Agape Blog

Cyber Crime is a daunting reality today. It affects every individual connected by a computer or technology. You may not be a hacker but your computer is a potential weapon for criminals to use to attack and damage countries, corporations and even mastermind the destruction of human lives. “Everyone must be aware of the risks that cyber crime and cyber terrorism poses, as ignorance may lead to huge losses and even endanger lives.” Even the participants of the EC-Council Asia Pacific Roundtable Forum unanimously responded to this statement.

Information security is not simply the responsibility of network administrators only, it is the responsibility of every internet user as their ignorance may result in millions of dollars in losses and even the loss of lives. The lack of education among both the users and authorities often results in allowing criminals easy access to even the most high tech security areas. One of the leading cyber crime expert said “No one treats a cyber crime like a murder case, often evidence cannot be used legally as it has been contaminated by the victim or the incident handler, allowing these criminals to escape prosecution.”

Truly, many times people simply ignore to follow certain basic rules like keeping their passwords private or securing their WiFi connections. And they only realise about theor mistakes when it is too late. This is where proper legislation, awareness and education among all levels right from the top management level to even security guards in any corporation is required to ensure the eradication of cyber crimes.

The articles that feature today are on some serious issues. These issues need to be addressed with great care to face the hi-tech environment that we are subjected to. So I am asking some questions to all of you. Read these articles and tell me what you feel.

1. Why all customers of SBI cards need to check their accounts regularly. Read more

2. Do we really require some laws for the Blogosphere. Read more

3. Does India need a National Cyber Security Advisory Board. Read more

I want answers/views from all of you.

To address & debate internet security issues the World Council for Corporate Governance of UK (WCFCG) together with its associate the International Academy of Law, India (IAL), and in partnership with Cyber Law College are organizing an International Conference on Cyber Security in New Delhi on 29-30 Nov, 2008. The theme for the conference is “Legislation, Monitoring & Enforcement of Cyber Laws”.

Law makers, Governmental policy makers, Legislators, Business leaders, IT experts, eminent jurists, enforcement organizations, academics, bankers & reputation agents are expected to participate. This conference will aim for the formulation & implementation of holistic measures for development, legislation & enforcement of laws for Cyber Security to contain terrorism & promote public interest. Sharing of knowledge & experience of leading Information Technology Experts & Companies, enforcement agencies & jurists in adopting strategies & processes for improving Cyber Security.

Attending this conference would be some eminent personalities like Shri Kapil Sibal, Prof Howard A Schmidt, Dr. Robert Erbacher, Dr. PR Stephenson, Dr. Madhav Mehra and many more. Surely you cannot miss the opportunity of being a part of this conference.

For paticipation details, visit http://www.wcfcg.net

Cyber crime is no longer an alien term for anyone today. We have been hearing about it, reading about it and talking about it, quoting examples of some victims or fraudsters. With advancements in technology, criminals and their ways of commiting crimes are also getting advanced. To tackle this menace, we need some strong cyber crime prevention measures, may be in the form of cyber cells or cyber activity monitoring services. In India, we have very few cyber cells that can be easily counted on fingers. Of course this is not enough to address the enormous issue of cyber crime.

Recently, Mohali police took a lead in getting the state’s first cyber crime police station-cum-forensic science laboratory. The Rs 8-crore state-of-the-art project will end the Punjab Police’s dependency on forensic science laboratories in other states for various tests.

The building — which will house a cyber crime police station and laboratories in Physics, Texilogy, lie-detection, Biology, Chemistry and Ballistic, as part of forensic science — will come up within two years. The Punjab Police Housing Corporation (PPHC) is the executing agency of the project. Also, a training institute, the Punjab Police Training Institute for private security guards at Jahan Khelan is expected to complete by June 2009. The institute, which is worth Rs 10 crore, will provide training to 4,000 security guards every year and with the implementation of the Private Security Agencies (Regulation) Act, 2005.

This project is a step forward for the Punjab Police towards becoming cyber-savvy and a hi-tech police force with effective investigation of crimes through advanced modes. Such steps are what is needed to ensure that the technology does not harm people. Such steps indicate that India is getting ready to tackle hi-tech crime.

Agape Inc, one of the leading computer & mobile forensics & security technology company has joined force with another global technology service provider: RADIUS-ED to form a state of the art work force known under the brand name “AGAPE-RADIUS.”

With Agape’s expertise in mobile forensics and the extensive work field experience of Radius-ED in mobile marketing has resulted in this alliance to be one of its kind. This will provide a common platform wherein you can get the finest mobile marketing services (E.g. G1, SMS assure, IPM, etc) to generate revenue for your business globally. Putting together the cutting edge solution of bulk mobile sms’ing with added safety creates a hi-tech package that can adhere the next generation.

Bulk SMS marketing has attained lot of importance as it enables companies to directly reach to their customers. But this involves making the use of technology and with technology comes the need of security. This is where Agape Inc makes its presence felt by providing technical expertise for keeping the complete process highly secure. Through this new venture Agape-Radius has developed a dynamic & interactive marketing strategy by targeting the fundamental upbringing and thinking beyond imagination to create a relationship with value for its privileged customers. Thus, Agape Radius-ED network of direct operator connections delivers messages from mobile business applications to mobile subscribers worldwide.

For more information on our solutions and various mobile marketing plans, visit Agape-Radius website.

ISACA is organising its 4th annual European Information Security Management Conference from November 10 through November 12. This year’s conference will be held at Amsterdam, The Netherlands. The tag line for this conference says, “Providing Strategic Vision for Information Security Managers.”

As the tag line says, this event is designed for experienced information security managers and those who have information security management responsibilities. The combination of management focus and highly detailed content will provide you with an opportunity to customise your conference experience to meet your specific interests and professional needs. Experienced professionals as well as new or aspiring Certified Information Security Manager (CISM) holders will find great value in the conference.

The conference will provide modern day solutions to address various issues like:

1. Skills Necessary to be an Effective Security Leader
2. Security Knowledge Management
3. Transforming Information Security to Information Risk Management
4. Data Loss Prevention: Concepts and Solutions
5. Designing and Implementing Vendor Security Compliance Programmes
6. Threat and Vulnerability Analysis

New way of fraud and internet scam (Internet Service Provider Consortium fraud)

This is to aware the chief executives of every company about the new way of fraud and internet scam. They might receive an mail (sample given below) which is scam and completely trying to compromise the system as well as network. The sender poses itself as a part of Internet Service Provider Consortium fraud team.

Here’s how the email would look like:

From: Monitoring Team
Date: 11/08/08 08:33:29
To: client
Subject: Your internet access is going to get suspended

Your internet access is going to get suspended.

The Internet Service Provider Consortium was made to protect the rights of software authors, artists.

We conduct regular wiretapping on our networks, to monitor criminal acts.

We are aware of your illegal activities on the internet which were originating from

You can check the report of your activities in the past 6 month that we have attached. We strongly advise you to stop your activities regarding the illegal downloading of copyrighted material of your internet access will be suspended.

Sincerely
ICS Monitoring Team

The analysis of cases reveal that these are new way of social engineering techniques to enter into the secure network or system. They provide attachment which is Trojan dropper, which will install after opening the detail attachment.  After installation system will be in a compromised state and the whole information of the system will be sucked  passively.

Remedial method to safeguard yourself from such an email is by deleting such an email straightaway. Also do not open the attachments.

For further assistance please mail to advice [at] agapeinc [dot] in

Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the International Information Systems Security Certification Consortium (commonly known as (ISC)²). And CISSP education is a means of educating individuals about how information security works, how to go about making information secure, and how to ensure that it stays that way.

CISSP Education has to do with keeping information secure. When you want to maintain the integrity and private nature of information in the age of the internet, you need people who are trained to do just that. They have to be able to protect your information by creating a system that can defend itself against unauthorized entry from outside sources. This is the essence of CISSP Education.

Imagine the consequences of intercepted credit card numbers, social security numbers, and bank accounts that are openly accessible to anyone with enough knowledge of computer hacking. Without the existence of information security, the results would be disastrous.

Remember, a security guard may be able to protect information that is stored in a warehouse but to protect your network, you need someone with CISSP education. It is a way of policing the network.

For more information on CISSP certification, visit: http://www.isc2.org/cissp/default.aspx

Cyber terrorism and cyber crime are leading to huge losses for many individuals and organizations. There are people sitting in the comfort of their home and are attacking other systems for their malicious intent. Such activities have been discussed at many conferences and events and various solutions are discussed. But implementing these solutions is not easy, as it requires a change in the mindset and old day processes.

Here are some links which discuss modern day solutions for this serious issue.

1. EC-Council, the world’s leading e-business and security certification organization discusses about Modern Defenses against cyber crime during its inaugural Asia-Pacific Roundtable Forum in Kuala Lumpur. Read more

2. How hackers targeted the presidential campaigns of Barack Obama and John McCain to trick users into downloading malware. Read more

3. Why Pakistan sets death penalty for cyber terrorism? Read more

The Federal Bureau of Investigation (FBI) has raised concerns over the growing cyber crimes in US that cost tens of millions of dollars and also posing as a serious threat to US security. The FBI cyber division pointed out activities like computer spying and personal information theft as something that needs immediate measures to be curbed.

The U.S. intelligence agencies have earlier pointed fingers on Russia and China as being the two nations that have the abilities to electronic spying by breaking through U.S. computer networks. Apart from these, FBI has narrowed down 24 more countries that pose a threat to the US. Without naming the 24 countries,FBI has made this statement: “There are countries who have an interest in obtaining information from the U.S., in terms of the electronic theft of data.”

The US computer networks are being constantly attacted by Botnets by sending spam e-mails and spreading malicious code. Thus the U.S. federal agents are stepping up efforts to fight computer crime. They are also joining hands with some foreign counterparts to deal this serious issue. It is worth noting that in January this year, U.S. President George Bush had launched an effort called the Comprehensive National Cybersecurity Initiative, to address the issue of comouter crimes.