Security Talent Table - The Mismatch

The internet has made it possible for millions of users world wide to access information including the latest in every field. Internet has changed the way of life. It has made its impact on every aspect of life paving way for a holistic growth. However there seems to be a sudden surge for security talent worldwide. The surge has emanated as a result of increased levels of hacking incidents witnessed across the nations and to handle the waves of cyber attacks emanating from adversaries across the world. Increased incidents has also thrown open  the prevalent weakness amongst the various cyber establishments. There are multiple angles to the excessive visibility and increased attention on the security and in particular cyber security domain.  It is essential to understand the background.

Maritime Security Exhibition '13

In connection with world security day, an exhibition on maritime security was organized by Institute of Technology Management and Research, highlighting the various activities of Maritime Force. The exhibition was inaugurated by Mr.Sylendra Babu, IPS, ADGP, 

The exhibition had a good collection of photographs displayed, exposing scuba diving, para gliding, water motor activities and other  maritime related activities. 

World Computer Security Day 2013

Due to the proliferation of computers across various functional domains, Security has emerged as an important element when working with computers, the Internet or indeed any electronic devices. Computer Security Day is an annual event that is observed worldwide.  The specific goal of Computer Security Day is to help people understand the need to protect their computers and information. 

World Computer Security Day is observed to ensure that all computer users take some time to look into computer security and safety as an important personal and workplace responsibility. Institute of Technology Management and Research hosted the event to provide an insight into the privacy and security issues and its manifestations surrounding electronic data and suggest ways and means to keep computers and data safe.

Data scientist - The new generation workforce

What is big data?

Large enterprises are congregating electronic data from assorted sensors, and electronic devices, which are of different formats, with the use of independent or connected applications. This data inflow has outpaced the firm’s efficacy to process, analyze, store, correlate and understand the captured datasets. This new voluminous dataflow which doesn’t fit into the ambit of decorous data processing techniques has been nicknamed as big data. It has carved itself with a home in this dynamic and expanding information ecosystem that many companies struggle to manage today. Mckinsey Global institute ascribes “Big data” to datasets whose size is above the dexterity of archetypal database software tools to capture, store, manage, and analyze.

Safety Over the Net -May 2013

As a blog dedicated to bring in visibility on Security, specialized security concerns, security events across different locations, It was interesting to be a part of the event Safety over the net organized by ITMR along with CYSI. A small writeup of the event is shared in the following paragraphs.

Cyber warriors - India initiatives

The year 1820,  recorded the first cyber crime in the context of technology at that point in time. In nearly two decades, cyber crime has emerged as a giant affecting the lives of millions of Internet users across the world. Be it leading actress declaring that someone created a false profile on www.facebook.com, young girls unwittingly getting caught in the web of embezzlement of funds through e-commerce, or even  personal e-mail passwords being hacked. The story remains the same worldwide. 

Cyber security has emerged as a crucial element of national defense for India. This realization has emerged in the wake of many glaring cyber issues and security problems faced by India.  Cyber security challenges of India have become a series issue that the highest echelons of Indian government has initiated dialog on these areas.  The national security administration is has expressed its concern  about increasing levels of security breaches and attacks through computers, mobiles and other devices.

Waledac botnet - Operation b49

Waledac is a botnet which was deployed world wide for illegal operations. One of the 10 largest botnets in the US and a major distributor of spam globally, Survey puts an estimate that Waledac has infected hundreds of thousands of computers around the world. Waledac  is capable of generating about 1.5 billion spam email messages a day, and is well-known for its online pharmacy, phony products, jobs, and penny stock spam scams. Waledac is considered to be the second version of the famous Storm. The worm may arrive on the computer as an attachment to spam email or via a link to a malicious Web site says Symantec. WALEDAC built its communication tactic by using an HTTP-based P2P communication network codenamed  HTTP2P and uses a complex variation of known technologies, including RSA and AES encryption using OpenSSL, an eXtensible Markup Language (XML)-based message structure, bzip2 compression, and Base64 encoding says Trend micro. Botnets are deployed in a multitier architecture with the command and control center as the node. The CC is connected to, what is called as repeater nodes or tier of the Waledac botnet and is typically composed of infected computers with public IP addresses reachable on TCP port 80.

As discussed in the earlier articles, botnets are the modern tools preferred by cyber criminals to carryout  a variety of cyber attacks, build on the distributed power of lakhs of malware-infected recruited computers spread around the world to generate spam, carryout denial-of-service attacks on selected websites, including malware deployment and management apart from click frauds and other criminal activities. Waledac was believed to have the capacity to generate about 1.5 billion spam emails per day. Waledac infection data is presented at sudosecure.net. The enclosed image courtesy blogs.technet and microsoft.com very clearly indicates the levels of infection present in India.

PlugX and its implications

A new Remote Administration Tool has been discovered called PlugX which is a Remote Access Tool (RAT). It has also been named as Korplug. PlugX has been detected in targeted attacks not only against military, government or political organizations, but also against more or less ordinary companies. The attack starts with a phishing email containing a malicious attachment, usually an archived, bundled or specially crafted document that exploits either a vulnerability.

PlugX has been witnessed to be delivered with the three file components, namely:

• A legitimate file
• A malicious DLL that is loaded by the legitimate file
• A binary file that contains the malicious codes loaded by the DLL.

Cyber Espionage

"Kaspersky Security Bulletin" talks about Cyber-espionage or "hacktivism" and naton-state cyberattacks, apart from legal surveillance, cloud based network attacks, cyber extortion of individuals and companies. The number of reported cases of cyberespionage is growing, with high-value, highly visible data emerging as the primary target, say  Patricia Titus, VP, chief information security office, Unisys. Cyberespionage perpetrators are people with excellent technical skills and psychological understanding of human behavior capable of manipulating their targets within an organization, since the universal statement is people are always the weakest security link. An increased use of zero-day exploits, coupled with malware which is often not detected by anti-virus vendors is used for building cyber espionage tools. The mobile malware will start shaping the digital security landscape in the forthcoming years painting a different picture. This apart there is a surge in fake security certificates, coupled with skillfully coded malware fostering the nationally authorized cyber attacks leading to a cold cyber war across developed countries.

Second International Conference of the South Asian Society of Criminology and Victimology

The South Asian Society of Criminology and Victimology (SASCV) and Department of Criminology and Criminal Justice at Manonmaniam Sundaranar University are organizing their Second International Conference from 11 to 13 January, 2013 at Kanyakumari, Chennai under the theme of  "REVISITING INTERPERSONAL CRIMES AND VICTIMIZATION"

Shamoon attack

A new malware surfaced during August 2012 as reported by the various security agencies.  The malware has been  dubbed by the code name  "Shamoon". The attack is called "Shamoon", due to a filename i.e. string of a folder name within the malware executable called as Shamoon. ("C:\Shamoon\ArabianGulf\wiper\release\wiper.pdb").The spyware infects all the computers in an internal network.

The main executable contains 3 resources, each maintains a ciphered program. PKCS12:112, PKCS7:113 and X509:116,  according to Dmitry. Symantec said that the malware, which it calls "W32:Disttrack," had infected fewer than 50 machines worldwide. The main Shamoon module has a resource PKCS7:113 that maintains an executable which is saved to disk as %WINDIR%\System32\NETINIT.EXE says Dmitry Tarakanov. He adds that the malware waits for CNC communication as evident from its communication module. He also talks about PKCS12:112 another module playing an important role. The details of shamoon's operation is explained  by Dmitry here.  Shamoon, is being used in targeted attacks against at least one organization in the energy sector, according to Symantec.

Mariposa Botnet

Understanding Bots as a technology has emerged as a critical skill in the information era. This article is focused in understanding Mariposa. Botnet Mariposa was reported by defense intelligence some time during May of 2009. Trend micro says that the worm has been in existence as early as December 2008. It is learnt that the reported botnet was named after the Spanish word for "butterfly" as documented across the Internet. It had silently enrolled almost 13 million computers in more than 190 countries.