Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In)...
-
Upload
chastity-karin-french -
Category
Documents
-
view
217 -
download
2
Transcript of Internet Security Aspects Dr. Gulshan Rai Director Indian Computer Emergency Response Team (CERT-In)...
04/19/23
Internet Security Aspects
Dr. Gulshan RaiDirector
Indian Computer Emergency Response Team (CERT-In)Department of Information Technology
2
The Complexity of Today’s Network
Pain points• Complexity
• Cost
• Agility
• Security
Router
Internet
Intranet
`
UnmanagedDevice
New PC
Internet
PerimeterNetwork
BranchOffices
Remote Workers
Home Users
Unmanaged Devices
Router
RouterRouter
Router
` ` `
` ` `
BranchOffices
Desktops
Laptops
Servers
Extranet Servers
Router
Network Infrastructure
Unmanaged Devices
Perimeter Network Servers
Trends shaping the future• Ubiquitous computing,
networking and mobility
• Embedded Computing
• Security
• IPv6
• VoIP
3
Growing Concern
• Computing Technology has turned against us
• Exponential growth in security incidents
• Rapid emergence of civilian and military groups worldwide
• Asymmetric warfare has arrived in cyberspace
4
Type of Attacks on Internet
• Web Site Defacements
• Port Scanning
• Malicious Code– VIRUS– BOTS
• Phishing
• DNS Attacks
• Denial of Service and DDoS
5
Phishing Web siteLegitimate Web Site
Phishing
6
Current Threat Rank
• China
• United States
• Belgium
• Germany
• France
7
Nature of Attacks in Cyber World• Rise of Cyber Spying
– Curiosity probes funded and organised operations for variety of purpose
– Web Espionage operation– Mapping of network, probing for weakness and strength
• Attackers targeting new technologies such as – Peer to peer and VOIP services– Social Network– On-line banking
• Sophisticated attacks– Attackers are refining their methods and consolidating assets
to create global networks that support coordinated criminal activity
04/19/23
Trends in Cyber Attacks (2007)• Phishing
– Around 392 phishing cases affecting financial institutions in India and abroad were observed in the year 2007
– Increase in cases of fast-flux phishing and rock-phish– 35% of phishing web sites were observed for financial services
sector brands
• Bots and Malicious Code– Botnets are evolving with increased number of Bots – The command & control server regularly shifting – Malicious Code with keystroke-logging and secluded
communications capacity are on rise and made confidential information threats a major concern
– 4% of all malicious activity detected during the first 6 months of 2007 originated from IP space registered to Fortune 100 companies
– Largely malicious code distribution is done through Social engineering techniques in today’s scenario
9
Trends in Cyber Attacks• Fake data about domain registrants on WHOIS directory
• Increased malicious activities in professional and commercial way– Trade of malicious code in popular forums such as IRC, Web-Sites
etc– Emergence of Phishing Toolkits– Automated toolkits that could exploit user systems who visit a
malicious or compromised website– Increasing number of underground economy servers which are
used by criminals and criminal organisations to sell stolen information, typically for subsequent use in identity theft.
10
Trends in Cyber Attacks
• The current threat environment is characterized by compound attacks simultaneously from different locations
• Convergence of malware authors, phishers, spammers and Bot-herders– Spamthru Trojan – use botnets for spamming and DDoS– Strom worm – spread through spam to increase botnet
and launch DDoS– Rock Phish – phishing sites of multiple brands hosted on
single server– Fast Flux DNS based hosting of Phishing sites
11
Constraints
• Emergent behavior of some vulnerabilities and system are not fully understood
• Still do not understand the full nature of risks• Nobody owns the problem
– Finger pointing among developers, network operators, system administrators and users
• No one wants to be first to disclose information• Immediacy of threat has led to too much focus
on near term needs – Patch rather than innovate
12
Challenges to be met
• Develop new approaches for eradicating wide spread, epidemic attacks in cyberspace
• Ensure that new, critical system currently on the drawing board are immune from destructive attack
• Appropriate legal framework and best practices• Design new computing system so that security
and privacy aspects of those systems are understandable and controllable by the user
13
Need for Collaborations
• To resolve incidents, we need to track actual attacker
• Information exchange is needed globally to mitigate Cyber attacks
• Stakeholders to ensure secure cyber space– Law Enforcement agencies– CERTs– Service providers, ISPs– Domain registrars– Domain owners– Industry
14
Collaborative Efforts
• Reconciling various legal regimes with technological capability
• Standard procedures/manuals among countries mandating service providers for supply of information
• Instant Information Sharing• Rapid Response to Security Incidents• Research and Development
– Internet Health Monitoring– DNS Security– Immune and Survivable Systems
15
Need of Today
• It’s important to get in at the beginning– Experience teaches us that these concerns
are hard to add after the fact
• The Internet experience inform us:– It is also a social system, not simply a
technology
• Once we give up privacy or security, we may not be able to regain it
• Important to assert a leadership role while we can!
16
Let us work together for a vision. Create an society in which spam, viruses and worms, the plagues of modern information technology are eliminated.
17
Thank you
http://www.cert-in.org.in