Introduction:-.

Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack
First Known Use of CYBER SECURITY 1994.

Why you need cyber security:- The protection of data, networks and computing power. The protection of data
(information security) is the most important. The protection of networks is important to prevent loss of server
resources as well as to protect the network from being used for illegal purposes. The protection of computing power
is relevant only to expensive machines such as large supercomputers

What is Cyberspace? :
Cyberspace is a worldwide network of computers and the equipment that connects them, which by its very design is
free and open to the public (the Internet) The problem has gotten more prevalent with always-on, high-speed internet
access. Attackers are always out there looking for that type of computer

As long as your computer is connected to the internet, that connection can go both ways. The attackers are mostly
malicious pranksters, looking to access personal and business machines or disrupt net service with virus programs
proliferated via email, usually just to prove they can. However, there are also more serious attackers out there whose
goals could range from mining valuable data (your credit card or bank information, design secrets, research secrets,
etc) to even disrupting critical systems like the stock market, power grids, air-traffic controllers programs, and the
most dangerous-our nuclear weapons

Cyberspace as a Battleground? :
5 Cyberspace as a Battleground? Each day, there is an increase in the number of threats against our nation's critical
infrastructures. These threats come in the form of computer intrusion (hacking), denial of service attacks, and virus
deployment.

Growing Concern : Growing Concern Computing Technology has turned against us Exponential growth in security
incidents Pentagon, US in 2007 Estonia in April 2007 Computer System of German Chancellory and three
Ministries Highly classified computer network in New Zealand & Australia Complex and target oriented software
Common computing technologies and systems Constant probing and mapping of network systems

Cyber Threat Evolution :

Cyber Threat Evolution Virus Breaking Web Sites Malicious Code (Melissa) Advanced Worm / Trojan (I LOVE
YOU) Identity Theft (Phishing) Organised Crime Data Theft, DoS / DDoS 1995 2000 2003-04 2005-06 2007-08
1977

Cyber attacks being observed :

Cyber attacks being observed Web defacement Spam Spoofing Proxy Scan Denial of Service Distributed Denial of
Service Malicious Codes Virus Bots Data Theft and Data Manipulation Identity Theft Financial Frauds Social
engineering Scams

Trends of Incidents :
Trends of Incidents Sophisticated attacks Attackers are refining their methods and consolidating assets to create
global networks that support coordinated criminal activity Rise of Cyber Spying and Targeted attacks Mapping of
network, probing for weakness/vulnerabilities Malware propagation through Spam on the rise Storm worm, which is
one of the most notorious malware programs seen during 2007-08, circulates through spam

Trends of Incidents Phishing Increase in cases of fast-flux phishing and rock-phish Domain name phishing and
Registrar impersonation Crimeware Targeting personal information for financial frauds Information Stealing
through social networking sites Rise in Attack toolkits Toolkits like Mpack and Neospolit can launch exploits for
browser and client-side vulnerabilities against users who visit a malicious or compromised sites
Global Attack Trend :
Global Attack Trend Source: Websense
Security of information & information assets is becoming a major area of concern With every new application,
newer vulnerabilities crop up, posing immense challenges to those who are mandated to protect the IT assets
Coupled with this host of legal requirements and international business compliance requirements on data protection
and privacy place a huge demand on IT/ITES/BPO service organizations We need to generate ‘Trust & Confidence’
Security of Information Assets

Top Malicious Code Originating Countries

• Web defacement
• Spam
• Spoofing
• Proxy Scan
• Denial of Service
• Distributed Denial of Service
• Malicious Codes
– Virus
– Bots
• Data Theft and Data Manipulation
– Identity Theft
– Financial Frauds

Virus ProfilesNimda (note the garbage in the subject) Sircam (note the “personal” text) Both emails have
executable attachments with the virus payload.

Trojan Horse arrives via email or software like free games. Trojan Horse is activated when the software or
attachment is executed. Trojan Horse releases virus, monitors computer activity, installs backdoor, or transmits
information to hacker. Trojan horse attack

Denial of Service Attacks :

Denial of Service Attacks In a denial of service attack, a hacker compromises a system and uses that system to
attack the target computer, flooding it with more requests for services than the target can handle. In a distributed
denial of service attack, hundreds of computers (known as a zombies) are compromised, loaded with DOS attack
software and then remotely activated by the hacker.

Spamming Attacks :
Spamming Attacks Sending out e-mail messages in bulk. It’s electronic “junk mail.” Spamming can leave the
information system vulnerable to overload. Less destructive, used extensively for e-marketing purposes.

What Does it Mean- “Security”? :

What Does it Mean- “Security”? “Security” is the quality or state of being secure--to be free from danger. But what
are the types of security we have to be concern with? Physical security - addresses the issues necessary to protect the
physical items, objects or areas of an organization from unauthorized access and misuse. Personal security -
addresses the protection of the individual or group of individuals who are authorized to access the organization and
its operations. Operations security- protection of the details of a particular operation or series of activities.

What Does it Mean- “Security”? :

24 What Does it Mean- “Security”? Communications security - concerned with the protection of an organization’s
communications media, technology, and content. Network security is the protection of networking components,
connections, and contents. Information Security – protection of information and its critical elements, including the
systems and hardware that use, store, or transmit that information.

Slide 25:
25 Shoulder surfing takes many forms. Some may not be obvious.
Slide 26:
26 Traditional Hacker Profile*: “juvenile, male, delinquent, computer genius” Modern Hacker Profile: “age 12-60,
male or female, unknown background, with varying technological skill levels. May be internal or external to the
organization”

The Dilemma of Security :

27 The Dilemma of Security The problem that we cannot get away from in computer security is that we can only
have good security if everyone understands what security means, and agrees with the need for security. Security is a
social problem, because it has no meaning until a person defines what it means to them. The harsh reality is the
following: In practice, most users have little or no understanding of security. This is our biggest security hole.

Machine Overtake Mankind :

32 2010 1990 1985 1980 2005 2000 1995 2015 50 75 100 25 0 % Network Traffic Mankind Machines Machines
8Bn 90Bn Machine Overtake Mankind 2009

Three faces of cyber crime :

• Security Policy, Compliance and Assurance – Legal Framework
– IT Act, 2000
– IT (Amendment) Bill, 2006 – Data Protection & Computer crimes
– Best Practice ISO 27001
– Security Assurance Framework- IT/ITES/BPO Companies
• Security Incident – Early Warning & Response
– CERT-In National Cyber Alert System
– Information Exchange with international CERTs
• Capacity building
– Skill & Competence development
– Training of law enforcement agencies and judicial officials in the collection and analysis of digital
evidence
– Training in the area of implementing information security in collaboration with Specialised
Organisations in US
• Setting up Digital Forensics Centres
– Domain Specific training – Cyber Forensics
– Research and Development
– Network Monitoring
– Biometric Authentication
– Network Security
– International Collaboration

Internet Security – Concluding Remark :

33 Internet Security – Concluding Remark “The only system which is truly secure is one which is switched off and
unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very
highly paid armed guards. Even then, I wouldn’t stake my life on it.” Professor Gene Spafford

Q&A:
Q & A “It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to
change” Charles Darwin Survival…..
India to develop its own cyber security tools
It will reduce dependence on foreign vendors like McAfee and Symantec for anti-virus tools
Published on 10/21/2010 - 10:34:39 AM

New Delhi: The Government of India is preparing a cyber security policy framework focused on
indigenous research and development (R&D).

“It will reduce dependence on foreign vendors like McAfee and Symantec for anti-virus tools,” an official
said. 

A decision to evolve a common research agenda outlining the current capabilities of different
organisations, existing gaps and R&D priorities for the future was recently taken at a high-level meeting.

Top representatives of National Security Agency, Department of Telecommunications, Department of

Information Technology and National Technical Research Organisation attended the meeting.

The modalities of the cyber security framework will be discussed threadbare in the next meeting
scheduled in December, sources said.

“International firms are unlikely to share information beyond data concerning India-specific domains,” the
officials at the meeting opined.

The officials attending the meeting are learnt to have deliberated at length on putting in place a system
that mandates reporting of vulnerabilities.

“Dependence on foreign vendors for supply of anti-virus tools creates vulnerabilities because these
vendors need access to Indian cyber space for remote updates,” an internal government note said. 

These issues need to be addressed through robust regulatory and R&D strategies, the note added.
—iGovernment Bureau