04/10/23 1

A presentation byMuktesh Chander IPS

BE, LLB, MA(Cr.), DCL, DHRM, Cert. SQC & ORFIETE,MCSI

Addl. Commissioner of PoliceTraffic, Delhi Police

04/10/23 2

Global Scenario

• Global cyber crime is $ 105 billion industry which is more than global drug trafficking

• Economic meltdown and recession• Under employment/unemployment in IT sector• Cut down on IT security budget likely

04/10/23 3

Indian Scenario

• Booming software and BPO Industry• IT Revolution Digital Dependence• National E Governance program• Very few organisations in India have CISO and IT

Security budget• No law for privacy • No compliance laws and breach disclosure• No law against spamming• Limitations of IT Act 2000• Weak and delayed criminal Justice System

04/10/23 4

Indian Scenario

• Very few organisations in India have CISO and IT Security budget

04/10/23 5

Threats from

• Individuals • Organised cyber criminals• Rival organisations• Non state actors• Hostile states• Insiders/ex employees• Hactivists• Terrorist

Muktesh Chander

04/10/23 6

Cyber Crime in IndiaCity 2003 2004 2005 2006 2007 Total

Delhi 4 4 10 5 10 33

Bangalore* 7 14 38 27 40 126

Gurgaon 1 - 4  2  5 12

Chennai 6 10 20 7 4 47

Pune 4 6 9 10 14 43

Hyderabad 3 - - - 2 5

Sub-Total 25 34 77 49 70 255

Total India 60 68 179 142 217 666

Crime in India 2007

52.8% increase in 2007

Under IT Act

04/10/23 7

Current Threats in IndiaSecurity Incident

2004 2005 2005 2006

Phishing 3 101 339 392

Network scanning

Probing

11 40 177 223

Virus, malicious codes

5 95 19 358

Total 23 254 552 1237

Source: Cert-in

04/10/23 8

2008 CSI Computer crime survey

Global

04/10/23 9

Malicious activity by country

• Source: Symantec Corporation

04/10/23 10

Current threats: Malware• Virus attacks account for more than 50% of security

incidents. (CSI Survey 2008)

• In the last six months of 2007, Symantec detected 499,811 new malicious codes.

• 136 percent increase over the previous period, when 212,101 new threats were detected

• 1,122,311 total malicious codes identified by Symantec as of the end of 2007.

• Two thirds of all malicious code threats currently detected were created during 2007.

• Any kind of file can be infected (Flash, Adobe Pdf are the latest)

04/10/23 11

Malware• Malware toolkits, rootkits easily available• Malware writing and outsourcing for profit• Malware for sale• Blended threats• Mobile virus (cabir, commw.sis and its variants, curse of silence)

• Flash worm ?• Scareware

04/10/23 12

Phishing• Phising/Pharming/Vishing/Smishing

• Every month more than 20,000 unique phishing websites are detected affecting more than 200 brands

• Spearphishing attacks emerging

04/10/23 13

Phishing• Phishing scams showed sharp increase of

1126% over previous year.

• Symantec observes more than 7 million phishing attempts each day.

04/10/23 14

• E-bay• Amazon• Paypal• ICICI Bank• UTI Bank

TOP BRANDS AFFECTED BY PHISHING

ATTACKS

04/10/23 15

Electronic Fund Transfer

• Tim Berners Lee the father of WWW was a victim of online fraud (Computer world)

• In Nov 2008, 100 compromised card accounts resulted in $ 9 million fraudulent withdrawals from 130 ATM’s in 49 cities across the world in 30 minutes

04/10/23 1616

St. Petersburg

New York Germany

Israel

Netherlands

Finland

$10 million

London

San Francisco

Vladimir Levin a ,Russian ,stole $ 10 million from Citibank by computer fraud

04/10/23 17

Online grooming ,sexual exploitation and abuse of children

• Sec 67 B (B),(C) inserted in IT Act Amendment

04/10/23 18

Cyber Vandalism /graffiti

Source:Cert in

Indian TLD websites defaced during 2007

04/10/23 19

Spam

• Accounts for more than ½ to 2/3 of all e-mails or even 90% ?

• Responsible for phishing, 419 scams and spread of malware, identity theft and other cyber crimes, choking of bandwidth ,wastage of time

• India is in the top 10 spam sending countries

04/10/23 20

Spam

04/10/23 21

Cyber Pornography

• Cyber pornography accounts for 46% of all cyber crimes under IT Act (Crime in India 2007)

• Every second - 28,258 Internet users are viewing pornography

• The pornography industry is larger than the revenues of the top technology companies combined: Microsoft, Google, Amazon, eBay, Yahoo !, Apple, Netflix and EarthLink

Source :http://www.internet-filter-review.toptenreviews.com/internet-pornography-statistics.html

04/10/23 22

Cyber Pornography

• is one of the easiest way of installing malware.

04/10/23 23

Botnets

• Collection of compromised computers

• Centralized control

04/10/23 24

DDOS Attack using BOTS

04/10/23 25

Botnets

• Source: Symantec Corporation 5 million distinct bots

04/10/23 26

Botnet tracked in India

• 25915 from June 2007 to Dec 2007

• Source CERT In

04/10/23 27

Botnet

• In Aug 2008 Dutch police apprehended Leni De with help from FBI and Brazilian police for running a botnet of 100,000 computers

• Source CERT In

04/10/23 28

Use of Encryption by criminals/terrorists

• Strong encryption tools easily available many for free

• PGP

• Steganography

• Digital signatures (no key escrow in India)

• Sec 69 IT Act is of no use

04/10/23 29

Underground market servers

Source: Adapted from Symantec 2007

04/10/23 30

Industrial Espionage

• Several countries and companies are indulging in Industrial espionage clandestinely

• Employees reveal a lot in their personal E mails and social networking sites

• s

04/10/23 31

Theft of Mobile Devices

• 42 % respondents reported case of laptop theft (CSI Survey 2008)

• Separate offence created under IT Act Amendment

04/10/23 32

Threat to Embedded Systems

• Complex and unknown

• Becoming common

• Involve third party

04/10/23 33

Identity Theft

• Estimated more than 9 million incidents each year (NIJ ,US Report)

• Separate offence created under IT Act Amendment

04/10/23 34

Insider Abuse

• By disgruntled present of Ex employees

• 44% respondents reported insider abuse

(CSI Survey 2008)

04/10/23 35

Other cyber crimes

• Hacking

• Denial of service attacks

• Data diddling

• Cyber stalking

• Cyber squatting

• IPR Violations• Mobile cloning (Both GSM and CDMA)

04/10/23 36

Cyber skirmishes

04/10/23 37

2000 Hackers holy war between Israel and Palestine 2001 There was a war between Chinese and American

hackers

04/10/23 38

04/10/23 39

04/10/23 40

04/10/23 41

Cyber terrorism

04/10/23 4242Muktesh Chander

CII MeansInformation & Communication Systemsconnected with : National Security Public Safety Public Health Critical Sectors of Economy

Critical Information Infrastructure

04/10/23 43

Likely targets of cyber terrorism Power grids (nuclear power stations)

Banking and Financial systems Stock Exchanges Transportation Control systems

MRTS, ATC, Rail/Airlines reservations Tele-Communications Gas / Oil / Water Pipelines control systems Internet Backbones Health/Food Emergency services Military/Defense Installations Attack on C4 I

04/10/23 44

• Estonia a Baltic nation with population of only 1.4 million people

• One of the most wired nations• Pioneer in E Governance• Almost 100% citizen use online banking• Every citizen has PKI enabled I card with

embedded chip• Online elections

Estonia Attack

04/10/23 45

• Govt. relocated 2nd world war Red Army memorial (a Bronze statue)

• On April 2007 computers of Estonian Parliament, banks, ministries, newspapers and broadcasters, political parties etc.were targets for cyber attack using DDOs, spam botnets etc.

• Attack continued for three weeks• Cyberterrorists & defenders both acted in adhoc

manner

Contd..

Estonia Attack

04/10/23 46

• An Estonian court has convicted the first individual in the 2007 cyber attacks against Estonia.

• "Dmitri Galushkevich an ethnic Russian used his home PC to launch a denial-of-service attack that knocked down the Web site for the political party of Estonia's prime minister for several days..."

• He was fined 17,500 kroons (approx. US$ 1,642).

Contd..

Estonia Attack

04/10/23 47

• Konstantin Goloskokov(22), an activist with Russia's Nashi youth group and aide to a pro-Kremlin member of parliament has admitted having organised the attack as an act of civil disobedience. Sergeiei Markov, a Russian State Duma Deputy has corroborated the facts

(Mar.12,2009,SC Magazine)

Contd..

Estonia Attack

04/10/23 48

Trends

• Prediction in a fast changing and evolving field is difficult

• Law of exponential return of technological changes

04/10/23 49

Current Trends in cyber crime

Following trends are clearly visible:-

1. The time to exploit vulnerability is decreasing.

2. Cyber crimes are being committed with financial gains in mind

3. The attack sophistication is increasing and more automation can be seen in attacks.

4. The speed of spread of an attacks is increasing.  

 

04/10/23 50

Current Trends in cyber crime

5. The attacks are more targetted than before.

6. Phishing is increasing on SMS, Telephone & other platforms.

7. Coordinated automatic attacks by remotely controlled Bots for DDoS, for sending SPAM and other such malicious purposes are showing increasing trend and will pose biggest threat to Information Security.

04/10/23 51

Current Trends in cyber crime

8. Mobile connectivity using WiFi technology and convegence of mobile phones with PDAs and other wireless devices will add another dimension to cyber crime.

9. There is growing evidence of organized crime and cyber crime are beginning to overlap with activities of drug mafia, pedophiles, international money laundering people who use Internet to coordinate their activities.  

04/10/23 52

Current Trends in cyber crime

10.Industrial espionage increasing

11.Political ideologists have started using hactivism to propagate their ideas through Internet and the electronic civil disobedience activities are surfacing.

12.Terrorist organizations are increasingly using Internet communication and cryptography to secretly communicate and organize their activities.

13.State sponsored Cyber war

04/10/23 53

Current Trends in cyber crime

14.Cyber crime would increase on social networking sites

15.Web 2.0

16.Data is becoming primary focus of cyber crime

17.Netbook, Ipod touch, Smart phones, 3G enabled phones will be affected

18.Used and stolen hardware will be source of data loss

04/10/23 54

Future

20.Stock market manipulations. Pump and dump schemes

21.Skimming of Card information directly from ATM

22.SPAM will transform in SPIM and SPIT

04/10/23 55

1.Recent spate of Phishing activities

2.Numbers of cases of data theft from BPO and call center companies R

3.Risk from third party relationship.

Current Trends in India

04/10/23 56

4.Recent theft of sensitive information in electronic form from National Security Council Secretariat has added another dimension to Information Security in the country.

5.Adequate attention towards management of information security and a very few companies have gone for information needed

Current Trends in India

04/10/23 57

6.The most serious gap in implementation of information security management is threat from insiders and ex-employees.

7.The widespread absence of even the most routine security tools and policies has left many Indian companies vulnerable to serious attack and the inevitable financial losses that follow.

8.User education and awareness is of utmost importance in Business to Customers models such as Internet banking, online auction and shopping.

Current Trends in India

04/10/23 58

6.Use of Digital signature still rare

Current Trends in India

04/10/23 59

Questions?