Professional Documents
Culture Documents
SECURITY
BY :
RAMEEZ TAMBOLI
PAVAN KOTA
College :
TE CSE
Email ID:kotapavan75@gmail.com
Cell: 8055454565
• Computer as a target of a
crime
• Viruses, worms, industrial
espionage, software piracy,
hacking
E-Commerce Network -
Property of Argo Pacific Pty Ltd Suzanne Mello - Nov 5 2004
Uncovering Digital Evidence
• Floppy disks
• Zip/Jazz disks
• Tapes
• Digital cameras
• Memory sticks
• Printers
• CDs
• PDAs
• Game boxes
• Networks
• Hard drives
E-Commerce Network -
Property of Argo Pacific Pty Ltd Suzanne Mello - Nov 5 2004
Business has been aggregating data and risk
at an unprecedented rate…
5. Fully Integrated
information based
Business
4. Technology Integration
3. Transactional systems
Degree of Data Digitization
2. Storing Information
1.Messaging
Spectrum of Risk
• Spam
• Viruses/Worms
• Stealing data
• Industrial Espionage
• Identity theft
• Defamation
E-Commerce Network -
Property of Argo Pacific Pty Ltd Suzanne Mello - Nov 5 2004
2000 Hackers holy war between Israel and Palestine
2001 There was a war between Chinese and American
hackers
8
03/09/11
Property of Argo Pacific Pty Ltd
9
03/09/11
Property of Argo Pacific Pty Ltd
10
03/09/11
Property of Argo Pacific Pty Ltd
Global
2008 CSI
Computer crime
survey
11
03/09/11
Property of Argo Pacific Pty Ltd
Likely targets of cyber terrorism
12
03/09/11
Property of Argo Pacific Pty Ltd
Cyber crime and cyber espionage
are having real impacts
• Estimated $1 Trillion of intellectual property stolen each year (Gartner &
McAfee, Jan 2009)
• Cybercrime up 53% in 2008 (McAfee)
• Topped $20 Billion at financial institutions
• Reported cyber attacks on U.S. government computer networks climbed 40% in
2008
• Sensitive records of 45,000 FAA workers breached (Feb 09)
• Chinese stole design secrets of all U.S. nuclear weapons (Michelle Van Cleave)
• U.S. nuclear weapons lab is missing 69 computers (Feb 09)
• Cost to repair average 2008 data breach = $6.6 Million
Source: Report of the CSIS Commission on Cybersecurity for the 44th Presidency
15
Property of Argo Pacific Pty Ltd
Why Develop a Cyber Security
Center?
Criminal Watch
http://criminalwatch.com/resources/cybercrime.asp
18
Property of Argo Pacific Pty Ltd
Critical Infrastructure
• Government services: E-
• Defense & security: data
Government networks and communications
19
Property of Argo Pacific Pty Ltd
Cyber risks are an increasing threat to
sources of enterprise capability and brand
competitiveness
Extortion • Phishing and pharming driving increased Now
customer costs, especially for financial
services sector
• DDOS extortion attacks
Potential for data corruption • Impact operations or customers through data Future
• It's multilayer. Each party involved in the hacking process has a unique role and uses a different
financial model.
• It's automated. Botnets exploit vulnerabilities and extract valuable data, conduct brute force
password attacks, disseminate spam, distribute malware and manipulate search engine results.
• It's very personal. The attacking party carefully selects targets based on political, commercial and security interests.
Social engineering is often employed.
• It's persistent. If the target shows resistance, the attacker will not leave, but rather change strategy and deploy a new
type of attack against the same target.
•
• Control focused. APTs are focused on gaining control of crucial infrastructure, such as power grids and communication
systems. APTs also target data comprised of intellectual property and sensitive national security information.
• It's automated, but on a small scale. Automation is used to enhance the power of an attack against a single target, not
to launch broader multi-target attacks.
• It's one layer. One party owns and controls all hacking roles and responsibilities.
Started on April 27, 2007 and this attacks last about 3 weeks.
•
Series of attacks targeting government portals, parliament portal, banks, ministries, newspapers and broadcasters of Estonia.
•
Estonians claimed this attacks as a political attack or revenge from Russians for the moving of a WWII memorial.
•
Source: Presentation to Africa Asia Forum on Network Research & Engineering workshop, Dakar, Senegal, 23 November 2009
• 128 unique DDOS attacks (115 ICMP floods, 4 TCP SYN floods and 9
generic traffic floods).
Routers damaged.
Source: Presentation to Africa Asia Forum on Network Research & Engineering workshop, Dakar, Senegal, 23 November 2009
• Estonia's Computer Emergency Response Team (CERT) acted as a coordinating unit, concentrating its
efforts on protecting the most vital resources.
• Closing down the sites under attacked to foreign internet addresses and keep the sites only
accessible to domestic users.
• Implemented an online "diversion" strategy that made attackers hack sites that had already been
destroyed.
• Implemented advanced filters to the traffic, then Cisco Guard was installed to lower malicious traffic.
Source: Presentation to Africa Asia Forum on Network Research & Engineering workshop, Dakar, Senegal, 23 November 2009
• The Estonian CERT analyze server logs and data to find out who is
behind the attacks.
• NATO assisted Estonia in combating the cyber attacks and has voted to
work with member governments to improve cyber security.
Source: Presentation to Africa Asia Forum on Network Research & Engineering workshop, Dakar, Senegal, 23 November 2009
Like the online strikes against Georgia, the origins of the 2007 cyber attacks on Estonia remain hazy. Everybody
suspects the Russian government was somehow behind the assaults; no one has been able to prove it. At least so
far. A pro-Kremlin youth group has taken responsibility for the network attacks. And that group has a track record of
conducting operations on Moscow’s behalf.
Nashi ("Ours") is the "largest of a handful of youth movements created by Mr. Putin’s Kremlin to fight for the hearts and
minds of Russia’s young people in schools, on the airwaves and, if necessary, on the streets," according to the New
York Times.
Yesterday, one of the group’s "commissars," Konstantin Goloskokov (pictured), told the Financial Times that
he and some associates had launched the strikes. "I wouldn’t have called it a cyber attack; it was cyber defense," he
said. "We taught the Estonian regime the lesson that if they act illegally, we will respond in an adequate way." He
made similar claims, in 2007.
If true, it would be only one in a long string of propaganda drives the group has waged in support of the Kremlin. Not
only has Nashi waged intimidation campaigns against the British and Estonian ambassadors to Moscow, and staged
big pro-Putin protests. Not only has been it been accused of launching denial-of-service attacks against unfriendly
newspapers. Last month, Nashi activist Anna Bukovskaya acknowledged that the group was paid by Moscow to
spy on other youth movements. The project, for which she was paid about $1100 per month, included obtaining
"videos and photos to compromise the opposition, data from their computers; and, as a separate track, the dispatch
of provocateurs," she told a Russian television channel.
• Reputation
• Financial performance
32
03/09/11
Property of Argo Pacific Pty Ltd
Protect your Computers!
E-Commerce Network -
Property of Argo Pacific Pty Ltd Suzanne Mello - Nov 5 2004
Conclusion
• Cyber threats are real & growing
• New technologies forge new vulnerabilities
• New vulnerabilities foster new threats
• As the nature of national security has
changed, the response must also adapt
• And the most important pipelines in this region
transport neither oil nor gas…..they carry data,
the most significant pipelines are fiber optic
34
Property of Argo Pacific Pty Ltd
THANK YOU