Application-level simulation for network security - DAI-Labor
Network & Application Security
-
Upload
pravin-dherange -
Category
Documents
-
view
221 -
download
0
Transcript of Network & Application Security
-
8/12/2019 Network & Application Security
1/20
Page 1
securing your future
-
8/12/2019 Network & Application Security
2/20
Page 2
Network and Application Security
An Overview
and our Technical Services
-
8/12/2019 Network & Application Security
3/20
Page 3
Attacks on Information Systems
At 10:23 p.m . PST, the Titan Rain hackers exploited vulnerabilit iesat the U.S. Army Information Systems Engineering Command atFort Huachuca, Ariz.
At 1:19 a.m ., they exploited the same hole in computers at theDefense Information Systems Agency in Arlington, Va.
At 3:25 a.m ., they hit the Naval Ocean Systems Center , a DefenseDepartment installation in San Diego, Calif.
At 4:46 a.m ., they struck the U.S. Army Space and StrategicDefense installation in Huntsville, Ala.
3
-
8/12/2019 Network & Application Security
4/20
Page 4
WASHINGTON, June 5 India's most sensitive nuclear weapons research facility was breached this week by computer hackers who tapped into servers to steal and erase atomic data, senior U.S. and Indian officials said Friday. The sophisticated attack on India's Bhabha Atomic Research Center in Bombay raised new alarms about the proliferation of nuclear weapons data and the security of nascent nuclear weapons programs like those in India, Pakistan and elsewhere.
hackers apparently exploited a known security weakness in the Sendmail
program, the software that routes e mail from one computer to another .
4
Attacks on Information Systems
-
8/12/2019 Network & Application Security
5/20
Page 5
Incidents
The Bank of India (BoI) website was hacked and the hackers have plantedvarious types of malware and spyware on the site . These malware would
infect computers of the innocent users and send out all sorts of sensitive data to hackers .
Banks face prosecution over Indian call centre leak . Watchdog claims it is a criminal breach of Data Protection Act...
By installing malware in the transaction processing servers of Hannaford
and TJX
(big
retail
chains
in
USA),
hackers
could
steal
credit
and
debit
card
data . Incidentally both are PCI certified.
5
-
8/12/2019 Network & Application Security
6/20Page 6
6
IT Security and Business Risk #1
Loosing Customers
-
8/12/2019 Network & Application Security
7/20Page 7
7
Customer Dissatisfaction
The law firm Berger & Montague ofPhiladelphia filed a class action suit inU.S. District Court in Maine on behalf ofall consumers whose card data wasstolen.The suit says Hannaford was " negligentfor failing to maintain adequatecomputer data security of customercredit and debit card data , which wasaccessed and stolen by a computerhacker," according to a press release.
Hannaford Data breach
-
8/12/2019 Network & Application Security
8/20
-
8/12/2019 Network & Application Security
9/20Page 9
9
Monitory Loss
Hannaford and TJX Data breach
Another lawsuit was filed that claims "thematter in controversy exceeds $5million ," and the suit asks U.S. DistrictCourt to find Hannaford negligent and
order the company to pay for creditmonitoring needed by the databreach's victims.
The price tag for The TJX Companies, tosettle with MasterCard and its card-issuing banks is $24 million and TJX'stotal payback to affected financialinstitutions nearly $65 million.
-
8/12/2019 Network & Application Security
10/20Page 10
10
IT Security and Business Risk #3
Legal / Regulatory (non)Compliance
-
8/12/2019 Network & Application Security
11/20Page 11
SourceHandler Handler
Agent Agent
Victim
Attacker
Distributed Denial of Service attack
-
8/12/2019 Network & Application Security
12/20
-
8/12/2019 Network & Application Security
13/20Page 13
Other Compliance areas
Indian Penal Code Act, Consumer Protection Act 1986, Indian Contract Act 1972, Specific Relief Act 1963, Indian Copyright Act 2000, IT Act 2000, Cyber laws and Product Patent act 2005.
Payment Card Industry Data Security Standard (PCI DSS) Data Protection Act (DPA) Sarbanes Oxley Act (SOX) BASEL II Norms Health Information Portability and Accountability Act (HIPAA) Federal Information Security Management Act (FISMA) Gramm Leach Bliley Act (GLBA) USEU Safe Harbour Agreement
California SB1386 Federal Financial Institutions Examination Council (FFIEC) more
-
8/12/2019 Network & Application Security
14/20
Page 14
Our Technical Services
Assessment
Audit
Awareness
-
8/12/2019 Network & Application Security
15/20
Page 15
Vulnerability Assessment
We Check all of these..
Access control
error
Lack
of
enforcement Authentication error inadequate identification mechanisms
Boundary error inadequate checking/validating mechanisms Configuration error improper configuration Exception handling error improper setup or coding Input validation error lack of verification mechanisms Randomization error mismatch in random data Resource error lack of resources State error incorrect process flow
-
8/12/2019 Network & Application Security
16/20
Page 16
ttack and Penetration
After identifying thevulnerabilities and possibleexploitation chances, thisphase will try to attack the
systems and penetrate
Result nalysis
The results of successfulpenetration and privilegeescalation is analyzed to
device countermeasures and
recommendations
Privilege Escalation
After successful penetrationinto the network, this phaseis to exploit vulnerabilities
from the internal network to
gain higher privileges.
Reporting
This phase is to report thefindings, analysis,suggestions and
recommendations to fix the
vulnerabilities to the internalmanagement
Cleanup
This final process is torestore the systems andcompromised to hosts to theprior state before penetration
Scope
The Scope is to define
External hacker with noknowledge of internalnetworks
External hacker withknowledge of internalnetworks
Internal attack
Information Gathering
This activity is to gather as
much information possibleabout the IT environment inthe Network
Vulnerability Detection
Using proper tools and
scripts, known and unknownvulnerabilities will bedetected at this phase
Information nalysis andPlanning
This phase is to plan for theattacks and exploitation
possibilities by analyzing the
identified vulnerabilities
Vulnerability Assessment and Penetration Testing
Cleanup
Reporting
Resultnalysis
PrivilegeEscalation
ttackand
Penetration
Information nalysis nd Planning
VulnerabilityDetection
InformationGathering
Scope
VAPT
-
8/12/2019 Network & Application Security
17/20
Page 17
Awareness
Secure Matrix has a unique Hands on Training program on Vulnerability Assessment and leading to a certification
cVa(Certified Vulnerability Assessor)
This Course is accredited by
-
8/12/2019 Network & Application Security
18/20
Page 18
Final notes
Our information
security
services
are
productizedto
protect (Your) Information Assets
Period.
-
8/12/2019 Network & Application Security
19/20
Page 19
Questions?
Thank You!
-
8/12/2019 Network & Application Security
20/20
Page 20
Contact Us
Mumbai:B-1 Neelam Centre, S.K.Ahire Marg,
Worli, Mumbai 400 030T: +91 22 3073 7579;F:+91 22 30507578 ;
Email: [email protected]
Technology CentrePune:
Trident Towers
2nd Floor, Pashan RoadBavdhan, Pune 411021
T : +91 20 22953435/37F: +91 20 22953436
Email: [email protected]
Technology CentreChennai:
Plot No. 1, Door No. 5, Venkateshwara Street,
Dhanalakshmi Colony, Vadapalani,Chennai 600026
T: +91 44 65269369 / 43054114F: +91 44 42048620
Email: [email protected]
London:16-20 Ealing Road
Wembley, Middlesex HA0 4TLT: +44 20 8795 7200
F: +44 20 8795 7290Email: [email protected]
20