Meeting The Cyber Insurgency Threats From Neighbouring Countires01


Published on

This Presentation has been given as a academic seminar at International School of Information Management, university of mysore

Published in: Education, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • AKAA – Aditya, Karjan, Alka, Artmiz AKAA Group Presents.. ISiM, University of Mysore
  • ISiM, University of Mysore AKAA Group Presents..
  • ISiM, University of Mysore AKAA Group Presents..
  • ISiM, University of Mysore AKAA Group Presents..
  • Malware : - Malware is a general term for a piece of software inserted into an information system to cause harm to that system or other systems, or to subvert them for use other than that intended by their owners.6 Malware can gain remote access to an information system, record and send data from that system to a third party without the user’s permission or knowledge, conceal that the information system has been compromised, disable security measures, damage the information system, or otherwise affect the data and system integrity. Botnet - A botnet (also known as a  zombie  army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie - in effect, a computer "robot" or "bot" that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets -- not spam, viruses, or worms -- currently pose the biggest threat to the Internet. Botnets:- Botnets-Bot = Robot, or autonomous software, Sometimes called zombies or slaves The latest wave of malicious software introduced to the Internet Highly complex Evolving In many cases hard to detect or remove, Original bots were IRC-based New vulnerabilities lead to new bots, not new worms. A BOT is a parasite program embedded in a network, which hijacks the network and makes other computers act according to its wishes, which, in turn, are controlled by "external" forces.  VOIP - Terrorists are now using "VoIP (Voice over Internet Protocol) chats, hidden messages inside photographs, draft e-mails and encrypted pen drives to communicate across the world. Cyber Warfare:- Cyber warfare refers to a massively coordinated digital assault on a government by another, or by large groups of citizens. Attack types: • In addition to DDoS attacks against Georgian media outlets and government Web sites, researchers observed: — Route hijacking — Brute force server compromise — Data theft — Multi-factor DDoS attacking network and application layers — Defacement and hosting of fake Georgian Web pages containing misinformation and propaganda. DoS :- A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. ISiM, University of Mysore AKAA Group Presents..
  • Example of cyber-warfare Estonia was subject to this kind of attack in 2006. The conflict apparently stemmed from a decision by the Estonian government to move a Soviet-era monument to another location, an action resented and protested against by many of the country's ethnic Russian citizens. Although the conflict had seemingly been resolved by mid-April, Estonian Internet security experts were still wary about a cyber-assault. AKAA Group Presents.. ISiM, University of Mysore
  • Polymorphic Exploitation - The emerging attacks by attackers which is dynamically changing each time a potential victim visits the malicious page is defying the traditional regular-expression and heuristic-based protection that identifies Web exploits at the network or host. The attacker are very effective in creating a unique exploit with each request and making it impossible for signature-based protection engines to uniquely detect each attack instance. The major driving factor for the attacker still remains Financial gain. Stealing personal data, hijacking Web transactions, executing phishing scams and perpetrating corporate espionage are all motivators. Traditional security techniques focus on stopping file execution and viruses at the client’s operating system (OS) layer. Unfortunately, it is far more difficult to protect users at the browser level. While some signature-based protection is able to detect one layer of Web exploit obfuscation, polymorphic exploitation will pose a new problem. Proposed countermeasures for Web 2.0 and client side attacks include: • Educating Web developers on the need for secure coding throughout the development lifecycle, with emphasis on input validation. • Transitioning from finger-print or pattern matching protection to heuristics or behavior-based protection. • Enabling protection engines to understand JavaScript just as the browser does. • Utilizing feedback networks to analyze malicious Web sites, encourage remediation and improve content filtering at the browser level. AKAA Group Presents.. ISiM, University of Mysore
  • Pakistani cyber criminals deface nearly 60 Indian websites a day, but in return only 10 to 15 Pakistani websites are defaced. It has been going on since 2001. India may be the IT capital of the world, but as far as security issues are concerned the country is lagging far behind, An Indian Ethical Hacker Fadia said.  ISiM, University of Mysore AKAA Group Presents..
  • Times of India, China mounts cyber attacks on Indian sites Indrani Bagchi, TNN 5 May 2008, 01:16am IST Key loggers - Key loggers is software that scans computers and their processes and data the moment you hit a key on the keyboard . A Report: NEW DELHI: China’s cyber warfare army is marching on, and India is suffering silently. Over the past one and a half years, officials said, China has mounted almost daily attacks on Indian computer networks, both government and private, showing its intent and capability. ( Watch: ‘China's cyber intrusion a threat’ ) The sustained assault almost coincides with the history of the present political disquiet between the two countries. According to senior government officials, these attacks are not isolated incidents of something so generic or basic as "hacking" — they are far more sophisticated and complete — and there is a method behind the madness. Publicly, senior government officials, when questioned, take refuge under the argument that "hacking" is a routine activity and happens from many areas around the world. But privately, they acknowledge that the cyber warfare threat from China is more real than from other countries. The core of the assault is that the Chinese are constantly scanning and mapping India’s official networks. This gives them a very good idea of not only the content but also of how to disable the networks or distract them during a conflict. AKAA Group Presents.. ISiM, University of Mysore
  • ISiM, University of Mysore AKAA Group Presents..
  • CERT- Computer Emergency Readiness Team. - is part of the National Cyber Security Division of the United States Department of Homeland Security. AKAA Group Presents.. ISiM, University of Mysore
  • 1. Anti-virus is not enough With the rise of polymorphic threats and the explosion of unique malware variants in 2009, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioural capabilities, are not enough to protect against today's threats.   2. Social engineering as the primary attack vector   More attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent. Social engineering's popularity is at least in part spurred by the fact that what operating system and Web browser rests on a user's computer is largely irrelevant, as it is the actual user being targeted, not necessarily vulnerabilities on the machine. Social engineering is already one of the primary attack vectors being used today, and Symantec estimates that the number of attempted attacks using social engineering techniques will increase in 2010.   3. Rogue security software vendors escalate their efforts In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users' computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best. For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but the reality is that this same software can actually be downloaded for free elsewhere.   4. Social networking third-party applications will be the target of fraud With the popularity of social networking sites poised for another year of unprecedented growth, there will be more frauds being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users' social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure.   5. Windows 7 will come into the cross-hairs of attackers Microsoft has already released the first security patches for the new operating system. As long as humans are programming computer code, flaws will be introduced, no matter how thorough pre-release testing is, and the more complex the code, the more likely that undiscovered vulnerabilities exist. Microsoft's new operating system is no exception, and as Windows 7 hits the pavement and gains traction in 2010, attackers will undoubtedly find ways to exploit its users.   6. Fast Flux Botnets increase   Fast flux is a technique used by some botnets, such as the Storm botnet, to hide phishing and malicious web sites behind an ever-changing network of compromised hosts acting as proxies. Using a combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection, it makes it difficult to trace the botnets' original geo-location. As industry counter measures continue to reduce the effectiveness of traditional botnets, expect to see more using this technique being used to carry out attacks.   7.URL shortening services become the phisher's best friend   Phishers are able to disguise links that the average security conscious user might think twice about clicking on, because users often have no idea where a shortened URL is actually sending them, . Symantec is already seeing a trend toward using this tactic to distribute misleading applications and we expect much more to come. Also, in an attempt to evade antispam filters through obfuscation, expect spammers to leverage shortened URLs shorteners to carry out their own evil deeds.   8. Mac and mobile malware will increase   The number of attacks designed to exploit a certain operating system or platform is directly related to that platform's market share, as malware authors are out to make money and always want the biggest bang for their buck. In 2009, Macs and smartphones targeted more by malware authors, for example the Sexy Space botnet aimed at the Symbian mobile device operating system and the OSX. Iservice Trojan targeting Mac users. As Mac and smartphones continue to increase in popularity in 2010, more attackers will devote time to creating malware to exploit these devices. 9. Spammers breaking the rules As the economy continues to suffer and more people seek to take advantage of the loose restrictions of the Can Spam Act, we'll see more organisations selling unauthorised e-mail address lists and more less-than-legitimate marketers spamming those lists. 10. Spam volumes will fluctuate   Since 2007, spam has increased on average by 15 percent. While this significant growth in spam e-mail may not be sustainable in the long term, it is clear that spammers are not yet willing to give up as long an economic motive is present. Spam volumes will continue to fluctuate in 2010 as spammers continue to adapt to the sophistication of security software, the intervention of responsible ISPs and government agencies across the globe.   11. Specialised malware Highly specialised malware was uncovered in 2009 that was aimed at exploiting certain ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2010, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.   12. CAPTCHA Technology will improve   As this happens and spammers have a more difficult time breaking CAPTCHA codes through automated processes, spammers in emerging economies will devise a means to use real people to manually generate new accounts for spamming, thereby attempting to bypass the improved technology. Symantec estimates that the individuals employed to manually create these accounts will be paid less than 10 percent of the cost to the spammers, with the account-farmers charging $30-40 per 1,000 accounts.   13. Instant messaging spam As cyber criminals exploit new ways to bypass CAPTCHA technologies, instant messenger (IM) attacks will grow in popularity. IM threats will largely be comprised of unsolicited spam messages containing malicious links, especially attacks aimed at compromising legitimate IM accounts. By the end of 2010, Symantec predicts that one in 300 IM messages will contain a URL. Also, in 2010, Symantec predicts that overall, one in 12 hyperlinks will be linked to a domain known to be used for hosting malware. Thus, one in 12 hyperlinks appearing in IM messages will contain a domain that has been considered suspicious or malicious. In mid 2009, that level was 1 in 78 hyperlinks.   14. Non-English spam will increase   As broadband connection penetration continues to grow across the globe, particularly in developing economies, spam in non-English speaking countries will increase. In some parts of Europe, Symantec estimates the levels of localised spam will exceed 50 percent of all spam. AKAA Group Presents.. ISiM, University of Mysore
  • ISiM, University of Mysore AKAA Group Presents..
  • ISiM, University of Mysore AKAA Group Presents..
  • ISiM, University of Mysore AKAA Group Presents..
  • Meeting The Cyber Insurgency Threats From Neighbouring Countires01

    1. 1. The AKAA Group Presents…. 12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    2. 2. Presented By: Aditya, Karjan, Alka, & Artmiz MEETING CYBER INSURGENCY THREATS FROM NEIGHBOURING COUNTRIES 12/18/09 IPR & Cyber law Presentation by AKAA Group....
    3. 3. Contents <ul><li>Introduction </li></ul><ul><li>Cyber threats Groups & Actors </li></ul><ul><li>The cyber threats Actors </li></ul><ul><li>Types of Threats and Attacks </li></ul><ul><li>Cyber threats from Neighbor </li></ul><ul><li>India’s stand on dealing Insurgency </li></ul><ul><li>Protection of Corporate network </li></ul><ul><li>Blue print for combating cyber threats </li></ul><ul><li>Conclusion </li></ul><ul><li>References </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    4. 4. Introduction <ul><li>A nuclear war may not be on the immediate horizon, but a cyber war is and it has the potential to bring major cities worldwide to a standstill, affecting everything from banking, traffic networks, hospitals and even electricity grids. These are now the focus of a new security front worldwide. </li></ul><ul><li>It’s pretty clear now there is underway a type of cyber arms race, both to be able to pick up and also to secure data per se, but also, in fact, to be able to target or to defend those countless crucial functions of a contemporary society. </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    5. 5. What is Cyber Threat <ul><li>‘ Cyber threat’ is a threat that percolates or infiltrates through the use of computers , internet or interconnected communication devices and could comprise of information stealth, cyber warfare, virus attacks, cyber terrorism, hacking attempts , phising, sabotage, singly or in combination . </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    6. 6. Cyber threat Groups & Actors <ul><li>Espionage </li></ul><ul><ul><li>State-sponsored or corporate electronic spying </li></ul></ul><ul><ul><li>Typically “open source” data collection </li></ul></ul><ul><li>Terrorist groups </li></ul><ul><ul><li>Covert communications channels </li></ul></ul><ul><li>Criminal actions </li></ul><ul><ul><li>Credit card theft, child pornography, copyright infringement </li></ul></ul><ul><ul><li>Spyware and other unauthorized cyber tracking software </li></ul></ul><ul><ul><li>Phishing emails and fake websites </li></ul></ul><ul><ul><li>Encrypting files followed by extortion to unencrypt. </li></ul></ul><ul><li>Hackers </li></ul><ul><ul><li>Worms, viruses, malicious software, website defacements, and adolescent pranks </li></ul></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    7. 7. Types of Threats and Attacks <ul><li>Malware </li></ul><ul><li>Botnets </li></ul><ul><li>Cyber warfare </li></ul><ul><li>Threats to VOIP & Mobile </li></ul><ul><li>convergence </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    8. 8. 12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    9. 9. Video of Cyber Threat 12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    10. 10. Trends for Cyber threats 12/18/09 IPR & Cyber law Presentaion by AKAA Group.... Malicious attackers will install malware on social networking sites leading to increased phising scams, or stealing data,etc- browser level protection needed. Hackers will install malcode within video content which will affect users accessing video clips. Mash up technology used by web applications to combine data/media from multiple sources, locations and coding styles may lead to increased corporate espionage and other scams Identity thefts will only increase and botnets will be used for corporate espionage and phising scams Polymorphic exploitation- creation of unique exploit with each user request –signature based protection engines at network or host level fail . Growing popularity of VOIP applications-instances of voice spam and voice phising or smishing will increase. Targeted attacks -Attack activity through e-mail, Instant messaging ,P2P networks will increase Denial of service affecting voice infrastructure Cyber terrorist attacks will increase and lead to cyber warfare- threat to nation’s sovereignty MMS scams will be on the rise and raise issues of defamation and invasion of privacy
    11. 11. Striking Facts <ul><li>According to a report compiled by Panda Labs , in 2008, 10 million bot computers were used to distribute spam and malware across the Internet each day. </li></ul><ul><li>Annual take by theft-oriented cyber criminals is estimated to be as high as 100 billion dollars and 97 per cent of these offences go undetected,- CBI's Conference on International Police Cooperation against Cyber Crime, March 2009. </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    12. 12. Cyber Threats From Neighbors <ul><li>Pakistan </li></ul><ul><li>China </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    13. 13. Pakistan & China towards Indian <ul><li>Pakistani cyber criminals are able to deface 50 to 60 Indian websites a day. </li></ul><ul><li>Chinese are constantly scanning and mapping India’s official networks. </li></ul><ul><li>China has mounted almost daily attacks on Indian computer networks, both government and private, showing its intent and capability. </li></ul><ul><li>The big attacks that were sourced to China over the last few months included an attack on NIC (National Informatics Centre), which was aimed at the National Security Council, and on the MEA. </li></ul><ul><li>Three main weapons - BOTS, key loggers and mapping of networks.  </li></ul>12/18/09 IPR & Cyber law Presentation by AKAA Group....
    14. 14. India’s Stands on dealing Insurgency <ul><li>The Information Technology Act 2000 extends to whole of India and also applies to any offence or contraventions committed outside India by any person (s 1(2),IT Act 2000). </li></ul><ul><li>According to s 75 of the Act, the Act applies to any offence or contravention committed outside India by any person irrespective of his nationality, if such act involves a computer, computer system or network located in India. </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    15. 15. Protection of Corporate network <ul><li>Information security – Securing widespread electronic collaboration while protecting data at rest, in motion, in use, and throughout the lifecycle, </li></ul><ul><li>Threat and vulnerability management - Staying ahead of emerging threats on all system components: network, server, and the strategic endpoint, </li></ul><ul><li>Identity and access management - Assuring that the right people have access to the right information and assets at the right time for the right reason, </li></ul><ul><li>Application security - Ensuring application and business process security across the software application lifecycle, and </li></ul><ul><li>Physical security - Integrating video surveillance and security solutions with industry-standard components. </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    16. 16. Blue print for combating cyber threats <ul><li>To reduce vulnerability of country’s cyberspace </li></ul><ul><li>To protect critical infrastructure and critical information systems and services. </li></ul><ul><li>To improve interdepartmental coordination mechanisms for prevention, rapid response and recovery from attacks. </li></ul><ul><li>To advance legal mechanisms that support the goals of the cyber security strategy-recent changes in IT Act, 2000 and appointment of CERT as official agency of Government . </li></ul><ul><li>To launch awareness programs on cyber security </li></ul><ul><li>To enhance international cooperation , promoting cyber security culture and international agreements. </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    17. 17. Beware of these 14 Cyber threats <ul><li>Anti-virus is not enough </li></ul><ul><li>Social engineering as the primary attack vector </li></ul><ul><li>Rogue security software vendors escalate their efforts </li></ul><ul><li>Social networking third-party applications will be the target of fraud </li></ul><ul><li>Windows 7 will come into the cross-hairs of attackers </li></ul><ul><li>Fast Flux Botnets increase </li></ul><ul><li>URL shortening services become the phisher's best friend </li></ul><ul><li>Mac and mobile malware will increase </li></ul><ul><li>Spam volumes will fluctuate </li></ul><ul><li>Spammers breaking the rules </li></ul><ul><li>Specialised malware </li></ul><ul><li>CAPTCHA Technology will improve </li></ul><ul><li>Instant messaging spam </li></ul><ul><li>Non-English spam will increase </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    18. 18. Conclusion <ul><li>Cyber threats continue to haunt Internet users across the world & cyber-threats are the problems of today and the future. </li></ul><ul><li>Though, India leads in IT services, it is lags behind as far as cyber security is concerned. </li></ul><ul><li>In dealing with cyber threats, a country cannot stand alone. There is a need to have strategic alliances to deal with threats and vulnerabilities in the cyber world. </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    19. 19. Reference <ul><li>PDF on Emerging Cyber Threats Report for 2009- Data, Mobility and Questions of Responsibility will Drive Cyber Threats in 2009 and Beyond by, the Georgia Tech Information Security Centre (GTISC) October 15, 2008 </li></ul><ul><li>Cyber Laws For Every Netizen in India (Version 2004) (With WSIS Declaration of Principles and Action Plan) Naavi- Na.Vijayashankar, MSc.,CAIIB,CIIF,AIMADM. , </li></ul><ul><li>ICTSD Programme on IPRs and Sustainable Development WIPO- June 2008 </li></ul><ul><li>A Report by the Business Software Alliance October2008 </li></ul><ul><li> </li></ul>12/18/09 IPR & Cyber law Presentaion by AKAA Group....
    20. 20. Thank you!!! 12/18/09 IPR & Cyber law Presentaion by AKAA Group....