Indian Cybercrime Scene Vinoo Thomas Rahul Mohandas Research Lead Research Scientist McAfee Labs Caught In the Cross-Fire.

Slides:

Advertisements

Similar presentations

Its a new digital world with new digital dangers….

Advertisements

How to protect yourself, your computer, and others on the internet

Challenges In The Morphing Threat Landscape Apr 2011, Arnhem Tamas Rudnai, Websense Security Labs.

K-State IT Security Training Ken Stafford CIO and Vice Provost for IT Services Harvard Townsend Chief Information Security Officer

Thank you to IT Training at Indiana University Computer Malware.

The Integritas System to enforce Integrity in Academic Environments Prof Basie von Solms Mr Jaco du Toit Prof Basie Von Solms Academy for IT University.

By Hiranmayi Pai Neeraj Jain

7 Effective Habits when using the Internet Philip O’Kane 1.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

ZeuS: God of All Cyber-Theft

Threat Overview: The Italian Job / HTML_IFRAME.CU June 18, 2007.

Australian High Tech Crime Centre What is cybercrime & trends Monday 5 November 2007.

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

INFORMATION SECURITY AWARENESS PRESENTED BY KAMRON NELSON AND ROYCE WILKERSON.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

Norman SecureSurf Protect your users when surfing the Internet.

Chapter Nine Maintaining a Computer Part III: Malware.

TRACs Security Awareness FY2009 Office of Information Technology Security 1.

Are you safe? Alyssa Caputo & Niki Labella Itech 1101 Dr. Nagel.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Cyber Crime Tanmay S Dikshit.

Social Media Attacks By Laura Jung. How the Attacks Start Popularity of these sites with millions of users makes them perfect places for cyber attacks.

APT29 HAMMERTOSS Jayakrishnan M.

1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)

Denial of Service Bryan Oemler Web Enhanced Information Management March 22 nd, 2011.

Click to edit Master title style Click to edit Master text styles Second level Third level Fourth level Fifth level June 10 th, 2009Event details (title,

Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,

Evolving Threats Paul A. Henry MCP+I, MCSE, CCSA, CCSE, CISSP-ISSAP, CISM, CISA, CIFI, CCE Florida PI License C Forensics & Recovery LLC Florida.

1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Topic 5: Basic Security.

What is Spam? d min.

Financial Sector Cyber Attacks Malware Types & Remediation Best Practices

The Koobface Botnet and the Rise of Social Malware Kurt Thomas David M. Nicol

Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,

Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.

By: Matthew Newsome.  The Internet was created so the US Department of Defense can share information between each other, which took place in the 1960’s.

Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.

KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.

Botnets A collection of compromised machines

Edexcel GCSE Cyber security threats Computer Science 1CP1

Executive Director and Endowed Chair

Social Media Attacks.

ISYM 540 Current Topics in Information System Management

Botnets A collection of compromised machines

Jon Peppler, Menlo Security Channels

“CYBER SPACE” - THE UNDERGROUND ECONOMY

Risk of the Internet At Home

Internet Worm propagation

Internet Security Threat Status

David J. Carter, CISO Commonwealth Office of Technology

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

Indian Cybercrime Scene Vinoo Thomas Rahul Mohandas Research Lead Research Scientist McAfee Labs Caught In the Cross-Fire

Agenda 2 Knowing the enemy – Who’s at your front door? India in the information age World “Wild” Web – Indian users caught in the cross fire India’s contribution to worldwide Spam, Botnet and DDOS attacks Regional malware Targeted attacks The future

India’s Growing Cyber Population

Why do Indians go online?

What do Indians search online?

Breaking news? Think Malware Malware authors make use of breaking news or popular search terms to ensure a higher return on investment. Popular news items that were misused include: –Searches for Michael Jackson’s death lead to malware –Benazir Bhutto assassination, Bangalore Blasts –Indian celebrities and cricketers

Riskiest Indian Celebrities 7

Popular Indian Sites Compromised to Serve Malware 8

World “Wild” Web Risks on the Web are constantly changing. A site that is safe one day, can be risky the next. It’s not always easy for consumers to identify which site is safe. Even experienced users can be deceived if a trusted site was compromised to serve malware. Thousands of legitimate web sites are compromised every day to serve malware to unsuspecting users. High-profile Indian sites that been compromised to serve malware include banks, security vendors, portals, businesses, as well as educational and government sites.

Payload and impact of users getting infected Bots Backdoors Keyloggers Password Stealers Rogue Antivirus Products Rootkits Payload Infected machine become part of a botnet Abused to send Spam, DDOS, host exploits, and act as launch pad for more attacks. Infected users often have no clue Symptoms Compromised users on a limited bandwidth Internet plan can end up getting a huge bill at the end of month – for no fault of theirs!!

W32/Conficker in India vs. rest of world 11

Conficker world infection map 12

W32/Conficker.worm - Infection Data

Twitter-Facebook Episode Twitter, Facebook, Live Journal, YouTube, Fotki–what do they have in common? Hosted an account of a pro-Georgian blogger who went under the nickname cyxymu (taken after Sukhumi, the capital of Abkhazia, one of Georgia’s pro-Russian breakaway republics). They all suffered a massive distributed denial-of-service (DDoS) attack. The attack that was able to take down Twitter for several hours and significantly slow down connectivity to YouTube, Live Journal and Facebook.

India’s Contribution to DDoS India’s Contribution was 8%

India’s Spam Contribution

Phishers target Indian Banks Uses pure Social engineering to deceive users Stolen credentials make its way to underground forums and sold there Commercial Do-It-Yourself Phish kits available for Indian banks Increase in phish s observed during Verified by Visa and MasterCard SecureCode campaign. 17

Malware source code freely available 18

Malware is localized and targeted

Exploits using MSWord, Excel, PowerPoint, WordPad are increasingly popular Multiple zero-day vulnerabilities in office discovered and exploited in Mostly spammed to users or hosted on malicious website Attachment claims to contain sensitive information on Pakistani Air force. Exploits a patched vulnerability in Microsoft ms bulletin. Targeted Attacks: Microsoft Office 20

Targeted Attacks: Adobe PDF 21 >80% users have Adobe Acrobat installed Easy to social engineer user as it’s considered trustworthy Over 5 new exploits released this year alone including zero-days. Most exploits use JavaScript to spray shellcode on heap Heavily deployed in web attack toolkits.

The future

Cyber Crime Altering Threat Landscape 23 Over 1,500,000 unique malware detections in 2008 ⁄1H09 up 150% from 1H08 Malware is heavily obfuscated with packers and compression technologies 80% of threats are financially motivated, up from 50% two years ago with password stealing Trojans being rampant new variants analyzed daily

Why take to cybercrime? Low Risk + High Reward + Opportunity = Safer than traditional crime

25 Cyber Crime – India Statistics –India: 63% of businesses have seen an increase in threats from 2008 to 2009 –India: 40% of businesses in India had an incident that cost an average of $13,543 to fix and recover from and causing revenue loss. –India is the 14th most dangerous domain for web surfing with 3.07% of Indian websites rated Red or Yellow by McAfee Site Advisor.

Summary - What does this mean to you? The malware problem is here to stay – threats are becoming more region specific and sophisticated. Monetary reward is the primary motivation for malware authors. India’s growing cyber population makes an attractive target. Need to improve user education and awareness at grassroots level. 26

McAfee In Action 27 McAfee Initiative to Fight Cybercrime

28 McAfee Security Resources Web Sites –McAfee: –Threat Center: –Submit a Sample: –Scan Your PC: Notifications –Security Advisories: Word of Mouth –Blog: –Podcasts:

Q & A Thank You! Vinoo Thomas Rahul Mohandas