1 Fighting Cyber Crime in the Telecommunications Industry Sachi Chakrabarty
2 Agenda Cyber Crime What s all the fuss about CyberCrime? DoS Attacks Telco Solutions
4 Cybercrime Definition All criminal offences which are committed with the aid of, or targeted at, communication devices in a network. Eg.: the Internet, the telephone line or the mobile network. In information security there are very real threats, and the main threat is crime Cybercrime is just like any other type of crime only with different tactics
5 Types/techniques of Cyber Crimes Spam Identity Theft Cyber fraud Phishing Extortion Bot/Botnets Malware DoS/DDoS Etc.
6 Emergency Response The public have grown used to stories about identity theft, hacking, stolen data and they re no longer shocked into action when they hear about it. Familiarity breeds contempt which is good news for criminals because the public stops being on its collective guard. But what if there was a way of a network being able to predict the next attack, a network that could detect even the smallest of threats and self-correct to avoid an attack?
7 How big is the problem, and who are the perpetrators From notoriety to ecrime Originally hackers and script kiddies seeking headlines and notoriety Now moved to extortion and organised crime (Russian mafia and highly organised criminal gangs) - Botnets for hire Revenue from ecrime greater than narcotics ecrime difficult to investigate
9 Cyber Crime is the new-age mafia, it is even bigger than the illegal drugs industry.
10 Feel the pain Do you want to be in the news?
11 What s all the fuss about DOS Attacks?
12 Distributed Denial of Service Attacks What and How? DOS is the deliberate denial of a service or services. DOS is not an attempt to penetrate systems, to steal or alter data. The attacker seeks to render a system inoperative, while keeping his identity secret. DDOS is a DOS attack launched from multiple sources. Launching an attack from multiple sources increases the potency of the attack and makes the task of tracing the source more difficult. Source: DTI Information Security Breaches Survey 2006 full survey results
13 Who is the target? Question: Who is a DOS target?. Answer: Any connected addressable device. Some targets are more likely, Governments, organisations, prominent companies, controversial companies or researchers, sporting bodies etc. But in essence anybody can fall victim. Question: Are there any specific sectors at risk? Answer: Online businesses retail, gambling, government, ISP s Banking, Utilities and Business to business Question: Are there any Compelling Events? Answer: Organisations might be targeted on particular events Big events e.g. gambling site when it s the Grand National. Rebellions against Government web sites Question: What happens? Answer: Ultimately bring the web site down which results in lost revenue, loss of goodwill i.e. customers can t get on the site. Impact third party organisations e.g. B2B sites
14 What is the solution?
15 BT DDOS Solution Its an integrated offer with BTnet: The service is delivered via BTnet, with integration traffic inspection Detection & Mitigation Solution A system of detectors across BTNet monitors the internet traffic directed at a website to identify traffic surges and unusual patterns of activity which could signify a DDoS attack. When an attack is identified, the traffic is diverted through a mitigation device which filters out attack traffic and allows genuine traffic to continue on to your site. Key factors in BT s detection and scrubbing solution include: monitoring of all traffic destined for your whole network, regardless of where it has come from. a unique profile of expected traffic for each client. automated responses. cleansing and removal of bad traffic. Customer portal showing intelligence reports. Quick Time to React 10 minutes V 30 minutes The BT Management Portal ensures that your entire internet accessible infrastructure is safe, 24/365. Our time window between spotting and reacting to suspicious activity is 10 minutes -considerably faster than the normal 30 minutes.
16 BT DDoS Solution in Action Monitor Customer Web site BT Core IP Network Peering Point BTNet Peering Point INTERNET Attack Traffic Cleansed Traffic TMS
17 BT DDOS Solution.contd. Superior Solution: Quicker Response Time 10 minutes V 30 minutes industry norm Minimal Network Latency BT already has extensive experience, in protecting our clients from all forms of security attacks: BT denies 14 million unauthorized connection attempts each day, prevents two million viruses per month and blocks five million spam messages each day. BT hosts and protects over 1,000 websites and over 1,500 firewalls for customers, many of which are mission critical to our client organizations.
18 What s in it for the customers? More cost-effective alternative to DIY measures This enables you to protect your organisation s brand and revenue while maximising investment in your online infrastructure. Network based services. No equipment is sited at your premises, for easier maintenance. A fast reaction time, with minimal false positives. Mitigation of high-volume traffic and application layer attacks, for a strong, multi-layered defence. Expertise and resources which adapt your security to match ever-evolving threats. Dedicated 24/365 monitoring Individual customer log-ins to the portal, for secure and confidential use. Single or multiple IP address ranges monitored, for equal protection across all your network zones. Online customer reports to monitor and assess your transactions. Alert thresholds defined by you to meet your needs.
WHITE PAPER 10 Things Every Web Application Firewall Should Provide Introduction Because they are easily accessible and often serve as an entry point to valuable data, web applications are now and always
IBM Global Technology Services Managed Security Services Research Report IBM Security Services 2014 Cyber Security Intelligence Index Analysis of cyber attack and incident data from IBM s worldwide security
HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT The frequency and sophistication of Distributed Denial of Service attacks (DDoS) on the Internet are rapidly increasing. Most of the earliest
Network security: A guide for small and medium businesses (SMBs) A Star Technology White Paper March 2008 www.star.net.uk Summary Network security is essential as it helps to prevent threats from damaging
TRANSCRIPT OF WEBINAR Beyond the Firewall Watch the webinar PARTICIPANTS: Moderator Neil Carter, StillSecure Senior Security Engineer Chris Hill, Hostway Sales Engineer Manager JUMP TO A TOPIC: 1. Introduction
CYBER CRIME & SECURITY SURVEY REPORT 2012_ Acknowledgements CERT Australia and the CIS would like to acknowledge the following contributors to the production of this report: CERT Australia s partner organisations
BELGIAN CYBER SECURITY GUIDE PROTECT YOUR INFORMATION This Guide and the accompanying documents have been produced jointly by ICC Belgium, FEB, EY, Microsoft, L-SEC, B-CCENTRE and ISACA Belgium. All texts,
Global Cyber Executive Briefing Lessons from the front lines Read more Global Cyber Sectors Executive Briefing Lessons from the front lines In a world increasingly driven by digital technologies and information,
DDoS FOR DUMmIES CORERO NETWORK SECURITY EDITION by Lawrence C. Miller DDoS For Dummies, Corero Network Security Edition Published by John Wiley & Sons, Inc. 111 River St. Hoboken, NJ 07030-5774 www.wiley.com
ICC CYBER SECURITY GUIDE FOR BUSINESS ICC CYBER SECURITY GUIDE FOR BUSINESS Acknowledgements The ICC Cyber security guide for business was inspired by the Belgian Cyber security guide, an initiative of
Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or
e-security booklet 20/12/02 2:11 am Page 1 Contact Us US Office Vicomsoft Inc. 265 E. Merrick Road Suite 209 Valley Stream NY 11580 USA Phone: 888-842-2608 Fax: 530-685-8896 Sales : firstname.lastname@example.org
WE SECURE THE FUTURE THE PLASTIC BREACH PROTECTING THE RETAIL SECTOR TABLE OF CONTENTS 03 THE PLASTIC BREACH PROTECTING THE RETAIL SECTOR 04 THE RISING COST OF FRAUD 06 WHY PROTECT THE PoS 08 HOW TO SPOT
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
Can Collective Cloud Intelligence Combat Today s Financial and E-Commerce Threats? A Webroot publication featuring research from Gartner Issue 1 2 Welcome 3 From the Gartner Files: Arming Financial and
SECURITY THREATS: A GUIDE FOR SMALL AND MEDIUM BUSINESSES What does an SMB need? A successful business works on the basis of revenue growth and loss prevention. Small and medium-sized businesses are particularly
Reducing the Cyber Risk in 10 Critical Areas Information Risk Management Regime Establish a governance framework Enable and support risk management across the organisation. Determine your risk appetite
CYBER INFORMATION SECURITY AWARENESS AND PROTECTION PRACTICES Strengthening Your Community at the Organizational Level Las Vegas, Nevada 2012 Security Awareness and Why is it Important? In today s economic
Current Trends in Corporate Criminal Activity 1:15 PM - 2:15 PM 4/28/2015 Presenters: John McCullough, Financial Crimes Service email@example.com Fred Laing, Upper Midwest Automated Clearing House Association
The Future of Web Security: 10 Things Every Web Application Firewall Should Provide Introduction Over half of all organizations have experienced a Web application breach in the past year, and many of these
Technology Blueprint Defend Against Denial of Service (DOS and DDOS) Attacks Protect each IT service layer against exploitation and abuse LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
Internet Security Essentials for Business 2.0 U.S. CHAMBER OF COMMERCE 1615 H Street, NW, Washington, DC 20062 www.uschamber.com firstname.lastname@example.org The STOP. THINK. CONNECT. messaging convention
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
A GUIDE TO Security and privacy in a Hosted Exchange environment What s inside this white paper: A two-page checklist for comparing the security of hosted Exchange providers Definitions for each element
Security Guide for Small Business Enhance your computer and network security today Tell Us What You Think. ess with Genuine y, employee productivity, or installed with genuine Microsoft ess forward. Only