Cyber crime &_info_security
132
“Aut viam inveniam aut faciam ” Hannibal Barca CYBER CRIME & INFORMATION SECURITY
-
Upload
er-mahendra-yadav -
Category
Education
-
view
214 -
download
2
Transcript of Cyber crime &_info_security
“Aut viam inveniam aut faciam ” Hannibal Barca
CYBER CRIME & INFORMATION
SECURITY
there is 10 kinds of people in the world ,
those that know they've been hacked
and those that don't.
DO YOU KNOW?
2
• The opinion here represented are my personal ones and do
not necessary reflect my employers views.
• Registered brands belong to their legitimate owners.
• The information contained in this
presentation does not break any intellectual
property, nor does it provide detailed
information that may be in conflict with
actual laws (hopefully...) :)
DISCLAIMER(S)
3
• Information and resources from Internet were
extensively used for the creation of this presentation.
REFERENCES
4
• Why are we here?
• Interactive Session….
• Get the maximum out of this
session.
BEFORE WE START
5
CONCLUSION
INFORMATION SECURITY
INFORMATION SECURITY
INFORMATION SECURITY
INTRODUCTION
CONTENTS
6
• To take you from the “don’t know” state to
“know” state.
OBJECTIVE
7
• The 3 upcoming technology areas (Triple-S –
3S)
3 UPCOMING DOMAINS
8
• The 3 upcoming technology areas (Triple-S –
3S).
• Synchronize (Collaboration)
• Store (Storage),
• Secure – (Security)
• Its challenging
• You need to have the “stuff”
3 UPCOMING DOMAINS
9
• Almost all the major / critical networks like:
• Defense,
• Communication,
• Financial,
• Infra networks, (Power Grids,)
• anywhere & everywhere....
SCOPE – SECURITY PRO
10
THE MONEY FACTOR
11
• Average hourly rate – $40 – $60
• Skilled Security Pro’s – $100 – $120 - $150
• 100 X 8 hrs = 800
• 800 X 5 days = 4000
• 4000 X 4 weeks = 16,000
• $ 16,000 to INR (Rs 50) = 8,00,000
FINANCIALS – SKILLED “PRO”
12
# IT‘S A LONG JOURNEY
Always remember - you cannot master
everything in a single day or through a single
course
"Be not afraid of growing slowly, be
afraid of standing still"
13
• World wide internet usage (2008) -
694 Million
• World wide internet usage ( Jun 2010) -
1.97 Billion
• World wide internet usage ( Dec, 31 2011) -
6,930,055,154 (6.93 Billion)
INTERNET – THE BIG PICTURE
14
• 107 trillion – Emails sent on the Internet (2010)
• 294 billion – Average # of email messages per
day.
• 1.88 billion – # of email users worldwide.
• 89.1% – The share of emails that were spam.
• 262 billion – The number of spam emails per
day
EMAIL – THE BIG PICTURE
15
So what are the possibilities when you get
connected?
POSSIBILITIES?
16
• 6.93 Billion users can communicate with your
system
or
• Your system can communicate with 6.93
Billion users.
THE BIGGER PICTURE
17
• Out of the 6.93 Billion, some can rattle your
door to your computer to see if it is locked or
not
• locked – Its fine
• not locked – not fine
THE BIGGER PICTURE
18
• Out of the 1.8 Billion, if 1% connects to your
system, what will happen?
• 1 % = ?
CAN YOU HANDLE IT?
19
# DO YOU REMEMBER CAT 2K9?
20
# CASE STUDY
21
# CASE STUDY
• The most powerful and costliest(physics) experiment ever built
• 5000 high power magnetsarranged in a 27 km giant tunnel.
• will re-create the conditionspresent in the Universe just afterthe Big Bang
• Large Hadron Collider (LHC)
• CERN - European Organization forNuclear Research
• Hacked on 10 Sep 0822
# CASE STUDY
23
CASE STUDY
24
CASE STUDY
25
VICTIMS
26
VICTIMS
27
VICTIMS
28
• What’s happening in the Indian Web Space?
• 14 Aug – Independence day of Pakistan
• Underground cracking groups
• http://www.pakcyberarmy.net/
• http://www.pakhaxors.com/forum.php
WHAT’S THE LATEST
HAPPENING?
29
• The Two Pakistani Cracker Groups reportedly
defaced a dozen of Indian Websites including:
• http://mallyainparliament.in/ and
• http://malegaonkahero.com/
WHAT’S THE LATEST
HAPPENING?
30
What’s the latest happening?
31
EVEN THE PM WAS NOT
SPARED
32
• 15 Aug 2010
• In return an Indian underground group called
as Indian Cyber Army (http://indishell.in)
defaced around 1226 websites of Pakistan.
WHAT’S THE LATEST
HAPPENING?
33
• 1 million passwords exposed
• 25 million entertainment users Info @ Risk
• More than 20,000 credit card and bank
account numbers @ Risk
• Initial attack – leak of over 70 million accounts
from Sony’s Playstation Network
Ref: - http://www.wired.com/gamelife/2011/05/sony-online-entertainment-hack/
CASE STUDY – SONY OWNED
34
•LulzSec - The Hacker Group - Statement:
“Why do you put such faith in a company that
allows itself to become open to these simple
attacks?“
• Your clients trust your network?
Ref: - http://www.thedailybeast.com/cheat-sheet/item/sony-hacked-again/tech/#
CASE STUDY – SONY OWNED
35
WHO IS THIS?
36
ARE WE AFFECTED?
37
ARE WE AFFECTED?
• India – The largest democracy in the world.
• Election / Voting – The heart of this
democracy
• Is this voting secure?
• Indian Electronic Voting Machines are
Vulnerable
• Mr Hariprasad – Arrested on 22 Aug 2011
• http://indiaevm.org/
38
BOT TAKEDOWN
• 11 Nov 2011 – Biggest Botnet Takedown ever
• Operation Ghost Click – by FBI
• Raided two data centers in Chicago and NY.
• Command and Control (C&C) Center consisting of
more than 100 servers
• Combined Operation - Trend Micro, Mandiant,
Neustar, Spamhaus and the University of Alabama
at Birmingham's computer forensics research
group.Reference: http://computerworld.co.nz/news.nsf/security/feds-lead-biggest-botnet-takedown-ever-end-massive-clickjack-fraud
39
BOT TAKEDOWN
Vladimir Tsastsin, CEO of Rove Digital40
VODAFONE GREECE SCANDAL
• 100+ VIP mobile subscribers have been
eavesdropped. (Govt members, Defence
officials including Greek PM, Foreign Minister,
Defence Minister, etc)
41
TELECOM CASE STUDY?
• Also known as SISMI-Telecom scandal
• Uncovered in 2006
• Surveillance scandal believed to have begun
in 1996, under which more than 5,000 persons
phones were tapped
42
TELECOM CASE STUDY?
43
44
LORDS OF DHARMARAJA
• United States-China Economic and Security
Review Commission(USCC)
• Tactical Network for Cellular Surveillance
(TANCS)
• Escrow
• Source code of Norton Antivirus
45
• What does this mean?
• Internet = No boundaries
• You(r network) could be the next target
NO BOUNDERIES
46
Protecting the resources by locking it under the
lock and key
TRADITIONAL SECURITY
CONCEPT
47
• Security is a state of well being
• Security is all about being prepared for the
unexpected.
CURRENT SECURITY CONCEPT
48
• What is a Cyber Crime?
“Any criminal activity that uses a computer
either as an:
• instrument or tool,
• Target, or
• as a means / incidental to crime
for committing crimes”
DIGITAL ATTACKS & CYBER
CRIMES
49
• Physical Presence
• Can be performed without revealing your
identity.
• White Collar Crime
• Faster crime execution
• Remote execution
DIFFERENCE
50
• Naïve computer users
• Greedy people
• Users who are not aware about the latest
mode of cyber crimes.
VICTIMS
51
# CREDIT & DEBIT CARDS?
• How many of you use credit cards?
• What is the trust factor here?
52
• Crackers / Intruders have broken into Web
servers owned by domain registrar and
hosting provider Network Solutions, planting
rogue code that resulted in the compromise of
more than 573,000 debit and credit card
accounts over a period of three months
# CASE STUDY
53
CASE STUDY
54
SSL
Image Source: http://www.awghost.com/images/ssl-cert.jpg55
SSL
• Replaced by TLS
• Protects the communication by encryption
• Data is secure in-transit.
• But:
• Is it secure at the client side?
• Is it secure at the server side?
56
# CREDIT & DEBIT CARDS?
57
• What’s the image that comes to your mind
when you hear about “hacker” or “hacking”?
# HACKING
58
BEFORE WE START….
59
• Commonly defined in the media as:
“Illegal intrusion into a computer system
without the permission of the computer
owner/user”
# HACKING
60
• Most people associate hacking with breaking
the law.
• Assume that everyone who engages in hacking
activities is a criminal
# MISCONCEPTIONS
61
# HACKING
62
Linux Penguin
# HACKING
63
# HACKING
64
BSD Daemon
# HACKING
65
# HACKING
66
PERL Camel
# HACKING
67
# HACKING
68
Open Source Log
# HACKING
69
So what is hacker’s logo?
# HACKING
70
But what is hacking in its real sense?
# HACKING
71
• The Glider
• The mathematical game – The Game of Life.
• http://en.wikipedia.org/wiki/Hacker_Emblem
# HACKING
72
# HACKER DEFINED
HACKER (Originally, someone who makes
furniture with an Ax.
73
• Someone involved in computer
security/insecurity
• An enthusiastic home computer hobbyist
# HACKER
• A programmer(ing) culturethat originated in US academiain the 1960’s - nowadays closelyrelated with open source / freesoftware.
74
• Started off – MIT – Late 1950’s
• Tech Model Rail Road club of MIT
• Donated old telephone equipment
• They re-worked & re-created a complex system
that allowed multiple operators to control
different parts of the track by dialing into the
appropriate sections.
# HISTORY OF HACKING
75
# hacking & open source
76
They called this new and inventive use of
telephone equipment hacking
# THEY CALLED IT HACKING
77
• The conventional boundaries were broken also
at MIT Rail Road Club.
# HACKER EVOLUTION
78
• Often known as “Programmer's programmer”
• Creator of Ghostscript, Open Source
implementation of the PostScript language.
• Founder of Aladdin Enterprises
• Authored or co-authored various RFCs - RFC
190, RFC 446, RFC 550, RFC 567, RFC 606, RFC
1950, RFC 1951 and RFC 1952
# DO YOU KNOW HIM?
79
• Dr. L. Peter Deutsch
• Started programming at the age of 11.
• He was accepted to the MIT Rail Road club at
the age of 12 when he demonstrated his
knowledge of the TX-0 and his desire to learn.
# DO YOU KNOW HIM?
80
• Fully transistorized computer
• Transistorized Experimental computer zero
• TX-0 - affectionately referred to as tixo
(pronounced "tix oh")
# TX-0
81
• Age
• Race,
• Gender,
• Appearance,
• Academic degrees, and
• Social status were defied in search for freeinformation
# SHORT-PANT HACKER
82
Know the difference between a cracker and a
hacker.
# HACKING
83
Cracking – Criminal Hacking
• Pirated Software - Objectives
• Opening your doors for the attackers
CRACKING & PIRACY
84
Flooding the bandwidth of the victim's network
so that he cannot use the internet or other
services
or
Spamming the victim mail box
DENIAL OF SERVICE (DOS)
ATTACKS
85
• DoS Attacks possible at the application layer.
• Succeed by starving a system of critical
resources, vulnerability exploit, or abuse of
functionality.
• DoS at the application layer may target the
web server, database server or an
authentication server
DENIAL OF SERVICE
ATTACKS
86
DO YOU KNOW?
87
DO YOU KNOW?
88
• Megaupload Limited
• Used to provide file hosting / storing and
viewing services.
• Hong Kong Based - started in 2005
• Founder – Kim Dotcom
• Domain name seized and shut down by US
on 19 Jan 2012.
WWW.MEGAUPLOAD.COM
89
DO YOU KNOW?
90
• The shut down led to a DoS attacks on
websites belonging to US Govt and
Copyright organizations.
• Anonymous Launches #OpMegaupload,
"Largest Attack Ever on Government and
Music Industry Sites"
• In Retaliation for Action Against
Megaupload.Com
WWW.MEGAUPLOAD.COM
91
• #OpMegaupload - Anonymous used Low
Orbit Ion Cannon (LOIC) to take its targets
offline is the
• http://sourceforge.net/projects/loic/
LOIC
92
• DoS - Simple DoS
• DDoS – Distributed Denial of Service Attack
• DRDoS – Distributed Reflective Denail of
Service Attack.
TYPES OF DOS
93
• Malware
• Spyware
• Adware
• Scareware
• Scamware
• Virus
• Worm
• Trojan
MALWARE FAMILY
94
MOBILE MAINFRAME &
MALWARE
• 15 millions cell phones sold a month.
• 509 million cell phones in use
• Larger than US as a telephone market95
• Spreading via Bluetooth, MMS & Sending SMS messages
• Infecting files and Stealing data
• Enabling remote control of the smartphone
• Installing "fake" or non-working fonts and applications
• Combating antivirus programs
• Installing other malicious programs
• Locking memory cards
MOBILE MAINFRAME &
MALWARE
96
• Spreading via removable media (memory sticks)
• Damaging user data
• Disabling operating system security mechanisms
• Downloading other files from the Internet
• Calling paid services
• Polymorphism
MOBILE MAINFRAME &
MALWARE
97
MOBILE MAINFRAME &
MALWARE
Source: http://www.securelist.com/en/analysis?pubid=204792080
98
MOBILE MAINFRAME &
MALWARE
99
MOBILE CRIMES
• PAN – Blue-Tooth
• Switch it off when not in use – why?
• Insecure,
• Used for Pairing
• Can be used for something which you can’t
even think of……
100
MOBILE PHONE CRIMES
• What is 11/3 or 11-M
• Series of coordinated bombings against the
Cercanías (commuter train) system of Madrid,
Spain on the morning of 11 March 2004 (three
days before Spain's general elections), killing
191 people and wounding 1,755
101
11/3 or 11-M
• Mobile phones wereused.
• Do not allow strangersto make calls from yourmobile – your phonecould be detonating abomb.
102
• 3 Information required for payment
• Credit Card Number
• Expiry Date
• Card Verification Value Code (CVV)
CREDIT CARD FRAUDS
103
• Used to steam credit card information
• Easily available in the black market for cheap
rates
SKIMMERS
104
• Hotel – Access Cards
• Booking and Stay Info.
• May also provide the attacker:
• Address / Identify Proof
• Credit Card Details
•
SMART CARDS
105
• One computer in the network acting as
another to gain access to other resources on the
network
SPOOFING
106
• Pornography - The first consistently successful
ecommerce product.
• Case Study - Bazee.com – CEO Arrest
• We all are responsible
PORNOGRAPHY
107
• Sexual attraction to children by an adult
PEDOPHILES
108
When chat rooms are used for carrying out
Digital Attacks and Cyber crimes.
• Hackers & Criminals meeting and attacking
• Cyber stalking – giving phone numbers
publically
• https://opindia.posterous.com/pages/anony
mous-irc
CHAT CRIMES
109
•Phishing
•Smishing
•Vishing
***SHING
110
• Technique of pulling out confidential
information from the bank/financial institutional
account holders by deceptive means
PHISHING
111
PHISHING
112
PHISHING
113
PHISHING
114
PHISHING
115
PHISHING
116
PHISHING
117
SMISHING
• SMiShing is a security attack in which the user
is tricked into downloading a Trojan horse, virus
or other malware onto his cellular phone or
other mobile device.
• SMiShing is short for "SMS phishing."
118
VISHING
• Vishing is the criminal practice of using social
engineering and Voice over IP (VoIP) to gain
access to private personal and financial
information from the public for the purpose of
financial reward.
119
• Copying / Encrypting the company's
confidential data in order to extort huge money
NET EXTORTION
120
• Cyber Stalking - The criminal follows the victim by
sending mails, entering chat rooms, etc
• Cyber Defamation -disgruntled employee, ex-boy
friend against girls, divorced husbands against wife
• Cyber Threatening - Sends threatening emails /
messages to the victim.
CYBER STALKING
121
• Criminal makes insignificant changes in such a
manner that such changes would go unnoticed.
SALAMI ATTACK
122
• Narcotic Sale - Sale of banned drugs through
the internet.
• Endangered Species / Animals – Sale through
internet.
• Other Banned items like Elephant Trunks ,
Skins of animals likes Leopard / Tiger, etc
SALE OF BANNED ITEMS
123
• Mail claiming you will get money
NIGERIAN SCAM
124
DUMPSTER DIVING
125
DUMPSTER DIVING
• Practice of sifting through commercial or
residential trash to find items that have been
discarded by their owners, but which may be
useful to the attacker.
126
WAR DRIVING
127
WAR DRIVING
• Also called access point mapping
• The act of locating and possibly exploiting
connections to wireless LANs while driving
around a city or elsewhere.
128
WAR DRIVING
• You need
• a vehicle,
• a laptop,
• a wireless Ethernet card (promiscuous
mode), and
• an antenna129
ATTACK ON NETWORK
SERVICES
Some of the common network services /
protocols:
• FTP
• SSH
• LDAP
• SMTP
130
CRYPTOGRAPHIC ATTACKS
• Attack on cryptographic systems.
• Example: Cold Boot Attack
131
CLOUD BASED ATTACKS
• One of the best platform for launching an
attack.
• Power
• Certain level of anonymity
• Scalability
• A 64 node Linux cluster can be online in just
five minutes
132
