Professional Documents
Culture Documents
Cyber Security: Indian Perspective: Dr. Gulshan Rai Director, CERT-IN Govt. of India Grai@mit - Gov.in
Cyber Security: Indian Perspective: Dr. Gulshan Rai Director, CERT-IN Govt. of India Grai@mit - Gov.in
8 Feb 2009
Web Evolution
Web Sites (WWW)
1993 Web Invented and implemented 130 Nos. web sites 2738 Nos. 23500 Nos. 550 Million Nos.
2008
Application Simplicity
Preference of single, simple and secure interface to access applications or content Ubiquitous interface - web browser
Flexible Infrastructure
Because of these areas of evolution, todays NGNs are defined more by the services they support than by traditional demarcation of Physical Infrastructure.
Intranet
Perimeter Network
Unmanaged Devices
Router Router
Router
Internet Network
` ` `
Infrastructure
Desktops
Branch Offices
Perimeter Network Servers Router
Branch Offices
` ` `
Router
Internet
Unmanaged Devices Router Unmanaged Device
`
To Reap Benefits
To reap benefits of NGN, the operator must address
Technology Risk Security Efficiency
NGN Architecture
Identify Layer
Compromises of end users owned by a telecom or a third-party service provider accessing services using devices like PC, PDA or mobile phone, to connect to the Internet
Partly Trusted Untrusted
Third-Party Application
Internet
Service Layer
Web Tier
Hosts service applications and provides a framework for the creation of customer-focused services provided by either operator or a third-party service provider
Network Layer
Performs service execution, service management, network management and media control functions Connects with the backbone network
Common Framework
Backbone Network
Growing Concern
Computing Technology has turned against us Exponential growth in security incidents Pentagon, US in 2007 Estonia in April 2007 Computer System of German Chancellory and three Ministries Highly classified computer network in New Zealand & Australia Complex and target oriented software Common computing technologies and systems Constant probing and mapping of network systems
10
Virus
1977
1995
2000
2003-04
2005-06
2007-08
13
Trends of Incidents
Sophisticated attacks
Attackers are refining their methods and consolidating assets to create global networks that support coordinated criminal activity
Trends of Incidents
Phishing
Increase in cases of fast-flux phishing and rock-phish Domain name phishing and Registrar impersonation
Crimeware
Targeting personal information for financial frauds
Source: Websense
17
Organised Crime
Terrorist Groups Nation States
18
Coupled with this host of legal requirements and international business compliance requirements on data protection and privacy place a huge demand on IT/ITES/BPO service organizations
We need to generate Trust & Confidence
In Europe, the legal driver has been the Data Protection Act supported by ISO27001 ISMS.
Confidentiality
Integrity
Availability
Authenticity
People
Process
Technology
Security Policy Regulatory Compliance User Awareness Program Access Control Security Audit Incident Response Encryption, PKI Firewall, IPS/IDS Antivirus
22
Security Incident Early Warning & Response CERT-In National Cyber Alert System
Information Exchange with international CERTs
Capacity building
Skill & Competence development Training of law enforcement agencies and judicial officials in the collection and analysis of digital evidence Training in the area of implementing information security in collaboration with Specialised Organisations in US
International Collaboration
296 certificates issued in India out of 7735 certificates issued worldwide Majority of certificates issued in India belong to IT/ITES/BPO sector
China
210773 146
Italy
115309 148
Japan
73176 276
Spain
65112 93
India
46091 296
USA
36192 94
27001
7732
Private Sectors
Home Users
Analysis
Dissemination
Detect
Recovery
Internet
`
ActiveX DL Server
Internet
PSTN
Make a call using 1800 11 - 4949 Send fax using 1800 11 - 6969 Communicate through email at incident@cert-in.org.in Number of security incidents handled during 2008 (till Oct): 1425 Vulnerability Assessment Service
Participated APCERT International Incident Handling Drill 2006 Participants: 13 APCERT Members and New Zealand, Vietnam including 5 major Korean ISPs Scenario: Countermeasure against Malicious Code and relevant infringement as DDoS attack
Participated APCERT International Incident Handling Drill 2007 Participants: 13 APCERT Members + Korean ISPs Scenario: DDoS and Malicious Code Injection To be Model: World Wide Cyber Security Incidents Drill among security agencies
Thank you
Incident Response Help Desk