slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber Security : Indian perspective 8 Feb 2009 PowerPoint Presentation
Download Presentation
Cyber Security : Indian perspective 8 Feb 2009

Loading in 2 Seconds...

play fullscreen
1 / 33

Cyber Security : Indian perspective 8 Feb 2009 - PowerPoint PPT Presentation

  • Uploaded on

Cyber Security : Indian perspective 8 Feb 2009 Dr. Gulshan Rai Director, CERT-IN Govt. of India Web Evolution Internet Infrastructure in INDIA 3 3 Innovation fostering the Growth of NGNs Smart devices Television Computers PDA Mobile Phone

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Cyber Security : Indian perspective 8 Feb 2009

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Cyber Security : Indian perspective

8 Feb 2009

Dr. Gulshan Rai

Director, CERT-IN

Govt. of India

innovation fostering the growth of ngns
Innovation fostering the Growth of NGNs
  • Smart devices
    • Television
    • Computers
    • PDA
    • Mobile Phone

(Single device to provide an end-to-end, seamlessly secure access)

  • Application Simplicity
    • Preference of single, simple and secure interface to access applications or content
    • Ubiquitous interface - web browser
  • Flexible Infrastructure

Because of these areas of evolution, today’s NGNs are defined more by the services they support than by traditional demarcation of Physical Infrastructure.

the emergence of ngns
The Emergence of NGNs
  • The communication network operating two years ago are father’s telecommunication Network.
  • NGNs are teenager’s Network.
  • No longer consumer and business accept the limitation of single-use device or network.
  • Both individuals and Business want the ability to communicate, work and be entertained over any device, any time, anywhere.
  • The demand of these services coupled with innovation in technology is advancing traditional telecommunication far outside its original purpose.





Extranet Servers


New PC

Unmanaged Devices





Network Infrastructure




Perimeter Network Servers




Unmanaged Devices

Home Users



Remote Workers

The Complexity of Today’s Network


challenges for network operator
Challenges for Network Operator
  • Business challenges include new Pricing Structure, new relationship and new competitors.
  • Technical challenges include migrating and integrating with new advances in technologies from fibre optics, installation of Wi-Fi support.
  • Developing a comprehensive Security Policy and architecture in support of NGN services.
to reap benefits
To Reap Benefits
  • To reap benefits of NGN, the operator must address
    • Technology
    • Risk
    • Security
    • Efficiency
ngn architecture
NGN Architecture

Identify Layer

Compromises of end users owned by a telecom or a third-party service provider accessing services using devices like PC, PDA or mobile phone, to connect to the Internet

Partly Trusted





Service Layer

Hosts service applications and provides a framework for the creation of customer-focused services provided by either operator or a third-party service provider

Web Tier

Service Provider Application

Service Delivery Platform

Network Layer

Performs service execution, service management, network management and media control functions

Connects with the backbone network

Service Delivery Platform (Service Provider )

Common Framework

Backbone Network

growing concern
Growing Concern
  • Computing Technology has turned against us
  • Exponential growth in security incidents
    • Pentagon, US in 2007
    • Estonia in April 2007
    • Computer System of German Chancellory and three Ministries
    • Highly classified computer network in New Zealand & Australia
  • Complex and target oriented software
  • Common computing technologies and systems
  • Constant probing and mapping of network systems
cyber threat evolution
Cyber Threat Evolution

Malicious Code (Melissa)

Identity Theft (Phishing)


Advanced Worm / Trojan (I LOVE YOU)

Organised Crime

Data Theft, DoS / DDoS

Breaking Web Sites







cyber attacks being observed
Cyber attacks being observed

Web defacement



Proxy Scan

Denial of Service

Distributed Denial of Service

Malicious Codes



Data Theft and Data Manipulation

Identity Theft

Financial Frauds

Social engineering Scams

trends of incidents
Trends of Incidents

Sophisticated attacks

Attackers are refining their methods and consolidating assets to create global networks that support coordinated criminal activity

Rise of Cyber Spying and Targeted attacks

Mapping of network, probing for weakness/vulnerabilities

Malware propagation through Website intrusion

Large scale SQL Injection attacks like Asprox Botnet

Malware propagation through Spam on the rise

Storm worm, which is one of the most notorious malware programs seen during 2007-08, circulates through spam

trends of incidents15
Trends of Incidents


Increase in cases of fast-flux phishing and rock-phish

Domain name phishing and Registrar impersonation


Targeting personal information for financial frauds

Information Stealing through social networking sites

Rise in Attack toolkits

Toolkits like Mpack and Neospolit can launch exploits for browser and client-side vulnerabilities against users who visit a malicious or compromised sites

global attack trend
Global Attack Trend

Source: Websense

three faces of cyber crime
Three faces of cyber crime
  • Organised Crime
  • Terrorist Groups
  • Nation States
security of information assets
Security of Information Assets
  • Security of information & information assets is becoming a major area of concern
  • With every new application, newer vulnerabilities crop up, posing immense challenges to those who are mandated to protect the IT assets
  • Coupled with this host of legal requirements and international business compliance requirements on data protection and privacy place a huge demand on IT/ITES/BPO service organizations
  • We need to generate ‘Trust & Confidence’
model followed internationally
Model Followed Internationally
  • Internationally, the general approach has been to have legal drivers supported by suitable verification mechanism.
  • For example, in USA Legal drivers have been
    • SOX
    • HIPPA
    • GLBA
    • FISMA etc.
  • In Europe, the legal driver has been the “Data Protection Act” supported by ISO27001 ISMS.

Information Security Management






Security Policy


Regulatory Compliance

User Awareness Program

Access Control


Security Audit

Incident Response

Encryption, PKI

Firewall, IPS/IDS




Cyber Security Strategy – India

  • Security Policy, Compliance and Assurance – Legal Framework
    • IT Act, 2000
    • IT (Amendment) Bill, 2006 – Data Protection & Computer crimes
    • Best Practice ISO 27001
    • Security Assurance Framework- IT/ITES/BPO Companies
  • Security Incident – Early Warning & Response
    • CERT-In National Cyber Alert System
    • Information Exchange with international CERTs
  • Capacity building
    • Skill & Competence development
    • Training of law enforcement agencies and judicial officials in the collection and analysis of digital evidence
    • Training in the area of implementing information security in collaboration with Specialised Organisations in US
  • Setting up Digital Forensics Centres
    • Domain Specific training – Cyber Forensics
  • Research and Development
    • Network Monitoring
    • Biometric Authentication
    • Network Security
  • International Collaboration
status of security and quality compliance in india
Status of security and quality compliance in India
  • Quality and Security
    • Large number of companies in India have aligned their internal process and practices to international standards such as
      • ISO 9000
      • CMM
      • Six Sigma
      • Total Quality Management
    • Some Indian companies have won special recognition for excellence in quality out of 18 Deming Prize winners for Total Quality Management in the last five years, six are Indian companies.
iso 27001 bs7799 information security management
ISO 27001/BS7799 Information Security Management
  • Government has mandated implementation of ISO27001 ISMS by all critical sectors
  • ISMS 27001 has mainly three components
    • Technology
    • Process
    • Incident reporting and monitoring
  • 296 certificates issued in India out of 7735 certificates issued worldwide
  • Majority of certificates issued in India belong to IT/ITES/BPO sector
information technology security techniques information security management system
Information Technology – Security Techniques Information Security Management System

World China Italy Japan Spain India USA

ISO 9000 951486 210773 115309 73176 65112 46091 36192

(175 counties)

27001 7732 146 148 276 93 296 94




Dissemination & Support

Department of Information Technology

ISP Hot Liners

Major ISPs

Private Sectors

Foreign Ptns

Home Users


Press & TV / Radio




CERT-In Work Process

pc end user security auto security patch update
PC & End User Security: Auto Security Patch Update

Windows Security Patch Auto Update

Microsoft Download Ctr.


ActiveX DL Server

No. of Download ActiveX: 18 Million

Sec. Patch ActiveX Site

pc end user security
PC & End User Security

Incident Response Help Desk



  • Make a call using 1800 – 11 - 4949
  • Send fax using 1800 – 11 - 6969
  • Communicate through email at
  • Number of security incidents handled during 2008 (till Oct): 1425
  • Vulnerability Assessment Service
int l co op cyber security drill
Int’l Co-op: Cyber Security Drill

Joint International Incident Handling Coordination Drill

  • Participated APCERT International Incident Handling Drill 2006
  • Participants: 13 APCERT Members and New Zealand, Vietnam including 5 major Korean ISPs
  • Scenario: Countermeasure against Malicious Code and relevant infringement as DDoS attack
  • Participated APCERT International Incident Handling Drill 2007
  • Participants: 13 APCERT Members + Korean ISPs
  • Scenario: DDoS and Malicious Code Injection
  • To be Model: World Wide Cyber Security Incidents Drill among security agencies

Thank you

Incident Response Help Desk

Phone: 1800 11 4949

FAX: 1800 11 6969

e-mail: incident at