Cyber crime trends in 2013


Published on

Cyber Crime trends 2013

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Here is an example of our approach in action. This is the Koobface attack, which is still active in the wild.Starts as a link to a non-existent video on a malicious site sent via IM, email, or webmail. The first layer of protection is web filtering to block access to the site. If the user clicks on the link, he would receive a phony alert telling him his player is not working, and to download a non-existent new version on a malicious site. By clicking on the “OK” button on the phony Error message, the user is actually instructing his system to install the virus. Antivirus protection would detect the file that the user is trying to install, and block itOnce installed, the worm would try to propagate. The IPS technology would detect the propagation effort, and block it before it could succeed.
  • Cyber crime trends in 2013

    1. 1. LHSSS-4 Cyber Crime Trends in 2013 Harsh Jangra Director – Technical Operations (Security)
    2. 2. About Myself Harsh Jangra IMS Tech Manager Director – Technical Operations (Security) MCSE (Microsoft Certified Solutions Expert), MCT, MCITP-Ent Administrator, MVP, CCNA,CCNA-Security CCNP, JN-CIS etc.. Speaker – TechDays, Microsoft Virtual Academy, Microsoft FLC Email : Harsh .
    3. 3. What is Cyber Terrorism?• Online Scams • Identity Theft » Auctions : Selling and buying » Social Engineering goods online has become popular • Forgery » Security flaws• Fraud » Credit-Cards • Scams and Biometrics » ATM’s and » Crime Fighting and Privacy Telecommunications• Embezzlement and Sabotage » Insider Attacks
    4. 4. This is an International Problem.. • International Trends in Cyber Crime » Backdrop • Insecure Web Infrastructure, Constantly evolving Technology • Cloud Computing, System Virtualization • Cyber Threats » Malware, Intrusions, SPAM, Financial fraud » Child exploitation • Social Websites, Trojans Attacks, Access Computer resources
    5. 5. The Transit Layer
    6. 6. Attacks are increasingly easy to conduct Email propagation of malicious code DDoS attacks Skill level needed by attackers “Stealth”/advanced scanning techniques Increase in worms Sophisticated command Widespread attacks using NNTP to distribute attack and control 2012 Widespread attacks on DNS infrastructure Executable code attacks (against browsers) Anti-forensic techniques Automated widespread attacks Home users targeted GUI intruder tools Attack sophistication Distributed attack tools Hijacking sessions Increase in wide-scale Trojan horse distribution Internet social Widespread engineering attacks denial-of-service attacks Windows-based 2000 remote controllable Techniques to analyze code for vulnerabilities Trojans (Back Orifice) Automated probes/scans Packet spoofing without source code Source: eCore Survey, 2013
    7. 7. Hackers vs Home User
    8. 8. Integrated Threat Protection in ActionProblem: Error message: “Drops” copy of itself on “Innocent” Video Link: system and attempts to Redirects to malicious Website propagate “Out of date” Flash player error: “Download” malware fileSolution: Integrated Web Filtering Blocks access to malicious Website Network Antivirus Blocks download of virus Intrusion Protection Blocks the spread of the worm
    9. 9. Integrated Threat Protection in Action • Application Control: Unwanted Services and P2P Limiting Botnet command channel, compromised Facebook applications, independent of port or protocol • Intrusion Prevention: Vulnerabilities and Exploits Browser and website attack code crafted by hackers and criminal gangs. • Web Filtering: Multiple categories and Malicious sites Botnet command, phishing, search poisoning, inappropriate content • Vulnerability Management: Real time exploit updates Multiple scanning points Firewall Gate, Analyzer, Web, DB, and Scan • Antispam: Unsolicited messages Phishing, Malware, Social Engineering and Junk • Antivirus: All malicious code Documents, macros, scripts, executable Delivered via Web, Email, USB, Instant messaging, social networks, etc.
    10. 10. LHS Connections and Updates #harsh_ jangra #HackingTechnoS Get Latest Facebook Hacking & Security Updates Security Updates Connect with us Subscribed on Hands-On Labs LHS/ePaper ologies
    11. 11. Resources