Cyber Crime & Cyber War


Published on

null Hyderabad CHapter - February 2014 Meet

Published in: Education
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber Crime & Cyber War

  1. 1. CYBER CRIME & CYBER WAR English . Reality . Data
  2. 2. THIS IS • Purely academic debate. Do not read otherwise • No room for discussion, but for arguments. • My opinion on a deck and your opinion as voice • Abuse of English • Based on evidence ? • Fact vs Fiction • Cyber Crime Business Models • Budget Meeting
  3. 3. ME • I am Uday • I work as a pen tester • Currently into Data Analysis & Machine Learning Learning • Yawn, Steam, Argue, Debate, Learn • Big Data can change the world or solve some problems. • Big data for hacking ? People are really doing that. • Alejandro Caceres
  4. 4. BEFORE WE START, PLEASE BE ASSURED • All my words are an outcome of months of research • We are always assured • “The president of India would be visiting Hyderabad tomorrow” and I have this information from an impeccable source from the president’s staff at Rastrapathi Bhavan
  5. 5. HOW DOES ASSURANCE WORK ? • Authoritative speech powerful enough to make me believe that men are from mars and aliens are from earth • When assured, there is no question left to ask
  6. 6. ASSURANCE & CYBER WAR • Are we being assured that Cyber War is in progress ? • Audience: What is Cyber War ? • Audience: What is Cyber Crime ? • Espionage vs Cyber War vs Cyber Crime ? • Your responses are invaluable!
  7. 7. WHO HAS DEFINED CYBER WAR • International Laws are still WIP • Has EU or US declared definitions ? The answer is no. • What has been taken into account to call this as a war ?
  8. 8. THE ‘ULTIMATELY’ JUSTIFICATION • Ultimately, Cyber Wars have a toll on our daily lives.
  9. 9. WHATEVER HAPPENS ONLINE WITH US • Is not cyber war • Is not Cyber Terrorism • Could be Cyber Bullying • Could be violation of privacy • Could have legal implications • Could be cumbersome • Affects our personal lives indirectly especially longterm
  10. 10. ENOUGH ENGLISH • Do We have some data as evidence to argue upon ? • Yes we do! • Measuring Pay-per-Install: The Commoditization of Malware Distribution • White Paper fromJuan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Berkley • Is this Authentic data ? • Please be assured that this is more genuine than pure cocaine
  11. 11. CRIME AS A BUSINESS MODEL • Can I design crime ? • Instance: • PPI Model – Pay Per Install • Exploit as a service • Malware is the new commodity • Better off than your shares and market • Who the bullish ? What the bearish ?
  12. 12. SERVICE PROVIDER • What is this PPI Market Business Client • I am the bad guy Service • I run the show Service Affiliate •Oh yeah! Malware
  13. 13. WHAT IS THIS BUSINESS MODEL ? • This is one observed business model that generates the underground economy • Offerings are highly customized
  14. 14. ARTICLE A YEAR AGO • ware_coder_and_botnet_operator_ama/ • IAmA a malware coder and botnet operator, AMA • TOR + Dedicated Enhanced Service • Stealthy really
  15. 15. MEMORY ERRORS • Past present Future • Corrupted Pointer, Uninitialized Pointer Access, Out of bounds etc. • Subversion of logic • This is relevant even today even after 20 years
  16. 16. SO WHAT DEFINITION IS WRONG ? • Cyber War vs Cyber Crime • We have never had a Cyber War yet • This comes from the definition of traditional war • We can have a separate debate on this • When a conventional war follows the strategy of “Greater the offense, Greater the defense”, Cyber War is opposite.
  17. 17. CYBER TERRORISM • Many people are using this word already & extensively • David Rappaport has not coined this term. • I believe that the word “Cyber Terrorism” is completely wrong. • You can have your view.
  18. 18. BUDGET MEETING • $100-180 for Unique thousand installs, This is for US/UK/Europe • $7-8 is the lowest for the same service, least popular geography • Rivalry in PPI • Often difficult to validate on the installs when using two rival PPI Providers • Affiliates receive credit for confirmed Installs
  19. 19. CRIMEWARE KITS • To build botnet variants • Instance zbot • This is not an exhaustive talk on cyber crime • We can have a dedicated session for a deep dive on cyber crime • Let’s quickly see what someone from NATO has to say
  20. 20. • (NATO – Cyber War exists Video)