Cyber Security and Critical Information Infrastructure



Similar documents
Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

Current Threat Scenario and Recent Attack Trends

Indian Computer Emergency Response Team (CERT-In) Annual Report (2010)

Cyber security Indian perspective & Collaboration With EU

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Protecting Your Organisation from Targeted Cyber Intrusion

External Supplier Control Requirements

The Information Security Problem

Promoting Network Security (A Service Provider Perspective)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Top tips for improved network security

Fast overview about the CERT-TCC. Helmi Rais CERT-TCC Team Manager

Current counter-measures and responses by CERTs

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Information Security Threat Trends

WEB ATTACKS AND COUNTERMEASURES

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Introduction: 1. Daily 360 Website Scanning for Malware

A Cyber Security Integrator s perspective and approach

IBM Security Strategy

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN , Volume-III, Issue-IV, July-Aug 2013

The Business Case for Security Information Management

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Vulnerability Assessment & Compliance

Web 2.0 and Data Protection. Paul Tsang Security Consultant McAfee

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Korea s experience of massive DDoS attacks from Botnet

Detailed Description about course module wise:

National Cyber Security Policy -2013

Certified Cyber Security Analyst VS-1160

Symantec enterprise security. Symantec Internet Security Threat Report April An important note about these statistics.

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols

Where every interaction matters.

Data Management Policies. Sage ERP Online

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

ENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency

Policies and Practices on Network Security of MIIT

Security Incidents And Trends In Croatia. Domagoj Klasić

ICANWK406A Install, configure and test network security

Cyber Security a Global Challenge; What and how Thailand is doing

What legal aspects are needed to address specific ICT related issues?

ACS-3921/ Computer Security And Privacy. Lecture Note 5 October 7 th 2015 Chapter 5 Database and Cloud Security

GUJARAT TECHNOLOGICAL UNIVERSITY MASTER OF COMPUTER APPLICATIONS (MCA) SEMESTER: V

Opportunities in Indian IT Security Market

COB 302 Management Information System (Lesson 8)

Environment. Attacks against physical integrity that can modify or destroy the information, Unauthorized use of information.

CYBERTRON NETWORK SOLUTIONS

DATA PROTECTION LAWS OF THE WORLD. India

Applying System Thinking Concepts in Cyber Security Architectural Design of Enterprise Network Systems

A Systems Engineering Approach to Developing Cyber Security Professionals

Jort Kollerie SonicWALL

Network Security in Vietnam and VNCERT. Network Security in Vietnam and VNCERT

September 20, 2013 Senior IT Examiner Gene Lilienthal

A Small Business Approach to Big Business Cyber Security. Brent Bettis, CISSP 23 September, 2014

Guideline on Safe BYOD Management

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Defending Against Data Beaches: Internal Controls for Cybersecurity

Security A to Z the most important terms

Beyond the Hype: Advanced Persistent Threats

Security Management. Keeping the IT Security Administrator Busy

CSG & Cyberoam Endpoint Data Protection. Ubiquitous USBs - Leaving Millions on the Table

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Practical Steps To Securing Process Control Networks

ABB s approach concerning IS Security for Automation Systems

FORBIDDEN - Ethical Hacking Workshop Duration

The Top Web Application Attacks: Are you vulnerable?

Cybersecurity: Protecting Your Business. March 11, 2015

Internet Banking Attacks. Karel Miko, CISA DCIT, a.s. (Prague, Czech Republic)

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

CERT-GOV-GE Activities & International Partnerships

Malicious cyber activity is on the increase at risk. This may involve the loss of critical data and consumer confidence, as well as profits

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

Managing internet security

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011

Section 12 MUST BE COMPLETED BY: 4/22

Transcription:

Cyber Security and Critical Information Infrastructure Dr. Gulshan Rai Director General Indian Computer Emergency Response Team (CERT- In) grai [at] cert-in.org.in The Complexity of Today s Network Changes Brought in IT Large network as backbone for connectivity across the country Multiple Service providers for providing links BSNL, MTNL, Reliance, TATA, Rail Tel Multiple Technologies to support network infrastructure CDMA, VSAT, DSL Multiple Applications Trends shaping the future Ubiquitous computing, networking and mobility Embedded Computing Security IPv6 VoIP Intranet Laptops Servers New PC Unmanaged Devices Internet Network Infrastructure Desktops Perimeter Network Extranet Servers Perimeter Network Servers Smart devices Television Computers PDA Mobile Phone Application Simplicity Preference of single, simple and secure interface Ubiquitous interface web browser Flexible Infrastructure Today s NGNs are defined more by the services they support than by traditional demarcation of physical infrastructure. Branch Offices Unmanaged Devices Branch Offices Internet Home Users Unmanaged Device Remote Workers 2

The Emergence of NGNs The communication networks operating two years ago have undergone tremendous change. NGNs are the order of the day. No longer consumer and business accept the limitation of single-use device or network. Both individuals and Business want the ability to communicate, work and be entertained over any device, any time, anywhere. The demand of these services coupled with innovation in technology is advancing traditional telecommunication far outside its original purpose. 3 Cyber Threat Evolution Virus Malicious Code (Melissa) Identity Theft (Phishing) Breaking Web Sites Advanced Worm / Trojan (I LOVE YOU) Organised Crime Data Theft, DoS / DDoS 1977 1995 2000 2003-04 2005-06 2007-08 4

Trends of Incidents Sophisticated attacks are happening onto IT infrastructure Attackers are refining their methods and consolidating assets to create global networks that support coordinated criminal activity. Information stealing is the main objective rather than destruction. Rise of Cyber Spying and Targeted attacks. Continuous mapping of network, probing for weakness/vulnerabilities. Malware propagation through Website intrusion and large scale SQL Injection attacks. Malware propagation through Spam on the rise Increase in phishing cases, particularly fast flux and domain phishing 5 Trends of Incidents (contd.) Website compromise through SQL injection, exploiting weak input validation (Asprox botnet) Uploading malicious contents onto websites through stolen FTP credentials (Neosploit) Rise in defacement of Govt. websites after 26/11 attack; websites hosted outside India on cheap hosting providers Targeted attacks for stealing sensitive information through social engineering and malicious office documents (Ghostnet) Compromise of popular websites and redirection of users to malicious websites for malware propagation (iframe insertion) Sale of phishing toolkits on underground websites (Metaphisher) Large scale creation of botnets for launching DDoS attacks, Spam, Phishing, fast flux DNS attacks (conficker worm) 6

Security of Information Assets Security of information & information assets is becoming a major area of concern With every new application, newer vulnerabilities crop up, posing immense challenges to those who are mandated to protect the IT assets Coupled with this host of legal requirements and international business compliance requirements on data protection and privacy place a huge demand. There is a need to generate Trust & Confidence 7 Challenges before us Sensible investment & RoI Facilitating secure business access to inside users Keeping intruders at bay User awareness & education for alignment with security policies Training and retention 8

Information Security Management INFORMATION SECURITY Confidentiality Integrity Availability Authenticity People Process Technology Security Policy Regulatory Compliance User Awareness Program Access Control Security Audit Incident Response Encryption, PKI Firewall, IPS/IDS Antivirus 9 Issues to be addressed Standardization of IT infrastructure and processes Identification of critical assets and risk assessment Adoption of suitable security standards Security Command and Control Centre All hardware and software should be deployed only after hardening File Integrity Verification tools should be deployed on every server All software applications should be deployed only after security review of software (code review) Regular Vulnerability Assessment and Penetration Testing of IT systems Identity Management Uniform implementation of security policy throughout the organization (zones) Website hosting policy IT infrastructure Audit Mock security drills 10

CERT-In Workflow CERT-In Work Process Detection Analysis Dissemination & Support Major ISPs Foreign Ptns Department of Information Technology ISP Hot Liners Private Sectors Home Users Analysis Detect Dissemination Press & TV / Radio Recovery 11 Int l Co-op: Cyber Security Drills and Exercises Joint International Incident Handling Coordination Drills Participated APCERT International Incident Handling Drill 2006 Participants: 13 APCERT Members and New Zealand, Vietnam including 5 major Korean ISPs Scenario: Countermeasure against Malicious Code and relevant infringement as DDoS attack Participated APCERT International Incident Handling Drill 2007 Participants: 13 APCERT Members + Korean ISPs Scenario: DDoS and Malicious Code Injection Participated APCERT International Incident Handling Drill 2008 Participants: 13 APCERT Members Scenario: Online Underground Economy 12 12

Thank you Incident Response Help Desk Phone: 1800 11 4949 FAX: 1800 11 6969 e-mail: incident at cert-in.org.in http://www.cert-in.org.in

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information