Cyber TerrorismWhen technology become Weapon

Meghdoot Dhameliya

Content» About Cyber terrorism» Why IT so attractive to the Cyber Terrorists?» What the Cyber Terrorist can do?» Example of Cyber Terrorism» Basic guideline to be Secure» Types of Cyber Crime (Hacking , Cyber Pumps,

Phreakers...)» Types of attacks through Internet» Impact of Cyber Crime on work culture and their

result» Types of Hacking» Reverse Engineering Hacking Facebook, Whats

App !! And Phreakers!

About Cyber Terrorism

• What is Cyber Terrorism?• Cyber Terrorism is Changing

Conventional Methods• Why heads towards Internet?

Why IT so attractive to the Cyber Terrorists?

• Modern Technology• Key difference in new tactics• Increased anonymity • Facilitation of terrorism through IT• Political Propaganda and disinformation (Iran,Iraq,Mexico,Northern Ireland, Saudi

Arabia)• Widest Possible Audience

What Cyber Terrorist can do?

• Threats to Commerce, Public Safety and National Security

• Attack on Victim’s Resource with their own technology

• Catastrophic Loss of finance or physical loss

Most Known Example of Cyber Attacks

Adobe Hack

• Around 2.9 million people across the globe, using popular software applications like Photoshop, InDesign and Acrobat have had their private information like passwords and even credit and debit card details stolen in a sophisticated cyber-attack on Adobe, the parent company.

• Date 5th Oct 2013

• Reference – Times of India

Credit Card Fraud

• MUMBAI: A 28-year-old media professional became the latest victim of credit card fraud on Sunday.

The Mahim resident who did not want to be named got three text alerts over 25 minutes on August 10 showing Rs11,483 being siphoned from his savings account as his attempts to contact the bank's customer care service to block the card went in vain for over 10 hours.

Date : 19th Aug 2013Reference: Times of India

Syrian Electronic Army(Hackers Group)

• The SEA claims responsibility for defacing or otherwise compromising hundreds of websites that it contends spread news hostile to the Syrian government. These include news websites such as BBC News, the Associated Press, National Public Radio, Al Jazeera, Financial Times, The Daily Telegraph,[11] The Washington Post,[12] Syrian satellite broadcaster Orient TV, and Dubai-based al-Arabia TV,[5] as well as rights organizations such as Human Rights Watch.[13] Other SEA targets include VoIP apps, such as Viber, and Tango.

Cyber Attacks• July 2011: University of California Los Angeles website defaced by SEA

hacker "The Pro".[19]

• September 2011: Harvard University website defaced in what was called the work of a "sophisticated group or individual". The Harvard homepage was replaced with an image of Syrian president Bashar al-Assad, with a message saying "Syrian Electronic Army Were Here".[20]

• April 2012: The Syrian Electronic Army took down the official blog of social media website LinkedIn. The page was redirected instead to a site supporting Bashar al-Assad.[21]

• August 2012: The Twitter account of the Reuters news agency was hacked by the SEA. 22 tweets were sent with false information on the conflict in Syria. In addition, the Reuters news website was compromised, and a false report was posted about to a Reuters journalist's blog.[22]

• 23 April 2013: The SEA hijacked the Associated Press Twitter account and falsely claimed the White House had been bombed and President Barack Obama injured.

Cont..• May 2013: The Twitter account of The Onion was compromised by the

SEA, by phishing Google Apps accounts of The Onion's employees.[18]

• May 2013: The ITV news London Twitter account was hacked on the 24th May 2013 by the SEA. The Android applications of British Broadcaster Sky News were also hacked on 26 May 2013 on Google Play Store.

• 17 July 2013, Truecaller servers were allegedly hacked into by the Syrian Electronic Army.[23] The group claimed on its twitter handle to have recovered 459 GiBs of database, primarily due to an older version of Wordpress installed on the servers. The hackers also released TrueCaller's alleged database host ID, username, and password via another tweet.[24] On 18 July 2013, Truecaller issued a statement on its blog stating that their servers were indeed hacked, but claiming that the attack did not disclose any passwords or credit card information.[25]

• 23 July 2013: Viber servers were allegedly hacked into by SEA as well. The Viber support website was replaced with a message and a supposed screenshot of data that was obtained during the intrusion.[26][27][28]

• 27 August 2013: NYTimes.com has its DNS redirected to a page that displays the message "Hacked by SEA" and Twitter's domain registrar was changed[30]

BACK

Basic guideline to be Secure

» Machine isolation» Use of firewall» Encrypted Data

1) All accounts should have passwords and the passwords should be unusual, difficult to guess.

2) Change the network configuration when defects become know.

3) Check with venders for upgrades and patches.4) Audit systems and check logs to help in detecting and

tracing an intruder5) If you are ever unsure about the safety of a site, or

receive suspicious email from an unknown address, don't access it. It could be trouble

Types of Cyber Crime

» Hacking without any intention to commit any further offence.

» Unauthorized access with intention to commit further offences. These can include theft, fraud, miss-appropriations, forgery, cracking

» Distribution of digital information through use of virus, trogon horses, logic bombs.

Types of Cyber Crime(Cont..)

• Code hacker :They know computers inside out. They can make the computer do nearly anything they want it to.

• Crackers: – They break into computer systems, operating systems and their security is their favorite pastime

• Cyber Pumps: – They are masters of cryptography

• Phreakers : They combine their in-depth knowledge of the Internet and mass telecommunication systems.

Types of attacks through Internet

» Network pocket sniffers» IP spoofing» Fraud on Internet

» Online Investment news letters» Bulletin words» Email Online Spam

» Virus (Alteration or Destruction of Digital Information)

Impact of Cyber Crime on work culture and their result

» Malfunctionality» Cyber Crime and Information

Technology Act2000» Contravention Relating

Ele.Transaction,IT Offence» Promoting Secure Electronics

CONTRAVENTOINS AND COMPENSATOINS/PENALTIES

» Contraventions – Accessing or securing access to the computer/network, Downloading any data or information from the computer/network, Introducing or causing to be introduced any computer contaminant or computer VIRUS into the computer/network.

Types of Hacking

» Cyber Murders» Effect on Government Site» Manipulating Stock Market» Transmission of Virus» Crashing of Site» Hacking Ordinary Site

Select * from yourQueriesWhere isDaubt = YES;

Thank you