The document discusses the evolution of cybersecurity from an Indian perspective, emphasizing the growth of web technology and the shift towards next-generation networks (NGNs) that support diverse services on a unified platform. It highlights the increasing complexity of cyber threats, including organized crime, phishing, and malware attacks, while also addressing the need for comprehensive security measures and international collaboration to safeguard information assets. Furthermore, it outlines India's cybersecurity strategy, including regulatory compliance, skill development, and the implementation of international security standards like ISO 27001.

1. Cyber Security : Indian
perspective
3RD
November 2010
Aurobindo Nayak
Reg-No:0701288307
NMIET
Branch-CSE

2. Web Sites (WWW)
1993 Web Invented and implemented
130 Nos. web sites
1994 2738 Nos.
1995 23500 Nos.
2007 550 Million Nos.
2008 850 Million Nos.
Web Evolution

3. 33
Internet Infrastructure in INDIA

4. Innovation fostering the Growth of NGNsInnovation fostering the Growth of NGNs
Smart devices
◦ Television
◦ Computers
◦ PDA
◦ Mobile Phone
(Single device to provide an end-to-end, seamlessly secure access)
Application Simplicity
◦ Preference of single, simple and secure interface to access
applications or content
◦ Ubiquitous interface - web browser
Flexible Infrastructure
Because of these areas of evolution, today’s NGNs are defined
more by the services they support than by traditional
demarcation of Physical Infrastructure.

5. The Emergence of NGNsThe Emergence of NGNs
The communication network operating two years
ago are father’s telecommunication Network.
NGNs are teenager’s Network.
No longer consumer and business accept the
limitation of single-use device or network.
Both individuals and Business want the ability to
communicate, work and be entertained over any
device, any time, anywhere.
The demand of these services coupled with
innovation in technology is advancing traditional
telecommunication far outside its original purpose.

6. 6
The Complexity of Today’s Network
Changes Brought in IT
• Large network as backbone for
connectivity across the country
• Multiple Service providers for
providing links – BSNL, MTNL,
Reliance, TATA, Rail Tel
• Multiple Technologies to support
network infrastructure CDMA, VSAT,
DSL
• Multiple Applications
Router
Internet
Intranet
Unmanaged
Device
New PC
Internet
Perimeter
Network
Branch
Offices
Remote Workers
Home Users
Unmanaged
Devices
Router
RouterRouter
Router
Branch
Offices
Desktops
Laptops
Servers
Extranet Servers
Router
Network
Infrastructure
Unmanaged
Devices
Perimeter Network
Servers
Trends shaping the
future
• Ubiquitous computing, networking
and mobility
• Embedded Computing
• Security
• IPv6
• VoIP

7. Challenges for Network OperatorChallenges for Network Operator
Business challenges include new Pricing
Structure, new relationship and new
competitors.
Technical challenges include migrating and
integrating with new advances in technologies
from fibre optics, installation of Wi-Fi support.
Developing a comprehensive Security Policy
and architecture in support of NGN services.

8. To Reap BenefitsTo Reap Benefits
To reap benefits of NGN, the operator
must address
◦ Technology
◦ Risk
◦ Security
◦ Efficiency

9. NGN ArchitectureNGN Architecture
Identify Layer
Compromises of end users owned by a telecom or a
third-party service provider accessing services using
devices like PC, PDA or mobile phone, to connect to
the Internet
Service Layer
Hosts service applications and provides a
framework for the creation of customer-focused
services provided by either operator or a third-party
service provider
Network Layer
Performs service execution, service management,
network management and media control functions
Connects with the backbone network
InternetThird-Party
Application
Untrusted
Web Tier
Service Provider
Application
Service
Delivery
Platform
(Service
Provider )
Service Delivery Platform
Common Framework
Backbone Network
Partly
Trusted

10. Growing ConcernGrowing Concern
 Computing Technology has turned against us
 Exponential growth in security incidents
◦ Pentagon, US in 2007
◦ Estonia in April 2007
◦ Computer System of German Chancellory and three Ministries
◦ Highly classified computer network in New Zealand & Australia
 Complex and target oriented software
 Common computing technologies and systems
 Constant probing and mapping of network systems
10

11. Cyber Threat EvolutionCyber Threat Evolution
Virus
Breaking
Web Sites
Malicious
Code
(Melissa)
Advanced Worm /
Trojan (I LOVE
YOU)
Identity Theft
(Phishing)
Organised Crime
Data Theft, DoS /
DDoS
1995 2000 2003-04 2005-06 2007-081977

12. Cyber attacks being observedCyber attacks being observed
Web defacement
Spam
Spoofing
Proxy Scan
Denial of Service
Distributed Denial of Service
Malicious Codes
◦ Virus
◦ Bots
Data Theft and Data Manipulation
◦ IdentityTheft
◦ Financial Frauds
Social engineering Scams

13. 13
Security Incidents reported during 2009

14. Trends of IncidentsTrends of Incidents
Sophisticated attacks
◦ Attackers are refining their methods and consolidating assets to
create global networks that support coordinated criminal
activity
Rise of Cyber Spying and Targeted attacks
◦ Mapping of network, probing for weakness/vulnerabilities
Malware propagation through Website intrusion
◦ Large scale SQL Injection attacks like Asprox Botnet
Malware propagation through Spam on the rise
◦ Storm worm, which is one of the most notorious malware
programs seen during 2007-08, circulates through spam

15. Trends of IncidentsTrends of Incidents
Phishing
◦ Increase in cases of fast-flux phishing and rock-phish
◦ Domain name phishing and Registrar impersonation
Crimeware
◦ Targeting personal information for financial frauds
Information Stealing through social networking sites
Rise in Attack toolkits
◦ Toolkits like Mpack and Neospolit can launch exploits for
browser and client-side vulnerabilities against users who visit
a malicious or compromised sites

16. Global AttackTrendGlobal AttackTrend
Source: Websense

17. 17
Top originating countries – Malicious code

18. Three faces of cyber crimeThree faces of cyber crime
Organised Crime
Terrorist Groups
Nation States
18

19. Security of Information AssetsSecurity of Information Assets
Security of information & information assets is becoming a
major area of concern
With every new application, newer vulnerabilities crop up,
posing immense challenges to those who are mandated to
protect the IT assets
Coupled with this host of legal requirements and
international business compliance requirements on data
protection and privacy place a huge demand on
IT/ITES/BPO service organizations
We need to generate ‘Trust & Confidence’

20. Challenges before the IndustryChallenges before the Industry

21. Model Followed InternationallyModel Followed Internationally
Internationally, the general approach has been
to have legal drivers supported by suitable
verification mechanism.
For example, in USA Legal drivers have been
◦ SOX
◦ HIPPA
◦ GLBA
◦ FISMA etc.
In Europe, the legal driver has been the “Data
Protection Act” supported by ISO27001 ISMS.

22. 22
Confidentiality
INFORMATION SECURITY
Integrity Availability Authenticity
Security Policy
People
Process
Technology
Regulatory Compliance
Access Control
Security Audit
User Awareness Program
Incident Response
Firewall, IPS/IDS
Encryption, PKI
Antivirus
Information Security Management

23. Cyber Security Strategy – India
• Security Policy, Compliance and Assurance – Legal Framework
– IT Act, 2000
– IT (Amendment) Bill, 2006 – Data Protection & Computer crimes
– Best Practice ISO 27001
– Security Assurance Framework- IT/ITES/BPO Companies
• Security Incident – Early Warning & Response
– CERT-In National Cyber Alert System
– Information Exchange with international CERTs
• Capacity building
– Skill & Competence development
– Training of law enforcement agencies and judicial officials in the collection and analysis of digital
evidence
– Training in the area of implementing information security in collaboration with Specialised
Organisations in US
• Setting up Digital Forensics Centres
– Domain Specific training – Cyber Forensics
• Research and Development
– Network Monitoring
– Biometric Authentication
– Network Security
• International Collaboration

24. Status of security and quality compliance inStatus of security and quality compliance in
IndiaIndia
Quality and Security
◦ Large number of companies in India have aligned their
internal process and practices to international standards
such as
 ISO 9000
 CMM
 Six Sigma
 Total Quality Management
◦ Some Indian companies have won special recognition for
excellence in quality out of 18 Deming Prize winners for
Total Quality Management in the last five years, six are
Indian companies.

25. ISO 27001/BS7799 Information SecurityISO 27001/BS7799 Information Security
ManagementManagement
Government has mandated implementation of
ISO27001 ISMS by all critical sectors
ISMS 27001 has mainly three components
◦ Technology
◦ Process
◦ Incident reporting and monitoring
296 certificates issued in India out of 7735
certificates issued worldwide
Majority of certificates issued in India belong to
IT/ITES/BPO sector

26. Information Technology – Security TechniquesInformation Technology – Security Techniques
Information Security Management SystemInformation Security Management System
World China Italy Japan Spain India USA
ISO 9000 951486 210773 115309 73176 65112 46091 36192
(175 counties)
27001 7732 146 148 276 93 296 94

28. CERT-In Work ProcessCERT-In Work Process
Department of
Information
Technology
Department of
Information
Technology
Detection Analysis Dissemination & Support
Analysis
Recovery
Detect
Dissemination
ISP Hot Liners
Press & TV /
Radio
Home Users
Private Sectors
Major ISPs
Foreign Ptns

29. Distributed Honeypot Deployment

30. PC & End User Security:Auto Security Patch UpdatePC & End User Security:Auto Security Patch Update
Windows Security Patch Auto Update
No. of Download ActiveX: 18 Million
Internet
Microsoft Download Ctr.
ActiveX DL Server
Sec. Patch ActiveX Site

31. Incident Response Help Desk
PC & End User SecurityPC & End User Security
Internet
PSTN
• Make a call using 1800 – 11 - 4949
• Send fax using 1800 – 11 - 6969
• Communicate through email at incident@cert-in.org.in
• Number of security incidents handled during 2008 (till Oct): 1425
• Vulnerability Assessment Service

32. Int’l Co-op: Cyber Security DrillInt’l Co-op: Cyber Security Drill
Joint International Incident Handling Coordination Drill
• Participated APCERT International Incident
Handling Drill 2006
• Participants: 13 APCERT Members and New
Zealand, Vietnam including 5 major Korean
ISPs
• Scenario: Countermeasure against Malicious
Code and relevant infringement as DDoS attack
• Participated APCERT International Incident
Handling Drill 2007
• Participants: 13 APCERT Members + Korean
ISPs
• Scenario: DDoS and Malicious Code Injection
• To be Model: World Wide Cyber Security
Incidents Drill among security agencies

33. Thank you
Question and queries?
Email:hacksafemail@gmail.com
Location:Bhubaneswar, India