Networking Training

CyberSecurity
S.Vijay Krishnan, SDE,
BSNL TVL
Why are we talking about
cybersecurity?
 Recent Bigger Attacks
1. Operation Shady RAT : The
networks of 72 organisations across
the world were targeted in the
campaign which began in mid-2006,
continued up to 2010
2. TJX: 2009 - WiFi - More than 45
million people had their credit card
details stolen and some experts said
the actual figure was likely to be closer
to 94 million.
 Recent Bigger Attacks
3. Heartland Payment Systems
This New Jersey payment processing
firm lost data on tens of millions of
credit cards in an attack in 2009.
4. Epsilon: The world's largest email
marketing firm, Epsilon, confirmed in
2011 that it had been the target of
hackers. Only names and email
addresses were stolen from the firm,
 Recent Bigger Attacks

5. Sony PlayStation Network

In 2011, hackers gained access to
Sony's PlayStation Network, putting at
risk credit card data for more than 70
million people.
 Whatz Going on ???
We are increasingly dependent on the Internet:
Directly
Communication (Email, IM, VoIP)
Commerce (business, banking, e-commerce, etc)
Control systems (public utilities, etc)
Information and entertainment
Sensitive data stored on the Internet

Indirectly
Biz, Edu, Gov have permanently replaced physical/manual
processes with Internet-based processes
 What we can do ?
A solution to this problem will require both
the right technology and the right public
policy.

This is the cybersecurity

challenge.
 Hacking ?
Definition ?
Types of Hacking .?
Red, White Grey!
Software Alpha, Beta. Final.
Ethical Hacking & Fraud
Management.
Your system@risk

Spam

Virus

Worms
 What to be aware of ??

Computer Viruses
Worms

Trojan Horses

Spyware

Adware
VIRUS
 VIRUS
A computer virus is a computer program
that can copy itself and infect a computer
without permission or knowledge of the
user.
a program that replicates by infecting
other programs, so that they contain a
copy of the virus
 How Virus Works.
Viral code is attached or inserted into the
order of execution so that when the legitimate
code is run the viral code is also run or run
instead of the legitimate code.

May be tacked on to the end of an executable

file or inserted into unused program space.

Legitimate code must be modified so that the

viral code is branched/vectored to.
 How virus works.

.COM

Start End

Prepended virus
(.COM)

Start End
= virus code
Appended virus
(.COM & .EXE)
= program flow


Jump End
 Virus Phases
Dormant - waits for a trigger to start replicating
Propagation - copies itself into other programs of the
same type on a computer. Spreads when the user shares a
file with another computer. Usually searches a file for its
own signature before infecting.
Triggering - starts delivering payload. Sometimes
triggered on a certain date, or after a certain time after
infection.
Execution - payload function is done. Perhaps it put a
funny message on the screen, or wiped the hard disk clean.
It may become start the first phase over again.
 WORM
Write Once Read Many
Worms are a subset of viruses
The differ in the method of attachment;
rather than attaching to a file like a virus a
worm copies itself across the network
without attachment.
Infects the environment rather than
specific objects
The Sapphire Worm or Slammer-
Jan 25, 2003

Infections doubled every 8.5 seconds

Infected 75,000 hosts in first 11 minutes
Caused network outages, cancelled airline
flights and ATM failures

Minutes after Release

11 8 6 2
Trojan Horses

a program with added functionality.

 Trojan Horse
The Trojan Horse, at first glance will appear to be
useful software but will actually do damage once
installed or run on your computer.
Receiving end of a Trojan Horse are usually
tricked into opening them because they appear to
be receiving legitimate software or files from a
legitimate source.
Some Trojans are designed to be more annoying
than malicious or they can cause serious damage
by deleting files and destroying information on
your system.
 Backdoors

A program that allows attackers to

bypass normal security controls on a
system, gaining access to which they
are not entitled.
 ADWARE

Adware, by itself, is harmless. However it may

be bundled with other harmful spyware.

Ask.com Toolbar is an example of adware

Considered invasion of privacy

User must agree to have adware installed

usually bundled with sponsored software.
 SPYWARE
Installed without user knowledge or
consent and monitors user activities.
This is used for advertising and
monitoring, or to sell to another party.
Considered invasion of privacy
Slows down the computer significantly
Key Loggers.
 PREVENTION

IS BETTER THAN

CURE
 HOW TO PREVENT

1. Install a reliable anti virus program.

2. Install anti-spyware and anti-malware

programs.

3. Avoid suspicious websites.

4. Never Open Email Attachments Without

Scanning Them First.

5. Set up Automatic Scans.

 HOW TO PREVENT

6. Watch Your Downloads.

7. Updates, Updates, Updates.

8. Know What To Look For.

9. Stay Away From Cracked Software.

10. Install a Firewall.

11. Be prepared to Lock Down.