Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber Crime & Cyber War


Published on

null Hyderabad CHapter - February 2014 Meet

Published in: Education
  • Be the first to comment

Cyber Crime & Cyber War

  1. 1. CYBER CRIME & CYBER WAR English . Reality . Data
  2. 2. THIS IS • Purely academic debate. Do not read otherwise • No room for discussion, but for arguments. • My opinion on a deck and your opinion as voice • Abuse of English • Based on evidence ? • Fact vs Fiction • Cyber Crime Business Models • Budget Meeting
  3. 3. ME • I am Uday • I work as a pen tester • Currently into Data Analysis & Machine Learning Learning • Yawn, Steam, Argue, Debate, Learn • Big Data can change the world or solve some problems. • Big data for hacking ? People are really doing that. • Alejandro Caceres
  4. 4. BEFORE WE START, PLEASE BE ASSURED • All my words are an outcome of months of research • We are always assured • “The president of India would be visiting Hyderabad tomorrow” and I have this information from an impeccable source from the president’s staff at Rastrapathi Bhavan
  5. 5. HOW DOES ASSURANCE WORK ? • Authoritative speech powerful enough to make me believe that men are from mars and aliens are from earth • When assured, there is no question left to ask
  6. 6. ASSURANCE & CYBER WAR • Are we being assured that Cyber War is in progress ? • Audience: What is Cyber War ? • Audience: What is Cyber Crime ? • Espionage vs Cyber War vs Cyber Crime ? • Your responses are invaluable!
  7. 7. WHO HAS DEFINED CYBER WAR • International Laws are still WIP • Has EU or US declared definitions ? The answer is no. • What has been taken into account to call this as a war ?
  8. 8. THE ‘ULTIMATELY’ JUSTIFICATION • Ultimately, Cyber Wars have a toll on our daily lives.
  9. 9. WHATEVER HAPPENS ONLINE WITH US • Is not cyber war • Is not Cyber Terrorism • Could be Cyber Bullying • Could be violation of privacy • Could have legal implications • Could be cumbersome • Affects our personal lives indirectly especially longterm
  10. 10. ENOUGH ENGLISH • Do We have some data as evidence to argue upon ? • Yes we do! • Measuring Pay-per-Install: The Commoditization of Malware Distribution • White Paper fromJuan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Berkley • Is this Authentic data ? • Please be assured that this is more genuine than pure cocaine
  11. 11. CRIME AS A BUSINESS MODEL • Can I design crime ? • Instance: • PPI Model – Pay Per Install • Exploit as a service • Malware is the new commodity • Better off than your shares and market • Who the bullish ? What the bearish ?
  12. 12. SERVICE PROVIDER • What is this PPI Market Business Client • I am the bad guy Service • I run the show Service Affiliate •Oh yeah! Malware
  13. 13. WHAT IS THIS BUSINESS MODEL ? • This is one observed business model that generates the underground economy • Offerings are highly customized
  14. 14. ARTICLE A YEAR AGO • ware_coder_and_botnet_operator_ama/ • IAmA a malware coder and botnet operator, AMA • TOR + Dedicated Enhanced Service • Stealthy really
  15. 15. MEMORY ERRORS • Past present Future • Corrupted Pointer, Uninitialized Pointer Access, Out of bounds etc. • Subversion of logic • This is relevant even today even after 20 years
  16. 16. SO WHAT DEFINITION IS WRONG ? • Cyber War vs Cyber Crime • We have never had a Cyber War yet • This comes from the definition of traditional war • We can have a separate debate on this • When a conventional war follows the strategy of “Greater the offense, Greater the defense”, Cyber War is opposite.
  17. 17. CYBER TERRORISM • Many people are using this word already & extensively • David Rappaport has not coined this term. • I believe that the word “Cyber Terrorism” is completely wrong. • You can have your view.
  18. 18. BUDGET MEETING • $100-180 for Unique thousand installs, This is for US/UK/Europe • $7-8 is the lowest for the same service, least popular geography • Rivalry in PPI • Often difficult to validate on the installs when using two rival PPI Providers • Affiliates receive credit for confirmed Installs
  19. 19. CRIMEWARE KITS • To build botnet variants • Instance zbot • This is not an exhaustive talk on cyber crime • We can have a dedicated session for a deep dive on cyber crime • Let’s quickly see what someone from NATO has to say
  20. 20. • (NATO – Cyber War exists Video)