Thursday, December 24, 2015

Types of Cyber Attacks

Types of Cyber Attacks

There are several effective methods for disrupting computer systems. We are talking of a method known as cyber attack, or computer network attack , which uses malicious computer code to disrupt computer processing, or steal data. 
A brief description of three different methods are shown here. However, as technology changes, future distinctions between these methods may begin to blur.
An attack against computers may be targeted or un-targeted
(i) disrupt equipment and hardware reliability, (ii) change processing logic, or (iii) steal or corrupt data. The methods discussed here are chosen based on the technology asset against which each attack mode is directed, and the effects each method can produce. The assets affected or effects produced can sometimes overlap for different attack methods. 

  • Conventional kinetic weapons can be directed against computer equipment, a computer facility, or transmission lines to create a physical attack that disrupts the reliability of equipment. 
  • The power of electromagnetic energy, most commonly in the form of an electromagnetic pulse (EMP), can be used to create an electronic attack (EA) directed against computer equipment or data transmissions. By overheating circuitry or jamming communications, EA disrupts the reliability of equipment and the integrity of data. 
  •  Malicious code can be used to create a cyber attack, or computer network attack , directed against computer processing code, instruction logic, or data. The code can generate a stream of malicious network packets that can disrupt data or logic through exploiting a vulnerability in computer software, or a weakness in the computer security practices of an organization. This type of cyber attack can disrupt the reliability of equipment, the integrity of data, and the confidentiality of communications.
Un-targeted attacks
 In un-targeted attacks, attackers indiscriminately target as many devices, services or users as possible. They do not care about who the victim is as there will be a number of machines or services with vulnerabilities. To do this, they use techniques that take advantage of the openness of the Internet, which include:

  • phishing - sending emails to large numbers of people asking for sensitive information (such as bank details) or encouraging them to visit a fake website 
  •  water holing - setting up a fake website or compromising a legitimate one in order to exploit visiting users 
  •  ransomware - which could include disseminating disk encrypting extortion malware 
  •  scanning - attacking wide swathes of the Internet at random


States, states sponsored hackers or cyber criminals interested in making money through fraud or from the sale of valuable information. Industrial competitors and foreign intelligence services, interested in gaining an economic advantage for their companies or countries. Hackers who find interfering with computer systems an enjoyable challenge. Hacktivists who wish to attack companies for political or ideological motives. Employees, or those who have legitimate access, either by accidental or deliberate misuse. 

Stages of an attack 
A number of attack models describe the stages of a cyber attack (the Cyber Kill Chain® produced by Lockheed Martin is a popular example ). 
Simplified model that describes the four main stages present in most cyber attacks: 

  • Survey - investigating and analysing available information about the target in order to identify potential vulnerabilities 
  •  Delivery - getting to the point in a system where a vulnerability can be exploited 
  •  Breach - exploiting the vulnerability/vulnerabilities to gain some form of unauthorised access 
  •  Affect - carrying out activities within a system that achieve the attacker’s goal Survey Attackers will use any means available 
Cyber Attacks Allegedly Targeted Power Stations in Ukraine 
A cyber attack last month in Ukraine caused a significant portion of the
country's power grid to go offline. 
This attack, if verified, is a window into the future of cyber warfare.  At the start of any modern military campaign, a primary objective of the aggressor is to "take out power and communications" by
blowing up power plants and communications hubs. This is a top priority because, once power and communications are disabled, a country's ability to coordinate defense and mount counter attacks is severely disabled.
Cyber weapons can be pre-positioned inside power companies to do the job of a missile, before a nation even knows it is under attack. U.S. Power Systems' computers have been breached and infected first by Russian hackers and later by other adversaries. Some of the malware they installed is likely still in place and being updated as more attackers attempt to gain control.



A zero-day vulnerability is a previously unknown flaw in a computer program that exposes the program to external manipulation. Zero-day vulnerabilities have been found in many OS & programs, including Chrome, Internet Explorer, Adobe, and Apple products. Zero-day vulnerabilities also appear in software running critical infrastructure, such as power plants. What differentiates a zero-day from other computer vulnerabilities, and what makes it valuable, is that it is unknown to the software’s makers and users. Whoever has knowledge of a zero-day can exploit it from the “zero-th” day of its discovery, until the software maker or users learn of it and fix the vulnerability. What makes a zero-day vulnerability different from other cyber tools is that it is simply information. A zero-day encapsulates the knowledge that X could happen if you do Y. As Auriemma and Ferrante of ReVuln, a zero-day seller, argue, “we don’t sell weapons, we sell information.” Other companies, however, do sell weaponized vulnerabilities – zero-day “exploits” – that contain new software code taking advantage of a zero-day vulnerability. Desautels, of vulnerability-seller Netragard, states Netragard sells exploits. Zero-day exploits range in complexity and functionality, from enabling access to, monitoring, extracting information from, or damaging a software program. For instance, the Stuxnet program allegedly used by the United States to damage uranium-enrichment Iranian centrifuges made use of four zero-day vulnerabilities.
The term zero-day “vulnerability” describes the software flaw itself. When a zero day vulnerability is sold, knowledge of the flaw is sold. The press often uses the term zero-day “exploit” interchangeably to describe knowledge of a flaw or new software code exploiting a flaw. In this article, the term “exploit” refers only to new code written to take advantage of a zero-day vulnerability. Although turning a vulnerability into an exploit can be relatively easy, motivations for finding and exploiting vulnerabilities often differ. For instance, cybersecurity researchers have less motivation to turn vulnerabilities into exploits than someone selling or buying zero-days. This distinction between a zeroday vulnerability and exploit, and the different groups interacting with them, is important to make when analyzing regulatory options for the zero-day vulnerability trade. Vulnerabilities are most exploitable if kept secret. Zero-days are discovered and not made, so there is no guarantee someone in possession of a vulnerability is the only person who knows about it. The value of secrecy complicates efforts to control the zero-day trade because it contributes to market opacity and lack of transparency about buyer and seller behavior.
Zero-days are traded in three markets. As defined in this article, the “white market” encompasses sales of vulnerabilities between zero-day vulnerability hunters and software vendors or third-party clearinghouses. The “black market” describes interactions where the buyer or the seller has criminal intent. The “grey market” involves interactions between vulnerability sellers and government agencies conducted as legal business deals. It also encompasses sales between vulnerability sellers and legal users of zero-day vulnerabilities, including high-end cybersecurity firms. This article distinguishes between “legal” and “legitimate” zero-day vulnerability markets. White-market and gray-market transactions are legal, and black market transactions illegal. The negative security ramifications of the grey market mean this article designates only white-market options legitimate. Grey-market firms, rather than freelance hackers, now sell more than half of zero-day vulnerabilities. NSS Labs included many of the firms in its market analysis, and concluded that “half a dozen boutique exploit providers have the capacity to offer more than 100 exploits per year, resulting in privately known exploits being available on any given day,” at minimum. One seller identified the decreased risk of getting ripped off, the possibility of job offers, and stable contracts with government or industry clients as reasons vulnerability hunters choose to operate on the grey market.

Saturday, December 19, 2015

What precautions Bank Customers need to take against frauds

What precautions Bank Customers need to take against frauds
.. Adv. Prashant Mali, Cyber Security & Law Expert
1. Hold extra money in fixed Deposits and with written instructions to bank that no online Fd transfers.
2. Avoid any banking over phone lots of Vishing scams are happening, it is better to keep the phone down when some one says calling from bank. Till the scams are weeded out by banks or police.
3. If your SIM is deactivated, it normally happens on weekends, immediately call the bank from another phone and freeze you bank account, coz SIM exchange fraud may be happening.
4. Change your PIN number and passwords today, they are already leaked in the international market. Or your "true caller" database has it on their server.
5. Do not do banking from cyber cafe or from any office coz they keep all your logs and data officially , trust me human mind can go corrupt.
6. Today, go to the settings option of your Gmail and check for any filters or any forwarding instructions being there.
7. Always use " Special Instructions " in the account opening form of the bank to write some unique instructions what Bank should look while processing payments. 
8. Do not keep lots of money in Dormant accounts.
9. Don't reveal banking details on any social media websites.
10. Enable 2 factor authentication in your Gmail account. 
11. Use a different browser for Internet banking like incognito or other.
12. Don't clock links blindly on any site or software  read the accompanying text and decide.
13. Save your bank URL as a bookmark and use that or ALWAYS type the bank URL. 
14. If u get a bank email asking u to visit or confirm something  by clicking a link.. make sure that the link goes to the bank website  (it must be bank dot com)
15. When you face a fraud, fight for your money and Pl. educate others too. Logo ki Dua mein bhi takaat hoti hai.
Happy Banking 🙏
Share it

Navy man in Jail for 2 years for Child Pornography, cyber crime in India

Navy man gets 2 years Jail for Child Pornography, cyber crime in India : Cyber crime conviction By Prashant Mali In the case of D...