Underground Cyber Crimes in 2017 | Rahul Tyagi | TEDxGLAU

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Applause] [Music] [Applause] [Music] [Music] so very good afternoon off very good afternoon all of you my name is Rahul Tyagi and Brona brought up in Punjab in a small village known as good a school anybody heard about that it's on Google map don't worry and it's from last 7 to 8 years I think I have dedicated in my life in a field known as cyber security and if you know our Prime Minister is talking about digital India and security concerns the country has to take care of so we are like the breed of geeks who work 24 into 7 on computers doesn't listen to anyone the first and only love is computer second is the human being for sure because we take care of them after when we stop any cyber crime or we stop anyone to get harassed on internet and so on today's my talk is something special talk is known as the underground cyber crimes in 2017 what they will never want to talk about so what the things which they don't want to talk about of course good and bad so let me start with a thing hackers are changing so let me take you to I think in 1987 majority of you I think was not born that time so so at that time you know world's first private computer or you can say world's first personal computing malware was designed and start in fact in the world like never before the wireless name was brain dot a do you remember the floppy floppy disk okay so they infected that and when you plug the floppy drive in your computer it is going to infect your computer that was the first personal computer virus ever been iodine encounter it was designed by two brothers Basit and Amjad from Pakistan and they were so confident and if you write to try to open open the source code of the malware you can actually see the address and the phone number and if you have any problem different please call our phone number we'll fix it for you you know so that was the first computer malware so but it's not like that today today there are more more organized criminal gangs who are working 24 into 7 to get your bank account data get your personal facebook chat which is quite a deal right nobody wants to give that now that's the problem we have so we have entered into digital 2.0 era now what is digital 2.0 5 to 6 years back what was the internet for you the internal boss go to youtube go to mr. something XY then today we go to mr. Birnbaum and tell a lot of things you know you do now moreover that in today's age after 5 years moreover internet and technology we are being where we are using is more connected to the finance to the money when you go out of home you booked uber or Ola money involved in industry you have coupon you know most all money you know now the more money is going to be involved into digital age the more criminals are going to be interesting and that is where the problem is and that's what we are addressing in lucina's from last five years a company with having 110 Minds card coal hackers more capable than me trust me and the least one there so very good mine on an average age of 21 23 sitting 2407 into their computers day and night and they try to hack into the things no too bad not for the bad purposes so companies hire us to hack into their system legally with their permission and we tell them what's a problem today we have state-sponsored hacks state-sponsored hacking will talk about in the latest slide it's something which is governed by the government's governed by the cyber terrorist groups in an organized way it's not a kid 19 years of kid who's sitting at his home in the dark and trying to hack into your personal chat or something they are really organized really professional and the biggest problem which we are seeing right now this is the first time in technology are are criminals are now more investing their money into research before applying the attack in the audience which was never happened before now this is the matter of concern so it's just like you know they want to test their attack before launching that whether it will be successful or not if it is not going to be successful as per their in the as per the market scenario they will not launch it think like a start-up you know I don't want to launch your product they see there is no crowd okay don't launch the product then and that's the same thing they are doing now so from there these organized criminals are going coming up and why it's very difficult to trace them back so this is known as the Deep Web now deep web is a part of the World Wide Web which traditionally doesn't come on Google searches and other search engines it's a hidden Internet if you think google shows everything to you Google only shows you 0.04 percent of the entire Internet which actually exists quite a deal if you don't believe me google it now when you have this kind of stats then definitely there's the other internet that Internet is known as the Deep Web dark internet hidden internet because of the anonymity of this internet there a lot of criminals also incited whistleblowers who want to reveal something against the government and against other agencies they register to this website and published the material because there is no tracing of this thing you can have actually the real drugs there are organized criminal gangs who are selling drugs there sometime cash on delivery also in US and other countries it's going like massive scale in us then we have weapon assassin killers and obviously we are human reserve whoa is it real yes it's real and these people have little bit of ethics also for example if you've got a drug from a website and the quality was not good and you can report abuse also and they will shut it down that vendor they will not sell the good bad drugs for you now that is something which was it's like e-commerce of criminals ecommerce of the bad people so only in harassment and money instruction in 2017 so I'll give you a case study which we recently busted a case or four companies one of the very big employer web.whatsapp.com when you don't want to use your mobile phone you're in office or at your home you want to chat on your desktop so you open the website scan the QR code and you start talking to the people now in this scam what happen there was a person who was actually a big companies very big everyone you know the car name the company for sure it's a very big company and the guy was a at a very big position there so at the age of 65 you know he was writing out of country having good time and it was 1:00 a.m. in the morning he was not feeling sleepy so he opened certain websites you know something so when he opens something and in the right-hand side there are a lot of popups on those websites you know kind of pop-ups and there's a beautiful girl shouting like anything with a kind of you know weather later send all soups talk to me how you want to talk to her they said okay these are five steps you can talk to me right now first open your webcam sorry open your whatsapp and there's a QR code scan this QR code and start your chatting with me one name you know so it's low K and he scanned it nothing happened he's waiting for the message hi no message and after some time he got a another message on his SS SMS as a flash message I have your chat now traditionally we know if I scan web.whatsapp.com right it will not go to somewhere else but the criminals are having this scan nowadays if you see a QR code and you scan we did it's possible to get your chat anywhere else in the world and then they will blackmail you so now let me show you that how this attack was done practically so we're going to hack into someone's what's up here if you alone e so it's an application which basically can make some phishing pages and it's like you can make a fake pages of chat applications mailing services ecommerce website passport services you know mostly used by criminals to trick people to enter the credit critical information like social security ID in US and other hard card information in India so it's more and more oh it's not the problem with the technology it's with the people you know you can fix any technology but there is no patch of human stupidity and that's what hackers entry so I'll quickly come to whatsapp and number so this kind of technical jargon so you don't have to go inside it but now you will observe automatically in trace the link will come up so now we are going to see as he is going to scan this code if return works perfectly we are going to see his entire chat here in front of you and hopefully we are going to get so he I sent him a code and he scanned it and after some time we are going to get I know you're curious about it I feel you're the hacker now trying to reach the phone come on Lee try again talking so we got his entire chat so we can see his oh I'm sorry if you have some personal messages so so now that is the problem you know that is a really a problem you guys know that web.whatsapp.com know you can oh you should not scan but a person who is 45 who is not into that technology it's very easy to trick him and these days hackers are targeting the companies and the crowds there and big people in the organization who can be a part of this scam cyber espionage now this is a new term when you hire cyber criminals in the Deep Web to shut down your rivals so this is a screenshot of a real criminal web site from the Deep Web so this is kind of an attack where we send too much hello to a server than the capacity of that server for example if a server is ready to handle 10,000 people if you send them 20,000 people they cannot handle that request and it will stop saying that I cannot at the page cannot be displayed as per your budget you can start the attack and they are going to attack it you just have to pay through bitcoins and you can shut down the website if the website is shut down customer can go to the website customer can't go to the website damage to the business nothing is going to be sell this is the real scenario today cyber espionage so Tuesdays 7 March 2007 to sever 17 this is the first thing which was happen and it I think it is one of the biggest leaked ever done by WikiLeaks what they leaked is this we click released a new series of leaks on Central Intelligence Agency of America CIA with the name of world seven and this is a screenshot of my friends website mr. Mohit Kumar the hacker news I didn't give the credit to him so maybe in the video I believe so WikiLeaks expose CIA's hacking tool 8200 documentation was there which are for the offense and for the defense purposes the tools which can hack remotely anyone on the planet without even touching their computer or the mobile phone is that thing known as a tunnel blew this demo this this malware was the design or this exploit was designed by the CIA and it's right now in the public domain I am going to hacked so for example you are sitting into a coffee shop you're a very powerful person and there is a hacker who's sitting right now on the same network like you are in the computer if you're using Windows 7 armed into your network I don't have to touch your computer I can get into your machine and steal everything I can own your webcam I can see what are you doing and if you're thinking about oh there is a light we can shut down the light remotely you never know someone is watching you or not that's why I always have tape on my camera you never know so they named this exploit as eternal blue the capability of this exploit was if again you're sitting there I am sitting here I without touching you no matter what antivirus you have no matter what security solution you have with some little bit of editing in the exploit to make it fully undetectable we can get into your machine and then it's all ours so and now I have to type exploit as I'm going to type exploit here you will see something is happening so my attack is going to that computer and the only thing which I need to access from that computer is the command prompt if I get your command prompt right now what will happen I can do many commands now you see that there is a thing known as one met up retrocession has been opened that means I have gained access of that machine without touching and if you see the machine it's working perfectly fine no pop up nothing is there and now I want to take a screenshot of that the only thing I will do is screen short press ENTER and now it says your screenshot is now into this directory so let me see and go there can you see that so I can actually get the screenshot of your computer remotely into my computer that what you're doing a time webcam I can record your audio I can decode the video also people we have to aware them look how many session of security you have in one year it's very easy to hack into the account your accountant in your university because he's no no no but he carry the most sensitive information if I'll able to hack him I having a backbone financial backbone of yours and that's what is the problem people who are not we are not paying the boardroom numbers the companies are not paying that much amount to the people part they think if we have the firewall they have the NT worse we have the older solution that work is done it is the first step when you really want to secure yourself in the last I would like to end my talk by saying this that every Indian wants to make this country a digital India and [Music] what I believe that if we really wants to have a true solution true solution I am talking about a really true solution then in the country of more than one point three five billion people every citizen India has to happen and has to know little bit about cybersecurity until and unless this is not gonna happen we cannot achieve the goal and the successful goal of transforming digital India into a secure digital India which I feel is the need akhtar and that is quite possible thank you so much [Applause]

Info

Channel: TEDx Talks

Views: 109,251

Rating: undefined out of 5

Keywords: TEDxTalks, English, Technology, Cyber, Hack, Security

Id: CASr_e2Nc0o

Channel Id: undefined

Length: 16min 31sec (991 seconds)

Published: Tue Dec 12 2017