400 likes | 575 Views
Overview of Cybersecurity & Cybercrime. Eng. J N Kariuki BSc( Eng ) LLM CEng REng MIET FIEK MKIM Commmunications Secretary, National Communication Secretariat. National Communication Secretariat. Section 84 KIC Act,Cap411A,Laws of Kenya
E N D
Overview of Cybersecurity & Cybercrime Eng. J N Kariuki BSc(Eng) LLM CEng REng MIET FIEK MKIM Commmunications Secretary, National Communication Secretariat
National Communication Secretariat • Section 84 KIC Act,Cap411A,Laws of Kenya • Function : advise Govt. on communication policy
Summary • Abstract • Why worry about Cybersecurity • Vulnerabilities • Cybersecurity, Cybercrime • Examples • Privacy
Why worry about Cybersecurity • Societal benefits of ICTs • New opportunities for growth, prosperity and creation of wealth • Shift from industrial to digital economy with many e-applications e-health, e-money e.g. M-PESA, e-government, etc
Vulnerabilities • Greater capacity of ICT,greater vulnerability • Is Kenya protected from cyber attacks? • Many OFC e.g. TEAMS,SEACOM,EASSy,LION etc. • Internet Usage increasing
INTERNET STATISTICSwww.internetworldstats.com • Kenya. ,int users.(17.38m-2011)(17.38%) in last quarter),subs 6.15m (13.48%) • Mobile 28.08million(5.89%)
Cybersecuritysimplified def. “the prevention of damage to , unauthorised use of ,exploitation of , and if needed the restoration of electronic information and communication systems, and the information they contain , in order to strengthen the confidentiality , integrity and availability of these systems”
CYBERSPACEthe apparent, or virtual-location within which electronic activities are undertaken
CYBERSPACE …..cont’d • Laws relating to evidence, contract, defamation, intellectual property have all a role to play, as do provisions of criminal law
Cyber crime • Ordinary crime committed by computer • Computer crime versus internet crime • Computer crime (includes internet crime also called cyber crime)
INVOLVEMENT OF COMPUTER SYSTEMS IN COMMISSION OF CRIMES • As target of the offence • The tool used in the offence • May contain evidence of the offence
Denial of Service Attacks • Technique used that overwhelms the resource of target computer which results in the denial of service to other computers • Distributed DoS: Use of numerous computers to attack target computer from numerous launch points
WEBSITE DEFACING • Damaging contents of websites • Motives: • Personal grudge; e.g., dismissed employee • Asserting political belief; e.g., affixing cannabis leaves on the website of a court
WEBSITE DEFACING • Damaging contents of websites • Motives: • Personal grudge; e.g., dismissed employee • Asserting political belief; e.g., affixing cannabis leaves on the website of a court
2010 Child abuse Data • Domains 1,351(Reduced due to int.effort to stop them) • URLs 16,739 location of providers.(42% North america,41% Europe,17% Asia)
Child online Protection • http://www.itu.int/dms_pub/itu-d/opb/ind/D-IND-COP.01-11-2010-PDF-E.pdf • Takedown of Child porn sites
COMPUTER PORNOGRAPHY • What may be freely available in some jurisdictions, may be objectionable in others • International consensus that ‘child pornography’ must be banned • Pseudo-photographs – digitally modified images depicting child in a sexual activity • Grooming or child luring online
Critical Infrastructurevital element of national security.: massive impact on the economy • The US Government has divided the critical infrastructure into the following segments: information and • communications, electric power, transportation, oil and gas, banking and finance, water, emergency services • and government (including the military).
CII attackstuxnet-1st attack on Scada • In 2010, Stuxnet virus attack on control system of Iranian Nuclear reactor • Stuxnet is for sabotage-manipulates equipment to behave erratically while reporting “normal” to operators of system. • In May,21,2011 cyber attack on defence contractor Lockheed Martin which compromised RSA securID tokens. Intention: to compromise customer,program or personal data.
PAYLOAD VIRUS • Viruses delivered as blended threat • (spam message directs user to a malicious website which then results in a virus being downloaded to the users computer e.g e-cards)
MALICIOUS CODE-VIRUSES,WORMS and TROJANS Computer code written with sole intent to:- cause damage to an equipment Steal information- personal or business Serious financial and security threat e.g. Melissa virus,1999.
WORMS AND TROJANS • Worms • similar to viruses; but multiply without human interaction • Trojan • innocent-looking program that contains hidden functions
BOTNET Groups of “zombied” computers remotely controlled by hackers,even though the owners are unaware of it.These zombies do malicious things like forward spam,viruses,worms or gang up together to do outright attacks against targeted computer systems.
CYBER-TERRORISM “concerted, sophisticated attacks on networks” (Yasin, 1999)
CYBER-TERRORISM “ … the convergence of terrorism and cyberspace. It is generally understood to mean unlawful attacks and threats of attacks against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political and social objectives.” (Denning, 2000)
Forms of cyber-terrorist attacks • access to the military computer systems resulting in missile launches • access a manufacturing facility and alter formula used to produce drug or other product to render products lethal
Intercepting a Mobile Phone • Mobile phones lock on to the most powerful cellular radio signals • Establish pico-cell • Handset responds to the ‘rogue’ pico-cell • Pico cell harvests the data which is analysed for account hacking and ID fraud. • SOLUTION: Register mobile phones so that it can be traced .
UNSOLICITED COMMERCIAL EMAILS (SPAM) • Minimal costs • Response from internet users • Problems: • damaging consumer confidence • children being subjected to inappropriate material
PHISHING AND PHARMING I • Phishing • attempts to obtain personal information, including financial account details • Pharming • attempts to redirect users to fradulent websites
PHISHING AND PHARMING II • Means by which pharming can occur: • Static domain name spoofing: legitimate website slightly mis-spelt • Malicious software: redirecting users to fraudulent websites • Domain hijacking: legitimate website is hijacked and customers redirected to an illegitimate site • Domain Name Server ‘poisoning’: Local DNS servers poisoned to send user to wrong site
Hacking Thai PM Twitter A/CDN3.10.2011 • Hacked on Sunday 2.10.2011 for 20minutes • Accused of incompetence
PRIVACY “You have zero privacy ;get over it”, Scott McNealy, CEO,Sun Microsystems,1999 e.g. Passenger Name Record(PNR) data base used by airlines.Contains:full name, date of birth, home & work address, telephone number, email address, credit card details,IP address if booked online, names and phone numbers of emergency contacts
PRIVACY CONCERNS IWikiLeaks and whistle-blowing, mobile phone • Data mining-tracking customer activities for future marketing purposes • Methods used to collect personal information • Electronic recording of ‘clickstream data’ at various levels: e.g., servers of access or content providers • Use of cookie: a record of information sent to a computer for identifying the computer for future visits to same website.
PRIVACY CONCERNS II • sniffers – can be used to capture data being transmitted over the network • use of intelligent agents – to perform any assigned task, I.As. require sufficient information, including users’ profiles
Loss of Data Losscan lead to ID theft and fraud on large scale • October 2007 HM Revenue & Customs lost details of 25million child benefit claimants stored in two unencrypted discs. Dept. of Transport lost 3million records of drivers • In US TSA lost a check-in computer with unencrypted data of 33,000 passengers • In June 2011,Apple & Google were questioned in US Senate over use of location data in their mobile handsets. Sony Network Playstation suffered a 70million member hack.
Kenya Cybercrime legislation • The KICA,Cap411A,s.83U-s84H • Access,access with intent,access and interception,modification,denying access,damaging,disclosure of password, unlawful possession of data,fraud,tampering with source code, obscene info., fraudulent info, PROTECTED SYSTEMS s.83Q.
Nobody is Safe 22.09.2011- Hacking of Core Security Technologies(Core Impact) Website Core Impact provides IT security testing products and services It’s a BENCHMARK. e.g. Penetration Scans .Typical annual licence $30,000.00 6.9.2011 Hackers spied on approx.300,000 google internet users in Iran after stealing security certificates from a Dutch IT firm-stole passwords and obtain access to other social media.
END Eng J N Kariuki BSc(Eng) LLM CEng REng MIET FIEK MKIM