Biodiversity, conservation and current threats to European ...
Current threats and trends
-
Upload
live-tecnologies -
Category
Technology
-
view
282 -
download
0
description
Transcript of Current threats and trends
![Page 1: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/1.jpg)
04/10/23 1
A presentation byMuktesh Chander IPS
BE, LLB, MA(Cr.), DCL, DHRM, Cert. SQC & ORFIETE,MCSI
Addl. Commissioner of PoliceTraffic, Delhi Police
![Page 2: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/2.jpg)
04/10/23 2
Global Scenario
• Global cyber crime is $ 105 billion industry which is more than global drug trafficking
• Economic meltdown and recession• Under employment/unemployment in IT sector• Cut down on IT security budget likely
![Page 3: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/3.jpg)
04/10/23 3
Indian Scenario
• Booming software and BPO Industry• IT Revolution Digital Dependence• National E Governance program• Very few organisations in India have CISO and IT
Security budget• No law for privacy • No compliance laws and breach disclosure• No law against spamming• Limitations of IT Act 2000• Weak and delayed criminal Justice System
![Page 4: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/4.jpg)
04/10/23 4
Indian Scenario
• Very few organisations in India have CISO and IT Security budget
![Page 5: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/5.jpg)
04/10/23 5
Threats from
• Individuals • Organised cyber criminals• Rival organisations• Non state actors• Hostile states• Insiders/ex employees• Hactivists• Terrorist
Muktesh Chander
![Page 6: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/6.jpg)
04/10/23 6
Cyber Crime in IndiaCity 2003 2004 2005 2006 2007 Total
Delhi 4 4 10 5 10 33
Bangalore* 7 14 38 27 40 126
Gurgaon 1 - 4 2 5 12
Chennai 6 10 20 7 4 47
Pune 4 6 9 10 14 43
Hyderabad 3 - - - 2 5
Sub-Total 25 34 77 49 70 255
Total India 60 68 179 142 217 666
Crime in India 2007
52.8% increase in 2007
Under IT Act
![Page 7: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/7.jpg)
04/10/23 7
Current Threats in IndiaSecurity Incident
2004 2005 2005 2006
Phishing 3 101 339 392
Network scanning
Probing
11 40 177 223
Virus, malicious codes
5 95 19 358
Total 23 254 552 1237
Source: Cert-in
![Page 8: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/8.jpg)
04/10/23 8
2008 CSI Computer crime survey
Global
![Page 9: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/9.jpg)
04/10/23 9
Malicious activity by country
• Source: Symantec Corporation
![Page 10: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/10.jpg)
04/10/23 10
Current threats: Malware• Virus attacks account for more than 50% of security
incidents. (CSI Survey 2008)
• In the last six months of 2007, Symantec detected 499,811 new malicious codes.
• 136 percent increase over the previous period, when 212,101 new threats were detected
• 1,122,311 total malicious codes identified by Symantec as of the end of 2007.
• Two thirds of all malicious code threats currently detected were created during 2007.
• Any kind of file can be infected (Flash, Adobe Pdf are the latest)
![Page 11: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/11.jpg)
04/10/23 11
Malware• Malware toolkits, rootkits easily available• Malware writing and outsourcing for profit• Malware for sale• Blended threats• Mobile virus (cabir, commw.sis and its variants, curse of silence)
• Flash worm ?• Scareware
![Page 12: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/12.jpg)
04/10/23 12
Phishing• Phising/Pharming/Vishing/Smishing
• Every month more than 20,000 unique phishing websites are detected affecting more than 200 brands
• Spearphishing attacks emerging
![Page 13: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/13.jpg)
04/10/23 13
Phishing• Phishing scams showed sharp increase of
1126% over previous year.
• Symantec observes more than 7 million phishing attempts each day.
![Page 14: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/14.jpg)
04/10/23 14
• E-bay• Amazon• Paypal• ICICI Bank• UTI Bank
TOP BRANDS AFFECTED BY PHISHING
ATTACKS
![Page 15: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/15.jpg)
04/10/23 15
Electronic Fund Transfer
• Tim Berners Lee the father of WWW was a victim of online fraud (Computer world)
• In Nov 2008, 100 compromised card accounts resulted in $ 9 million fraudulent withdrawals from 130 ATM’s in 49 cities across the world in 30 minutes
![Page 16: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/16.jpg)
04/10/23 1616
St. Petersburg
New York Germany
Israel
Netherlands
Finland
$10 million
London
San Francisco
Vladimir Levin a ,Russian ,stole $ 10 million from Citibank by computer fraud
![Page 17: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/17.jpg)
04/10/23 17
Online grooming ,sexual exploitation and abuse of children
• Sec 67 B (B),(C) inserted in IT Act Amendment
![Page 18: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/18.jpg)
04/10/23 18
Cyber Vandalism /graffiti
Source:Cert in
Indian TLD websites defaced during 2007
![Page 19: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/19.jpg)
04/10/23 19
Spam
• Accounts for more than ½ to 2/3 of all e-mails or even 90% ?
• Responsible for phishing, 419 scams and spread of malware, identity theft and other cyber crimes, choking of bandwidth ,wastage of time
• India is in the top 10 spam sending countries
![Page 20: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/20.jpg)
04/10/23 20
Spam
![Page 21: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/21.jpg)
04/10/23 21
Cyber Pornography
• Cyber pornography accounts for 46% of all cyber crimes under IT Act (Crime in India 2007)
• Every second - 28,258 Internet users are viewing pornography
• The pornography industry is larger than the revenues of the top technology companies combined: Microsoft, Google, Amazon, eBay, Yahoo !, Apple, Netflix and EarthLink
Source :http://www.internet-filter-review.toptenreviews.com/internet-pornography-statistics.html
![Page 22: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/22.jpg)
04/10/23 22
Cyber Pornography
• is one of the easiest way of installing malware.
![Page 23: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/23.jpg)
04/10/23 23
Botnets
• Collection of compromised computers
• Centralized control
![Page 24: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/24.jpg)
04/10/23 24
DDOS Attack using BOTS
![Page 25: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/25.jpg)
04/10/23 25
Botnets
• Source: Symantec Corporation 5 million distinct bots
![Page 26: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/26.jpg)
04/10/23 26
Botnet tracked in India
• 25915 from June 2007 to Dec 2007
• Source CERT In
![Page 27: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/27.jpg)
04/10/23 27
Botnet
• In Aug 2008 Dutch police apprehended Leni De with help from FBI and Brazilian police for running a botnet of 100,000 computers
• Source CERT In
![Page 28: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/28.jpg)
04/10/23 28
Use of Encryption by criminals/terrorists
• Strong encryption tools easily available many for free
• PGP
• Steganography
• Digital signatures (no key escrow in India)
• Sec 69 IT Act is of no use
![Page 29: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/29.jpg)
04/10/23 29
Underground market servers
Source: Adapted from Symantec 2007
![Page 30: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/30.jpg)
04/10/23 30
Industrial Espionage
• Several countries and companies are indulging in Industrial espionage clandestinely
• Employees reveal a lot in their personal E mails and social networking sites
• s
![Page 31: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/31.jpg)
04/10/23 31
Theft of Mobile Devices
• 42 % respondents reported case of laptop theft (CSI Survey 2008)
• Separate offence created under IT Act Amendment
![Page 32: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/32.jpg)
04/10/23 32
Threat to Embedded Systems
• Complex and unknown
• Becoming common
• Involve third party
![Page 33: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/33.jpg)
04/10/23 33
Identity Theft
• Estimated more than 9 million incidents each year (NIJ ,US Report)
• Separate offence created under IT Act Amendment
![Page 34: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/34.jpg)
04/10/23 34
Insider Abuse
• By disgruntled present of Ex employees
• 44% respondents reported insider abuse
(CSI Survey 2008)
![Page 35: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/35.jpg)
04/10/23 35
Other cyber crimes
• Hacking
• Denial of service attacks
• Data diddling
• Cyber stalking
• Cyber squatting
• IPR Violations• Mobile cloning (Both GSM and CDMA)
![Page 36: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/36.jpg)
04/10/23 36
Cyber skirmishes
![Page 37: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/37.jpg)
04/10/23 37
2000 Hackers holy war between Israel and Palestine 2001 There was a war between Chinese and American
hackers
![Page 38: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/38.jpg)
04/10/23 38
![Page 39: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/39.jpg)
04/10/23 39
![Page 41: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/41.jpg)
04/10/23 41
Cyber terrorism
![Page 42: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/42.jpg)
04/10/23 4242Muktesh Chander
CII MeansInformation & Communication Systemsconnected with : National Security Public Safety Public Health Critical Sectors of Economy
Critical Information Infrastructure
![Page 43: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/43.jpg)
04/10/23 43
Likely targets of cyber terrorism Power grids (nuclear power stations)
Banking and Financial systems Stock Exchanges Transportation Control systems
MRTS, ATC, Rail/Airlines reservations Tele-Communications Gas / Oil / Water Pipelines control systems Internet Backbones Health/Food Emergency services Military/Defense Installations Attack on C4 I
![Page 44: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/44.jpg)
04/10/23 44
• Estonia a Baltic nation with population of only 1.4 million people
• One of the most wired nations• Pioneer in E Governance• Almost 100% citizen use online banking• Every citizen has PKI enabled I card with
embedded chip• Online elections
Estonia Attack
![Page 45: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/45.jpg)
04/10/23 45
• Govt. relocated 2nd world war Red Army memorial (a Bronze statue)
• On April 2007 computers of Estonian Parliament, banks, ministries, newspapers and broadcasters, political parties etc.were targets for cyber attack using DDOs, spam botnets etc.
• Attack continued for three weeks• Cyberterrorists & defenders both acted in adhoc
manner
Contd..
Estonia Attack
![Page 46: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/46.jpg)
04/10/23 46
• An Estonian court has convicted the first individual in the 2007 cyber attacks against Estonia.
• "Dmitri Galushkevich an ethnic Russian used his home PC to launch a denial-of-service attack that knocked down the Web site for the political party of Estonia's prime minister for several days..."
• He was fined 17,500 kroons (approx. US$ 1,642).
Contd..
Estonia Attack
![Page 47: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/47.jpg)
04/10/23 47
• Konstantin Goloskokov(22), an activist with Russia's Nashi youth group and aide to a pro-Kremlin member of parliament has admitted having organised the attack as an act of civil disobedience. Sergeiei Markov, a Russian State Duma Deputy has corroborated the facts
(Mar.12,2009,SC Magazine)
Contd..
Estonia Attack
![Page 48: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/48.jpg)
04/10/23 48
Trends
• Prediction in a fast changing and evolving field is difficult
• Law of exponential return of technological changes
![Page 49: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/49.jpg)
04/10/23 49
Current Trends in cyber crime
Following trends are clearly visible:-
1. The time to exploit vulnerability is decreasing.
2. Cyber crimes are being committed with financial gains in mind
3. The attack sophistication is increasing and more automation can be seen in attacks.
4. The speed of spread of an attacks is increasing.
![Page 50: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/50.jpg)
04/10/23 50
Current Trends in cyber crime
5. The attacks are more targetted than before.
6. Phishing is increasing on SMS, Telephone & other platforms.
7. Coordinated automatic attacks by remotely controlled Bots for DDoS, for sending SPAM and other such malicious purposes are showing increasing trend and will pose biggest threat to Information Security.
![Page 51: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/51.jpg)
04/10/23 51
Current Trends in cyber crime
8. Mobile connectivity using WiFi technology and convegence of mobile phones with PDAs and other wireless devices will add another dimension to cyber crime.
9. There is growing evidence of organized crime and cyber crime are beginning to overlap with activities of drug mafia, pedophiles, international money laundering people who use Internet to coordinate their activities.
![Page 52: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/52.jpg)
04/10/23 52
Current Trends in cyber crime
10.Industrial espionage increasing
11.Political ideologists have started using hactivism to propagate their ideas through Internet and the electronic civil disobedience activities are surfacing.
12.Terrorist organizations are increasingly using Internet communication and cryptography to secretly communicate and organize their activities.
13.State sponsored Cyber war
![Page 53: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/53.jpg)
04/10/23 53
Current Trends in cyber crime
14.Cyber crime would increase on social networking sites
15.Web 2.0
16.Data is becoming primary focus of cyber crime
17.Netbook, Ipod touch, Smart phones, 3G enabled phones will be affected
18.Used and stolen hardware will be source of data loss
![Page 54: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/54.jpg)
04/10/23 54
Future
20.Stock market manipulations. Pump and dump schemes
21.Skimming of Card information directly from ATM
22.SPAM will transform in SPIM and SPIT
![Page 55: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/55.jpg)
04/10/23 55
1.Recent spate of Phishing activities
2.Numbers of cases of data theft from BPO and call center companies R
3.Risk from third party relationship.
Current Trends in India
![Page 56: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/56.jpg)
04/10/23 56
4.Recent theft of sensitive information in electronic form from National Security Council Secretariat has added another dimension to Information Security in the country.
5.Adequate attention towards management of information security and a very few companies have gone for information needed
Current Trends in India
![Page 57: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/57.jpg)
04/10/23 57
6.The most serious gap in implementation of information security management is threat from insiders and ex-employees.
7.The widespread absence of even the most routine security tools and policies has left many Indian companies vulnerable to serious attack and the inevitable financial losses that follow.
8.User education and awareness is of utmost importance in Business to Customers models such as Internet banking, online auction and shopping.
Current Trends in India
![Page 58: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/58.jpg)
04/10/23 58
6.Use of Digital signature still rare
Current Trends in India
![Page 59: Current threats and trends](https://reader036.fdocuments.in/reader036/viewer/2022062511/54bcd0794a795971678b4570/html5/thumbnails/59.jpg)
04/10/23 59
Questions?