Introduction to Cyber Security

Presented by

Mohammad Ashfaqur RahmanCompliance Professional

www.linkedin.com/in/ashfaqsaphal

ashfaq.saphal@gmail.com

Objective

● Concept of IT Security● Information Security Terminologies● Hacker and Attack● Trends of attack● Perspective Bangladesh

Information

● 'Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected’

– Ref : BS ISO 27002:2005

● ‘…Whatever form the information takes, or means by which it is shared or stored, it should always be appropriately protected’

– Ref : BS ISO 27002:2005

Information

● Creation● Transmit● Store● Lost – Corrupt – Destroy – Stolen● Paper based● Verbal

Security

● “The quality or state of being secure—to be free from danger”

● A successful organization should have multiple layers of security in place:

– Physical security– Personal security– Operations security– Communications security– Network security– Information security

Information Security

● The protection of information and its critical elements, including systems and hardware that use, store, and transmit that information

● Information Security is also known as Cyber Security– Also written as Cybersecurity– Security of

• Information System• Network

History

● Old Caesar Cipher● IT Security concept invoked immediately after the first

mainframes were developed ● Groups developing code-breaking computations during

World War II created the first modern computers– Introduction of turing machine

● WikiLeaks, Anonymous, Lulzsec– Bangladesh Cyber Army– Bangladesh Black Hat Hackers

Compromised System

● "Compromised" is a nice way of saying that someone or something has maliciously broken into your computer without your knowledge or permission.

● It means that you can't trust the integrity of any file (program, document, spreadsheet, image, etc.) on your computer.

● can't find out what's been done to your computer files● an exact "before" copy to compare them with

Impact of Compromisation

● Personal– Lost of personal sensitive data : Identity theft– Social harrasment : Social account / mail hack– Financial loss : Credit Card / Online Banking

● Organizational– Loss of customer confidence : cusotomer data

loss– Financial Losses : Lost of confidential data– Damaged Reputation : loss of good will

Impact of Compromisation

● Social– Unrest Situation– Harassment– Child Pornography

The Hacker● A hacker is someone who

– seeks and exploits weaknesses in a– computer system or – computer network.

● A hacker is someone who likes to tinker with electronics or computer systems : finding ways to make them do what they do better, or do things they weren't intended to do

The Hacker● Hackers may be motivated by a multitude of reasons, such

as – Profit– Protest– Challenge– Enjoyment– to evaluate those weaknesses to assist in

removing them.

Types of Hacker● White Hat

– Good Guys– Don't use their skills for illegal purposes– Computer Security experts and – help protect people from the Black Hats

Types of Hacker● Black Hat

– Bad Guys– Use their skills maliciously for personal gain– Hack banks, steal credit cards, and deface

websites

Types of Hacker● Grey hat

– combination of a Black Hat and a White Hat Hacker

– hack into a computer system for the sole purpose of notifying the administrator

Hacker Hierarchy● Script kiddies

– Wannabe hackers– Have no hacking skills– use the tools developed by other hackers– No knowledge of what's happening behind the

scenes

Hacker Hierarchy● Intermediate hackers

– know about computers, networks– enough programming and scripting knowledge– Use pre-developed well-known exploits

Hacker Hierarchy● Elite Hackers

– skilled hackers– write hacker tools and exploits– break into systems and hide their tracks

Other Terminologies● Neophyte

– Also known as "n00b", or "newbie" – is someone who is new to hacking or phreaking

and has almost no knowledge or experience● Blue hat

– someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed

Other Terminologies

Cyber-attack● any type of offensive maneuver● by individuals or whole organizations● targets computer information systems, infrastructures,

computer networks, and/or personal computer devices● Factors that involves

– Fear factor– Spectacular factor– Vulnerability factor

Threat Trends● Cyber Crime

– Bad guys are mostly Eastern European although Asian groups are also active

– A complete service based economy supporting their activities

– Attacks are a mix of • social engineering and • technical attack

Threat Trends● Hactivists

– WikiLeaks– Anonymous, Lulzsec– DDoS attacks– Data loss

• combination of hacking and insiders

Threat Trends● Nation State

– Motivations• Espionage• Disruption• Targeting Government + Private Sector

ICT Act 2006, Bangladesh

Incident Trends, Bangladesh● According to bdCERT

Incident Trends, Bangladesh● Site Defacement

– Site hacked by hacker group named Indishell, Sil3nt Hack3r, My@nm@r H4acK3rs Unit

– Government sites were targeted (.gov.bd)– Sites running on CMS are not fully patched and

inherently carrying bugs which is quite easy for the hacker to penetrate.

– Lack of proactive monitoring and enforcement of standards.

Incident Trends, Bangladesh● Site Defacement

Case Study – Network Hacking● Foot Printing● Port Scanning● Banner Grabbing● Searching for Vulnerabilities● Penetrating

Case Study – Network Hacking● Foot Printing

– You see the company e-mails, address, names, when the domain was created, when the domain expires, the domain name servers, and more!

– A hacker can also take advantage of search engines to search sites for data

• "site : www:thetargetsite:com" this will display every page that Google has

Case Study – Network Hacking● Port Scanning

– To detect the port's listening services on server's open ports so as to detect the vulnerabilities

– The Nmap Security Scanner is available for both Mac and Windows users:

• http://nmap.org/download.html

Case Study – Network Hacking● Port Scanning

– To detect the port's listening services on server's open ports so as to detect the vulnerabilities

– The Nmap Security Scanner is available for both Mac and Windows users:

• http://nmap.org/download.html

Case Study – Network Hacking● Banner Grabbing

– Telnet into service port To gure out what software and version of the service

– If you are using Windows Vista, then telnet is not installed by default, Use control panel – Programs and Features - Turn Windows features on or o - Telnet Client to install

– If you found port 21 (ie ftp) open, then telnet www.targetsite.com 21 to nd out FTP software

Case Study – Network Hacking● Searching for Vulnerabilities

– Search a couple vulnerability databases for an exploit

– If there's an exploit available, run it against the server and take complete control

– Popular exploit databases are Milw0rm, SecurityFocus, osvdb

Case Study – Network Hacking● Attacks

– Denial-of-Service(DoS)– Bu

er Overfow(BoF)

Case Study – Network Hacking● Penetrating

– Running the exploits against the target and penetrating the server

– From PT Server – Multiple programming language

Case Study – Network Hacking● Root Access

– Root kit deployment– Grab data

It is your turn