The internet has, in the mere space of a decade, completely revolutionized the way things are done in Bangladesh. Everything from making friends, shopping, learning and even starting and promoting businesses has experienced paradigm shifts due to the internet. But, despite the allures of connectivity. There are also dangers as well.
This event will focus on cyber security and how to keep privileged data safe from unwanted observation. The event will also talk about how society has changed, both good and bad, and how we can use this opportunity to drive more meaningful growth.
SCM Symposium PPT Format Customer loyalty is predi
Global Cyber Security Trends and the Impact of the Internet on Bangladesh Society
1. Global Cyber Security trend & impact of
Internet on the society of Bangladesh and it’s
status
Fakrul Alam
CTO
bdHUB Limited
fakrul@bdhub.com
http://bd.linkedin.com/in/fakrulalam
https://twitter.com/rapappu
3. 1. Site Defacement
• Site hacked by hacker group named Indishell, Sil3nt Hack3r,
My@nm@r H4acK3rs Unit
• Government sites were targeted (.gov.bd)
• Sites running on CMS are not fully patched and inherently carrying
bugs which is quite easy for the hacker to penetrate.
• Lack of proactive monitoring and enforcement of standards.
9. 3. Email Threat
• Email threats are increasing.
• Use gmail/hotmail/live email address to send
treat email.
• Sometime we saw use to TOR network for extra
layer of protection.
10. 3. Email Header
whois -h whois.cymru.com 209.85.213.182
AS | IP | AS Name
15169 | 209.85.213.182 | GOOGLE - Google Inc.,US
12. 3. Reporting Incident
In order for a non-U.S. Government to issue legal process from a U.S.
Jurisdiction, it must use a diplomatic process such as letters
rogatory or the process under the Mutual Legal Assistance
Treaty (MLAT), if one exists between the U.S. And
Bangladesh. Evidence sought by governmental
authorities in criminal matters in Bangladesh must be requested
through the Office of International Affairs, U.S. Department of Justice.
13. 4. Open Resolver / DDoS Attack
• DDoS attack on several financial institutions websites.
• Reported application layer (HTTP GET Flood) on online newspaper
portal. Attack stays for 72 hours with roughly 5 million packets per
second.
14. 4. Open Resolver / DDoS Attack
• Not only NTP / DNS Reflection Attack.
• New protocol are also used (UDP port 1900 UPnP Simple Service
Discovery Protocol)
• Biggest DDoS we report is roughly 2.4Gbps (STM-16)
dig ANY isc.org @OpenResolverIP +edns=0 +notcp
+bufsize=4096
;; Query time: 83 msec
;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx)
;; WHEN: Tue Feb 10 09:43:54 2015
;; MSG SIZE rcvd: 4002
17. 6. Prefix Hijack
• If you are transit provider
– Make sure you check customer prefix before announce it.
– Do proper prefix & as filter
• RPKI (Resource Public Key Infrastructure)
20. Reporting Incident : LEA
• Information for Law
Enforcement Authorities
– https://www.facebook.com/saf
ety/groups/law/guidelines/
21. For End User
• Awareness is very important.
• Think twice before posting it to social media.
• http://www.stopthinkconnect.org/
– Safety Tips for Mobile Devices
– Social Networking & Cyberbullying
– Internet Safety & Security Tips for Parents