SlideShare a Scribd company logo

Cyber of things 2.0

Deepak Kumar (D3) , profile picture
Deepak Kumar (D3)

The document discusses trends, tactics, and perspectives related to cybercrime investigations. It outlines the top cybercrime threats as financial fraud, social media-related crimes, and other online scams. The document also discusses popular cybercrime tactics like social engineering and anonymity through cryptocurrency. It emphasizes the need for government coordination, cybersecurity preparedness, and proactive threat hunting to effectively address evolving cybercrime.

Education
Related topics:
Cyber Crime Cyber Threat Intelligence
1 of 21
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
-Team CRCIDF Trends Tactics & Investigation Perspective
DISCLAIMER The views / opinions / assumptions expressed for educational & research purposes only. Do not attempt to violate the law with anything contained here. Neither the author of this material, nor anyone else affiliated in any way, is liable for your actions. The purpose of this presentation is to share what is cyber happening trends and what is possible... CoT : CYBER OF THINGS
We live in the digital age Criminals do too What are the top cyber crime threats ? CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
CYBER INCIDENTS CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE C Factor and all are interrelated CYBER CRIME CYBER SECURITY CYBER TERRORISM
CYBER RISK RANKING BY SECTOR CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE GOVERNMENT MANUFACTURING BANKING FINANCIAL SERVICES & MOBILE MONEY RETAIL STRATEGIC & PUBLIC ENTERPRISES. PROFESSIONAL SERVICES HOSPITALITY INSURANCE TELECOMMUNICATIONS *As per African (Kenya) Region
Top 5 cyber crime incidents from India perimeter (Updated Oct 2020) Flashback Pointers CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Payment Fraud, Phishing, Vishing, Smishing, Wallet related, Card-not-present (CNP) fraud , UPI, QR-Code, PayTM, OLX, Cashback related etc. 50 Percent (1-3) Financial Frauds Cyber Bullying, Online Harassment, Fake profile account, Online Scams, CP, CSAM, Money asking case, Revenge porn, Fake news, dating app through fake account black mail, provocative speech, Religion base etc. 25 percent (4) Online social media related Job frauds, Matrimonial, MLM, Cheating, Malware hacking related etc. 25 Percent (5) Other Cyber Crimes
TRENDS & TACTICS CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Top State/UTs with the reported incidents Delhi, Maharashtra, Gujarat, Uttar Pradesh, Karnataka… i. Social Engineering: Hub Jamtara, Mewat, Mahipalpur, 50% of the cybercrimes in India are traced back to this sleepy town ii. Trending Theme: Couple Challenge, don’t know the Cons, Deep Fake, Extortion, Blackmailing case iii. Spywares: No OTP required of phone is hijacked iv. Anonymity: Criminals (Still) Love Cryptocurrency v. Banking Trojan Ursnif, Zeus, Emotet, Dridex etc. vi. Bulletproof hosting (BPH) BPH refers to a type of hosting or hosting provider that earns its money by consciously accepting perpetrators of crime as part of its clientele, offering them technical infrastructure resilient to law enforcement disruption or takedown vii. Modular Malware Ransomware viii. ...
RANSOMWARE Now Crypto Hackers Mindset : Too much risk......but the target is too sweet CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
REQUIRED ACTION  Govt. already having funds, schemes, various dedicated divisions/unit/portal to tackle such crimes/issues  Capacity building: Detailed training as Ramayana can't be finished in 1 hour  Digital literacy: Cyber Awareness such as netiquette, Modus Operand based  PPT factor with proper effective coordination CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
CYBER SECURITY PREPAREDNESS CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE LEGALMEASURES • Measures the legal framework of a country that streamlines basic response mechanisms to breaching of cyber law TECHNICAL • Measures the adequacy of technical measures and the strength of capabilities based on the number of existing technical institutions and frameworks dealing with cybersecurity ORGANISATIONAL • Measures the organisational strategy of a countries cybersecurity imitative. This is based on the number of institutions and strategies organizing cybersecurity development at national level CAPACITYBUILDING • Measures the awareness campaign and the availability of resources for each country. ( Includes the existence of research and development education and training programs and certified professionals and public sector agencies. COOPERATION • Measures the active engagement of different sectors and stakeholders in preventing threats and combating cyber-attacks.
Don't believe marketing hype regarding Cyber Crime Safety "oh, we spent $$$ in $Vendor product, so we are safe" Any "tool", regardless of the price, is still a "tool“ Effective Awareness appreciable CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Take a Break
Ad CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Another Buzz
OSINT ≠ Actionable Intelligence What exactly : OSINF Open Source Information Sentiments, Statistics, Trends So what's required Proactive Threat Hunting required : Data and Patience Understand the Threat and Actor and what to hunt Defacement Days gone… APT , Malware, Ransomware, Honeypots, Bots, Watering Hole etc. CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Where We Stand 💳 38 % Crypto Miner's 👾 29 % Botnet 📲 27 % Mobile 🏧 18 % Banking 🧾 18 % Info stealer 🧾 7 % Ransomware Src 👉 Check Point Cyber Security Report 2020
Ad CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
Ad CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Aim
Strategic: Broader trends typically meant for a non technical audience Tactical: Outlines of tactics, techniques, and procedures (TTP) of threat actors for a more technical audience Operational: Technical details about specific attacks and campaigns i. Hypothesis Driven: Data Leak/Breach, IOC, TTPS ii. Analytics and Machine Learning : Data set, Signatures, Anomalies, Historical repo, UEBA, SOAR etc. iii. Manual Interventions: Customised sensors, crawlers, parsers iv. Human Intelligence always Win : Expertise, SME, Coordination agencies etc. CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Strategy
CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE SOCMINT • Disseminate to Concern • Need to add Output COTS Twitter iMessengers Maltego Etc. Processing There are three main steps in analysing social media: • Data identification, • Data analysis, and • Information interpretation. Gather actionable insights in raw form concerning to Subject, etc. Input
i. OSINT Tools and Framework : Domain Based, Searching, Clustering, Grouping etc. ii. OSINT Services websites: osint, start.me, midasearch, toddington, osintgeek, intel technique etc. iii. Commercial vendors: Feeds, Alerts iv. Government off-the-shelf Tools : In-House, Integrated APIs and Data Lake v. Common Sense CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Tools
Cyber of things 2.0
Sit back and enjoy the show... or Let’s Start Crime free CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
References • Cyber Threat Intelligence Command Centre - SC3 • Github • SANS Mail: D3pak@protonmail.com For more: https://d3pakblog.wordpress.com CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE

More Related Content

PDF
Cyber Threat Intel : Overview
Deepak Kumar (D3)
 
PDF
Cyber Forensics & Challenges
Deepak Kumar (D3)
 
PDF
Cyber Forensics
Deepak Kumar (D3)
 
PDF
Threat Intelligence
Deepak Kumar (D3)
 
PDF
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
PDF
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Dinesh O Bareja
 
PDF
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
PPTX
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
CODE BLUE
 
Cyber Threat Intel : Overview
Deepak Kumar (D3)
 
Cyber Forensics & Challenges
Deepak Kumar (D3)
 
Cyber Forensics
Deepak Kumar (D3)
 
Threat Intelligence
Deepak Kumar (D3)
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
Managing Frequently Overlooked Risks & Threats (FORTS) in Corporations
Dinesh O Bareja
 
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
CODE BLUE
 

What's hot (20)

PDF
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
PDF
The role of big data, artificial intelligence and machine learning in cyber i...
Aladdin Dandis
 
PDF
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Dinesh O Bareja
 
PDF
AI for CyberSecurity
Satnam Singh
 
PDF
Cyber Security and the National Central Banks
Community Protection Forum
 
PDF
Incident Response Requires Superhumans
Dinesh O Bareja
 
PPTX
Models of Escalation and De-escalation in Cyber Conflict
Zsolt Nemeth
 
PPTX
Cyber Threat Intelligence
Syed Peer
 
PDF
Bug Bounty Programs : Good for Government
Dinesh O Bareja
 
PPTX
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
PPT
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
PDF
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
PDF
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
BCM Institute
 
PPSX
Cyber Security Awareness Month 2017-Wrap-Up
Chinatu Uzuegbu
 
PPTX
2015: The year-ahead-in-cyber-security
Stephen Cobb
 
PDF
Cyber Security - awareness, vulnerabilities and solutions
inLabFIB
 
PDF
Smart Nation, smart hacks and legal liability for cybersecurity breaches in t...
Benjamin Ang
 
PDF
Guardians of the future what should we do to secure future cyberspace
Aladdin Dandis
 
PDF
Governance and IoT Cyber Risks - presented at Defcon-OWASP Lucknow, India
Dinesh O Bareja
 
PDF
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
Netpluz Asia Pte Ltd
 
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
The role of big data, artificial intelligence and machine learning in cyber i...
Aladdin Dandis
 
Governance in Cybercrime and Cybersecurity orgns - final distribution Organiz...
Dinesh O Bareja
 
AI for CyberSecurity
Satnam Singh
 
Cyber Security and the National Central Banks
Community Protection Forum
 
Incident Response Requires Superhumans
Dinesh O Bareja
 
Models of Escalation and De-escalation in Cyber Conflict
Zsolt Nemeth
 
Cyber Threat Intelligence
Syed Peer
 
Bug Bounty Programs : Good for Government
Dinesh O Bareja
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
BCM Institute
 
Cyber Security Awareness Month 2017-Wrap-Up
Chinatu Uzuegbu
 
2015: The year-ahead-in-cyber-security
Stephen Cobb
 
Cyber Security - awareness, vulnerabilities and solutions
inLabFIB
 
Smart Nation, smart hacks and legal liability for cybersecurity breaches in t...
Benjamin Ang
 
Guardians of the future what should we do to secure future cyberspace
Aladdin Dandis
 
Governance and IoT Cyber Risks - presented at Defcon-OWASP Lucknow, India
Dinesh O Bareja
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
Netpluz Asia Pte Ltd
 
Ad

Similar to Cyber of things 2.0 (20)

PDF
Cybercrime: Radically Rethinking the Global Threat
NTT Innovation Institute Inc.
 
PPTX
Achieving Caribbean Cybersecuirty
Shiva Bissessar
 
DOCX
Tarun Gaur On Hacking the Hackers Can We Turn the Tide on Cyber Crime
Tarun Gaur
 
PPTX
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
itnewsafrica
 
PDF
Most Influential Cybersecurity Leader to Follow in 2024.pdf
InsightsSuccess4
 
PPTX
SIEM Fundamentals-Session 1 presentations
ShivanandManjaragi2
 
PDF
Commercial Real Estate - Cyber Risk 2020
CBIZ, Inc.
 
PPTX
Emerging Threats to Digital Payments - Is Your Business Ready
Chukwunonso Okoro, CFE, CAMS, CRISC
 
DOCX
A report on cyber Crime
Nikhil Chaudhary
 
PDF
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
PDF
The 10 Fastest Growing Cyber Security Companies of 2017
Insights success media and technology pvt ltd
 
PDF
The digital economy and cybersecurity
Mark Albala
 
DOCX
Cybercrime Surveillance.docx
PelorusTechnologies
 
PDF
Dell Technologies Cyber Security playbook
Margarete McGrath
 
PPT
The-Role-of-Digital-Forensics-in-Unraveling-Modern-Cybercrimes-_1_.ppt
Tamar Software
 
PDF
Why is cyber security a disruption in the digital economy
Mark Albala
 
PDF
The Digital Dilemma - Igor Verhoeven, Bindung
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
PDF
Practical approach to combating cyber crimes
Chinatu Uzuegbu
 
PDF
Cyber Security Planning 101
Welch LLP
 
PPTX
Cyber Security – Challenges [Autosaved].pptx
RambilashTudu
 
Cybercrime: Radically Rethinking the Global Threat
NTT Innovation Institute Inc.
 
Achieving Caribbean Cybersecuirty
Shiva Bissessar
 
Tarun Gaur On Hacking the Hackers Can We Turn the Tide on Cyber Crime
Tarun Gaur
 
Pat Pather- Cyber Security Unchartered: Vigilance, Innovation and Adaptability
itnewsafrica
 
Most Influential Cybersecurity Leader to Follow in 2024.pdf
InsightsSuccess4
 
SIEM Fundamentals-Session 1 presentations
ShivanandManjaragi2
 
Commercial Real Estate - Cyber Risk 2020
CBIZ, Inc.
 
Emerging Threats to Digital Payments - Is Your Business Ready
Chukwunonso Okoro, CFE, CAMS, CRISC
 
A report on cyber Crime
Nikhil Chaudhary
 
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
The 10 Fastest Growing Cyber Security Companies of 2017
Insights success media and technology pvt ltd
 
The digital economy and cybersecurity
Mark Albala
 
Cybercrime Surveillance.docx
PelorusTechnologies
 
Dell Technologies Cyber Security playbook
Margarete McGrath
 
The-Role-of-Digital-Forensics-in-Unraveling-Modern-Cybercrimes-_1_.ppt
Tamar Software
 
Why is cyber security a disruption in the digital economy
Mark Albala
 
The Digital Dilemma - Igor Verhoeven, Bindung
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
 
Practical approach to combating cyber crimes
Chinatu Uzuegbu
 
Cyber Security Planning 101
Welch LLP
 
Cyber Security – Challenges [Autosaved].pptx
RambilashTudu
 
Ad

More from Deepak Kumar (D3) (20)

PDF
Dark Web Forensics
Deepak Kumar (D3)
 
PDF
THINK
Deepak Kumar (D3)
 
PDF
Cyber Security Tips
Deepak Kumar (D3)
 
PDF
CISSP INFORGRAPH MINDMAP
Deepak Kumar (D3)
 
PDF
Cyber Crime Types & Tips
Deepak Kumar (D3)
 
PDF
Cyber Security India & Cyber Crime
Deepak Kumar (D3)
 
PDF
21st Century Cyber Forensics
Deepak Kumar (D3)
 
PDF
Phishing
Deepak Kumar (D3)
 
PDF
IoT
Deepak Kumar (D3)
 
PPTX
C3 Cyber
Deepak Kumar (D3)
 
PDF
Bitcoin
Deepak Kumar (D3)
 
PDF
Ransomware
Deepak Kumar (D3)
 
PDF
Success Mantra
Deepak Kumar (D3)
 
PDF
Facebook Security Tips
Deepak Kumar (D3)
 
PDF
DDOS
Deepak Kumar (D3)
 
PDF
Registry Registrar Registrant
Deepak Kumar (D3)
 
PDF
Whatsapp
Deepak Kumar (D3)
 
PDF
How to social/official network
Deepak Kumar (D3)
 
PDF
Sexting
Deepak Kumar (D3)
 
PDF
Phishing Scam
Deepak Kumar (D3)
 
Dark Web Forensics
Deepak Kumar (D3)
 
THINK
Deepak Kumar (D3)
 
Cyber Security Tips
Deepak Kumar (D3)
 
CISSP INFORGRAPH MINDMAP
Deepak Kumar (D3)
 
Cyber Crime Types & Tips
Deepak Kumar (D3)
 
Cyber Security India & Cyber Crime
Deepak Kumar (D3)
 
21st Century Cyber Forensics
Deepak Kumar (D3)
 
Phishing
Deepak Kumar (D3)
 
IoT
Deepak Kumar (D3)
 
C3 Cyber
Deepak Kumar (D3)
 
Bitcoin
Deepak Kumar (D3)
 
Ransomware
Deepak Kumar (D3)
 
Success Mantra
Deepak Kumar (D3)
 
Facebook Security Tips
Deepak Kumar (D3)
 
DDOS
Deepak Kumar (D3)
 
Registry Registrar Registrant
Deepak Kumar (D3)
 
Whatsapp
Deepak Kumar (D3)
 
How to social/official network
Deepak Kumar (D3)
 
Sexting
Deepak Kumar (D3)
 
Phishing Scam
Deepak Kumar (D3)
 

Recently uploaded (20)

PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PPTX
Institutional Correction lecture only . . .
limvtheghins
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
Mark Klimek Lecture Notes_240423 revision books _173037.pdf
pascalgumisiriza1
 
PDF
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
PDF
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PDF
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
PDF
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
Introduction to Child Health Nursing – Unit I | Child Health Nursing I | B.Sc...
RAKESH SAJJAN
 
PPTX
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
Institutional Correction lecture only . . .
limvtheghins
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
Mark Klimek Lecture Notes_240423 revision books _173037.pdf
pascalgumisiriza1
 
Origin of periodic table-Mendeleev’s Periodic-Modern Periodic table
Mithil Fal Desai
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
VCE English Exam - Section C Student Revision Booklet
jpinnuck
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
Business Ethics Teaching Materials for college
CynthiaCastillo40
 
3rd Neelam Sanjeevareddy Memorial Lecture.pdf
Academy of Grassroots Studies and Research of India (AGRASRI)
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
Introduction to Child Health Nursing – Unit I | Child Health Nursing I | B.Sc...
RAKESH SAJJAN
 
Week 4 Term 3 Study Techniques revisited.pptx
mansk2
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 

Cyber of things 2.0

  • 1. -Team CRCIDF Trends Tactics & Investigation Perspective
  • 2. DISCLAIMER The views / opinions / assumptions expressed for educational & research purposes only. Do not attempt to violate the law with anything contained here. Neither the author of this material, nor anyone else affiliated in any way, is liable for your actions. The purpose of this presentation is to share what is cyber happening trends and what is possible... CoT : CYBER OF THINGS
  • 3. We live in the digital age Criminals do too What are the top cyber crime threats ? CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 4. CYBER INCIDENTS CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE C Factor and all are interrelated CYBER CRIME CYBER SECURITY CYBER TERRORISM
  • 5. CYBER RISK RANKING BY SECTOR CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE GOVERNMENT MANUFACTURING BANKING FINANCIAL SERVICES & MOBILE MONEY RETAIL STRATEGIC & PUBLIC ENTERPRISES. PROFESSIONAL SERVICES HOSPITALITY INSURANCE TELECOMMUNICATIONS *As per African (Kenya) Region
  • 6. Top 5 cyber crime incidents from India perimeter (Updated Oct 2020) Flashback Pointers CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Payment Fraud, Phishing, Vishing, Smishing, Wallet related, Card-not-present (CNP) fraud , UPI, QR-Code, PayTM, OLX, Cashback related etc. 50 Percent (1-3) Financial Frauds Cyber Bullying, Online Harassment, Fake profile account, Online Scams, CP, CSAM, Money asking case, Revenge porn, Fake news, dating app through fake account black mail, provocative speech, Religion base etc. 25 percent (4) Online social media related Job frauds, Matrimonial, MLM, Cheating, Malware hacking related etc. 25 Percent (5) Other Cyber Crimes
  • 7. TRENDS & TACTICS CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Top State/UTs with the reported incidents Delhi, Maharashtra, Gujarat, Uttar Pradesh, Karnataka… i. Social Engineering: Hub Jamtara, Mewat, Mahipalpur, 50% of the cybercrimes in India are traced back to this sleepy town ii. Trending Theme: Couple Challenge, don’t know the Cons, Deep Fake, Extortion, Blackmailing case iii. Spywares: No OTP required of phone is hijacked iv. Anonymity: Criminals (Still) Love Cryptocurrency v. Banking Trojan Ursnif, Zeus, Emotet, Dridex etc. vi. Bulletproof hosting (BPH) BPH refers to a type of hosting or hosting provider that earns its money by consciously accepting perpetrators of crime as part of its clientele, offering them technical infrastructure resilient to law enforcement disruption or takedown vii. Modular Malware Ransomware viii. ...
  • 8. RANSOMWARE Now Crypto Hackers Mindset : Too much risk......but the target is too sweet CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 9. REQUIRED ACTION  Govt. already having funds, schemes, various dedicated divisions/unit/portal to tackle such crimes/issues  Capacity building: Detailed training as Ramayana can't be finished in 1 hour  Digital literacy: Cyber Awareness such as netiquette, Modus Operand based  PPT factor with proper effective coordination CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 10. CYBER SECURITY PREPAREDNESS CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE LEGALMEASURES • Measures the legal framework of a country that streamlines basic response mechanisms to breaching of cyber law TECHNICAL • Measures the adequacy of technical measures and the strength of capabilities based on the number of existing technical institutions and frameworks dealing with cybersecurity ORGANISATIONAL • Measures the organisational strategy of a countries cybersecurity imitative. This is based on the number of institutions and strategies organizing cybersecurity development at national level CAPACITYBUILDING • Measures the awareness campaign and the availability of resources for each country. ( Includes the existence of research and development education and training programs and certified professionals and public sector agencies. COOPERATION • Measures the active engagement of different sectors and stakeholders in preventing threats and combating cyber-attacks.
  • 11. Don't believe marketing hype regarding Cyber Crime Safety "oh, we spent $$$ in $Vendor product, so we are safe" Any "tool", regardless of the price, is still a "tool“ Effective Awareness appreciable CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Take a Break
  • 12. Ad CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Another Buzz
  • 13. OSINT ≠ Actionable Intelligence What exactly : OSINF Open Source Information Sentiments, Statistics, Trends So what's required Proactive Threat Hunting required : Data and Patience Understand the Threat and Actor and what to hunt Defacement Days gone… APT , Malware, Ransomware, Honeypots, Bots, Watering Hole etc. CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Where We Stand 💳 38 % Crypto Miner's 👾 29 % Botnet 📲 27 % Mobile 🏧 18 % Banking 🧾 18 % Info stealer 🧾 7 % Ransomware Src 👉 Check Point Cyber Security Report 2020
  • 14. Ad CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 15. Ad CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Aim
  • 16. Strategic: Broader trends typically meant for a non technical audience Tactical: Outlines of tactics, techniques, and procedures (TTP) of threat actors for a more technical audience Operational: Technical details about specific attacks and campaigns i. Hypothesis Driven: Data Leak/Breach, IOC, TTPS ii. Analytics and Machine Learning : Data set, Signatures, Anomalies, Historical repo, UEBA, SOAR etc. iii. Manual Interventions: Customised sensors, crawlers, parsers iv. Human Intelligence always Win : Expertise, SME, Coordination agencies etc. CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Strategy
  • 17. CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE SOCMINT • Disseminate to Concern • Need to add Output COTS Twitter iMessengers Maltego Etc. Processing There are three main steps in analysing social media: • Data identification, • Data analysis, and • Information interpretation. Gather actionable insights in raw form concerning to Subject, etc. Input
  • 18. i. OSINT Tools and Framework : Domain Based, Searching, Clustering, Grouping etc. ii. OSINT Services websites: osint, start.me, midasearch, toddington, osintgeek, intel technique etc. iii. Commercial vendors: Feeds, Alerts iv. Government off-the-shelf Tools : In-House, Integrated APIs and Data Lake v. Common Sense CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE Tools
  • 20. Sit back and enjoy the show... or Let’s Start Crime free CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE
  • 21. References • Cyber Threat Intelligence Command Centre - SC3 • Github • SANS Mail: D3pak@protonmail.com For more: https://d3pakblog.wordpress.com CoT : CYBER OF THINGS D3PAK KUMAR DIGITAL FORENSICS | CYBER INTELLIGENCE