Cyber Crime & Cyber War
Upcoming SlideShare
Loading in...5

Cyber Crime & Cyber War



null Hyderabad CHapter - February 2014 Meet

null Hyderabad CHapter - February 2014 Meet



Total Views
Views on SlideShare
Embed Views



1 Embed 159 159



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Cyber Crime & Cyber War Cyber Crime & Cyber War Presentation Transcript

  • CYBER CRIME & CYBER WAR English . Reality . Data
  • THIS IS • Purely academic debate. Do not read otherwise • No room for discussion, but for arguments. • My opinion on a deck and your opinion as voice • Abuse of English • Based on evidence ? • Fact vs Fiction • Cyber Crime Business Models • Budget Meeting
  • ME • I am Uday • I work as a pen tester • Currently into Data Analysis & Machine Learning Learning • Yawn, Steam, Argue, Debate, Learn • Big Data can change the world or solve some problems. • Big data for hacking ? People are really doing that. • Alejandro Caceres
  • BEFORE WE START, PLEASE BE ASSURED • All my words are an outcome of months of research • We are always assured • “The president of India would be visiting Hyderabad tomorrow” and I have this information from an impeccable source from the president’s staff at Rastrapathi Bhavan
  • HOW DOES ASSURANCE WORK ? • Authoritative speech powerful enough to make me believe that men are from mars and aliens are from earth • When assured, there is no question left to ask
  • ASSURANCE & CYBER WAR • Are we being assured that Cyber War is in progress ? • Audience: What is Cyber War ? • Audience: What is Cyber Crime ? • Espionage vs Cyber War vs Cyber Crime ? • Your responses are invaluable!
  • WHO HAS DEFINED CYBER WAR • International Laws are still WIP • Has EU or US declared definitions ? The answer is no. • What has been taken into account to call this as a war ?
  • THE ‘ULTIMATELY’ JUSTIFICATION • Ultimately, Cyber Wars have a toll on our daily lives.
  • WHATEVER HAPPENS ONLINE WITH US • Is not cyber war • Is not Cyber Terrorism • Could be Cyber Bullying • Could be violation of privacy • Could have legal implications • Could be cumbersome • Affects our personal lives indirectly especially longterm
  • ENOUGH ENGLISH • Do We have some data as evidence to argue upon ? • Yes we do! • Measuring Pay-per-Install: The Commoditization of Malware Distribution • White Paper fromJuan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Berkley • Is this Authentic data ? • Please be assured that this is more genuine than pure cocaine
  • CRIME AS A BUSINESS MODEL • Can I design crime ? • Instance: • PPI Model – Pay Per Install • Exploit as a service • Malware is the new commodity • Better off than your shares and market • Who the bullish ? What the bearish ?
  • SERVICE PROVIDER • What is this PPI Market Business Client • I am the bad guy Service • I run the show Service Affiliate •Oh yeah! Malware
  • WHAT IS THIS BUSINESS MODEL ? • This is one observed business model that generates the underground economy • Offerings are highly customized
  • ARTICLE A YEAR AGO • ware_coder_and_botnet_operator_ama/ • IAmA a malware coder and botnet operator, AMA • TOR + Dedicated Enhanced Service • Stealthy really
  • MEMORY ERRORS • Past present Future • Corrupted Pointer, Uninitialized Pointer Access, Out of bounds etc. • Subversion of logic • This is relevant even today even after 20 years
  • SO WHAT DEFINITION IS WRONG ? • Cyber War vs Cyber Crime • We have never had a Cyber War yet • This comes from the definition of traditional war • We can have a separate debate on this • When a conventional war follows the strategy of “Greater the offense, Greater the defense”, Cyber War is opposite.
  • CYBER TERRORISM • Many people are using this word already & extensively • David Rappaport has not coined this term. • I believe that the word “Cyber Terrorism” is completely wrong. • You can have your view.
  • BUDGET MEETING • $100-180 for Unique thousand installs, This is for US/UK/Europe • $7-8 is the lowest for the same service, least popular geography • Rivalry in PPI • Often difficult to validate on the installs when using two rival PPI Providers • Affiliates receive credit for confirmed Installs
  • CRIMEWARE KITS • To build botnet variants • Instance zbot • This is not an exhaustive talk on cyber crime • We can have a dedicated session for a deep dive on cyber crime • Let’s quickly see what someone from NATO has to say
  • • (NATO – Cyber War exists Video)