Cyber Security :1 Cyber Security N SUSHIL KANNAN
Jt. Asstt. Director
National Crime Records Bureau
Duration : 60 Minutes
Going about :2 Going about Understanding Information Security
Safeguarding methodologies
Q & A Session
What is Cyberspace? :3 What is Cyberspace? Cyberspace is a worldwide network of computers and the equipment that connects them, which by its very design is free and open to the public (the Internet)
The problem has gotten more prevalent with always-on, high-speed internet access. Attackers are always out there looking for that type of computer
What is Cyberspace? :4 What is Cyberspace? As long as your computer is connected to the internet, that connection can go both ways.
The attackers are mostly malicious pranksters, looking to access personal and business machines or disrupt net service with virus programs proliferated via email, usually just to prove they can.
However, there are also more serious attackers out there whose goals could range from mining valuable data (your credit card or bank information, design secrets, research secrets, etc) to even disrupting critical systems like the stock market, power grids, air-traffic controllers programs, and the most dangerous-our nuclear weapons
Cyberspace as a Battleground? :5 Cyberspace as a Battleground? Each day, there is an increase in the number of threats against our nation's critical infrastructures.
These threats come in the form of computer intrusion (hacking), denial of service attacks, and virus deployment.
Slide 6:6 Web Evolution
Growing Concern :7 7 Growing Concern Computing Technology has turned against us
Exponential growth in security incidents
Pentagon, US in 2007
Estonia in April 2007
Computer System of German Chancellory and three Ministries
Highly classified computer network in New Zealand & Australia
Complex and target oriented software
Common computing technologies and systems
Constant probing and mapping of network systems
Slide 8:8 8 8 Infrastructure in India
Slide 9:9 9 Complexity in Network
Cyber Threat Evolution :10 Cyber Threat Evolution Virus Breaking Web Sites Malicious Code (Melissa) Advanced Worm / Trojan (I LOVE YOU) Identity Theft (Phishing) Organised Crime
Data Theft, DoS / DDoS 1995 2000 2003-04 2005-06 2007-08 1977
Cyber attacks being observed :11 Cyber attacks being observed Web defacement
Spam
Spoofing
Proxy Scan
Denial of Service
Distributed Denial of Service
Malicious Codes
Virus
Bots
Data Theft and Data Manipulation
Identity Theft
Financial Frauds
Social engineering Scams
Slide 12:12 12 Incidents reported in 2008
Trends of Incidents :13 Trends of Incidents Sophisticated attacks
Attackers are refining their methods and consolidating assets to create global networks that support coordinated criminal activity
Rise of Cyber Spying and Targeted attacks
Mapping of network, probing for weakness/vulnerabilities
Malware propagation through Spam on the rise
Storm worm, which is one of the most notorious malware programs seen during 2007-08, circulates through spam
Trends of Incidents :14 Trends of Incidents Phishing
Increase in cases of fast-flux phishing and rock-phish
Domain name phishing and Registrar impersonation
Crimeware
Targeting personal information for financial frauds
Information Stealing through social networking sites
Rise in Attack toolkits
Toolkits like Mpack and Neospolit can launch exploits for browser and client-side vulnerabilities against users who visit a malicious or compromised sites
Global Attack Trend :15 Global Attack Trend Source: Websense
Slide 16:16 16 Top Malicious Code Originating Countries
Three faces of cyber crime :17 17 Three faces of cyber crime Organized Crime
Terrorist Groups
Nation States
Slide 18:18 Security of information & information assets is becoming a major area of concern
With every new application, newer vulnerabilities crop up, posing immense challenges to those who are mandated to protect the IT assets
Coupled with this host of legal requirements and international business compliance requirements on data protection and privacy place a huge demand on IT/ITES/BPO service organizations
We need to generate ‘Trust & Confidence’ Security of Information Assets
Virus ProfilesNimda (note the garbage in the subject) :19 Virus ProfilesNimda (note the garbage in the subject) Sircam
(note the “personal” text)
Both emails have executable attachments with the virus payload.
Slide 20:20 Trojan Horse arrives via email or software like free games. Trojan Horse is activated when the software or attachment is executed. Trojan Horse releases virus, monitors computer activity, installs backdoor, or transmits information to hacker. Trojan horse attack
Denial of Service Attacks :21 Denial of Service Attacks In a denial of service attack, a hacker compromises a system and uses that system to attack the target computer, flooding it with more requests for services than the target can handle. In a distributed denial of service attack, hundreds of computers (known as a zombies) are compromised, loaded with DOS attack software and then remotely activated by the hacker.
Spamming Attacks :22 Spamming Attacks Sending out e-mail messages in bulk. It’s electronic “junk mail.”
Spamming can leave the information system vulnerable to overload.
Less destructive, used extensively for e-marketing purposes.
What Does it Mean- “Security”? :23 What Does it Mean- “Security”? “Security” is the quality or state of being secure--to be free from danger. But what are the types of security we have to be concern with?
Physical security - addresses the issues necessary to protect the physical items, objects or areas of an organization from unauthorized access and misuse.
Personal security - addresses the protection of the individual or group of individuals who are authorized to access the organization and its operations.
Operations security- protection of the details of a particular operation or series of activities.
What Does it Mean- “Security”? :24 What Does it Mean- “Security”? Communications security - concerned with the protection of an organization’s communications media, technology, and content.
Network security is the protection of networking components, connections, and contents.
Information Security – protection of information and its critical elements, including the systems and hardware that use, store, or transmit that information.
Slide 25:25 Shoulder surfing takes many forms. Some may not be obvious.
Slide 26:26 Traditional Hacker Profile*:
“juvenile, male, delinquent, computer genius” Modern Hacker Profile:
“age 12-60, male or female, unknown background, with varying technological skill levels. May be internal or external to the organization”
The Dilemma of Security :27 The Dilemma of Security The problem that we cannot get away from in computer security is that we can only have good security if everyone understands what security means, and agrees with the need for security.
Security is a social problem, because it has no meaning until a person defines what it means to them.
The harsh reality is the following: In practice, most users have little or no understanding of security. This is our biggest security hole.
Slide 28:28 Hacker Remote System Computer as Subject of Crime
Computer as Object of Crime Internet
Biometrics Devices :29 Biometrics Devices
Biometrics Devices :30 Biometrics Devices
Biometrics Devices :31 Biometrics Devices
Machine Overtake Mankind :32 2010 1990 1985 1980 2005 2000 1995 2015 50 75 100 25 0 % Network Traffic Mankind Machines Machines 8Bn 90Bn Machine Overtake Mankind 2009
Internet Security – Concluding Remark :33 Internet Security – Concluding Remark “The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn’t stake my life on it.”
Professor Gene Spafford
Q & A :Q & A “It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change”
Charles Darwin Survival…..
ThanQ! :35 ThanQ! N. SUSHIL KANNAN
sushilkannan@ncrb.nic.in