Upload
rasool-irfan
View
71
Download
0
Embed Size (px)
Citation preview
Ethical Hacking TEC HGIG EXPERT SPEAK SESSION – AUG 21 ST 2015
SPEAKER – RASOOL KAREEM IRFAN
Agenda
• State of information security and its importance in the digital era
• Hacking concepts and various phases
• Types of attacks and organization’s security controls
• Necessity of ethical hacking and skills for an ethical hacker
• Industry specific – India’s telecom Infrastructure and regulatory compliance
State of Information Security
Government Healthcare Retail Financial Government
The personal details of 31 world leaders at the last G20
summit were accidentally disclosed by the Australian immigration department.
The cause of the breach was Human Error
Attackers exfiltrated more than 80 million customer
records from Anthem Inc.,
The cause of the breach was spear-phishing, browser
exploit and gaining admin access
Massive credit & debit card belong to 40 million customer
reported stolen
The cause of the breach was card-stealing malicious software intruded via
contractor
The theft of personal information from more than
100million South Korean credit cards and accounts
The cause of the breach was insider job
Hackers stole the sensitive data of 21.5 million
applicants for security clearance who were
undergoing background checks.
The cause of the breach was unknown (but claiming
China)
Hacking concepts and various phases Background
Security Incident:Any event that compromises the confidentiality, integrity, or
availability of an information asset.
Data breach: An incident that resulted in confirmed data compromise
(not just exposure) to an unauthorized party.
Who is doing ? Why are they doing
Source : Verizon 2014 Data Breach Report
Hacking concepts and various phases
7 million vulnerabilities exploited in 2014
99% compromised more than a year after CVE
10 CVEs account for 97% of 2014 exploits
• Customers are most immediately concerned with direct
personal damage from loss of data
• Employees can be overwhelmed by negative publicity and
increased chaos in both their work and personal lives
• Business partners are concerned about the immediate
threat of cross contamination and the longer-term integrity of
business transactions
• Regulators are concerned about consumer protection,
existential threats to the business, and the broader
soundness of the industry
• Capital markets and shareholders are highly attuned to
potential impacts to revenue and earnings in the near term and the viability of the brand over a longer time horizon.
How they do?
Hacking concepts and various phases
RECONNAISANCE: Attacker gathers as much information as possible about the target prior launching the attack
SCANNING: Attacker scans the network for specific information on the basis of information gathered during reconnaissance
GAINING ACCESS: Attacker obtain access to the operating system or application on the system or network
MAINTAINING ACCESS: Attacker retain ownership of access to launch further attacks
CLEARING TRACKS: Attacker destroy evidence for various reasons such as maintaining access and evading punitive actions
Hacking tools
RECONNAISANCE
DNS InterrogationEmail Tracking
Monitoring Web UpdatesWebsite Foot printing
SCANNING
Network ScanningBanner Grabbing
Vulnerability ScanningDatabase Scanning
GAINING ACCESS
LDAP EnumerationSniffing
DDoS AttackSession Hijacking
MAINTAINING ACCESS
Wi-Fi Hacking ios Jailbreaking
Evading FirewallsCode Analysis
CLEARING TRACKSCovering Tracks Tools
Depending on the device under target – the tool may vary
Types of attacks and organization’s security controls
Firewall
email Security
Web Security
IDS & IPS
NetworkBehaviorAnalysis
Footprintreduction, scripts, etc.
APT, Zero-Day, Exploit Kits& Polymorphic malware…
Virus,Trojans,Span, etc.
Filtering, XXSSQL Inj., etc.
Attack Patternsmalware, etc.
• 50% attacks take days to months of reconnaissance for a successful breach
• 70% of victims allow a breach to persist for weeks to months before detecting a compromise
Necessity and skills for an ethical hacker
Ethical hacking is necessary because it allows the countering of attacks from
malicious hackers by anticipating methods they can use to break into a system
What can the intruder see on the target system?(Reconnaissance and Scanning phases)
Skills
What can an intruder do with that information?(Gaining Access and Maintaining Access phases)Does anyone at the target notice the intruders'attempts or successes? (Reconnaissance andCovering Tracks phases)
If all the components of information system areadequately protected, updated, and patched
How much effort, time, and money is required toobtain adequate protection?
Does the information security measures are incompliance to industry and legal standards?
Industry | Telecom infrastructure
4G (3G LTE/SAE)
Core Network
3G/ 3.5G
IMS
Femto cell
OSI Model of network stack
SS7/ Sigtran core network protocol stack
Industry | Telecom infrastructure
Sample tour
Sniffmap
SS7map
Industry | India’s telecom infrastructure
According to DoT Security Amendment dated 31-May-2011,
• Once a year operator to carry out Security audit (Internal/external) of the network• The telecom operator shall create facilities for monitoring all intrusions, attacks and
frauds and report the same to the Licensor and to CERT-IN.• Network forensics, Network Hardening, Network penetration test, Risk assessment,
Actions to fix problems and to prevent such problems from reoccurring • A penalty upto Rs 50 crores will be levied for any security breach which has been
caused due to inadvertent inadequacy/inadequacies• In case of inadequate measures prescribed under this amendment, act of intentional
omissions, deliberate vulnerability left into the equipment or in case of deliberate attempt for a security breach, penalty amount will be Rs. 50 crores per breach
• Besides the penalty, liability and criminal proceedings under the relevant provisions of various Acts such as Indian Telegraph Act, Information Technology Act, Indian Penal Code (IPC), Criminal Procedure Code (Cr PC) etc can be initiated
Telecom threats & recommendations
Legal and Regulatory:
Are legal and regulatory driven
security requirements adequately
addressed and effectively
enforced?
Security Governance :
Is governance through security
policies, processes, procedures
and standards adequate and
working as desired?
Vendor Security :
Are the vendor
operations secure? Are
they increasing security
risk?Technical Security:
Is the technical infrastructure
securely designed and
configured. Does it have
exploitable security
weaknesses?
Process Security
Concern:
Are business critical
services secure?
• 50% of mobile operators world-wide could be suffering hour-long outages at a rate of once a year as a result of cyber attacks
• Growing security threats due to changing business models, emerging trends and technologies like Internet of Things (IoT), IPv6, IP based 4G networks (LTE)
DoT Security Compliance Assessment
Ethical Hacking (Vulnerability & Penetration
Testing)
ISO27001 Governance Assessment
Vendor contract audit
Managed & Monitored Security
Questions?
Thank you
@rasoolirfan https://in.linkedin.com/in/rasoolirfan