Your SlideShare is downloading. ×
Indiancybercrimescene
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Indiancybercrimescene

687
views

Published on

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
687
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Demo for audience: Perform a live internet search on an Indian celeb or breaking news and get to a compromised website that will try to install malware on the machine.
  • Verified by Visa (VBV) phishing emails for Indian banks
  • Ask the audience – which the latest version of Adobe Acrobat.
  • educate the student population in schools and colleges along with parents. children in the program are thought about using the internet safely – not just from computer viruses but from sexual predators
  • Transcript

    • 1. Indian Cybercrime Scene
      Vinoo Thomas Rahul Mohandas
      Research Lead Research Scientist
      McAfee Labs McAfee Labs
      Caught In the Cross-Fire
    • 2. Agenda
      Knowing the enemy – Who’s at your front door?
      India in the information age
      World “Wild” Web – Indian users caught in the cross fire
      India’s contribution to worldwide Spam, Botnet and DDOS attacks
      Regional malware
      Targeted attacks
      The future
      2
    • 3. http://www.internetworldstats.com/stats3.htm
      India’s Growing Cyber Population
    • 4. http://www.intgovforum.org/cms/2008/press/Worldwide%20Internet%20usage%2008.pdf
      Why do Indians go online?
    • 5. http://www.google.com/insights/search/#
      What do Indians search online?
    • 6. Breaking news? Think Malware
      Malware authors make use of breaking news or popular search terms to ensure a higher return on investment.
      Popular news items that were misused include:
      Searches for Michael Jackson’s death lead to malware
      Benazir Bhutto assassination, Bangalore Blasts
      Indian celebrities and cricketers
    • 7. Riskiest Indian Celebrities
      7
      http://www.hindustantimes.com/cinema-news/mirchmasala/Ash-more-dangerous-than-Katrina/Article1-451587.aspx
    • 8. Popular Indian Sites Compromised to Serve Malware
      8
    • 9. World “Wild” Web
      Risks on the Web are constantly changing. A site that is safe one day, can be risky the next.
      It’s not always easy for consumers to identify which site is safe. Even experienced users can be deceived if a trusted site was compromised to serve malware.
      Thousands of legitimate web sites are compromised every day to serve malware to unsuspecting users.
      High-profile Indian sites that been compromised to serve malware include banks, security vendors, portals, businesses, as well as educational and government sites.
    • 10. Payload and impact of users getting infected
      Compromised users on a limited bandwidth Internet plan can end up getting a huge bill at the end of month – for no fault of theirs!!
    • 11. W32/Conficker in India vs. rest of world
      11
    • 12. Conficker world infection map
      http://www.confickerworkinggroup.org/wiki/uploads/ANY/conficker_world_map.png
      12
    • 13. W32/Conficker.worm - Infection Data
      http://www.team-cymru.org/Monitoring/Malevolence/conficker.html
    • 14. Twitter-Facebook Episode
      Twitter, Facebook, Live Journal, YouTube, Fotki–what do they have in common?
      Hosted an account of a pro-Georgian blogger who went under the nickname cyxymu (taken after Sukhumi, the capital of Abkhazia, one of Georgia’s pro-Russian breakaway republics).
      They all suffered a massive distributed denial-of-service (DDoS) attack. The attack that was able to take down Twitter for several hours and significantly slow down connectivity to YouTube, Live Journal and Facebook .
      http://www.avertlabs.com/research/blog/index.php/2009/08/07/collateral-damage/
    • 15. India’s Contribution to DDoS
      India’s Contribution was 8%
      http://www.avertlabs.com/research/blog/index.php/2009/08/07/collateral-damage/
    • 16. India’s Spam Contribution
      http://www.trustedsource.org`
    • 17. Phishers target Indian Banks
      Uses pure Social engineering to deceiveusers
      Stolen credentials make itsway to underground forumsand sold there
      Commercial Do-It-YourselfPhish kits available forIndian banks
      Increase in phish emailsobserved during Verified by Visa and MasterCard SecureCode campaign.
      17
    • 18. Malware source code freely available
      18
    • 19. Malware is localized and targeted
    • 20. Exploits using MSWord, Excel,PowerPoint, WordPad areincreasingly popular
      Multiple zero-day vulnerabilities in office discovered and exploited in 2009.
      Mostly spammed to users or hosted on malicious website
      Attachment claims to contain sensitive information on Pakistani Air force.
      Exploits a patched vulnerabilityin Microsoft ms06-028 bulletin.
      Targeted Attacks: Microsoft Office
      20
    • 21. Targeted Attacks: Adobe PDF
      21
      >80% users have Adobe Acrobat installed
      Easy to social engineer useras it’s considered trustworthy
      Over 5 new exploits releasedthis year alone includingzero-days.
      Most exploits use JavaScript to spray shellcode on heap
      Heavily deployed in webattack toolkits.
    • 22. The future.......
    • 23. Cyber Crime Altering Threat Landscape
      23
      • Over 1,500,000 unique malware detections in 2008
      • 24. 1H09 up 150% from 1H08
      • 25. Malware is heavily obfuscated with packers and compression technologies
      • 26. 80% of threats are financially motivated, up from 50% two years ago with password stealing Trojans being rampant
      • 27. 6500+ new variants analyzed daily
    • Why take to cybercrime?
      Low Risk
      + High Reward
      + Opportunity
      =
      Safer than traditional crime
    • 28. 25
      Cyber Crime – India Statistics
      India: 63% of businesses have seen an increase in threats from 2008 to 2009
      India: 40% of businesses in India had an incident that cost an average of $13,543 to fix and recover from and causing revenue loss.
      India is the 14th most dangerous domain for web surfing with 3.07% of Indian websites rated Red or Yellow by McAfee Site Advisor.
      http://economictimes.indiatimes.com/Infotech/Internet/Chasing-the-cyber-criminal/articleshow/5166638.cms
    • 29. Summary - What does this mean to you?
      The malware problem is here to stay – threats are becoming more region specific and sophisticated.
      Monetary reward is the primary motivation for malware authors.
      India’s growing cyber population makes an attractive target.
      Need to improve user education and awareness at grassroots level.
      26
    • 30. McAfee In Action
      McAfee Initiative to Fight Cybercrime
      http://www.mcafee.com/us/about/corporate/fight_cybercrime/
      http://www.dsci.in/images/stories/mcafee_announces_grant_of_rs._2.5_mn_for_dsci.pdf
      27
    • 31. 28
      McAfee Security Resources
      Web Sites
      McAfee: http://www.mcafee.com
      Threat Center: http://www.mcafee.com/us/threat_center/default.asp
      Submit a Sample: http://vil.nai.com/vil/submit-sample.aspx
      Scan Your PC: http://home.mcafee.com/Downloads/FreeScanDownload.aspx
      Notifications
      Security Advisories: http://www.mcafee.com/us/threat_center/securityadvisory/signup.aspx
      Word of Mouth
      Blog: http://www.avertlabs.com/research/blog/
      Podcasts: http://podcasts.mcafee.com/
    • 32. Q & A
      Thank You!
      Rahul Mohandas
      Vinoo Thomas
      vinoo@avertlabs.com
      rahul@avertlabs.com

    ×