analysis of threats to it's root cause

1. COUNTERING CYBER-THREATS
.
AVAILABLE SECURITY FOR
CYBER THREATS

2. IT IS A FROG NOPE IT’S RANA TEMPORARIA
 Dr. Temple Grandin thinks that “Hackers” show classic symptoms of
Asperger Syndrome.(Asper… What ??)
 Asperger Syndrome:
* A form of autism
* Impairment in social interaction
* Exceptional ability to remember long sequences
* Deep honesty !!!
“THEY AIN’T US CAUSE THEY AIN’T US”
Ref:colostate.edu

3. NO MAMA! I WAS ORDERING PIZZA
 GARY MCKINNON
* Responsible for biggest military hack of all time.
*Hacked into 97 US military and NASA computers for over 13 months
*If extradited and convicted ,would face 70 years in prison
“I was looking for UFOs”
Ref:The Telegraph

4. TYPES OF ATTACKERS
 Individuals
 Organized worldwide groups
*Cult of the dead cow
*414s
 Organized crime
*Originating from Russia, Brazil and Asia
 Terrorists
 Cyber armies
Ref: anonymous.com

5. COMMON WAYS TO IMPLEMENT SUCH ACT
 Physical Attack
* Infrastructure damaged using conventional methods
 Syntactic Attack
* Logic of the system is tempered
 Semantic Attack
* Data modified or used without user's consent

6. WHY SHOULD WE CARE?
 Personal Impact
* Privacy issues
A listed Hollywood stars were
under attack (The Fappening)
* Economic issues
* Mistrust and chaos
* Compatibility issues

7.  Business Impact
Potential significant impacts are:
* Financial losses
* Depreciation in share values
* Cost of investigation
* Brand/Reputation

8.  Organizational response under criticism
*Inadequate defenses
*Understanding is low
*Lacking intelligence of attack
*Response to attack low & vague

9. COMMON ATTACK THEMES
 Targeted
 Sophisticated
 Originate from oversees
 Involves several steps
 Conducted over significant amount of time
 Efficiently planned

10. Diagram depicting leakage on the network
A window of few seconds would be enough to plant a bug

11. FACING THE PHEONIX
 Privacy Policy
* Personally identifiable information
* Personal health information
* Customer information
 Secure Configuration
* Create and maintain hardware and software inventories
* Limit user ability to change configuration
 Network Security
* Police the network perimeter
* Monitor network

12. FACING THE PHEONIX
 Create Layers of Security
* Identify and protect your valuable data
* Control access to the data
* Secure your data
* Backup your data
 Plan for Data Loss or Theft
* Proper records have to be maintained

13. EXISTING COUNTER CYBER SECURITY INITIATIVE
 National Informatics Centre(NIC)
A premier organization providing network backbone and e-
governance support to the Central Government, State Governments,
Union Territories, Districts and other Governments bodies. It provides
wide range of information and communication technology services
including nation wide communication 4 Network for decentralized
planning improvement in Government services and wider
transparency of national and local governments.
 Indian Computer Emergency Response Team(Cert-In)
Aims at proactive action and effective collaboration aimed at
security incident prevention and response and security assurance'.

14. EXISTING COUNTER CYBER SECURITY INITIATIVE
 National Information Security Assurance Program(NISAP)
Aims at:
Government and critical infrastructures should have a security policy
and create a point of contact.
All organizations to be subject to a third party audit from this panel
once a year.
 Indo-US Cyber Security Program(IUSCSF)
Setting up an India Information Sharing and Analysis Centre (ISAC) for
better cooperation in anti hacking measures.

15. Untying the Gordian Knot
Todays situation is something like a
Gordian knot
Think as if the cyber space security is
enveloped inside this knot
All the stake holders pulling a single
string
They will think they are making it
more secure and safe without
knowing what’s inside that knot