Transcript LSK Cybersecurity

Overview of Cybersecurity &
Cybercrime
Eng. J N Kariuki
BSc(Eng) LLM CEng REng MIET FIEK MKIM
Commmunications Secretary,
National Communication Secretariat
18/07/2015
1
National Communication Secretariat
• Section 84 KIC Act,Cap411A,Laws of Kenya
• Function : advise Govt. on communication
policy
18/07/2015
2
Summary
•
•
•
•
•
•
Abstract
Why worry about Cybersecurity
Vulnerabilities
Cybersecurity, Cybercrime
Examples
Privacy
18/07/2015
3
Why worry about Cybersecurity
• Societal benefits of ICTs
• New opportunities for growth, prosperity and
creation of wealth
• Shift from industrial to digital economy with
many e-applications e-health, e-money e.g.
M-PESA, e-government, etc
18/07/2015
4
Vulnerabilities
• Greater capacity of ICT,greater vulnerability
• Is Kenya protected from cyber attacks?
• Many OFC e.g. TEAMS,SEACOM,EASSy,LION
etc.
• Internet Usage increasing
18/07/2015
5
18/07/2015
6
INTERNET STATISTICS
www.internetworldstats.com
• Kenya. ,int users.(17.38m2011)(17.38%) in last
quarter),subs 6.15m (13.48%)
• Mobile 28.08million(5.89%)
18/07/2015
7
Cybersecurity
simplified def.
“the prevention of damage to , unauthorised
use of ,exploitation of , and if needed the
restoration of electronic information and
communication systems, and the information
they contain , in order to strengthen the
confidentiality , integrity and availability of
these systems”
18/07/2015
8
CYBERSPACE
the apparent, or virtual-location
within which electronic activities
are undertaken
18/07/2015
9
CYBERSPACE …..cont’d
• Laws relating to evidence, contract,
defamation, intellectual property have all a
role to play, as do provisions of criminal
law
18/07/2015
10
Cyber crime
• Ordinary crime committed by computer
• Computer crime versus internet crime
– Computer crime (includes internet crime also
called cyber crime)
18/07/2015
11
INVOLVEMENT OF COMPUTER
SYSTEMS IN COMMISSION OF CRIMES
• As target of the offence
• The tool used in the offence
• May contain evidence of the offence
18/07/2015
12
Denial of Service Attacks
• Technique used that overwhelms the resource
of target computer which results in the denial
of service to other computers
• Distributed DoS: Use of numerous computers
to attack target computer from numerous
launch points
18/07/2015
13
WEBSITE DEFACING
• Damaging contents of websites
• Motives:
• Personal grudge; e.g., dismissed employee
• Asserting political belief; e.g., affixing cannabis
leaves on the website of a court
18/07/2015
14
WEBSITE DEFACING
• Damaging contents of websites
• Motives:
• Personal grudge; e.g., dismissed employee
• Asserting political belief; e.g., affixing cannabis
leaves on the website of a court
18/07/2015
15
18/07/2015
16
2010 Child abuse Data
• Domains 1,351(Reduced due to int.effort to
stop them)
• URLs 16,739 location of providers.(42% North
america,41% Europe,17% Asia)
18/07/2015
17
Child online Protection
• http://www.itu.int/dms_pub/itu-d/opb/ind/DIND-COP.01-11-2010-PDF-E.pdf
• Takedown of Child porn sites
18/07/2015
18
COMPUTER PORNOGRAPHY
• What may be freely available in some
jurisdictions, may be objectionable in others
• International consensus that ‘child
pornography’ must be banned
• Pseudo-photographs – digitally modified
images depicting child in a sexual activity
• Grooming or child luring online
18/07/2015
19
Critical Infrastructure
vital element of national security.: massive impact on the economy
• The US Government has divided the critical
infrastructure into the following segments:
information and
• communications, electric power,
transportation, oil and gas, banking and
finance, water, emergency services
• and government (including the military).
18/07/2015
20
CII attack
stuxnet-1st attack on Scada
• In 2010, Stuxnet virus attack on control system
of Iranian Nuclear reactor
– Stuxnet is for sabotage-manipulates equipment to
behave erratically while reporting “normal” to
operators of system.
– In May,21,2011 cyber attack on defence
contractor Lockheed Martin which compromised
RSA securID tokens. Intention: to compromise
customer,program or personal data.
18/07/2015
21
PAYLOAD VIRUS
• Viruses delivered as blended threat
– (spam message directs user to a malicious website
which then results in a virus being downloaded to
the users computer e.g e-cards)
18/07/2015
22
MALICIOUS CODE-VIRUSES,WORMS
and TROJANS
Computer code written with sole intent to:cause damage to an equipment
Steal information- personal or business
Serious financial and security threat
e.g. Melissa virus,1999.
18/07/2015
23
WORMS AND TROJANS
• Worms
• similar to viruses; but multiply without human
interaction
• Trojan
• innocent-looking program that contains hidden
functions
18/07/2015
24
BOTNET
Groups of “zombied” computers remotely
controlled by hackers,even though the owners
are unaware of it.These zombies do malicious
things like forward spam,viruses,worms or gang
up together to do outright attacks against
targeted computer systems.
18/07/2015
25
CYBER-TERRORISM
“concerted, sophisticated attacks on networks”
(Yasin, 1999)
18/07/2015
26
CYBER-TERRORISM
“
… the convergence of terrorism and
cyberspace. It is generally understood to mean
unlawful attacks and threats of attacks
against computers, networks, and the
information stored therein when done to
intimidate or coerce a government or its
people in furtherance of political and social
objectives.”
(Denning, 2000)
18/07/2015
27
Forms of cyber-terrorist attacks
• access to the military computer systems resulting
in missile launches
• access a manufacturing facility and alter formula
used to produce drug or other product to render
products lethal
18/07/2015
28
Intercepting a Mobile Phone
• Mobile phones lock on to the most powerful
cellular radio signals
– Establish pico-cell
– Handset responds to the ‘rogue’ pico-cell
– Pico cell harvests the data which is analysed for
account hacking and ID fraud.
– SOLUTION: Register mobile phones so that it can
be traced .
18/07/2015
29
UNSOLICITED COMMERCIAL EMAILS
(SPAM)
• Minimal costs
• Response from internet users
• Problems:
• damaging consumer confidence
• children being subjected to inappropriate
material
18/07/2015
30
PHISHING AND PHARMING I
• Phishing
• attempts to obtain personal information,
including financial account details
• Pharming
• attempts to redirect users to fradulent websites
18/07/2015
31
PHISHING AND PHARMING II
• Means by which pharming can occur:
• Static domain name spoofing: legitimate website
slightly mis-spelt
• Malicious software: redirecting users to
fraudulent websites
• Domain hijacking: legitimate website is hijacked
and customers redirected to an illegitimate site
• Domain Name Server ‘poisoning’: Local DNS
servers poisoned to send user to wrong site
18/07/2015
32
Hacking Thai PM Twitter A/C
DN3.10.2011
• Hacked on Sunday 2.10.2011 for 20minutes
• Accused of incompetence
18/07/2015
33
PRIVACY
“You have zero privacy ;get over it”, Scott
McNealy, CEO,Sun Microsystems,1999
e.g. Passenger Name Record(PNR) data base
used by airlines.Contains:full name, date of
birth, home & work address, telephone number,
email address, credit card details,IP address if
booked online, names and phone numbers of
emergency contacts
18/07/2015
34
PRIVACY CONCERNS I
WikiLeaks and whistle-blowing, mobile phone
• Data mining-tracking customer activities for
future marketing purposes
• Methods used to collect personal information
– Electronic recording of ‘clickstream data’ at
various levels: e.g., servers of access or content
providers
– Use of cookie: a record of information sent to a
computer for identifying the computer for future
visits to same website.
18/07/2015
35
PRIVACY CONCERNS II
• sniffers – can be used to capture data being
transmitted over the network
• use of intelligent agents – to perform any
assigned task, I.As. require sufficient information,
including users’ profiles
18/07/2015
36
Loss of Data Loss
can lead to ID theft and fraud on large scale
• October 2007 HM Revenue & Customs lost details
of 25million child benefit claimants stored in two
unencrypted discs. Dept. of Transport lost
3million records of drivers
• In US TSA lost a check-in computer with
unencrypted data of 33,000 passengers
• In June 2011,Apple & Google were questioned in
US Senate over use of location data in their
mobile handsets. Sony Network Playstation
suffered a 70million member hack.
18/07/2015
37
Kenya Cybercrime legislation
• The KICA,Cap411A,s.83U-s84H
• Access,access with intent,access and
interception,modification,denying
access,damaging,disclosure of password,
unlawful possession of data,fraud,tampering
with source code, obscene info., fraudulent
info, PROTECTED SYSTEMS s.83Q.
18/07/2015
38
Nobody is Safe
22.09.2011- Hacking of Core Security
Technologies(Core Impact) Website
Core Impact provides IT security testing products
and services It’s a BENCHMARK.
e.g. Penetration Scans .Typical annual licence
$30,000.00
6.9.2011 Hackers spied on approx.300,000 google
internet users in Iran after stealing security
certificates from a Dutch IT firm-stole passwords
and obtain access to other social media.
18/07/2015
39
END
Eng J N Kariuki
BSc(Eng) LLM CEng REng MIET FIEK MKIM
18/07/2015
40