefor a service or action 2017 RSM US LLP. All Rights Reserved. Similar to baiting Often the social engineer poses asa company IT person and asks thevictim to perform some action inorder to upgrade their system 2017 RSM US LLP. All Rights Reserved.Types of Social Engineering – TailgatingStopping Social Engineering Typically a physical method of socialengineering Train employees Train employees Train employees Test employees Social engineer gains physical entry to asecure area Follows a legitimate employee Asks an employee for entry becausethey forgot their badge Poses as a delivery driver with manyboxes and asks to have door held 2017 RSM US LLP. All Rights Reserved.RSM US LLP Maintain as good security on allthe “technical parts” of theenvironment as absolutelypossible 2017 RSM US LLP. All Rights Reserved.11
Cybercrime ‐ Oklahoma Association ofCollege and University Business OfficersApril 6, 2017An Elite ClubANATOMY OF THE ATTACK 2017 RSM US LLP. All Rights Reserved. Ashley Madison CIA Director Home Depot Yahoo Vtech Toys Anthem Insurance LinkedIn Target Yahoo (again) Verizon US OPM Comcast The IRS Sony Juniper Wendy’s JP Morgan Chase WTO The White House iCloud / Apple Staples T-Mobile The FBI (your name here) 2017 RSM US LLP. All Rights Reserved.Anatomy of the Attack12345Phishingand zeroday tionWHAT CAN YOU DO? 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.Three basic steps to prevent cybercrime1: Get Real Understand and appreciate the threats thatexist Make cybersecurity an organizationalpriority from the board/CEO/owner down Never assume safety from anonymity, size,or geography Know that information security is a neverending project Recognize that you may be outnumberedbut you don’t have to be outsmarted1. Get Real2. Get Help3. Get Educated 2017 RSM US LLP. All Rights Reserved.RSM US LLP 2017 RSM US LLP. All Rights Reserved.12
Cybercrime ‐ Oklahoma Association ofCollege and University Business Officers2: Get HelpApril 6, 20173: Get Education Subscribe to cybersecurity newsletters andfeeds Keep cybersecurity a top-of-mind subjectthroughout the organization Provide cybersecurity and socialengineering training to employees Test employees for adherence tocybersecurity standards Understand what rights users have tonetwork resources Unless you are a huge company, you mostlikely cannot adequately handle allinformation security functions internally Perform security review, audit, assessment,etc., even if not required by regulation Enlist a vendor to assist with patchmanagement, anti-virus, etc. Order regular penetration tests and socialengineering tests 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.An ounce of prevention of vulnerability exploits occurmore than a year after thevulnerability was disclosedCLOSING THOUGHTS 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved. is 10 patches awayHumans of exploits occurred from a list ofjust 10 published vulnerabilities 2017 RSM US LLP. All Rights Reserved.RSM US LLPof recipients now open phishingmessages 2017 RSM US LLP. All Rights Reserved.13
Cybercrime ‐ Oklahoma Association ofCollege and University Business Officers often the weakest linkApril 6, 2017Too many privilegesof recipients click on phishingattachments 2017 RSM US LLP. All Rights Reserved.of insider incidents involve abuseof privileges 2017 RSM US LLP. All Rights Reserved.Passwords!of passwords are only8 characters long andcan be cracked inunder one day 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.This document contains general information, may be based on authorities that are subject to change, and is not a substitute for professional advice or services. This document does notconstitute audit, tax, consulting, business, financial, investment, legal or other professional advice, and you should consult a qualified professional advisor before taking any action basedon the information herein. RSM US LLP, its affiliates and related entities are not responsible for any loss resulting from or relating to reliance on this document by any person.RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSMInternational collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its ownacts and omissions, and not those of any other party. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International.RSM and the RSM logo are registered trademarks of RSM International Association. The power of being understood is a registered trademark of RSM US LLP. 2017 RSM US LLP. All Rights Reserved. 2017 RSM US LLP. All Rights Reserved.RSM US LLP14
Teller at New York Dime Savings Bank uses computer to funnel 1.5 million into his personal bank account 1981 First convicted felon of a cybercrime –“Captain Zap” who broke into AT&T computers 1983 UCLA student used a PC to break into the Def
hacking. Concept of Cybercrime. Concept of Cybercrime Underground Economy . Concept of Cybercrime. Concept of Cybercrime Phishing. Hacktivism Concept of Cybercrime. Cyberwar: Estonia Case Concept of Cybercrime "I felt the country was under attack by an invisible enemy. . . . It was
study.2 The collection of topics for consideration within a comprehensive study on cybercrime included the problem of cybercrime, legal responses to cybercrime, crime prevention and criminal justice capabilities and other responses to cybercrime, international organizations, and technical assistance.
Oklahoma Tax Commission, Motor Vehicle Division, Oklahoma City, Oklahoma. 5 Ibid. 6 Ibid. 7 Oklahoma Department of Public Safety. 8 Oklahoma Department of Transportation. Planning Division, Current Planning Branch, Oklahoma City, Oklahoma. 9 U.S. Census Bureau 20 Population Estimates by Place. CRASH SUMMARY 6 2019 2020 % Change Crashes per
The Oklahoma Bar Journal (ISSN 0030-1655) is published monthly, except June and July, by the Oklahoma Bar Association, 1901 N. Lincoln Boulevard, Oklahoma City, Oklahoma 73105. Periodicals postage paid at Oklahoma City, Okla. and at additional mailing offices. Subscriptions 60 per year that includes the Oklahoma Bar Journal
Oklahoma Bar Foundation 405-416-7070 www.okbar.org The Oklahoma Bar Journal (ISSN 0030-1655) is published three times a month in January, February, March, April, May, August, September, October November and December and bimonthly in June and July by the Oklahoma Bar Association, 1901 N. Lincoln Boulevard, Oklahoma City, Oklahoma 73105.
State of Oklahoma 2014 Oklahoma Economic Outlook Conference . Office of the Oklahoma Secretary of Energy & Environment . The Oklahoma First Energy Plan Enhance all forms of Oklahoma energy production Create jobs and grow the economy Reduce dependence on foreign oil Make the energy system smarter and
Masonry block construction in Haiti L. Holliday1, C. Ramseyer2 & F. H. Grant3 1Division of Construction Science, University of Oklahoma, Norman Oklahoma, USA 2Department of Civil Engineering, University of Oklahoma, Norman, Oklahoma, USA 3Department of Industrial Engineering, University of Oklahoma, Norman, Oklahoma, USA Abstract Most of the building failures in Haiti during the January 12th .
The Oklahoma Department of Commerce, Oklahoma Office of Emergency Management, Oklahoma Insurance Department, and the Greater Oklahoma City Partnership SPONSORED BY: The U.S. Department of Commerce, Economic Development Administration in partnership with the Federal Emergency Management Agency Oklahoma Economic Resilience Strategic
