Gulshan Vivante Resale 9910155922 , Resale Flats Available in Gulshan Vivante
Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In)...
-
Upload
chastity-karin-french -
Category
Documents
-
view
215 -
download
2
Transcript of Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In)...
![Page 1: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/1.jpg)
04/19/23
Internet Security Aspects
Dr. Gulshan RaiDirector
Indian Computer Emergency Response Team (CERT-In)Department of Information Technology
![Page 2: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/2.jpg)
2
The Complexity of Today’s Network
Pain points• Complexity
• Cost
• Agility
• Security
Router
Internet
Intranet
`
UnmanagedDevice
New PC
Internet
PerimeterNetwork
BranchOffices
Remote Workers
Home Users
Unmanaged Devices
Router
RouterRouter
Router
` ` `
` ` `
BranchOffices
Desktops
Laptops
Servers
Extranet Servers
Router
Network Infrastructure
Unmanaged Devices
Perimeter Network Servers
Trends shaping the future• Ubiquitous computing,
networking and mobility
• Embedded Computing
• Security
• IPv6
• VoIP
![Page 3: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/3.jpg)
3
Growing Concern
• Computing Technology has turned against us
• Exponential growth in security incidents
• Rapid emergence of civilian and military groups worldwide
• Asymmetric warfare has arrived in cyberspace
![Page 4: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/4.jpg)
4
Type of Attacks on Internet
• Web Site Defacements
• Port Scanning
• Malicious Code– VIRUS– BOTS
• Phishing
• DNS Attacks
• Denial of Service and DDoS
![Page 5: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/5.jpg)
5
Phishing Web siteLegitimate Web Site
Phishing
![Page 6: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/6.jpg)
6
Current Threat Rank
• China
• United States
• Belgium
• Germany
• France
![Page 7: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/7.jpg)
7
Nature of Attacks in Cyber World• Rise of Cyber Spying
– Curiosity probes funded and organised operations for variety of purpose
– Web Espionage operation– Mapping of network, probing for weakness and strength
• Attackers targeting new technologies such as – Peer to peer and VOIP services– Social Network– On-line banking
• Sophisticated attacks– Attackers are refining their methods and consolidating assets
to create global networks that support coordinated criminal activity
![Page 8: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/8.jpg)
04/19/23
Trends in Cyber Attacks (2007)• Phishing
– Around 392 phishing cases affecting financial institutions in India and abroad were observed in the year 2007
– Increase in cases of fast-flux phishing and rock-phish– 35% of phishing web sites were observed for financial services
sector brands
• Bots and Malicious Code– Botnets are evolving with increased number of Bots – The command & control server regularly shifting – Malicious Code with keystroke-logging and secluded
communications capacity are on rise and made confidential information threats a major concern
– 4% of all malicious activity detected during the first 6 months of 2007 originated from IP space registered to Fortune 100 companies
– Largely malicious code distribution is done through Social engineering techniques in today’s scenario
![Page 9: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/9.jpg)
9
Trends in Cyber Attacks• Fake data about domain registrants on WHOIS directory
• Increased malicious activities in professional and commercial way– Trade of malicious code in popular forums such as IRC, Web-Sites
etc– Emergence of Phishing Toolkits– Automated toolkits that could exploit user systems who visit a
malicious or compromised website– Increasing number of underground economy servers which are
used by criminals and criminal organisations to sell stolen information, typically for subsequent use in identity theft.
![Page 10: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/10.jpg)
10
Trends in Cyber Attacks
• The current threat environment is characterized by compound attacks simultaneously from different locations
• Convergence of malware authors, phishers, spammers and Bot-herders– Spamthru Trojan – use botnets for spamming and DDoS– Strom worm – spread through spam to increase botnet
and launch DDoS– Rock Phish – phishing sites of multiple brands hosted on
single server– Fast Flux DNS based hosting of Phishing sites
![Page 11: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/11.jpg)
11
Constraints
• Emergent behavior of some vulnerabilities and system are not fully understood
• Still do not understand the full nature of risks• Nobody owns the problem
– Finger pointing among developers, network operators, system administrators and users
• No one wants to be first to disclose information• Immediacy of threat has led to too much focus
on near term needs – Patch rather than innovate
![Page 12: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/12.jpg)
12
Challenges to be met
• Develop new approaches for eradicating wide spread, epidemic attacks in cyberspace
• Ensure that new, critical system currently on the drawing board are immune from destructive attack
• Appropriate legal framework and best practices• Design new computing system so that security
and privacy aspects of those systems are understandable and controllable by the user
![Page 13: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/13.jpg)
13
Need for Collaborations
• To resolve incidents, we need to track actual attacker
• Information exchange is needed globally to mitigate Cyber attacks
• Stakeholders to ensure secure cyber space– Law Enforcement agencies– CERTs– Service providers, ISPs– Domain registrars– Domain owners– Industry
![Page 14: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/14.jpg)
14
Collaborative Efforts
• Reconciling various legal regimes with technological capability
• Standard procedures/manuals among countries mandating service providers for supply of information
• Instant Information Sharing• Rapid Response to Security Incidents• Research and Development
– Internet Health Monitoring– DNS Security– Immune and Survivable Systems
![Page 15: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/15.jpg)
15
Need of Today
• It’s important to get in at the beginning– Experience teaches us that these concerns
are hard to add after the fact
• The Internet experience inform us:– It is also a social system, not simply a
technology
• Once we give up privacy or security, we may not be able to regain it
• Important to assert a leadership role while we can!
![Page 16: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/16.jpg)
16
Let us work together for a vision. Create an society in which spam, viruses and worms, the plagues of modern information technology are eliminated.
![Page 17: Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In) Department of Information Technology.](https://reader038.fdocuments.us/reader038/viewer/2022110401/56649e175503460f94b0226d/html5/thumbnails/17.jpg)
17
Thank you
http://www.cert-in.org.in