Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
Broadband for Digital Bangladesh & recommendation from ISPAB
Next
Download to read offline and view in fullscreen.

Share

Global Cyber Security trend & impact of Internet on the society of Bangladesh and it’s status

Download to read offline

The internet has, in the mere space of a decade, completely revolutionized the way things are done in Bangladesh. Everything from making friends, shopping, learning and even starting and promoting businesses has experienced paradigm shifts due to the internet. But, despite the allures of connectivity. There are also dangers as well.

This event will focus on cyber security and how to keep privileged data safe from unwanted observation. The event will also talk about how society has changed, both good and bad, and how we can use this opportunity to drive more meaningful growth.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Global Cyber Security trend & impact of Internet on the society of Bangladesh and it’s status

  1. 1. Global Cyber Security trend & impact of Internet on the society of Bangladesh and it’s status Fakrul Alam CTO bdHUB Limited fakrul@bdhub.com http://bd.linkedin.com/in/fakrulalam https://twitter.com/rapappu
  2. 2. Incident Trends, Bangladesh Data received from censors maintained by bdCERT
  3. 3. 1. Site Defacement • Site hacked by hacker group named Indishell, Sil3nt Hack3r, My@nm@r H4acK3rs Unit • Government sites were targeted (.gov.bd) • Sites running on CMS are not fully patched and inherently carrying bugs which is quite easy for the hacker to penetrate. • Lack of proactive monitoring and enforcement of standards.
  4. 4. 1. Site Defacement
  5. 5. 1. Site Defacement • Site defacement using known techniques like SQL Injection, Metasploit and CMS vulnerability.
  6. 6. 2. Phishing Attack
  7. 7. 2. Phishing Attack
  8. 8. 2. Phishing Attack whois -h whois.apnic.net 203.112.194.17 mnt-by: APNIC-HM mnt-lower: MAINT-BD-BTTB mnt-routes: MAINT-BD-BTTB mnt-irt: IRT-BTTB-BD changed: hm-changed@apnic.net 20040323 status: ALLOCATED PORTABLE changed: hm-changed@apnic.net 20040323 changed: hm-changed@apnic.net 20040401 source: APNIC irt: IRT-BTTB-BD address: Data and Internet Service address: Bangladesh Telecommunications Company Ltd address: Moghbazar Telephone Bhaban, Dhaka e-mail: irt@btcl.net.bd abuse-mailbox: irt@btcl.net.bd admin-c: HA128-AP tech-c: MR209-AP auth: # Filtered mnt-by: MAINT-BD-BTTB changed: irt@btcl.net.bd 20110102 source: APNIC
  9. 9. 3. Email Threat • Email threats are increasing. • Use gmail/hotmail/live email address to send treat email. • Sometime we saw use to TOR network for extra layer of protection.
  10. 10. 3. Email Header whois -h whois.cymru.com 209.85.213.182 AS | IP | AS Name 15169 | 209.85.213.182 | GOOGLE - Google Inc.,US
  11. 11. 3. Email Header
  12. 12. 3. Reporting Incident In order for a non-U.S. Government to issue legal process from a U.S. Jurisdiction, it must use a diplomatic process such as letters rogatory or the process under the Mutual Legal Assistance Treaty (MLAT), if one exists between the U.S. And Bangladesh. Evidence sought by governmental authorities in criminal matters in Bangladesh must be requested through the Office of International Affairs, U.S. Department of Justice.
  13. 13. 4. Open Resolver / DDoS Attack • DDoS attack on several financial institutions websites. • Reported application layer (HTTP GET Flood) on online newspaper portal. Attack stays for 72 hours with roughly 5 million packets per second.
  14. 14. 4. Open Resolver / DDoS Attack • Not only NTP / DNS Reflection Attack. • New protocol are also used (UDP port 1900 UPnP Simple Service Discovery Protocol) • Biggest DDoS we report is roughly 2.4Gbps (STM-16) dig ANY isc.org @OpenResolverIP +edns=0 +notcp +bufsize=4096 ;; Query time: 83 msec ;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx) ;; WHEN: Tue Feb 10 09:43:54 2015 ;; MSG SIZE rcvd: 4002
  15. 15. 5. Data Leakage • Information data leakage in PASTEBIN
  16. 16. 6. Prefix Hijack
  17. 17. 6. Prefix Hijack • If you are transit provider – Make sure you check customer prefix before announce it. – Do proper prefix & as filter • RPKI (Resource Public Key Infrastructure)
  18. 18. 7. Facebook Incident
  19. 19. 7. Facebook Incident
  20. 20. Reporting Incident : LEA • Information for Law Enforcement Authorities – https://www.facebook.com/saf ety/groups/law/guidelines/
  21. 21. For End User • Awareness is very important. • Think twice before posting it to social media. • http://www.stopthinkconnect.org/ – Safety Tips for Mobile Devices – Social Networking & Cyberbullying – Internet Safety & Security Tips for Parents
  22. 22. PEOPLE PRODUCT PROCESS
  23. 23. Thank You
  • ssuser5a79cb

    Jun. 7, 2018
  • ripon69

    Nov. 28, 2015

The internet has, in the mere space of a decade, completely revolutionized the way things are done in Bangladesh. Everything from making friends, shopping, learning and even starting and promoting businesses has experienced paradigm shifts due to the internet. But, despite the allures of connectivity. There are also dangers as well. This event will focus on cyber security and how to keep privileged data safe from unwanted observation. The event will also talk about how society has changed, both good and bad, and how we can use this opportunity to drive more meaningful growth.

Views

Total views

1,329

On Slideshare

0

From embeds

0

Number of embeds

37

Actions

Downloads

43

Shares

0

Comments

0

Likes

2

×