23-12-2024

Cyber Security: Threats & Challenges

Presented at:
Indian Institute of Remote Sensing (IIRS), Dehradun
Speaker:
Yogesh Verma
Scientist/ Engineer, Space Applications Centre, ISRO, Ahmedabad
1
December 13, 2024

Overview
 Cyber Security

 Threat Vectors

 Attack Modus Operandi

 Challenges

 Security Measures

 Q&A

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 2

1
 23-12-2024

Cyber Security
 What we need? - Healthy Security Posture for organisation and user’s assets

against relevant security risks in the cyber environment.

Physical Security System Security Cyber Security

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 3

CIA Triad
Baseline standard for evaluating & implementing information security.

Confidentiality – restrict access to unauthorised users

 Encryption, IDs and passwords, MFA and additional
defensive strategies.

Integrity – data or information not altered during its

transmission or at rest in an unauthorised manner

Availability – information can be accessed and

Availability modified by authorised users in an appropriate
timeframe

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 4

2
 23-12-2024

Cyber Security Impact

• 6000 complaints reported daily

• Rs. 60 Crore reported loss by
Indian Victims daily
Source: Cert-In, NCRP, I4C Portal
• 35% of reported amount more
than 50 Lakhs
• 60,000 daily calls on 1930
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 5

Facebook Outrage in Digital Era

» Why?
Due to faulty Configuration
Change in Routers and
was restored back after 7
hours (Oct.5, 2021)

» India users:
14 crore FB, 53 crore
WhatsApp, 21 crore
Instagram users

» Loss:$3.3 million (ad

revenue)
Source: Fortune Inc.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 6

3
 23-12-2024

Cyber Security Facts

Every 39 seconds there is a cyber attack. ~2200 attacks every day.
3 Lakh new malware is created every day.
New Phishing website emerges every 20 seconds.
Trojans account for 58% of all computer malware.
74% of the breaches confirmed were due to human factor or error.
94% of malware is delivered via Phishing Email.
667% increase of targeted phishing attempts during COVID pandemic.
32% of all information breaches involve Phishing

74% of phishing websites are HTTPS

Sources: Statista, Techcircle, Electric.ai, Getstra.com, jumpcloud, DataProt, Cert-In
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 7

Evolution In Technology & Cyber Threats

» Dwell time control

» Lateral Movement

IIRS Training Course on ‘Geodata sharing and Cyber Security’ Source: SANS Institute 8

4
 23-12-2024

Top Cyber Security Threats-2024

IIRS Training Course on ‘Geodata sharing and Cyber Security’ Source: sprintzeal.com 9

Major Cyber Threat Pathways

Major Cyber Threats Majorly exploited by threat actors

IIRS Training Course on ‘Geodata sharing and Cyber Security’ Source – DSCI Survey 2023 10

5
 23-12-2024

Threat Agents and Impact

• Threat: Any malicious act that attempts to gain access to a end-point,
network without authorisation or permission from the owners.

Risk = Likelihood x Impact

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 11

Sources of Cyber Threats

Source – DSCI Survey 2023

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 12

6
 23-12-2024

Cyber Security Challenges

Data Breaches
Unauthorised access or exposure 01
of sensitive information.
Social Engineering
Attacks
02 Social Engineering deceptive
tactics to trick individuals into
sharing confidential data.
Malware Infections
Malicious software that 03
compromises system integrity.
Insider Threats
04 Risks posed by authorised
individuals with malicious
intent.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 13

Cyber Threats & Attacks

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 14

7
 23-12-2024

Cyber Security Attacks

Deep fake technology
Using AI/ML to create fake
audio, video or image content.

01
Ransomware
attacks evolution
Encrypting data and
Zero day attacks
Vulnerability or attack vector is
02 03 demanding payment.

known only to attackers, so

that it work without intervention
from defenders.
Advance Persistent
04 Threat (APT)
Sophisticated targeted attacks.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 15

Social Engineering Attack Techniques

False sense of
trust (Call by
CEO to give
some info)
Steal info on
click of a link

False promise
to lure a victim
into trap to steal
info

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 16

8
 23-12-2024

Is it a Phishing Email?

Spoofed Login page

https://email-gov-in.web.app/.
Genuine Login page

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 17

Phishing Attack Numbers

Source: CERT-In

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 18

9
 23-12-2024

Advanced Persistent Threats

» APT:
» Nation or state-sponsored group.
» Dwell time, 204 days. (APAC)
» Advanced: Full spectrum of intelligence
gathering techniques
» Persistent: Continuous monitoring and
interaction
» Threat: Specific objectives and well funded

» Approach:
» Self-destructing malware and sniffers
» File size is small and file names don’t raise red
flags

» Targets: .mil, .gov sites, defense, CEOs, etc.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 19

Ransomware Attack?
• Encrypts a victim’s files or locks the
system's screen.
• Attack Vectors:
 Improperly secured RDP
 Phishing emails
 Software flaws
 Malicious websites or SMS
• In exchange for releasing the data,
cybercriminals seek ransom money from
their victims.
• Offline backup is the protection solution.
Source: checkpoint.com

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 20

10
 23-12-2024

What is Zero Day Attack?

Vulnerability or attack vector
is known only to attackers,
so that it work without
intervention from defenders.
No patch available.
At least 66 zero-days have
been found to be in use in
2021, which is almost double
the number of such attacks
recorded last year.
Source: MIT Technology Review Report, 2021

97 exploited as zero-days
in 2023. - Source: Mandiant report, 2023

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 21

 Deepfake Scam It is AI-based technology used to produce or alter video content so that it presents
something that didn't, in fact, occur.
 Deep learning neural networks are used to manipulate video (faces) & audio (voice) by morphing & merging.
Voice is overlaid and lips are synced.
 AI Voice Cloning to Scam even a few seconds of the person’s voice is enough to capture the
"essence of that person’s voice & then create entirely original statements & conversations with the
same frequency, intensity, harmonic structure, tone & inflection"
 Conclusion: Deepfaking is becoming a serious cyber crime !! Make sure you understand the difference
between the real and fake ones!

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 22

11
 23-12-2024

Cyber Attacks : Modus Operandi

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 23

How We Protect Information?

 People
 Training, education, awareness, repetition

 Process
 Governance, oversight, policy, reporting

 Technology
 Firewalls, IDS/IPS, SIEM, Anti-malware
 Strong passwords, Logging/monitoring

 Which is the weakest link?

HUMANS
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 24

12
 23-12-2024

Can You Read This?

 HUMANS are product of evolution.

 Majority of the human brains will REACT similarly under a given situation.
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 25

Root Cause of The Problem?

 Human reaction?
 [CRITICAL VULNERABILITIES EXPOLITED BY
SCAMSTERS]

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 26

13
 23-12-2024

Crime Hotspots in India

Jamtara, JH
Mewat, HR
Bharatpur &
Alwar, RJ
Noida, Delhi
Motohari, Bihar

10 Districts account for 80% of cyber crime cases in the country

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 27

Security Measures
Defense in depth is the Best line of control that
Uses multiple layers of defense to address technical, personnel and
operational issues.

Attack

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 28

14
 23-12-2024

Attack Surface

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 29

Secure Coding Practices

» Design as per security policies
» Default deny
» Adhere least privilege policy
» Sanitise data
» Practice defense in depth
» Static/dynamic code analysis
to eliminate security flaws
» Adopt a secure coding
guidelines
» Threat modeling
» Risk Management
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 30

15
 23-12-2024

Guess the Story?

» MORAL OF THE STORY

» ALI BABA 40 CHOR

» DON’T SHARE your password

» DON’T SHARE In Public

» UPDATE Password regularly

» KEEP Strong Password

» AUTO-LOCK Your System

» KEEP IDENTITY Safe

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 31

Enable MFA

Enabling MFA makes you significantly less likely to get hacked.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 32

16
 23-12-2024

And That is Why…

You should enable Multi-Factor Authentication. This will help to protect your
account if your password was stolen or leaked in a data breach.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 33

Update Software

• Update Operating
System on your devices.
• Update your
applications- especially
web browsers.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 34

17
 23-12-2024

Use Official USBs

USB Drives may contain malware- Report to IT team.

Use Official drives in systems.
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 35

Google Search Scam Search Result Shows

Brand
Some of the top search results in Title displays correct brand
Google are phishing links. name

Scammers also invest in search engine URL Mismatch

optimization techniques & work hard to Title says Venmo but URL
rank their scam sites in the top search is a generic
results. sites.google.com

Fraudulent Medicare or health 2nd Result for Organic

Search
insurance websites. Criminals may
Even top search results can
also target your healthcare information be manipulated for fake
by creating fake websites that ask you sites
to “verify” your Medicare number.
Fake customer support websites, Scammers pretend to be from technical
support companies and get you to give them remote access to your computer.
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 36

18
 23-12-2024

QR Code Scam

Who thought a QR code

could be dangerous?

They are everywhere, especially in

restaurants. Criminals can place their
own sticker over the legitimate one. So
that when you scan it, you will be
redirected to a fake site.

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 37

Exercise:1 या आप का ईमेल या मोबाइल से कभी Data Breach हुआ है ? Check it out

12 BILLION Accounts were stolen from hacked sites & apps So
even if you have a STRONG PASSWORD, it may still not be
enough. Check if yours account was leaked at
https://haveibeenpwned.com

38

19
 23-12-2024

Exercise:2 आप पासवड कतना Secure है ? Check it out at

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 39

Exercise:3 Almost Everything Google know about you…Seriously – Everything !! (since 2 decades)
Especially if you use Google's products like; Android, Gmail, Goggle Drive, Google Maps, YouTube, Google Search
https://myactivity.google.com/myactivity

40

20
 23-12-2024

Exercise:4 आप के नाम/आधार पर कतने मोबाइल नंबर और िसम चलता है ?

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 41

https://tafcop.sancharsaathi.gov.in/telecomUser/

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 42

21
 23-12-2024

Exercise:5 Microsoft Office- Keep All macros disabled

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 43

Security Controls
Perimeter protection
01 (Firewall, AV, DPI, IPS/IDS)

End point Security, System

02 Hardening, Application & NAC

Multi-Layer 03 Network Segmentation

Security
Architecture
Application Security (WAF,
04 Email Security)

Analytics [SIEM, Network

05 Security Monitoring, Logging]
44

22
 23-12-2024

Security Controls

Cyber Awareness Activities

& Incident Reporting
06 01 Principle of Least privilege

VAPT, Mock Drills, Inter-

Centre Audits, 3rd Party 05 02 Air-Gapped Networks
Audits

Patch Management 04 03 Secure Code Practices

IIRS Training Course on ‘Geodata sharing and Cyber Security’ 45

Thank You
Acknowledgement: Director, SAC | GD-CSIG, ITND-SAC and IIRS Team

Cyber Security OCTOBER

Awareness
Month 2024
IIRS Training Course on ‘Geodata sharing and Cyber Security’ 46

23