2.
• APTs (Advanced Persistent Threats)
• Virtualization & Cloud Security
• Security vs Privacy vs Anonymity
• People - Process - Product (Era of ‘Smart’ Things)
• Cloud - M2M - Sensors
• From Virtualization to Containerization
• Shift in DevOps – Demo of Web hosting through containers
• TOR – Being Anonymous on Internet
• Demo of TOR hidden service
3.
4. 100 TB Data Stolen & Exposed, Twitter Profiles Defaced, State-Sponsored
Personal Info of Employees,
Corporate E-mails & Source Codes
VPN security tokens & private keys
Box Office Projections
Copies of Unreleased Films
GBs of Data Destroyed & Deleted
Initial Allegations on China & disgruntled Ex-employees of Sony.
US claims it’s by Hacktivists of North Korea
5. Privacy fears over 'smart' Barbie that can listen to your kids
World’s First Interactive Doll
Uses Voice Recognition technology
Plays interactive games, tells jokes
Tailors conversations based on history
– November 2015
Users' account information,
Home Wi-Fi networks, and
Audio MP3 files recorded by the doll
6. Identity Theft – The Next Big Issue, Almost 157,000 People affected
3 employees of Wipro Call Centre, Kolkata got Arrested
Personal Info of Employees & Families,
Thousands of Bank account details, Credit Card numbers
Telecom Usage Data & Statistics
7. Demonstrated at Black Hat USA 2015,
Chrysler Recalled 1.4M Vehicles for Bug Fix
Reverse Engineered Car Firmware & Communications Protocol,
taking over Dashboard functions, Steering, Transmission and Brakes
8. Yeah even it happened….
An Italian Company,
founded in 2003
Offensive Intrusion &
Surveillance Technologies
Clients across a dozen of countries
in 6 different continents
Spy as a Service
A Torrent file with 400GB of
internal documents, source code & email communications Leaked…
11. Let’s reconsider the technology behind security products
3 FORWARD FACING ONLY,
LACK OUTBOUND PROTECTION
No contextual analysis of Internal Threats.
2 LACK OF REAL-TIME
INLINE CONTENT ANALYSIS
No Byte-Range Data Packet Analysis for
Data Loss/ Theft Detection
Lame Firewall Policies
4 LACK OF ADVANCED ANALYTICS
& ANOMALY DETECTION
No Analytics in existing UTMs, NGFWs.
No SSL packet inspection.
1 PRIMARILY BASED ON
SIGNATURE & REPUTATION
Signature history cannot keep up with the
dynamic future of threats, No Sandboxing
12. What security researchers & companies are doing?
• Concept of the network perimeter evaporates (Co-located VMs)
- No Physical Segregation across VMs
• Lack of Persistence, Tougher Forensics
• Multi-Tenant Instance Isolation in SDDCs
• Randomized Memory mapping in Cloud Instances
• Homomorphic Encryption
SECURITY PRIVACY ANONYMITY
15. Refers to the ever-growing network of physical objects with
connectivity, communication and cognizance.
What is “Things” in IoT ?
By things it’s Smart Tablets Phones PC, Medical devices, POS
Terminals, ATM, Handheld Scanners, blah blah blah….
But it’s much more
Cloud & Network Enabled Infrastructure, Supply Chain Things,
Transactional Data, ERP Data, CRM Data, PLC Data, Public Data,
Social Data
IoT automates life, allows to connect with
people, machines and bots.
16. Things are getting ’Smart’er….
Cheap Hardware costs
Highly Available Data centers and Cloud Services
Improved Data Analytics
Manufacturing of Smart Devices
Improved protocols and easy communication
17.
18.
19.
20.
21. Sensors
• Proximity , accelerometer, Moisture , Gyroscope,
Ambient Light, heartbeat sensor, pedometer
• You are under continuous surveillance
Connectivity
• WiFi, Bluetooth, ZigBee, Z-Wave
• 6LowPAN, Thread, Sigfox, Neul , LoRaWAN
People & Process
• Cloud services, Micro services
• One-tap Remote management
22.
23.
24.
25.
26. “A person employed in a port
to load and unload ships.”
Open platform to Build, Ship, Run distributed applications for
developers and sysadmins.
Allows you to package an application with all of its dependencies
into a standardized unit for software development.
You can separate your applications from your infrastructure &
treat your infrastructure like a managed application.
Helps you ship code faster, test faster, deploy faster, and shorten
the cycle between writing code and running code.
27. To run different applications on a
single machine, we installed virtual
machines.
Virtualization allowed us to
• Run multiple operating systems on one
physical machine
• Move and copy virtual machines by saving
the entire state of a virtual machine to files
An application along with
necessary binaries and libraries
and an entire guest operating
system installed all of which may
be tens of GBs in size.
28. A program that allocates the host hardware's
processor, memory & resources to each of VM or
Guest OS to be able to run its own programs.
Native hypervisors (Type-1) run on the host's hardware
to control it as well as manage the virtual machines on it.
• E.g. Microsoft Hyper-V hypervisor, VMware ESX/ESXi, Oracle VM Server for
x86, KVM, or Citrix XenServer.
Hosted hypervisors (Type-2) run as a software on top of
an OS such as Windows, Linux or FreeBSD
• E.g. Virtage hypervisor, VirtualBox and VMWare Workstation
29. Containers have similar resource
isolation and allocation benefits
as VMs but a different
architectural approach allows
them to be much more portable
and efficient.
Docker allows us to
i. Run applications without installing
entire guest operating systems.
ii. Deploy ready-to-run, portable
software, easier migration, and
faster restarts.
30. Containers wrap up a piece of
software in a complete filesystem
that contains everything it needs
to run: code, runtime, system
tools, system libraries.
But share the kernel with other
containers.
They run as an isolated process in
userspace on the host operating
system.
They’re also not tied to any
specific infrastructure – Docker
containers run on any computer,
on any infrastructure and in any
cloud.
31. Docker Engine handles virtualization parameters
such as allocation of the file system when
launched. whereas the hypervisor needs to first
import the virtual machine,then power it up.
A system administrator needs to maintain the
hypervisor for VM. However, the Docker engine is
lightweight container running on host OS.
Accelerate Developer Onboarding, dynamically
change your application from adding new
capabilities to quickly changing problem areas.
Eliminate Environment Inconsistencies
(“it works on my system”)
32. Microsoft Azure
Amazon web services
Google Cloud platform
Oracle Cloud
RedHat Enterprise Linux
IBM Bluemix
33. Docker uses a client-server architecture.
Docker client: The primary user interface to Docker.
- It accepts commands from the user and communicates
back & forth with a Docker daemon.
Docker daemon: Runs on a host machine & does building,
running, and distributing Docker containers.
Other Docker Resources
• Docker images: read-only templates from which Docker containers
are launched.(e.g. Ubuntu operating system with Apache server)
• Docker registries: public or private stores from which you upload or
download images
• Docker containers: everything that is needed for an application to
run.
38. The Onion Router – Gateway to Anonymity
A free software and an open network that
simply makes you anonymous online.
Conceals its users’ identity and their online activity from
surveillance and traffic analysis.
Used by Activists, Whistle Blowers, Journalists, Sensitive
Businesses, Bloggers, Military
Illicit Uses: Selling Drugs and Weapons, Silk Route, Child
Pornography
So to hide your privacy, hide behind a Onion
39. The Onion Router
Layers of Encryption,
Peeled of at every subsequent node
Each relay node knows only which
node gave it data & which node it is
giving data to
Separate set of encryption keys for
each node along the complete circuit
No observer at any single point can tell
where the data came from or where it's going
41. Using Tor Browser to Connect to Internet
Hosting Tor Hidden Service in 3 minutes
(https://xxxxyyyyzzzz.onion)
42. We tend to Over-estimate the effect of a technology in the short run
and Under-estimate the effect in the long run.
- Amara’s Law
43. “It ain't what you don't know that gets you into trouble.
It's what you know for sure that just ain't so.”
AbhinavBiswas@ecil.gov.in
@Abhinav_BIswas
Notas del editor
Disclaimer: Not representing the Employer
The Skull Splash Page on Japan Office – Guardians of Peace
Twitter Account – CEO Go to Hell
Administrators shut down its worldwide network and disabled VPN connections and Wi-Fi access to control the intrusion.
Malware called Wiper, specifically designed for Sony networks, Ranswomware
State-sponsored attacks, Stuxnet 2010
Consider Impact, Loss of Brand Image etc. 7 lawsuits were filed against Sony. Still being hacked…!!!
Company Mattel - 2015
Progressive Machine Learning Features
Digital Assistants like Apple’s Siri, Google’s Now, Microsoft’s Cortana
Failed to validate SSL Certificates. MITM
Just imagine, what can happen if this doll teaches offensive things to your kid.
It is connected to AI Engine that allows the doll to have cognitive conversations with your kid
This seems a very interesting proposition
Note intelligence is not put into the doll….it’s connected to those massive computers of digital world.
Progressive Machine Learning Features
Digital Assistants like Apple’s Siri, Google’s Now, Microsoft’s Cortana
This was hacked.
The doll failed to validate SSL Certificates and hence the hacker quite cunningly used MITM Attacks to get control over the doll.
He got access to the all audio files recorded by the doll. He could penetrate into the home wifi network and was able to sniff user credentials for regular internet traffic. Bt is this the only threat.
Just imagine, what can happen if this doll teaches offensive things to your kid.
What if someone is eavesdropping on our children without our knowledge.
Now, Eavesdropping can also happen through other smart devices.. Like smart TVs..
Broadband & Telecom Company, Ransom asked, but ignored.
Classic case of Idetity Theft, which is raising concerns for Privacy
Think About Vodafone
Fraudsters can easily create a fake bank account in ur name & take loans
Consider this car by Chrysler…The Jeep Cherokee
An awesome SUV with smart features like hands-free voice command control for dashboard funtions, smart infotainment system with capabilities of integration with your icloud & google drive.
You can easily create a wifi hotspot for the fellow passengers using 4G LTE embedded into the car.
So a pretty nice car with cool smart features…bt it was hacked. It was demonstated in Blackhat Conf last year.
These guys Reverse Engineered Car Firmware & Communications Protocol,
And took over Dashboard functions, Steering, Transmission and Brakes
They Remotely controlled the car & showed how they can crash the car without the knowledge of the driver.
Founders are the developers of Open Source Security Pentesting Tool EtterCap
Small Company of 40 employees
Clients are Governments, Law enforcement agencies, Fortune 100 companies across a dozen of countries in 6 different continents.
Consultancy to Interpol.
from Bahrain to Uzbekistan, Ethiopia to Sudan – to spy on spy on journalists, activists, political opposition etc.
Nobody knows how they were hacked.
Two types of companies – One who are hacked & they know about it & Others who are hacked & they don’t know it.
All 5 attacks were innovative in their own way, state-sponsored, ransomware, Identity theft, Privacy problems.
Recon- Social Engineering
Lure- Weakest Link
Redirect- C&C Servers.
Exploit kit- Will scan & move across network.
Dropper- Payload. Meterpreter Session, Remote shell.
Call Home. - ECIL
But Is this enough?
Nasscom - 1 million cyber security professionals needed by 2020
I can’t imagine a data centre without virtualization these days., BYOD, Blue Pill Attack.
Apple vs FBI..
Whatsapp now encrypted.
Banking Transaction Example
So, there’s a lot of challenges that we are facing in the cyber space…
We started with smart phones, smart watches…then moving on to smart TVs, smart refrigerators, smart bulbs, smart electric meters, and Combining them all together we have smart home.
We are also talking about smart traffic management, smart retail, smart healthcare, smart energy, smart industries, smart agriculture, and finally we are building a smart planet I suppose....
With the advent of Iot, we are drifting into an era of smart things.
But why is every ‘thing’ getting smarter? Is it just a marketing gimmick. Or the things are really getting smarter.
If yes, what is making things smart…
Call upon Sarath
Time for break…
Fully autonomous computing system… Smaller than the size of a grain of rice. Less than a half a centimeter
Small computers have sensors, a processor and a radio in it to transmit data.
Solar cells power the battery with ambient light
Sensing temperature, pressure, and taking images.
Collective Swarm…Fog Computing – Micro Cloud....Putting it into soil for smart Agricultures..But dark side..
These device have no security built-in. All collected sensor data is published in open air using radio waves.
Now, We are not able to secure one Iot device...Imagine how difficult it would be to secure a cluster of these small small devices.
Identity Thefts – Cloning of Smart Cards.
Don’t care from where the data is coming…Let the data come.
Google is tracking everything
Keeping your online activities away from prying eyes of governments, advertisers, stalkers and even your boss.
26/11 Attacks – C&C through TOR.
The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints. Instead of taking a direct route from source to destination.
Silk Route
I believe in Amara’s law,
We tend to Overstimate technology in the short run and Understimate the impact of it on the long run.