current threats and trends
Post on 19-Jan-2015
280 Views
Preview:
DESCRIPTION
TRANSCRIPT
04/10/23 1
A presentation byMuktesh Chander IPS
BE, LLB, MA(Cr.), DCL, DHRM, Cert. SQC & ORFIETE,MCSI
Addl. Commissioner of PoliceTraffic, Delhi Police
04/10/23 2
Global Scenario
• Global cyber crime is $ 105 billion industry which is more than global drug trafficking
• Economic meltdown and recession• Under employment/unemployment in IT sector• Cut down on IT security budget likely
04/10/23 3
Indian Scenario
• Booming software and BPO Industry• IT Revolution Digital Dependence• National E Governance program• Very few organisations in India have CISO and IT
Security budget• No law for privacy • No compliance laws and breach disclosure• No law against spamming• Limitations of IT Act 2000• Weak and delayed criminal Justice System
04/10/23 4
Indian Scenario
• Very few organisations in India have CISO and IT Security budget
04/10/23 5
Threats from
• Individuals • Organised cyber criminals• Rival organisations• Non state actors• Hostile states• Insiders/ex employees• Hactivists• Terrorist
Muktesh Chander
04/10/23 6
Cyber Crime in IndiaCity 2003 2004 2005 2006 2007 Total
Delhi 4 4 10 5 10 33
Bangalore* 7 14 38 27 40 126
Gurgaon 1 - 4 2 5 12
Chennai 6 10 20 7 4 47
Pune 4 6 9 10 14 43
Hyderabad 3 - - - 2 5
Sub-Total 25 34 77 49 70 255
Total India 60 68 179 142 217 666
Crime in India 2007
52.8% increase in 2007
Under IT Act
04/10/23 7
Current Threats in IndiaSecurity Incident
2004 2005 2005 2006
Phishing 3 101 339 392
Network scanning
Probing
11 40 177 223
Virus, malicious codes
5 95 19 358
Total 23 254 552 1237
Source: Cert-in
04/10/23 8
2008 CSI Computer crime survey
Global
04/10/23 9
Malicious activity by country
• Source: Symantec Corporation
04/10/23 10
Current threats: Malware• Virus attacks account for more than 50% of security
incidents. (CSI Survey 2008)
• In the last six months of 2007, Symantec detected 499,811 new malicious codes.
• 136 percent increase over the previous period, when 212,101 new threats were detected
• 1,122,311 total malicious codes identified by Symantec as of the end of 2007.
• Two thirds of all malicious code threats currently detected were created during 2007.
• Any kind of file can be infected (Flash, Adobe Pdf are the latest)
04/10/23 11
Malware• Malware toolkits, rootkits easily available• Malware writing and outsourcing for profit• Malware for sale• Blended threats• Mobile virus (cabir, commw.sis and its variants, curse of silence)
• Flash worm ?• Scareware
04/10/23 12
Phishing• Phising/Pharming/Vishing/Smishing
• Every month more than 20,000 unique phishing websites are detected affecting more than 200 brands
• Spearphishing attacks emerging
04/10/23 13
Phishing• Phishing scams showed sharp increase of
1126% over previous year.
• Symantec observes more than 7 million phishing attempts each day.
04/10/23 14
• E-bay• Amazon• Paypal• ICICI Bank• UTI Bank
TOP BRANDS AFFECTED BY PHISHING
ATTACKS
04/10/23 15
Electronic Fund Transfer
• Tim Berners Lee the father of WWW was a victim of online fraud (Computer world)
• In Nov 2008, 100 compromised card accounts resulted in $ 9 million fraudulent withdrawals from 130 ATM’s in 49 cities across the world in 30 minutes
04/10/23 1616
St. Petersburg
New York Germany
Israel
Netherlands
Finland
$10 million
London
San Francisco
Vladimir Levin a ,Russian ,stole $ 10 million from Citibank by computer fraud
04/10/23 17
Online grooming ,sexual exploitation and abuse of children
• Sec 67 B (B),(C) inserted in IT Act Amendment
04/10/23 18
Cyber Vandalism /graffiti
Source:Cert in
Indian TLD websites defaced during 2007
04/10/23 19
Spam
• Accounts for more than ½ to 2/3 of all e-mails or even 90% ?
• Responsible for phishing, 419 scams and spread of malware, identity theft and other cyber crimes, choking of bandwidth ,wastage of time
• India is in the top 10 spam sending countries
04/10/23 20
Spam
04/10/23 21
Cyber Pornography
• Cyber pornography accounts for 46% of all cyber crimes under IT Act (Crime in India 2007)
• Every second - 28,258 Internet users are viewing pornography
• The pornography industry is larger than the revenues of the top technology companies combined: Microsoft, Google, Amazon, eBay, Yahoo !, Apple, Netflix and EarthLink
Source :http://www.internet-filter-review.toptenreviews.com/internet-pornography-statistics.html
04/10/23 22
Cyber Pornography
• is one of the easiest way of installing malware.
04/10/23 23
Botnets
• Collection of compromised computers
• Centralized control
04/10/23 24
DDOS Attack using BOTS
04/10/23 25
Botnets
• Source: Symantec Corporation 5 million distinct bots
04/10/23 26
Botnet tracked in India
• 25915 from June 2007 to Dec 2007
• Source CERT In
04/10/23 27
Botnet
• In Aug 2008 Dutch police apprehended Leni De with help from FBI and Brazilian police for running a botnet of 100,000 computers
• Source CERT In
04/10/23 28
Use of Encryption by criminals/terrorists
• Strong encryption tools easily available many for free
• PGP
• Steganography
• Digital signatures (no key escrow in India)
• Sec 69 IT Act is of no use
04/10/23 29
Underground market servers
Source: Adapted from Symantec 2007
04/10/23 30
Industrial Espionage
• Several countries and companies are indulging in Industrial espionage clandestinely
• Employees reveal a lot in their personal E mails and social networking sites
• s
04/10/23 31
Theft of Mobile Devices
• 42 % respondents reported case of laptop theft (CSI Survey 2008)
• Separate offence created under IT Act Amendment
04/10/23 32
Threat to Embedded Systems
• Complex and unknown
• Becoming common
• Involve third party
04/10/23 33
Identity Theft
• Estimated more than 9 million incidents each year (NIJ ,US Report)
• Separate offence created under IT Act Amendment
04/10/23 34
Insider Abuse
• By disgruntled present of Ex employees
• 44% respondents reported insider abuse
(CSI Survey 2008)
04/10/23 35
Other cyber crimes
• Hacking
• Denial of service attacks
• Data diddling
• Cyber stalking
• Cyber squatting
• IPR Violations• Mobile cloning (Both GSM and CDMA)
04/10/23 36
Cyber skirmishes
04/10/23 37
2000 Hackers holy war between Israel and Palestine 2001 There was a war between Chinese and American
hackers
04/10/23 38
04/10/23 39
04/10/23 41
Cyber terrorism
04/10/23 4242Muktesh Chander
CII MeansInformation & Communication Systemsconnected with : National Security Public Safety Public Health Critical Sectors of Economy
Critical Information Infrastructure
04/10/23 43
Likely targets of cyber terrorism Power grids (nuclear power stations)
Banking and Financial systems Stock Exchanges Transportation Control systems
MRTS, ATC, Rail/Airlines reservations Tele-Communications Gas / Oil / Water Pipelines control systems Internet Backbones Health/Food Emergency services Military/Defense Installations Attack on C4 I
04/10/23 44
• Estonia a Baltic nation with population of only 1.4 million people
• One of the most wired nations• Pioneer in E Governance• Almost 100% citizen use online banking• Every citizen has PKI enabled I card with
embedded chip• Online elections
Estonia Attack
04/10/23 45
• Govt. relocated 2nd world war Red Army memorial (a Bronze statue)
• On April 2007 computers of Estonian Parliament, banks, ministries, newspapers and broadcasters, political parties etc.were targets for cyber attack using DDOs, spam botnets etc.
• Attack continued for three weeks• Cyberterrorists & defenders both acted in adhoc
manner
Contd..
Estonia Attack
04/10/23 46
• An Estonian court has convicted the first individual in the 2007 cyber attacks against Estonia.
• "Dmitri Galushkevich an ethnic Russian used his home PC to launch a denial-of-service attack that knocked down the Web site for the political party of Estonia's prime minister for several days..."
• He was fined 17,500 kroons (approx. US$ 1,642).
Contd..
Estonia Attack
04/10/23 47
• Konstantin Goloskokov(22), an activist with Russia's Nashi youth group and aide to a pro-Kremlin member of parliament has admitted having organised the attack as an act of civil disobedience. Sergeiei Markov, a Russian State Duma Deputy has corroborated the facts
(Mar.12,2009,SC Magazine)
Contd..
Estonia Attack
04/10/23 48
Trends
• Prediction in a fast changing and evolving field is difficult
• Law of exponential return of technological changes
04/10/23 49
Current Trends in cyber crime
Following trends are clearly visible:-
1. The time to exploit vulnerability is decreasing.
2. Cyber crimes are being committed with financial gains in mind
3. The attack sophistication is increasing and more automation can be seen in attacks.
4. The speed of spread of an attacks is increasing.
04/10/23 50
Current Trends in cyber crime
5. The attacks are more targetted than before.
6. Phishing is increasing on SMS, Telephone & other platforms.
7. Coordinated automatic attacks by remotely controlled Bots for DDoS, for sending SPAM and other such malicious purposes are showing increasing trend and will pose biggest threat to Information Security.
04/10/23 51
Current Trends in cyber crime
8. Mobile connectivity using WiFi technology and convegence of mobile phones with PDAs and other wireless devices will add another dimension to cyber crime.
9. There is growing evidence of organized crime and cyber crime are beginning to overlap with activities of drug mafia, pedophiles, international money laundering people who use Internet to coordinate their activities.
04/10/23 52
Current Trends in cyber crime
10.Industrial espionage increasing
11.Political ideologists have started using hactivism to propagate their ideas through Internet and the electronic civil disobedience activities are surfacing.
12.Terrorist organizations are increasingly using Internet communication and cryptography to secretly communicate and organize their activities.
13.State sponsored Cyber war
04/10/23 53
Current Trends in cyber crime
14.Cyber crime would increase on social networking sites
15.Web 2.0
16.Data is becoming primary focus of cyber crime
17.Netbook, Ipod touch, Smart phones, 3G enabled phones will be affected
18.Used and stolen hardware will be source of data loss
04/10/23 54
Future
20.Stock market manipulations. Pump and dump schemes
21.Skimming of Card information directly from ATM
22.SPAM will transform in SPIM and SPIT
04/10/23 55
1.Recent spate of Phishing activities
2.Numbers of cases of data theft from BPO and call center companies R
3.Risk from third party relationship.
Current Trends in India
04/10/23 56
4.Recent theft of sensitive information in electronic form from National Security Council Secretariat has added another dimension to Information Security in the country.
5.Adequate attention towards management of information security and a very few companies have gone for information needed
Current Trends in India
04/10/23 57
6.The most serious gap in implementation of information security management is threat from insiders and ex-employees.
7.The widespread absence of even the most routine security tools and policies has left many Indian companies vulnerable to serious attack and the inevitable financial losses that follow.
8.User education and awareness is of utmost importance in Business to Customers models such as Internet banking, online auction and shopping.
Current Trends in India
04/10/23 58
6.Use of Digital signature still rare
Current Trends in India
04/10/23 59
Questions?
top related