Security Symposium & Awards – Bangladesh 17th Feb, 2019

Preface

Without last year’s grand success of multi-city “Security Symposium & Awards”, (Kolkata-Bangalore-Delhi-Mumbai) and the International Infosec Summit (Infosec Global 2018) in Kolkata, we planned for surging ahead to conduct Security Symposiums in Three international Cities (Dhaka-Dubai and Colombo) for the confluence of Global CISO’s to brainstorm on the future and impending challenges to conclusively emerge as Cyber Security Game Changer across the Globe.

Security Symposium and Awards Dhaka – 2019 was the first event as a part of a multi-city Event organized by Infosec Foundation and Enterprise IT World.

The Topic of the event will cover Cyber Security Road-map for Financial Sector/ Industry 4.0 / AI & Blockchain / Startups in IT Security ecosystem, Agility and Flexibility in adopting Cyber Security for Telecom/ Cloud/ Infra Providers, etc.

In the era of hyper-growth, and digital-driven economy, the enterprise risk management has reached to a whole new level. Cyber security has gone through a tremendous change and reinforcing India’s Cyber Security Framework is one of the burning issues in delivering high performance solutions. Only few countries have a cyber-security strategy or are in the process of developing one to protect against cyber-crime. While the overall cyber security posture of India is satisfactory, the mission is still far from being accomplished.

This is a platform that aims to bring together the MD/CEOs/CIOs/CDOs/CISOs in Global CISO’s with an agenda to interact and discuss the latest trends in Information Security and share their key experiences and learning. It will be an excellent opportunity for the attendee companies to showcase their services, credibility and product related to Information Security.

Event Brief:

The theme of the event is to create awareness on the roles and responsibilities of officers and persons protecting critical infrastructure. The Symposium will also witness awarding CISO (Chief Information Security Officers) of the country in recognition of their exceptional contribution to the industry.

Date & Venue:

The Westin, Dhaka, 17^th February 12 Noon to 9pm 

Delegate Profiles:

Around 200+ in numbers, 70% mostly CIOs from Large Enterprises Level Corporate, Bank & Financial Institutions, CEO & IT Heads of mid-sized organizations, 15% Key Govt. Officials, police, CID, Cyber Security Experts, Cyber Law Experts, Policy Makers, 15% Start-ups & Academia.   

Event Highlights

The event was graced by Chief Guest Mr.M.A. Mannan, Honorable Minister, Ministry of Planning, Republic of Bangladesh alongwith Mr.K.A.M. Majedur Rahman (Managing Director, Dhaka Stock Exchange).

Besides few eminent key speakers like Mr. Mohammad Arfe Elahi (Chief Technology Officer, Access to Information Programme), Dr Muhammad Abdul Mazid (Adviser – A K Khan and Company Limited), Mr.Kapil Awasthi (Regional Director, North & East , Check Point Software Technologies), Mr. Ahmed Rokibur Rahman (Wooribank), Mr. Syed Moinuddin Ahmed, (Additional Managing Director & Company Secretary, Green Delta Insurance), Mr. Tapan Sarkar (Founder President CTO Forum, Managing Director ADN Edu Services Ltd.), Mr. Md.Jasim Uddin (Former First Vice President, FBCCI), Mr. Pallab Ganguly (Chairman – IEEE Comsoc Kolkata Section, CISO-Gen Calcutta Electric Supply Corporation), Mr.B. M. Zahid-ul Haque (Head of Information Security, BRAC Bank Limited), Mr. Syed Almas Kabir, President (BASIS),   Mr.Shaerul Haque Joarder ( VP & Head of IT, Bangladesh), Cyber Security for the critical Infrastructure in a Power Utility, Mr. Jaspreet Singh (Partner – Cyber Security – Africa, India & Middle East (AIM), Advisory Services, Ernst & Young LLP),  Mr.Greesh Behal, Regional Head – West (Klassify), Mr.Espen Haagenrud, (CISO, Grameen Phone), Mr.Azim U. Hoque (Co-Founder at Cyber Security Forum, Founder and President at University IT Forum), Mr.Tanveer Ehsanur Rahman (CTO, Novo Telecom) etc has also confirmed their gracious presence as speakers.

Detailed Coverage:

Risk and its mitigation is an integral part of any strategic planning. Risks are associated with core strategic assets and these assets have to be protected.  In our times, many of our assets are highly dependent on IT infrastructure associated to run and manage them. For example, national power grid, power grid, logistics, dams, aviation, transport, capital markets, communication. These assets can be attacked and there are evidences of attack where IT infrastructure is used as the route of attack. Cyber security includes all kind of manifested and potential attack on these systems and in turn damaging the core assets behind these.  Policy makers in macro-economic planning must take into account the short term and long term risks that stem from this. Next, ways and means to mitigate these risks and investment needed – both financial and non-financial must be articulated. Today, various non-state actors and proxies wage offensive action against sovereign nations, public and private nations and some are targeted to cause profound economic and psychological damage. Thus, many commentators argue that future wars will be mostly cyber-wars. Strategic Planning is now obligated, both in policy level and in working level to acknowledge the risk of cyber threats and also an inter-disciplinary approach to mitigate it.

The inaugural session was focusing on the same area since the chief guest was the planning minister of Bangladesh and the linkage of Cyber Security with the Digital Bangladesh Strategies were discussed in details.

After the inaugural session of Mr.Mohammad Arfe Elahi, Chief Technology Officer, Access to Information Programme (a2i), Bangladesh extended his keynote address Cybersecurity Initiatives by Bangladesh Government.

Next one was by Mr. Pallab Ganguly, Chairman – IEEE Comsoc Kolkata Section, CISO-Gen Calcutta Electric Supply Corporation (CESC) on Cyber Security for the critical Infrastructure in a Power Utility.

Advanced Persistent Threat Landscape and Remediation Roadmap was illustrated by Mr.Mohit Puri, Director – Presales, India/SAARC, Sophos in the next session.

Mr.Kapil Awasthi (Regional Director, North & East, Check Point Software Technologies) was instrumental delivering his Theme Session on Industry 4.0 Trends, Strategy & Best Practices.

There after the 1st Panel of the day took place with an interesting topic “Industry 4.0: Beyond Man and Machine“.

It was human muscle power that moved early phases of civilization. Man tamed animals and animal-muscle was put to use, especially for agriculture. Then men invented early stone tools, machine version 1.0. For last 10,000 years, man created machines of such power and sophistication that we no longer talk as how we learn as how to operate a machine but how machines learn from us. Internet of today is a great man-machine learning system where man is learning about machines and we machines are learning how human beings work. Thus a new dimension is now in the horizon where we are talking of Singularity where machines get a critical threshold of “intelligence” and rule us or machines become so smart that we humans, their creators find ourselves bench-marked against machines and companies may put their recruitment notice board with the frightening words – Humans need not apply.

Dr. Muhammad Abdul Mazid was the moderator for the session. Below was the core team architecture of the panel:

• Moderator: Dr Muhammad Abdul Mazid, Adviser-AK Khan and Company Limited,
• Ahmed Rokibur Rahman, Head of ICT, Woori Bank,
• Syed Moinuddin Ahmed, Additional Managing Director & Company Secretary, Green Delta Insurance,
• Tapan Sarkar, Founder President CTO Forum, Managing Director ADN Edu Services Ltd.
• Md.Jasim Uddin, Former First Vice President, FBCCI.

Key deliberations of the panel was revolving around the below questions:

1. With machines becoming so smart and productivity gains so high, will fundamental laws of business be valid and applicable?
2. How will be companies of Industry 4.0 look like ?
3. How shall we keep human beings employed or what will be the core competencies and skills of the future ?
4. How shall we prevent a scenario where machines will be our masters rather than our slaves?

After the 1st Panel, Mr.Sajeev Sengupta from Checkpoint had taken a detailed session on Threat Intelligence and Response.

Next session was Panel 2 on Security Orchestration and Managed Security it look place in the evening just after the tea break

Historically, IT security was diagnostic and reporting based. A security system used to monitor and report and the framework was that of “incident” and “events being managed.”. An evolved framework is now needed for more integrated and comprehensive reporting plus “acting” automatically for a wide range of events. This is Security Orchestration and Automated Response. For managed security business, SLA deviation not only results in loss of business, in worst cases of breach, it can lead to criminal proceedings even. Enterprises not only need to take action but also to demonstrate that a synchronized, timely and effective actions were taken and in a well documented manner for the threats and vulnerabilities. On the other hand, some of the current and future security threats and vulnerabilities will be launched in a way that there is not enough time to “report and analyse and act”, rather the system needs to be smart enough to take action automatically. Thus in short, we are finding an evolution from “reporting” to “acting”.

Security automation and orchestration replaces slow, manual analyst intervention from conventional incident response processes with machine-speed decision making.

Manual incident response processes, insufficient workflows and difficulty hiring security personnel have left security operations teams struggling to keep up with the growing volume of alarms. SOAR combines comprehensive data gathering, standardization, workflow analysis and analytics to provide organizations the ability to easily implement sophisticated defense-in-depth capabilities based on internal and external data sources.

Mr.Shaerul Haque Joarder was the  moderator for the session.

Below are the architecture of the panel team:

• Moderation: Mr.Shaerul Haque Joarder, VP & Head of IT, EPIC Group
• Mr.Espen Haagenrud, CISO, Grameen Phone
• Mr.Azim U. Hoque, Co-Founder at Cyber Security Forum, Founder and President at University IT Forum
• Mr.B.M.Zahid-ul Haque, Head of Information Security, BRAC Bank Limited
• Mr.Syed Almas Kabir, President – BASIS, CEO & shareholder of MetroNet Bangladesh Limited and Managing Director of AyAl Corp
• Mr.Tanveer Ehsanur Rahman, CTO, Novo Telecom LTD

Key deliberations of the panel was revolving around the below questions:

1. Importance of SOC (Security Operations Centre) and Incidence Detection and Response
2. Awareness of Cybersecurity in the society in order to adopt proactive measures
3. Potential Threats, Vulnerabilities and remediation measures in Financial Sector
4. Govt. and Policy makers standpoint on managed security arena
5. Impact of Cyber Attacks and adoption of 24×7 monitoring systems
6. Placing Managed Defence and Security Orchestration Strategies to the management/board

InfoQuest, the sixth print journal of cyber security was launched in Dhaka as well. E-version of the same can be fetched from this link

The concluding part of the event was Cyber Awards for significant achievements in the domains

More detailed photographs can be visible from the Facebook Album.

Stay tuned for our future initiatives.

Categories: Bangladesh, Infosec Global, Security | Tags: Bangladesh, cyber, cyber security, dhaka, Industry 4.0, Security Symposium & Awards | Permalink.

Data Privacy, Facebook and Cambridge Analytica

Introduction

In the latest in the data leak controversy, Cambridge Analytica has been accused of breach of data with inappropriate usage of Facebook data, privacy breaches and psychological manipulation.

Cambridge Analytica systematically and knowingly ran campaigns based on psychological and personality profiles mined from the Facebook data in 2017. The firm has been accused of harvesting private information from the Facebook profiles of over 50 million users without their permission, making it the largest data breach in the history. This information was revealed by a former employee and founder Christopher Wylie to the Observer and the New York Times. Wylie explained how he worked with Aleksandr Kogan, an academic from Cambridge University, to obtain this data and exploit users.

The misuse of data may have allowed the company to build a psychological profile of a large proportion of the American electorate targeting them with specific marketing material and targeted ads, thereby swaying the results of 2016 presidential elections.

Criticality

Most people do not think about the data they share via social media, banking and other large corporate and government, as there is a general level of trust that there are adequate laws and protections, and that by and large there is nothing to worry about, as organizations are assumed to be ethical. While there are growing levels of distrust across the community, taking proper security measures is critical in slowing the decay.

This criticality of the context is not the data issue, but the way data was used. Cambridge used the data records of 50 Million Americans to have a premeditated psychological influence by false Facebook ‘advertising.’ Posts were targeted at potential voters precisely targeting their vulnerabilities.

A data breach is when someone who is not authorized to handle specific information obtains access to that information. It’s a non-trivial failure of the security measures a responsible company or reasonable individuals would have in place. It implies wrongdoing, it implies malice, it implies a victim/attacker relationship.

But when data is harvested and used with the unknowing opt-in of thousands of people, that’s not a breach. There are no hackers here; just people who knew how to use freely-given personal data to manipulate not very technically astute people to some political end.

Data breaches are being revealed for years now. Interestingly, no one hacked into Facebook’s servers exploiting a bug, like hackers stole the personal data of more than 140 million people from Equifax. No one tricked Facebook users into giving away their passwords and then stole their data, like Russian hackers broke into the email accounts through phishing emails.

Facebooks has become a massive data collection machine with 2.2 billion active users, but almost having no guardrails on how they are used. Facebook allowed a third-party to implement an application for the sole purpose of gathering user’s data. Furthermore, Facebook is aware about this issue for more than two years, and only now they acknowledging their mistakes once it has been made public.

The Facebook story rang a similar tune to a story from September about Tinder harvesting user data as well. Judith Duportail requested Tinder to send all of the personal data they have stored for her. They sent back 800 pages containing her deepest, darkest secrets, things she didn’t even know she preferred. It is another perfect example of how social media apps will harvest any personal data they can to sell and make a profit.

Big data breaches are unsettling given the power tech titans now exercise. How to rein them in is a huge challenge. A good example is Facebook, that offers its service free, but people then entrust it with every detail of their lives. It’s a myth that users own the data and content they post on Facebook, and control how it’s shared. The reality differs. Facebook will flog the data to enrich itself, which the Cambdrige Analytica case clearly demonstrates.

Road Ahead

In this context, the laws like GDPR may play a good role. The users can request any large service provider in the world (who has any connection with the EU whatsoever which is everyone) to obliterate your data forever and they must oblige. Or you can request your data to be handed to you in a “portable” format that you can take with you.

Beyond GDPR there is more that the consumer needs to take control of. In the case of Facebook, this is limiting what 3^rd party apps have access to. And this can be confusing with apps constantly “complaining” that they will not work properly without access to body sensors, contacts or the camera. And the user needs to ultimately start with a point of zero-trust—turn off all access—and then test for themselves how the app behaves and then gradually turn on permissions as needed.

It is not in reality but hitting the easy button will have consequences of the “analytica” kind. And then we will act outraged when it happens.

We are in a journey where the privacy boundaries are going to be constantly tested. Expecting the platform vendors to suddenly start doing the “morally” right thing is too naïve. Consumers need to be savvier and assume extreme ownership of their own data. GDPR provides the framework, it is our duty to exercise it.

Stay safe, secure and do due diligence before making your personal data public through social media.

Categories: Security | Tags: Cambridge Analytica, Data Privacy, Facebook | Permalink.

“Infosec Global 2017”, International Infosec Summit in Kolkata

Preface

Winter in Kolkata has different charming flairs and “InfoSec Global” added a new feather in her cap through a mega InfoSec Summit since last year.

This year “InfoSec Global 2017”, the international InfoSec summit took place at The Park, Kolkata on 3^rd November, 2017

Even though there is a lot of buzz around Cyber Security, there are many gaps as well. The areas of concerns touch everyone, our ignorance, over confidence and complacency. We keep on complaining that things are not happening the way we think it should be. However, there are many things happening as well. We need to open our minds and have a convergent thinking. It’s time to complement instead of complaining.

Govt is devising many strategies for the benefit of citizens on cyber. Law enforcement authorities are doing their work at the ground level. Enterprises taking lot of initiatives to implement tools, technologies, processes.

The challenge is how to bind these all-together, how to aggregate efforts, consolidate and converge in order to make it meaningful for the society and civilization? InfoSec Foundation is trying to drive this across the globe.

InfoSec Foundation intends to work as voice of citizen where we bring in all stakeholders together to create a more aware and responsive ecosystem. Connect and extend initiatives that have not reached the targeted audiences, find gaps and demand raise the silent voice so that it reaches the ears of policy makers and functionaries.

Summits, CIO Roundtables, Print Journals, Cyber Security Help lines, Cyber Security Curriculum for next generation – these are few envisaged areas we have already started working in India, Bangladesh, UK and Africa.

InfoSec Global 2017 is the outcome of same vision driven by Infosec Foundation.

Infosec Global 2017, Kolkata

Ignite cyber security!! That’s the mantra. And to enkindle it, Infosec Foundation had taken the important responsibility through the Iinternational InfoSec Summit. The first summit took place last year 18^th November, 2016 and the same is followed by this year on 3^rd November, 2017 in Kolkata. The event was important for the eastern eco system to leverage the opportunity to meet the best CYBER SECURITY EXPERTS from all across the subcontinent and gather some of the most tenacious knowledge regarding cyber security.

Theme of the Event

‘International Security in Digital India-Threat, Challenges and Opportunities’ was the theme for the 2^nd International Infosec Summit in Kolkata this year. The program was designed for the leaders from the field of IT Infrastructure, Data Security, and Information Security.

Major topics were discussed in the event are cyber security issues in Bangladesh, Digital Forensics, creating new generation cyber militants, Cyber Economics, and much more.

The event was conceptualized exclusively for creating a mutual platform for all the stakeholders who are engaged in Information Security.

Speakers and Topics

The event had witnesses array of speakers across industry. Dr.Sanjay Bahl, Director General, Indian Computer Emergency Response Team (ICERT) was the Chief Guest of the program. Mr.Shyamal Datta (IPS – Retd., Former Director – IB, Former Governor of Nagaland) , Mr. Debasish Sen (Additional Chief Secretary-IT, Govt of Bengal), Mr. Vineet Goel, IPS (Addl CP I, CISO-Govt. of Bengal) and  Mr. Hari Kusumakar, IPS (Addl CP IV) joined him alongwish the Infosec Foundation Chairman in the gracious inaugural ceremony.

   

Other eminent personalities like Mr. Bratya Basu (Honourable MIC-IT, West Bengal), Ms.Rama Vedashree (DSCI-NASSCOM); Dr. B. M. Mehtre (IDRBT); Col Inderjeet Singh (Smartcity Expert, Ex-Director – Military Intelligence at Ministry of Defense); Mr. Vivek Srivastava (ReBIT – Reserve Bank); Mr. Deepak Kumar (Digital Forensic Expert), Mr. B.M.Zahid-Ul Haque (CISO-Brac Bank Bangladesh), Mr. Harish Agarwal (Partner, Ernst & Young), Mr.Somak Shome (Director, PWC) had enriched the audience with their deep insight in the domain.

   

Cyber Security Domain experts like Mr.Shrikant Shitole (FireEye), Mr.Nitin Varma (Palo Alto Networks), Mr. Sudeep Das (IBM), Mr. Manuj Kumar (Symantec), Mr.Kapil Awasthi (Checkpoint), Mr. Rishikesh Kamat (Netmgic), Mr. Subramanian Udaiyappan (Cisco Systems) Mr. Akshay Verma (Global Insurance), Mr.ParthaSarathi Das (Tata tele Services) had also added substantial valued to the content of the conference.

     

There was interesting topics like “Cyber Security Readiness for Digital India”, “Cyber Economics”, “Creating Next Generation Cyber Warriors”, “ The Cyber Security Architecture of the Future”, “Building a robust Cyber Security Architecture with Integrated Cyber Defense Platform”, “Machine Learning for Cyber Security”, “Cyber Security Challenges in West Bengal”, “Digital Forensics”, “Opportunities in Cyber Security space”, “Next Generation Cyber Security Trends”, “Cyber Thereats on Internet of Things”, “Threat intelligence strategy to strengthen cybersecurity posture for the financial sector”, “Cloud security”etc.

Audience

There were 250+ people attended the event with delegations from all leading corporates, enterprises, academia, government, law enforcement agencies, manufacturers, providers etc.

Anandabazar Patrika (ABP), Accenture, Allahabad Bank, Bandhan Bank, UCO Bank, United Bank of India(UBI), BRAC Bank-Bangladesh, Balmer Lawrie, Bridge & Roof, BSI, Capgemini, CESC, West Bengal State Electricity Transmission Company (WBSETCL), Criminal Investigation Department (CID) – West Bengal, Bidhannagar Cyber PS, Kolkata Police,  Exide, Genius, ICRA, ISACA, Jadavpur University, Jayashree Textiles, Linde Global, M.N. Dastur, MCKV Institute, Meghbela  Broadband, Meghnad Saha Institute of Technology, NASSCOM, National insurance, Neotia Group, NIA, CBI, NIC, NSHM, Onprocess Technology, Protiviti, PWC, Ernst & Young, Sahaj E-Village, Sillycon, Simplex Infra, Spencers, SREI Infrastructure Finance, Srijan Bhumi, TCG Digital, Techno India, TATA Pigments, Tractors India, TUV, Vedant Fashions, Vikram Solar, VISA Steel, Webel, ITC were few names of the key attendee organizations.

 

The audience were mainly from senior management, decision makers in the stature of MD, CEO, CIO, CFO, COO, GM etc.

There were 30+ Media Houses from print, television, radio and web platforms who were keen to spread the buzz to the mass audience.

Takeaways

The event had great deliberations in exchanging thoughts, knowledge, ideas, and case studies on cyber security among the speakers, audience, attendees, participating stakeholders. The same had not only generated great enthusiasm over networking, but also generated direct business opportunity.

The event has raised several voices, concerns from the community, extended government / policy makers’ roadmap, articulated steps on synchronization between stakeholders and surely created platform for enriched knowledge in order to have better wisdom. It was indeed a great platform for students, cyber aspirants to learn, engage and contribute.

4^th Edition of InfoQuest (the dedicated print journal of Information security) got unveiled during the summit. The print journal is working as a great tool as the mouthpiece of the industry in cyber security domain.

The event strengthened the thoughts driven by Infosec Foundation with the overwhelming support from all corners and laid the foundation for more positive vibes towards upcoming Infovision(CIO Roundtable), InfoQuest (Print Journal), Infoconnect (Cyber Security helpline) and well as next years International Infosec Summit.

It was amazing to see people had joined in the breakfast (before the day event for mixing sessions with the speakers) and continued to stay with the initive till late evening (cocktail dinner with the speakers and partners).

Infosec foundation had recognized several individuals for their significant contribution in the domain and the same was was followed by instrumental music.

   

Stay tuned for many interesting things ahead. Do join the movement, contribute, engage, explore and be the part of historic movement generated from Kolkata, the city of joy.

Detailed Analysis can be fetched from the link below:

Infosec Global 2017 Report

Categories: Infocon, Infosec Global, Security, Technology | Tags: cyber, information security, infosec foundation, Infosec Global, infosec17 | Permalink.

Beware of Sarahah App

Preface

Sarahah is a website created by the developer from Saudi Arabia Zain al-Abidin Tawfiq. Sarahah means candor and honesty. It has become very popular in very short time because it allows you to send messages anonymously. After registration, you got a link which you can share your friends or post it publicly. Any person can send anonymous messages using via the link you have shared.

The receiver cannot find who sent the message. The services started by the motive to allow employees to give feedback to the higher authority or employers without any fear of being fired. After getting a positive response, a mobile app is also launched to expand its huge mobile audience. After getting a positive response, he also launched a mobile app to expand its huge mobile audience. On June 13 of this year, both its iOS and Android versions of Sarahah was also released.

Sarahah was designed to be used in a workspace environment as an anonymous way to get a bit of constructive criticism. The website’s tag line reads “Get honest feedback from your coworkers and friends”. In addition, there is a dedicated section on the site about how Sarahah can be helpful at work.

But Sarahah is topping the download charts because of teenagers who are currently on summer vacation. Teenagers are putting up links on their Snapchats to get the word out.

How does Sarahah app work?

– You need to download this app and set up your profile with a custom url (For e.g, XYZ.sarahah.com)

– After registering, you will get four options:

• Messages (consists details of your sent, received and favorited messages)
• Search
• Explore (work in progress)
• Profile

– Once you log in, you can search other friends or users you want send messages to.

– Upon selecting, a message box appears, prompting the user to ‘leave a constructive message’.

– Those who want to comment can press the send button. Currently it allows only texts as messages and no graphics.

Features:

• Sarahah is unique in a couple of ways. Previous anonymous apps like Yik Yak were more of social networks. Someone could post something anonymously and anyone (either close by or online) could read the post. This is why Yik Yak was ultimately used for bullying and negative remarks. However, in Sarahah, the user is actually soliciting feedback by signing up for an account and creating the link. They’re also then deciding where to share the link so that only specific people can have access to it. The combination of these two features has so far kept the interactions as mostly positive.
• Unlike previews anonymous messaging apps, a user creates an account, produces a link and shares it with people on social media sites. Both users who are registered or not registered on Sarahah can leave a comment for the user anonymously.
• The Sarahah not only provides all essential features for anonymous messaging but privacy features also. By default, you are set to do not appear in search and non-registered users cannot send you messages.
• Sarahah provides more control to its users to the user to prevent misuse or cyber bullying which mostly happen with anonymous messaging services.
• According to the website, the intention behind the app was to strengthen the areas for improvement and enhance areas of strength. It could make drastic changes and improvement to make better professional environment if implemented everywhere.

Concerns:

Sarahah was created in the Middle East as a way for co-workers to anonymously share feedback about each other, in a region where face-to-face confrontation is not socially acceptable. Protect Young Minds goes on to say that Sarahah skyrocketed in popularity due to a new SnapChat feature that allows users to share links within their snaps. Once SnapChat users started linking to Sarahah, it went from #1500 on the iTunes charts to #1 in just 12 days.

The anonymous messaging is the convertible thing from when it has begun. Most of the people use it as a medium to threaten others. This kind of apps is used by cyber-bullies or frauds. Many Sarah users have reported the inappropriate or abusive messages.

The advent of “smart” technology has made parenting for our generation more challenging than ever before. By many, they are viewed as “fun,” “normal,” and “no big deal.” Sadly, when it comes to social media that is FAR from the truth. After reading over the weekend about the newest app, that is a threat to our kids mental and social health.

We need to know about Sarahah:

• Anonymity within apps breeds bullying and predatory behavior. Anonymity is a great enabler for those who seek to do wrong and for immature teens who do not have good impulse control.
• The foreign app makes it very difficult for law enforcement to find and prosecute those responsible if the app is used for illegal behavior like grooming potential victims or masquerading as a teen in order to get someone to meet you in real life. Other apps like Ask.fm and Kik are foreign-owned and this has proved to be a huge challenge as well.
• The Access can be blocked. The parents need to prevent access to the iTunes App store and Google Play to control an app like Sarahah

Think and apply your mind before being flown with the trend!

Categories: Security, Social | Tags: sarahah, sarahah app | Permalink.

Data Leakage using Social Fun App

“What was the old age?”

“Who is your favorite friend?”

“How many lovers you have?”

“Which celebrity looks alike you?”

“Who will kill you?”

Do you feel you have heard these questions several times in recent past? Yes you are right. This are the questions and answers generate by a Fun App Named “Testony” (https://en.testony.com/ ). There are few more similar fun Apps like Nametest (https://en.nametests.com/), http://en.quizzstar.com/, https://sharmin.me/ , http://meawquiz.com/ and so on. Out of these Testony seems to be more popular as facebook got flooded with the output results.

How do these Apps work? They want to get some access permissions mainly Facebook (or similar social applications) and in return they get useful datas like email, message, contacts, profile, about, date of birth etc. In some cases, you have to log in to Facebook and have to apply the application to an approved application, so your information can be seen by all those applications, so it is not impossible to know the password with backend scripts.

Did you ever think how collection or leakage of data has become a cakewalk with this revolutionary marketing intelligence. This is a Honey Trap where using social media, using funny Apps, unknowingly all information and information about the persons are getting collected with user’s consent. These kind of Apps are nothing but an algorithmic Data Collection Software with various sample sizes, segments, across the globe.

Mostly everyone have been trapped by this for only getting fun. Unintentionally, all your online information, content, email lists, phonebooks, surfing patterns, browsing history are being collected by an unknown third party and being retained in their repository. Do they have any accountability? What do we know about the millions of information that they are getting used to? There is no guarantee of spamming or hacking using this information?

It is clearly defined in “Testony” site that they can use your information in business. You might get newsletters, mails, SMS as a part of Targeted advertisement for several products. This is applicable for the countries of America and Europe though nothing explicitly defined for India and other countries.

We are laughing with the friends about it, but how we are putting ourselves to the danger zone by revealing all personal data to the hacker.

Hacking/Phishing from these informations may be a child’s play for a hacker.

Immediate Resolution

To keep yourself on a safe side follow these steps to secure yourself :

1. Hide all the testony app posts from your timeline.
2. If you already have used this app then you must have to change your password immediately. If your Facebook email and passwords are interrelated with any email or etc then you must change that as well.
3. Now go to applications settings tab on your Facebook account and remove that app from your list.

1. But as you will be able to see a note there: Testony.com may still have the data you shared with them. For details about removing this data, please contact testony.com or visit the testony.com privacy policy.

 

Way Forward

We all see daydream. Everyone would love to be compared with a Super Hero, A Politician, A sportsman, A historic character. And then you feel proud or overwhelmed while getting likes/comments in social media with emotions.

We are being flooded to enough Internet data, but we need to learn to use it, rather to avoid misuse of it.

Time has come to be careful and do not share your valuable and secret information to any third party in this manner.

Categories: Security, Social, Technology | Tags: data leackage, social crime, testony | Permalink.

Terrifying Cyber Crime Through ‘Blue Whale Challenge’

Preface

Trust you have already heard about the death game named ‘Blue Whale Challenge’. The same is in news in India post the suicide incident of a Kid in Mumbai, India.

The “Suicide Game” involves 50 twisted tasks before taking your own life to “win.”

A 14-year-old Manpreet Singh, a Class IX student in Mumbai, India flung himself from the roof of a seven-story building on Saturday in order to win a terrifying game that is apparently spreading around the world.

According to the Mumbai police, the boy is India’s first reported Blue Whale Challenge casualty.

Summary of the Game

• 130 teenagers are already victim of this online game! Most of them are aged between 14 to 18 years old.
• There are total 50 levels in the Game before you win. Game starts with funny activities, which can easily attract and attach your mind. But as the level of the game progresses, the more the task is to be terrifying.
• Some terrifying steps are drawing blue whale with blades in your body, watching horror movie or a murdered video at 4.30am in the morning, and At the end, the 50th task is to jump from the top roof of the house.
• Once this gaming app is downloaded to the mobile, it cannot be deleted in any way. Moreover, the continuous mobile notifications forces the mobile user to play this game.
• The game started in Russia. 21-year-old Philippe Vicontacte was the admin of a social media page called “Blue Whale Suicide Game”, was the prime suspect for this death game and finally police arrested him. According to Police, Philip confessed of conducting the game. Unfortunately, his philosophy was to correct the society through his game. He was proud to say that his goal was to push those who should not live in the society, to push them to death.

Insight

Drugs, games and porn are the three major addiction for teens. This addiction is a rampant and children usually begin getting obsessed at the ages of 10-12. Cellphones usually serve as the conduit. Usually when studies get difficult, children tend to gravitate towards the Web and get enticed into all the wrong stuff.

Teenagers undergo hormonal changes and hormones take over their intelligence. Even if parents are caring and available for them, they will want to do something thrilling. Also, social media has gained so much popularity that children want to become famous through social popularity. They want a lot of attention so they indulge in this popularity stunt.

Teenagers are more vulnerable because the virtual world allows them to act freely, without the restrictions prevalent in the real world.

It has been observed that some teenagers have very low self-esteem, and rely significantly on peer approval. For them, the external environment becomes a source of inspiration, which is why they are willing to do anything to (project) a certain image.

Developers of such games are well aware of the vulnerabilities of the teenagers and know that they succumb to peer pressure easily. They are also well aware of the fact that teenagers nowadays are finding themselves unhappy, directionless and lacking goals

The worse part of the games like Blue Whale is that the creators of the group do not allow participants to leave. Hence it is important that parents teach their children about safe online behavior. Users, especially teens should exercise more caution before sharing any personal information such as their address on their profile because this gives cyber criminals a chance to bully and threaten them. Also, users should be more careful before joining vague groups, as their online footsteps can be tracked.

Conclusion

The ideal way for parents to keep children away from games like Blue Whale and other hazardous temptations is to invest more time with teenagers. Always keep a close watch on what your adolescent does on their social media sites and the internet.

Are you sure your child does not get dressed up in the middle of the night or does not want to catch you in the early hours for the last time, before jumping down the empty pails from the roof?

Let’s talk with our little ones, spend time with them as friend. Let us try to mix with them through Physical Games, Stories, Sudden Trips, Week End Shopping together.

Cyber-crime is not about only losing some money in bank, loosing mail passwords, wasting some data on ransomware. Issue is more serious as it is related to our lives. Our next generations, human minds are now targeted.

It is high time to react before it crashes.

Categories: Security | Tags: Blue Whale Challenge, cyber | Permalink.

Resolution for WannaCry ransomware

What has happened?

UK hospitals, Telefonica, FedEx, and other businesses were hit by a massive ransomware attack on last Friday (12-05-2017). Around 75,000 computers in 99 countries were affected by malware known as “WannaCry”, which encrypts a computer and demands a $300 ransom before unlocking it. The malware was able to spread thanks to flaws in old versions of Windows that were originally used by the NSA to hack into PCs before being made public by the Shadow Brokers group last month.

Among those infected were more than a dozen hospitals in England, a telecom in Spain, FedEx’s offices in the United Kingdom, and apparently, the Russian Interior Ministry. Within half a day, there were instances detected on six continents.

Several firms in Europe were the first to report having their mission-critical Windows systems locked, showing a ransom note. This quickly developed into one of the most widespread ransomware outbreaks currently affecting a large number of organizations around the world. Some affected organizations had to take their IT infrastructure offline, with victims in the healthcare industry experiencing delayed operations and forced to turn away patients until processes could be re-established.

Brief on WannaCry ransomware

WannaCry/Wcry ransomware is a relatively new ransomware variant which has been popped up using the file hosting service Dropbox. This comes on the heels of a Torrent Locker variant that was using abused Dropbox accounts to spread its payload.

Wcry initially spreads via an email, a malicious website, or dropped by another malware. Once the malware gains access to a user’s system, it drops its prerequisite files and components, after which it prompts the user to download files from Dropbox URLs (Dropbox has already been notified of these links, which have since been removed). These files include the TOR Browser Bundle and the executable file “!WannaDecryptor!.exe”. If the user clicks on the executable file, Wcry will display the ransom note shown below:

Who are affected?

This variant of the WannaCry ransomware attacks older Windows-based systems, and is leaving a trail of significant damage in its wake. Europe has the highest detections for the WannaCry ransomware. The Middle East, Japan, and several countries in the Asia Pacific (APAC) region showing substantial infection rates as well.

WannaCry’s infections were seen affecting various enterprises, including those in healthcare, manufacturing, energy (oil and gas), technology, food and beverage, education, media and communications, and government. Due to the widespread nature of this campaign, it does not appear to be targeting specific victims or industries.

What does WannaCry ransomware do?

WannaCry ransomware targets and encrypts 176 file types. Some of the file types WannaCry targets are database, multimedia and archive files, as well as Office documents. In its ransom note, which supports 27 languages, it initially demands US$300 worth of Bitcoins from its victims—an amount that increases incrementally after a certain time limit. The victim is also given a seven-day limit before the affected files are deleted—a commonly used fear-mongering tactic.

WannaCry leverages CVE-2017-0144, a vulnerability in Server Message Block, to infect systems. The security flaw is attacked using an exploit leaked by the Shadow Brokers group—the “EternalBlue” exploit, in particular. Microsoft’s Security Response Center (MSRC) Team addressed the vulnerability via MS17-010 released March, 2017.

What makes WannaCry’s impact pervasive is its capability to propagate. Its worm-like behavior allows WannaCry to spread across networks, infecting connected systems without user interaction. All it takes is for one user on a network to be infected to put the whole network at risk. WannaCry’s propagation capability is reminiscent of ransomware families like SAMSAM, HDDCryptor, and several variants of Cerber—all of which can infect systems and servers connected to the network.

Observations

The malware is using the MS17-010 exploit to distribute itself. This is a SMB vulnerability with remote code execution options – details: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx.

With MS17-010, the attacker can use just one exploit to get remote access with system privileges to copy payload to and transfer control to it later.

By remotely gaining control over victim PC with system privileges without any user action, the attacker can spray this malware in local network by having control over one system inside this network (get control over all system which is not fixed and affected by this vulnerability) and that one system will spread the ransomware in this case all over the Windows systems vulnerable and not patched to MS17-010.

Behavior:

By using command-line commands, the Volume Shadow copies and backups are removed:

Cmd /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet

File-size of the ransomware is 3.4 MB (3514368 bytes)

Authors called the ransomware “WANNACRY” – string hardcoded in samples.

Ransomware is writing itself into a random character folder in the ‘ProgramData folder with the file name of “tasksche.exe’ or in C:\Windows\ folder with the file-name ‘mssecsvc.exe’ and ‘tasksche.exe’.

Examples:

C:\ProgramData\lygekvkj256\tasksche.exe

C:\ProgramData\pepauehfflzjjtl340\tasksche.exe

C:/ProgramData/utehtftufqpkr106/tasksche.exe

c:\programdata\yeznwdibwunjq522\tasksche.exe

C:/ProgramData/uvlozcijuhd698/tasksche.exe

C:/ProgramData/pjnkzipwuf715/tasksche.exe

C:/ProgramData/qjrtialad472/tasksche.exe

c:\programdata\cpmliyxlejnh908\tasksche.exe

Ransomware is granting full access to all files by using the command:

Icacls . /grant Everyone:F /T /C /Q

Using a batch script for operations: 176641494574290.bat 

What can we do?

WannaCry highlights the real-life impact of ransomware: crippled systems, disrupted operations, marred reputations, and the financial losses resulting from being unable to perform normal business functions—not to mention the cost of incident response and clean up.

Here are some of the solutions and best practices that organizations can adopt and implement to safeguard their systems from threats like WannaCry:

Patching

• The ransomware exploits a vulnerability in SMB server. Patching is critical for defending against attacks that exploit security flaws. A patch for this issue is available for Windows systems, including those no longer supported by Microsoft. Here is the patch details from Microsoft.
• Additional patches for older OS’es not already included in main MS17-010 bulletin above (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598)
• Upgrade from obsolete Windows versions to the latest one. In case there is a concern about commercials, you may easily migrate to linux environment.
• In case there is old hardwares (which does not support latest windows version), then better to go for desktop virtualization (thin client/zero client) so that next operation/management strategies will be better.
• The WannaCry ransomware appears to only attack unpatched computers running Windows 10. But this doesn’t mean those whose computers run on Apple or Linux code should feel smug. They, too, should regularly update with software patches as they’re issued.

Endpoint and Gateway Security

• Ensure Desktop/Laptop/Mobile devices are protected with antivirus, personal firewall, antimalware etc. If possible, it is better to go for total protection from an OEM, which are already internationally bench-marked.
• Deploying firewalls and intrusion detection / prevention systems can help reduce the spread of this threat. WannaCry reportedly also uses spam as entry point. Identifying red flags on socially engineered spam emails that contain system exploits helps. IT and system administrators should deploy security mechanisms that can protect endpoints from email-based malware
• A security system and practice must be deployed for continuous monitoring and management for proactively action on potential attacks in the network.
• WannaCry drops several malicious components in the system to conduct its encryption routine. Application control based on a whitelist can prevent unwanted and unknown applications from executing. Behavior monitoring can block unusual modifications to the system. Ransomware uses a number of techniques to infect a system; defenders should do the same to protect their systems

Regular Backup

• Ransomware will target the files and software in your system. So it is best to keep them backed up regularly. The best way to protect them offline using external harddisk somewhere away from the reach of the internet.
• Incase backup is taken on cloud; the backup mechanism should run on intervals. It should not be always connected.
• Ransomware infects at the system level. Hence complete backup of your Windows OS will also be helpful

Connectivity

• Ransomware attacks are all through the internet. Hence it is essential to have a control on the path between your computer and the Internet.
• WannaCry encrypts files stored on local systems and network shares. Implementing data categorization helps mitigate any damage incurred from a breach or attack by protecting critical data in case they are exposed
• Network segmentation can also help prevent the spread of this threat internally. Good network design can help contain the spread of this infection and reduce its impact on organizations.
• Whenever connectivity is not needed, the path should be closed or connectivity should be disconnected.
• When you’re using public WiFi networks, make sure you tell your system that you’re on a public network (many will ask if it’s a public or home computer.) That tells your operating system that it’s functioning in a potentially threat-filled environment and it will close off some of its more vulnerable software ports to the outside.

Proactive Measures instead of Reactive

This is not end of it. Rather more destructive versions will be popping up soon. Hence remediation of present threat will not give us a resolution. Security is a journey, not a resolutions. Hence below measures should give us some breathing space:

1. Network and Application Audit on regular intervals (vulnerability Assessment and penetration testing)
2. 3rd Party Risk Assessment and Business Continuity Planning
3. Information Security Process Adherence as per international bench-marking , certification, compliance and regular governance.
4. Remediation as per GAP Analysis continuous basis
5. Deployment of tools and technologies for proactive measures.
6. Close harmony between people-process and tools.

Categories: Security, Technology | Tags: ransomware | Permalink.