Upload
mohammad-ashfaqur-rahman
View
179
Download
0
Embed Size (px)
Citation preview
Introduction to Cyber Security
Presented by
Mohammad Ashfaqur RahmanCompliance Professional
www.linkedin.com/in/ashfaqsaphal
Objective
● Concept of IT Security● Information Security Terminologies● Hacker and Attack● Trends of attack● Perspective Bangladesh
Information
● 'Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected’
– Ref : BS ISO 27002:2005
● ‘…Whatever form the information takes, or means by which it is shared or stored, it should always be appropriately protected’
– Ref : BS ISO 27002:2005
Information
● Creation● Transmit● Store● Lost – Corrupt – Destroy – Stolen● Paper based● Verbal
Security
● “The quality or state of being secure—to be free from danger”
● A successful organization should have multiple layers of security in place:
– Physical security– Personal security– Operations security– Communications security– Network security– Information security
Information Security
● The protection of information and its critical elements, including systems and hardware that use, store, and transmit that information
● Information Security is also known as Cyber Security– Also written as Cybersecurity– Security of
• Information System• Network
History
● Old Caesar Cipher● IT Security concept invoked immediately after the first
mainframes were developed ● Groups developing code-breaking computations during
World War II created the first modern computers– Introduction of turing machine
● WikiLeaks, Anonymous, Lulzsec– Bangladesh Cyber Army– Bangladesh Black Hat Hackers
Compromised System
● "Compromised" is a nice way of saying that someone or something has maliciously broken into your computer without your knowledge or permission.
● It means that you can't trust the integrity of any file (program, document, spreadsheet, image, etc.) on your computer.
● can't find out what's been done to your computer files● an exact "before" copy to compare them with
Impact of Compromisation
● Personal– Lost of personal sensitive data : Identity theft– Social harrasment : Social account / mail hack– Financial loss : Credit Card / Online Banking
● Organizational– Loss of customer confidence : cusotomer data
loss– Financial Losses : Lost of confidential data– Damaged Reputation : loss of good will
Impact of Compromisation
● Social– Unrest Situation– Harassment– Child Pornography
The Hacker● A hacker is someone who
– seeks and exploits weaknesses in a– computer system or – computer network.
● A hacker is someone who likes to tinker with electronics or computer systems : finding ways to make them do what they do better, or do things they weren't intended to do
The Hacker● Hackers may be motivated by a multitude of reasons, such
as – Profit– Protest– Challenge– Enjoyment– to evaluate those weaknesses to assist in
removing them.
Types of Hacker● White Hat
– Good Guys– Don't use their skills for illegal purposes– Computer Security experts and – help protect people from the Black Hats
Types of Hacker● Black Hat
– Bad Guys– Use their skills maliciously for personal gain– Hack banks, steal credit cards, and deface
websites
Types of Hacker● Grey hat
– combination of a Black Hat and a White Hat Hacker
– hack into a computer system for the sole purpose of notifying the administrator
Hacker Hierarchy● Script kiddies
– Wannabe hackers– Have no hacking skills– use the tools developed by other hackers– No knowledge of what's happening behind the
scenes
Hacker Hierarchy● Intermediate hackers
– know about computers, networks– enough programming and scripting knowledge– Use pre-developed well-known exploits
Hacker Hierarchy● Elite Hackers
– skilled hackers– write hacker tools and exploits– break into systems and hide their tracks
Other Terminologies● Neophyte
– Also known as "n00b", or "newbie" – is someone who is new to hacking or phreaking
and has almost no knowledge or experience● Blue hat
– someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed
Other Terminologies
Cyber-attack● any type of offensive maneuver● by individuals or whole organizations● targets computer information systems, infrastructures,
computer networks, and/or personal computer devices● Factors that involves
– Fear factor– Spectacular factor– Vulnerability factor
Threat Trends● Cyber Crime
– Bad guys are mostly Eastern European although Asian groups are also active
– A complete service based economy supporting their activities
– Attacks are a mix of • social engineering and • technical attack
Threat Trends● Hactivists
– WikiLeaks– Anonymous, Lulzsec– DDoS attacks– Data loss
• combination of hacking and insiders
Threat Trends● Nation State
– Motivations• Espionage• Disruption• Targeting Government + Private Sector
ICT Act 2006, Bangladesh
Incident Trends, Bangladesh● According to bdCERT
Incident Trends, Bangladesh● Site Defacement
– Site hacked by hacker group named Indishell, Sil3nt Hack3r, My@nm@r H4acK3rs Unit
– Government sites were targeted (.gov.bd)– Sites running on CMS are not fully patched and
inherently carrying bugs which is quite easy for the hacker to penetrate.
– Lack of proactive monitoring and enforcement of standards.
Incident Trends, Bangladesh● Site Defacement
Case Study – Network Hacking● Foot Printing● Port Scanning● Banner Grabbing● Searching for Vulnerabilities● Penetrating
Case Study – Network Hacking● Foot Printing
– You see the company e-mails, address, names, when the domain was created, when the domain expires, the domain name servers, and more!
– A hacker can also take advantage of search engines to search sites for data
• "site : www:thetargetsite:com" this will display every page that Google has
Case Study – Network Hacking● Port Scanning
– To detect the port's listening services on server's open ports so as to detect the vulnerabilities
– The Nmap Security Scanner is available for both Mac and Windows users:
• http://nmap.org/download.html
Case Study – Network Hacking● Port Scanning
– To detect the port's listening services on server's open ports so as to detect the vulnerabilities
– The Nmap Security Scanner is available for both Mac and Windows users:
• http://nmap.org/download.html
Case Study – Network Hacking● Banner Grabbing
– Telnet into service port To gure out what software and version of the service
– If you are using Windows Vista, then telnet is not installed by default, Use control panel – Programs and Features - Turn Windows features on or o - Telnet Client to install
– If you found port 21 (ie ftp) open, then telnet www.targetsite.com 21 to nd out FTP software
Case Study – Network Hacking● Searching for Vulnerabilities
– Search a couple vulnerability databases for an exploit
– If there's an exploit available, run it against the server and take complete control
– Popular exploit databases are Milw0rm, SecurityFocus, osvdb
Case Study – Network Hacking● Attacks
– Denial-of-Service(DoS)– Bu
er Overfow(BoF)
Case Study – Network Hacking● Penetrating
– Running the exploits against the target and penetrating the server
– From PT Server – Multiple programming language
Case Study – Network Hacking● Root Access
– Root kit deployment– Grab data
It is your turn