The Current And Present Dangers Of Aadhaar Hacking

Cyber security is a complicated field to manage and even the most ardent players of cyber security are aware that absolute cyber security is a myth. So if anybody is claiming that his/her system, software or project is 100% cyber secure, he/she is simply ignorant of the ground realities as exist in the cyberspace.

Till sometime back, cyber warfare was considered as a fiction and not reality. But with growing incidences of cyber espionage, cyber terrorism and even cyber warfare, countries have started taking their critical infrastructures seriously. Nevertheless, the task to secure these critical infrastructures is next to impossible as the bad guys are always many steps ahead of the government and its agencies.

Aadhaar is one such highly sensitive and highly insecure project of India government that is neither prudent nor secure. It only has a false sense of security that government is projecting to divert the attention of critics of Aadhaar. But real cyber security professionals are well aware of the dangers of Aadhaar project that has put the lives and properties of Indians in great peril.

In reality, Aadhaar has created serious constitutional anomaly and irresolvable cyber security issues that would always jeopardise rule of law and personal safety and security of Indians. No matter whatever Indian government tells you, stay away from Aadhaar. And if you have already made an Aadhaar, deseed it from all services and block your biometric as soon as possible so that it cannot be abused by government and private individuals.

Center Of Excellence (CoE) For Internet Of Things (IoT) In India

Internet of things (IoT) is the new buzz word these days. Everybody is talking about IoT because it has great business, commercial and personal use potential. IoT combines software, hardware and a communication infrastructure so that systems/devices can contact and communicate with each other in a non intrusive and automatic manner.

Like any other technology, IoT has its own used and challenges. For instance, IoT can be used for smart grids, smart cities, e-health, etc and thereby reduce their cost of operation and improve their productivity. However, IoT also has civil liberties and cyber security challenges to manage. Cyber criminals have already started abusing IoT controlled devices for launching malicious cyber attacks. As the technology protocols for IoT are still evolving, it is very difficult to avoid such cyber attacks.

Similarly, on the legal framework front, IoT has yet to be suitably regulated around the world. India has no dedicated law for IoT and some guidance can be found from the Information Technology Act, 2000 (IT Act, 2000). Indian government has issued the draft IOT Policy of India (pdf) and Revised Draft IOT Policy of India (pdf) but they are not sufficient to manage the complicated techno legal issues of IoT.

IoT is essential part of Digital India project of Indian government that is already heading towards rough waters in the absence of adequate cyber security and civil liberties protections. For instance, ensuring of cyber security for smart grids and smart cities is still a distant dream for Indian government. Similarly, IoT and Smart cities have to manage civil liberties issues as well that are presently ignored by Indian government.

Perry4Law Organisation (P4LO) has launched a dedicated and exclusive techno legal centre of excellence (CoE) for Internet of things (IoT) in India. We have covered many techno legal issues there that Indian government is required to manage in near future. We have been managing these issues for long and we would discuss the same at our CoE-IoT website in more details in our subsequent posts.

P4LO would help national and international IoT stakeholders in formulation and implementation of techno legal frameworks so that adoption and use of IoT can be as smooth and hassle free as possible.

Source: Perry4Law Blog.

Mobile Cyber Security In India Is Needed Under Digital India

Mobiles are believed to play a major role in the successful implementation of the Digital India project of Indian government. From mobile commerce to mobile banking, the Indian government is betting big upon mobiles and their use for public delivery of services through electronic means. Of course, this big scale use of mobiles will also give rise to cyber law and cyber security issues that Indian government must be well prepared to deal with in future.

Mobile phones have become ubiquitous these days. They are used for multiple purposes ranging from personal use to mobile banking. Cyber criminals have also realised the importance of mobile phones for committing cyber crimes and financial frauds. This is also the reason why malware writers are also writing mobile phone specific malware to steal confidential and sensitive information.

Mobile cyber security in India has become a cause of concern these days. Mobile phones are now proposed to be used for mobile banking and mobile governance in India. Naturally, we must ensure robust mobile cyber security in India. An electronic authentication policy of India can help in more active and secure mobile usages in India. Mobile governance and e-authentication in India are also closely related and with the proposed electronic delivery of services in India this is also a must have requirement.

For the time being we have no implementable electronic delivery of services policy of India though it may be in pipeline. Indian government is working in the direction of ensuring electronic delivery of services in India. In fact a legal framework titled electronic delivery of services bill 2011 (EDS Bill 2011) was also proposed by Indian government in the past. The same has still to become an applicable law in India. Once the EDS Bill 2011 becomes an applicable law, governments across the India would provide electronic services through various modes, including mobile phones. This requires putting a robust and reliable mobile security infrastructure in India.

However, using of mobile phones for commercial and personal transactions in India is also risky. For instance, the mobile banking in India is risky as the present banking and other technology related legal frameworks are not conducive for mobile banking in India. Similarly, we do not have a well developed e-governance infrastructure in India. As a result India is still not ready for m-governance.

We at Perry4Law Organisation (P4LO) believe that the biggest hurdles before the mobile related uses in India pertain to use of weak encryption standards and non use of mobile cyber security mechanisms in India. Absence of encryption laws in India has further made the mobile security very weak in India. The ever evolving mobile malware are further increasing the woes of mobile users’ world wide. As on date the malware are defeating cyber security products and services with ease.

It is high time for India to seriously work upon mobile cyber security aspects as soon as possible. The policy decisions in this regard must be taken urgently and must be implemented as soon as possible.

Healthcare Cyber Security Issues For Businesses And Entrepreneurs In India

Healthcare industry is facing diverse range of cyber attacks these days. The prominent among them is ransomware that encrypts the sensitive healthcare information and decrypts the same only once the ransom is paid.

So much is the nuisance these days that the National Institute of Standards and Technology (NIST) has released a guide for IT developers on integrating security measures into the development process, which could influence healthcare cyber security management.

The updated draft of the NIST publication provides IT developers with a framework for incorporating cyber security measures into the design process. The document aims to help inventors consider information security needs in all stages of the product, including how to dispose of the system while still protecting data.

Presently, healthcare cyber security market consists of protection against malware, ddos, advanced persistent threat, spyware, lost and stolen devices, etc. However, the list is just illustrative and the cyber security requirements are as vast as are the options available to the cyber criminals.

Perry4Law Organisation (P4LO) strongly recommends that the healthcare industry must work on three fronts i.e. formulation of techno legal policies, adoption of best cyber security practices and a mechanism to ensure cyber breach disclosure and coordination with the statutory and government authorities. If any of these three stages is missing, then the concerned healthcare organisation is at graver risk of cyber attacks and loss of sensitive healthcare information.

See CECSRDI for more.

DARPA Is Soliciting Innovative Research Proposals In The Area Of Cyber Attribution

Cyber attacks have become a global nuisance these days. Due to the global nature of Internet and cyberspace, it is very difficult to ascertain the source of such cyber attacks in many cases. Further, different countries have different laws that make it really difficult to prosecute and extradite the cyber criminal. In short, conflict of laws in cyberspace is a major hurdle before the international law enforcement of cyber law and cyber attacks. Authorship attribution for cross border cyber attacks is directly attributable to this scenario.

The US Defense Advanced Research Projects Agency (DARPA) is trying to solve this problem of authorship attribution and it has invited innovative research proposals in the area of cyber attribution. This is in addition to the recent proposal to expand the scope of Rule 41 of the Federal Rules of Criminal Procedure by the US Supreme Court that has conferred a long arm jurisdiction upon US courts.

The goal of the Enhanced Attribution program of DARPA is to develop technologies for generating operationally and tactically relevant information about multiple concurrent independent malicious cyber campaigns. The objective is to not only collect and validate this pertinent information, but to create the means to share such information with any of a number of interested parties without putting at risk the sources and methods used for collection. Proposed research should investigate innovative approaches that enable revolutionary advances in science, devices, or systems. Specifically excluded is research that primarily results in evolutionary improvements to the existing state of practice.

Malicious actors in cyberspace currently operate with little fear of being caught due to the fact that it is extremely difficult, in some cases perhaps even impossible, to reliably and confidently attribute actions in cyberspace to individuals. The reason cyber attribution is difficult stems at least in part from a lack of end-to-end accountability in the current Internet infrastructure. Cyber campaigns spanning jurisdictions, networks, and devices are only partially observable from the point of view of a defender that operates entirely in friendly cyber territory (e.g., an organization’s enterprise network). The identities of malicious cyber operators are largely obstructed by the use of multiple layers of indirection. The current characterization of malicious cyber campaigns based on indicators of compromise, such as file hashes and command-and control infrastructure identifiers, allows malicious operators to evade the defenders and resume operations simply by superficially changing their tools, as well as aspects of their tactics, techniques, and procedures. The lack of detailed information about the actions and identities of the adversary cyber operators inhibits policymaker considerations and decisions for both cyber and non-cyber response options.

The Enhanced Attribution program aims to make currently opaque malicious cyber adversary actions and individual cyber operator attribution transparent by providing high-fidelity visibility into all aspects of malicious cyber operator actions and to increase the Government’s ability to publicly reveal the actions of individual malicious cyber operators without damaging sources and methods.

The program will develop techniques and tools for generating operationally and tactically relevant information about multiple concurrent independent malicious cyber campaigns, each involving several operators, and the means to share such information with any of a number of interested parties (e.g., as part of a response option). The program seeks to develop:

(a) technologies to extract behavioral and physical biometrics from a range of devices and vantage points to consistently identify virtual personas and individual malicious cyber operators over time and across different endpoint devices and C2 infrastructures;

(b) techniques to decompose the software tools and actions of malicious cyber operators into semantically rich and compressed knowledge representations;

(c) scalable techniques to fuse, manage, and project such ground-truth information over time, toward developing a full historical and current picture of malicious activity;

(d) algorithms for developing predictive behavioral profiles within the context of cyber campaigns; and

(e) technologies for validating and perhaps enriching this knowledge base with other sources of data, including public and commercial sources of information.

Malware Are Big Nuisance For Business Houses And Individuals World Over

Business houses and individuals are facing sophisticated malware attacks around the world. This is true about not only big business companies but even small and medium business houses. Cyber criminals are also targeting individuals for sensitive personal and financial information. Ransomware attacks are increasing and they are targeting stakeholders ranging from big hospitals, banks and individual computer users.

Even at the organisational level, the directors and top management are lethargic towards cyber security of the organisation. For instance, the directors of Indian companies are not at all paying attention to cyber security issues. As the Indian government is not pushy at all regarding ensuring cyber security in companies and at the level of Indian cyberspace, these directors are escaping their legal liabilities even if a cyber breach occurs. There are no cyber security breach disclosure norms in India and this makes the directors and top management indifferent toward cyber security related legal obligations in India.

India has no dedicated cyber security law though it is absolutely required due to projects like Digital India and Aadhaar. Cyber criminals are targeting banking sector of India with ease and stealing big amount of money. The Reserve Bank of India (RBI) had even declared that it would open up an IT subsidiary that wold take care of cyber security issues of banks in India. However, till May 2016 there is no sign of such an IT subsidiary. Similarly, the Indian government has appointed Dr. Gulshan Rai as the first Chief Information Security Officer (CISO) of India but much has to be done after this stage.

In the present cyber security environment, malware have emerged as undefeatable and uncontrollable. Cyber security product and services providers have no other option left but to innovate so that sophisticated malware can be detected at the earliest stage. Anonymity tools and use of Dynamic DNS, Fast Flux and Bullet Proof Servers has further complicated the problems for law enforcement agencies world over. Instead of strengthening the cyber security capabilities, law enforcement agencies around the world are barking the wrong tree. They are trying to kill encryption and compromise the cyber security by demanding backdoor in the security products. FBI of US has even gone to the extent of acquiring long arm jurisdiction through US Supreme Court that would allow it to target global computers. This would clearly violate civil liberties and cyber laws of various nations.

Cyber criminals have unlimited resources at their disposal these days. Many of them are even supported by state actors and this allows them to make customised malware that cannot be detected and eliminated by traditional anti virus and security products. As a result the contemporary cyber security products and services are ineffective in preventing such malware from causing damage.

World has already faced sophisticated malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, Gameover Zeus (GOZ), etc. These malware were unique as they were detected much after they infected the targeted systems. Some of these systems remained infected for many years and this facilitated targeted cyber espionage and customised infection of these systems.

The financial sector has its own share of cyber security problems and challenges. Malware targeting financial sector are also in circulation for long. These include Carbanak, Vskimmer Trojan, Malware Dump Memory Grabber, etc that cause tremendous financial loss world over. It is not just the financial loss but also loss of faith and goodwill that banks and other financial institutions have to face.

Perry4Law Organisation (P4LO) has provided the “Cyber Security Trends In India 2016” that have predicted that use of botnet and malware would increase in the year 2016. The trends has also predicted that critical infrastructure, cloud computing and e-health would also be on the receiving end. We have already witnessed an increased use of ransomware and malware for targeting hospitals and health industry. Similarly, big corporations are also frequently targeted and their data are encrypted by the cyber criminals. This data is then decrypted only after the ransom is paid by the corporation to the cyber criminal.

The year 2016 would witness an increased use of malware for various purposes like cyber terrorism, cyber warfare and cyber espionage. It is for us to develop both offensive and defensive cyber security capabilities and a robust cyber security infrastructure so that the impact of these malware can be minimised if not eliminated.

With Projects Like Digital India And Aadhaar Cyber Security Laws In India Are Urgently Needed

India has generously adopted technology driven projects like Digital India, Aadhaar, etc. Technology can enable proper and timely management of issues pertaining to these projects. However, technology would also give rise to cyber security, cyber law and other techno legal issues in India.

For instance, smart cities have unique and techno legal cyber security and civil liberties issues that are still not managed by Indian government. Similarly, Digital India project of Indian government is also suffering from many shortcomings and absence of cyber security infrastructure is one of them. As a matter of fact, cyber security infrastructure of India is missing and starting technology oriented projects in these circumstances is a big risk and gamble.

The cyber security trends in India 2016 by Perry4Law Organisation (P4LO) have predicted an increased number of cyber attacks against India. The trends have also outlined that there would be an increase in use of malware and ransomware against various stakeholders in India in the year 2016. As on date, malware are defeating cyber security products and services world wide and India is no exception to this situation. What is most alarming is absence of legal frameworks and guidelines regarding cyber security issues in India.

The correlation between a legal framework and cyber security is not difficult to anticipate and conceptualise. Cyber security compliances require adherence to certain well established legal principles. The moment a cyber security breach occurs; many legal issues and compliance requirements are automatically invoked.

For instance, in a typical cyber attack, it becomes imperative to ascertain and find the originator of such attack. The requirements to engage in first instance analysis, e-discovery and cyber forensics also arise due to such cyber attack. The reporting requirement to the compliance and regulatory authorities also arise.

However, none of this applies to Indian companies and individuals that are facing cyber attacks no matter howsoever sophisticated and damaging such cyber attack are. In India companies and individuals are not reporting cyber security breaches and attacks to the government and its agencies. The cyber security developments in India 2015 by P4LO short listed all these shortcomings of Indian cyber security initiatives.

The Indian government has in the past declared that cyber security breach disclosure norms of India would be formulated very soon. However, till now no action has been taken in this regard and companies and individuals are still not reporting cyber security breached to Indian government and its agencies.

For instance, cyber crimes and cyber attacks against banks of India is a very common phenomenon in India. However, banks of India are not only lax while maintaining cyber security but they are also not disclosing such cyber crimes and cyber attacks due to fear of adverse publicity and regulatory penalties. This is creating more problems for the bank customers in general and banking cyber security in India in particular.

The Information Technology Act, 2000 (IT Act 2000) is the sole cyber law of India. However, it is not capable of forcing the companies and individuals to disclose cyber security breaches and cyber crimes. Nevertheless, the rules under the IT Act, 2000 prescribe cyber law due diligence (PDF), internet intermediary liability, reasonable cyber security practices, etc. they indirectly cover some aspects of cyber security disclosure norms. But they are not sufficient to meet the demands of present times.

Indian Parliament needs to enact a dedicated cyber security law of India that can cater all these regulatory and compliance requirements. Such a law needs to take into consideration techno legal requirements of cyber security. The sooner such a law is enacted the better it would be for the national interest of India as cyber security is an essential and integral part of the national security policy of India.

Cyber Security Obligations Of Directors Of Indian Companies Under Indian Companies Act, 2013 Are Ignored By Them

Cyber security is no more a problem of technology people of an organisation. Now the top management is equally concerned and responsible for various cyber law and cyber security related issues. Recently the Reserve Bank of India (RBI) declared that it would constitute an IT subsidiary for managing cyber security issues of banks in India. Even the Indian government has appointed Dr. Gulshan Rai as the first Chief Information Security Officer (CISO) of India.

It has been long felt that we need a dedicated cyber security law of India. Presently few provisions pertaining to cyber security can be found in information technology act, 2000. However, the IT Act 2000 is not sufficient to address the complex and techno legal issues of cyber security especially those arising at the international level. International legal issues of cyber security are still not clear as there is no universally acceptable cyber law treaty and cyber security treaty (pdf). The position has become really alarming as malware are easily defeating cyber security products and services these days.

Recently the Ministry of Corporate Affairs (MCA) notified many provisions of the Indian Companies Act, 2013 (PDF) and corresponding rules under the same. Most of the corporate stakeholders have considered the new company law of India as a purely corporate regulatory framework. However, this is not true as the Indian Companies Act 2013 has prescribed legal obligations that are far more complicated than the traditional company law.

The truth is that the new company law of India has prescribed many techno legal compliance requirements that very few companies and their directors are capable of managing. As a result cyber law and cyber security related legal violations would be in abundant in the coming times.

With the formulation of the proposed cyber security breach disclosure norms of India and possible cyber security laws in India, Indian companies and their directors would find themselves in a legal fix. The powers of Serious Frauds Investigation office (SFIO) have also been significantly increased by the Companies Act 2013. SFIO has become very active in prosecuting Indian companies and their directors in the recent past. With the notification of the Companies (Inspection, Investigation and Inquiry) Rules, 2014 (PDF) SFIO would become more active in this regard.

The legislature made it sure that the regulatory compliances under Indian Companies Act 2013 should cover cyber law and cyber security compliances as well. The directors’ liabilities under the Indian Companies Act 2013 also cover cyber law due diligence (PDF), cyber security due diligence, e-discovery compliances, cyber forensics, etc on their part. Even the cyber security obligations of law firms in India has significantly increased and various stakeholders, including companies and law firms, must keep in mind the international legal issues of cyber security.

The Companies (Management and Administration) Rules, 2014 (PDF) also prescribe many techno legal and cyber security obligations upon the directors of a company. The directors must be well versed with the techno legal regulatory provisions under the Companies Act 2013 and other technology laws of India.

The cyber security trends in India 2016, provided by Perry4Law Organisation (P4LO), have also indicated that various corporate stakeholders would be required to comply with cyber law and cyber security related obligations in the near future. As on date, companies and directors are not complying with the cyber law and cyber security obligations as prescribed by Indian laws and regulations.

As the cyber law and cyber security obligations of the directors of companies operating in India have been clearly mandated by various laws of India, it is in their own interest to ensure their due compliance.

Honeypot Launched Offensive Cyber Attack Upon Crackers And Cyber Miscreants

Offensive and defensive cyber security capabilities are in much demand these days. While defensive cyber security capabilities can keep the cracker at bay to great extent yet offensive cyber security strikes can eliminate the possibilities of continuous cyber attacks by such crackers to a greater extent.

If we adopt defensive cyber security capabilities alone, that would not serve the purpose at all. For instance, malware are comfortably evading anti viruses as browser based malware are growing. In fact, we cannot rule out the use of anti virus updates as a potential tool to install malware, steal information and launch cyber warfare attacks. 

 

A basic analysis of cyber security vulnerability has revealed that internet is full of unprotected and unsafe devices, SCADA systems and computers. Anybody can take advantage of these unsecured systems and it is very difficult to pin point to a particular individual, company or nation behind such cyber attack.

We cannot label China as the cyber attacks and cyber crimes villain of the world for every sophisticated cyber attack that takes place in the cyberspace. The issues of cross border cyber attacks, authorship attribution and cyber crimes convictions must be resolved first before blaming a person, organisation or nation.

In the absence of any  international harmonisation and regulatory framework for areas like cyber law, cyber security, cyber terrorism, cyber warfare, cyber espionage, etc. Even the Tallinn manual on the international law is not applicable to international cyber warfare attacks and defence.

In these circumstances, offensive cyber security or counterstrike through aggressive defence becomes a good option. One such idea was recently implemented by a Russian researcher who built an aggressive honeypot to test the ability to hack back and reverse penetrate the cyber attackers. The researcher found that it is not only easy to build a honeypot that attacks back but it was also relatively simple to gather the attackers’ network adapter settings, trace routes, and login names.

The trap was specifically set for SQL injection attacks. The researcher used two basic lures for potential attackers on the site: a PHP-based honeypot server that included a social engineering element and an automated attack that grabbed the attackers’ email addresses if he or she used two Russian email services, mail.ru and yandex.ru, exploiting now-patched vulnerabilities in those services.

While it is possible to grab the attackers’ internal IP addresses and resources, scan for his files, BSSIDs, and make audio and video recordings from his laptop, among other things, is also possible with the attacking honeypot.

At Perry4Law Organisation and Perry4Law’s Techno Legal Base (PTLB) we believe that the concepts of counterstrike through aggressive defence and private defence in cyberspace presupposes the adoption and use of information technology to produce legitimate and legalised disabling and reasonably destructive effects. Some adopted measures completely destroys the functioning of the offending computer while others simply disable the computer for the time being by either shutting it down or making it temporarily non-functional.

Thus, the adopted measure to gain public support and legitimacy must be “proportionate” to the harm that could have caused had that measure not been adopted. For instance, the shutting down of the computer of the person using the malware is permissible whereas the destruction or procurement of data and information stored in such computer, having no connection and association with that malware, may not be commensurate with the protection requirements.

Such destruction or procurement of data may be unlawful and perhaps exceed the limits of self-defence. Thus, technology adopted must not only be safe and effective, but it must also be “legal and law-abiding”.

A countermeasure, which is not very accurate, and law abiding would be a remedy worst than the malady and hence it should be avoided. For instance, if a virus has been launched by using a public server, then by disabling that server the genuine and legitimate users will be unnecessarily harassed and they would be denied the services which they are otherwise entitled to. Thus, the countermeasure measure adopted must be job specific and not disproportionate to the injury sought to be remedied.

Source: CECSRDI.

Dynamic DNS, Fast Flux, Bullet Proof Servers And Botnet: A Paradise For Cyber Criminals

A domain name server (DNS) helps the users to reach a particular website hosted on a particular server. With the advance in technology, the DNS service has been upgraded to dynamic DNS service. The dynamic DNS service helps a domain name to point to Internet resources hosted on changing public IP addresses. However, dynamic DNS service has both advantages and disadvantages just like all other technologies.

On the positive side, the dynamic DNS service helps small scale businesses who need to provide consistent content or services to their customers. These small scale businesses use the IP assigned to them by their ISP, and every time their IP changes, they notify their dynamic DNS provider to update its name servers so that the customer’s domain points now to the new IP.

On the negative side, the dynamic DNS service, especially the free dynamic DNS service, are being abused by cyber criminals for various cyber crimes and cyber attacks. Some of the nefarious activities of cyber criminals abusing dynamic DNS service include malware implants in websites, targeted spear phishing, establishing of C&C for botnet, spamming, etc.

Abusing dynamic DNS service helps the cyber criminals escape the authorship attribution for their cyber crimes. It provides a layer of anonymity and anti forensics to the criminal activities of those abusing dynamic DNS service. This is more so when IP address cannot be solely relied upon to secure a conviction in a cyber crime case.

Further, using dynamic DNS services can also help in bypassing the IP blacklisting deployed by various service providers to prevent DNS abuses. The malware can be continued to be used to infect the computers of end users by using constantly-changing hosting IP addresses.

These IP addresses usually belong to law abiding and innocent users whose computers are compromised and made part of the botnet. These IP addresses may also belong to compromised public websites where the malicious payloads may be installed.

There may be a situation where domains themselves may be blacklisted. To circumvent domain blacklisting, cyber criminals can also use randomly-generated disposable sub-domains under the dynamic DNS domain to point to the next hop in a redirection chain or to the final malware hosting IP.

This behaviour seems similar to fast flux method but in practice dynamic DNS and fast flux are different concepts. Dynamic DNS operates at a micro level whereas fast flux operates at a macro level. Dynamic DNS operates at a regional level whereas fast flux operates at international level. Further, the authoritative name servers for a dynamic DNS domain physically belong to the dynamic DNS provider, whereas with fast flux, double fluxing is possible where the name servers can be made point to constantly changing IP address of physical hosts located in different countries. In practice, dynamic DNS domains map to a much smaller set of IP addresses than fast flux.

So what is the purpose of using the fast flux method?  Fast flux is a DNS technique used by cyber criminals to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts (botnets) acting as proxies. It can also refer to the combination of peer-to-peer networking, distributed command and control, web-based load balancing and proxy redirection used to make malware networks more resistant to discovery and counter-measures. Fast flux may be a single-flux or double-flux.

Some of these phishing and malware delivery websites are hosted on bullet proof server with mirrored hosting facilities. Mirrored hosting is a powerful mirrored web hosting management platform that uses multiple specially designed virtual servers to host website with 100% uptime. This is supported by powerful automated control panels. No one is able to trace original IP of the server or the place where the files are hosted so the websites/domains hosted have a 100% Uptime.

The security vendors must have been working on this issue and they may come up with state of the art and innovative methods to deal with this situation.

Source: CECSRDI.