Cyber Security :
1 Cyber Security N SUSHIL KANNAN Jt. Asstt.
Director National Crime Records Bureau Duration :
60 Minutes
Going about :
2 Going about Understanding Information Security
Safeguarding methodologies Q & A Session
What is Cyberspace? :
3 What is Cyberspace? Cyberspace is a worldwide
network of computers and the equipment that
connects them, which by its very design is free and
open to the public (the Internet) The problem has
gotten more prevalent with always-on, high-speed
internet access. Attackers are always out there
looking for that type of computer
What is Cyberspace? :
4 What is Cyberspace? As long as your computer
is connected to the internet, that connection can go
both ways. The attackers are mostly malicious
pranksters, looking to access personal and
business machines or disrupt net service with virus
programs proliferated via email, usually just to
prove they can. However, there are also more
serious attackers out there whose goals could
range from mining valuable data (your credit card
or bank information, design secrets, research
secrets, etc) to even disrupting critical systems like
the stock market, power grids, air-traffic controllers
programs, and the most dangerous-our nuclear
weapons
Cyberspace as a Battleground? :
5 Cyberspace as a Battleground? Each day, there
is an increase in the number of threats against our
nation's critical infrastructures. These threats come
in the form of computer intrusion (hacking), denial
of service attacks, and virus deployment.
Slide 6:
6 Web Evolution
Growing Concern :
7 7 Growing Concern Computing Technology has
turned against us Exponential growth in security
incidents Pentagon, US in 2007 Estonia in April
2007 Computer System of German Chancellory
and three Ministries Highly classified computer
network in New Zealand & Australia Complex and
target oriented software Common computing
technologies and systems Constant probing and
mapping of network systems
Slide 8:
8 8 8 Infrastructure in India
Slide 9:
9 9 Complexity in Network
Cyber Threat Evolution :
10 Cyber Threat Evolution Virus Breaking Web
Sites Malicious Code (Melissa) Advanced Worm /
Trojan (I LOVE YOU) Identity Theft (Phishing)
Organised Crime Data Theft, DoS / DDoS 1995
2000 2003-04 2005-06 2007-08 1977
Cyber attacks being observed :
11 Cyber attacks being observed Web defacement
Spam Spoofing Proxy Scan Denial of Service
Distributed Denial of Service Malicious Codes
Virus Bots Data Theft and Data Manipulation
Identity Theft Financial Frauds Social engineering
Scams
Slide 12:
12 12 Incidents reported in 2008
Trends of Incidents :
13 Trends of Incidents Sophisticated attacks
Attackers are refining their methods and
consolidating assets to create global networks that
support coordinated criminal activity Rise of Cyber
Spying and Targeted attacks Mapping of network,
probing for weakness/vulnerabilities Malware
propagation through Spam on the rise Storm worm,
which is one of the most notorious malware
programs seen during 2007-08, circulates through
spam
Trends of Incidents :
14 Trends of Incidents Phishing Increase in cases
of fast-flux phishing and rock-phish Domain name
phishing and Registrar impersonation Crimeware
Targeting personal information for financial frauds
Information Stealing through social networking
sites Rise in Attack toolkits Toolkits like Mpack and
Neospolit can launch exploits for browser and
client-side vulnerabilities against users who visit a
malicious or compromised sites
Global Attack Trend :
15 Global Attack Trend Source: Websense
Slide 16:
16 16 Top Malicious Code Originating Countries
Three faces of cyber crime :
17 17 Three faces of cyber crime Organized Crime
Terrorist Groups Nation States
Slide 18:
18 Security of information & information assets is
becoming a major area of concern With every new
application, newer vulnerabilities crop up, posing
immense challenges to those who are mandated to
protect the IT assets Coupled with this host of legal
requirements and international business
compliance requirements on data protection and
privacy place a huge demand on IT/ITES/BPO
service organizations We need to generate ‘Trust &
Confidence’ Security of Information Assets
Virus ProfilesNimda (note the garbage in the
subject) :
19 Virus ProfilesNimda (note the garbage in the
subject) Sircam (note the “personal” text) Both
emails have executable attachments with the virus
payload.
Slide 20:
20 Trojan Horse arrives via email or software like
free games. Trojan Horse is activated when the
software or attachment is executed. Trojan Horse
releases virus, monitors computer activity, installs
backdoor, or transmits information to hacker.
Trojan horse attack
Denial of Service Attacks :
21 Denial of Service Attacks In a denial of service
attack, a hacker compromises a system and uses
that system to attack the target computer, flooding
it with more requests for services than the target
can handle. In a distributed denial of service attack,
hundreds of computers (known as a zombies) are
compromised, loaded with DOS attack software
and then remotely activated by the hacker.
Spamming Attacks :
22 Spamming Attacks Sending out e-mail
messages in bulk. It’s electronic “junk mail.”
Spamming can leave the information system
vulnerable to overload. Less destructive, used
extensively for e-marketing purposes.
What Does it Mean- “Security”? :
23 What Does it Mean- “Security”? “Security” is the
quality or state of being secure--to be free from
danger. But what are the types of security we have
to be concern with? Physical security - addresses
the issues necessary to protect the physical items,
objects or areas of an organization from
unauthorized access and misuse. Personal
security - addresses the protection of the individual
or group of individuals who are authorized to
access the organization and its operations.
Operations security- protection of the details of a
particular operation or series of activities.
What Does it Mean- “Security”? :
24 What Does it Mean- “Security”?
Communications security - concerned with the
protection of an organization’s communications
media, technology, and content. Network security
is the protection of networking components,
connections, and contents. Information Security –
protection of information and its critical elements,
including the systems and hardware that use,
store, or transmit that information.
Slide 25:
25 Shoulder surfing takes many forms. Some may
not be obvious.
Slide 26:
26 Traditional Hacker Profile*: “juvenile, male,
delinquent, computer genius” Modern Hacker
Profile: “age 12-60, male or female, unknown
background, with varying technological skill levels.
May be internal or external to the organization”
The Dilemma of Security :
27 The Dilemma of Security The problem that we
cannot get away from in computer security is that
we can only have good security if everyone
understands what security means, and agrees with
the need for security. Security is a social problem,
because it has no meaning until a person defines
what it means to them. The harsh reality is the
following: In practice, most users have little or no
understanding of security. This is our biggest
security hole.
Slide 28:
28 Hacker Remote System Computer as Subject of
Crime Computer as Object of Crime Internet
Biometrics Devices :
29 Biometrics Devices
Biometrics Devices :
30 Biometrics Devices
Biometrics Devices :
31 Biometrics Devices
Machine Overtake Mankind :
32 2010 1990 1985 1980 2005 2000 1995 2015 50
75 100 25 0 % Network Traffic Mankind Machines
Machines 8Bn 90Bn Machine Overtake Mankind
2009
Internet Security – Concluding Remark :
33 Internet Security – Concluding Remark “The
only system which is truly secure is one which is
switched off and unplugged, locked in a titanium
lined safe, buried in a concrete bunker, and is
surrounded by nerve gas and very highly paid
armed guards. Even then, I wouldn’t stake my life
on it.” Professor Gene Spafford