1

CYBERCRIME AND SECURITY

HOD: Prof. Y.B.Sanap AUTHORS:

FACULTY: Prof. P.B.Mali Miss. Preety Nandkumar Koli

Miss. Saiyamee Santosh Salve

ABSTRACT: detection, deterioration, alteration or

suppression of computer data), misuse of
 The terms computer crime and cybercrime
devices, forgery(ID theft), and electronic
are more properly restricted to describing
fraud.
criminal activity in which the computer or
 Computer crime issues have become high-
network is a necessary part of the crime,
profile, particularly those surrounding
these terms are also sometimes used to
hacking, copyright infringement through
include traditional crimes, such as fraud,
warez, and child grooming.
identity theft, forgery, in which computer
 There are also problems of privacy when
or networks are used.
confidential information is lost or
 Computer crime can broadly be defined as
intercepted, lawfully or otherwise.
criminal activity involving an information
 Self-protection, while essential, is not
technology infrastructure, including illegal
sufficient to make cyberspace a safe place
access (unauthorized access), illegal
to conduct business. The rule of law must
interception (by technical means of non-
also be enforced.
public transmission of computer data to,
from or within a computer system), data Keywords: Cyber Attacks, Potential Economic
interference (unauthorized damaging, Impact, cyber crime, Consumer trust, National
Security, cyber security, cyber ethics, social
media, cloud computing, android apps.

1. INTRODUCTION:
Current era is too fast to utilize the time
factor to improve the performance factor. It is
only possible due the use of Internet. Everyone
appreciates the use of Internet but there is another
side of the coin that is cyber crime by the use of
Internet. Some of the kinds of Cyber-criminals are
mentioned as below:
 Crackers: These individuals are intent on
causing loss to satisfy some antisocial
motives or just for fun. Many computer
virus creators and distributors fall into this
category.
Fig. : 1
 Hackers: These individuals explore
others' computer systems for education,
out of curiosity, or to compete with their
peers. They may be attempting to gain the
use of a more powerful computer, gain
respect from fellow hackers, build a
reputation, or gain acceptance as an expert
without formal education.
2
Fig. : 2
 Pranksters: These individuals perpetrate
tricks on others. They generally do not
intend any particular or long-lasting harm.
Fig. : 3
 Career criminals: These individuals earn
part or all of their income from crime,
although they Malcontents, addicts, and
irrational and incompetent people. These
individuals extend from the mentally ill do
not necessarily engage in crime as a full-
time occupation.
 Cyber terrorists: There are many forms
of cyber terrorism. Sometimes it's a rather
smart hacker breaking into a government
website, other times it's just a group of
like-minded Internet users who crash a
website by flooding it with traffic.
 3

2. CYBER CRIME:

Cyber crime is a term for any illegal

activity that uses a computer as its primary means
Fig. : 4
of commission and theft. The U.S. Department of
 Cyber bulls: Cyber bullying is any
Justice expands the definition of cyber crime to
harassment that occurs via the Internet.
include any illegal activity that uses a computer
Vicious forum posts, name calling in chat
for the storage of evidence.
rooms, posting fake profiles on web sites,
and mean or cruel email messages are all  98% of companies are maintaining or
ways of cyber bullying. increasing their cyber security resources
and of those, half are increasing resources
devoted to online attacks this year
 Only one-third are completely confident in
the security of their information and even
less confident about the security measures
Fig. : 5 of their business partners.

 Salami attackers: Those attacks are used

for the commission of financial crimes.
The key here is to make the alteration so
insignificant that in a single case it would
go completely unnoticed e.g. a bank
Fig. : 7
employee inserts program into bank‘s
servers, which deducts a small amount Table 1. Estimated daily cybercrime activity

from the account of every customer.

Cybercrime Estimated
Daily Activity
Malicious scans 80 billion
New malware 300,000
Phishing 33,000
Fig. : 6 Ransomware 4,000
 4

3. CYBER ATTACKS : criminals would continue to target social media

A cyber attack is deliberate sites to steal personal data

exploitation of computer systems, Table 2:

technology-dependent enterprises and
networks. Cyber attacks use malicious Incidents Jan-June Jan-June %Increase/

code to alter computer code, logic or data, 2012 2013 (decrease)

resulting in disruptive consequences that Fraud 2439 2490 2

can compromise data and lead to Intrusion 2203 1726 (22)

cybercrimes, such as information and Spam 291 641 111

identity theft. Malicious 353 442 25

code

 Denial of Service attacks. Cyber 173 233 35

 Snipping attacks. Harassment
 Spoofing attack. Content 10 42 320
 Backdoor attack. Related
 Man-In-Middle attack. Intrusions 55 24 (56)
 Stolen e-mail addresses and login Attempts
credentials. Denial Of 12 10 (17)
Services
Vulnerability 45 11 (76)
reports
Total 5581 5592

The above Comparison of Cyber Security

Fig. : 8
Incidents reported to Cyber999 in Malaysia from
4. CYBER SECURITY: January–June 2012 and 2013 clearly exhibits the
cyber security threats. As crime is increasing even
Social networking sites provide a space
the security measures are also increasing.
where users feel safe as they interact with friends
and family. In the case of home users, cyber-
 5

5. SECURITY ETHICS: and social networking services. There are some

common features:
A security professional is faced with
ethical dilemmas every day. He or she is then  Social media are interactive Web 2.0
expected to make ethical decisions. In order to Internet-based applications.
comprehend this vast responsibility, one must  User-generated content, such as text posts
learn the theoretical background of ethics. or comments, digital photos or videos, and
data generated through all online
interactions, is the lifeblood of social
media.
 Users create service-specific profiles for
the website or app that are designed and
Fig. : 9 maintained by the social media
 Codes of Ethics organization.
The Security Officer Code of Ethics  Social media facilitate the development of
includes ten key elements. These include: online social networks by connecting a
Respond to employer’s professional needs, user's profile with those of other
exhibit exemplary conduct, protect individuals or groups.
confidential information, maintain a safe
and secure workplace, dress to create
professionalism, enforce all lawful rules
and regulations, encourage liaison with
public officers, develop good rapport
within the profession, strive to attain.
Fig. : 11
6. SOCIAL MEDIA:
Most popular social networks:
Social media are interactive computer-mediated
The following list of the leading social
technologies that facilitate the creation and
networks shows the number of active users as of
sharing of information, ideas, career interests and
July 2018.
other forms of expression via virtual communities
 6

 Face book: 2,196,000,000 users was popularized with “Amazon.com” releasing

its Elastic Compute Cloud product in
2006, references to the phrase "cloud computing"
appeared as early as 1996.

 YouTube: 1,900,000,000 users

Fig. : 12
 WhatsApp: 1,500,000,000 users
8. ANDROID:

Android is a mobile operating

system developed by Google, based on a modified
version of the Linux Kernel and other open source
 Instagram: 1,000,000,000 users
software and designed primarily for touch
screen mobile devices such as smart phones and
tablets. Initially developed by Android Inc., which
Google bought in 2005, Android was unveiled in
 Twitter: 336,000,000 users 2007, with the first commercial android
device launched in September 2008. The core
Android source code is known as Android Open
Source Project (AOSP), and is primarily licensed
under the Apache License.

7. CLOUD COMPUTING:

The “cloud” in cloud computing originated from

the habit of drawing the internet as a fluffy cloud Fig. : 13
in network diagrams. The term "cloud computing"
 7

9. CONTENTS: Emerging technologies will greatly assist

in concealing the origin of ill-gotten gains.
 Types of Cyber Crime
The development of informal banking
 Impact of Cyber Crime institutions and parallel banking systems

 Computer Crimes may permit central bank supervision to be

 Laws Applicable for Cyber Crimes bypassed, but can also facilitate the

 Trends changing cyber security evasion of cash transaction reporting

 Security Approaches requirements in those nations which have

 Techniques for Cyber Security them.

 Future Preventions against Cyber  Electronic Vandalism, Terrorism and

Crime Extortion

As never before, western industrial

9.1. Types of Cyber Crime:
society is dependent upon complex data
 Theft of Telecommunications Services processing and telecommunications
systems. Damage to, or interference with,
The "phone phreakers" of three
any of these systems can lead to
decades ago set a precedent for what has
catastrophic consequences. Whether
become a major criminal industry. By
motivated by curiosity or vindictiveness
gaining access to an organization’s
electronic intruders cause inconvenience at
telephone switchboard (PBX) individuals
best, and have the potential for inflicting
or criminal organizations can obtain access
massive harm.
to dial-in/dial-out circuits and then make
their own calls or sell call time to third 9.2. Impacts of Cyber Crime:
parties.
 Impact of Cyber Crime over Socio-Eco-
 Electronic Money Laundering and Tax Political Riders
Evasion Conceptually, crime is a dynamic
and relative phenomenon and subjected to
For some time now, electronic the relative sociopolitical & economical
funds transfers have assisted in concealing changes occurring in existing system of
and in moving the proceeds of crime. society. With its dynamicity, it is
 8

influenced by the changes occurring in the commonly misuse this knowledge for
correlated phenomenon and value system devious reasons.
generated by these changes. a) SQL Injections: An SQL injection
is a technique that allows hackers
 Impact of Cyber Crime over Teenager to play upon the security
These days a worst fear in vulnerabilities of the software that
teenager’s eyes is Cyber Bullying. It is runs a web site. It can be used to
become common over past five years, attack any type of unprotected or
generally from the age below eighteen are improperly protected SQL
more susceptible and feared from Cyber database.
Bullying as per inspection. It is becoming 2. Theft of FTP Passwords: This is another
an alarming trend in our society. very common way to tamper with web
sites. FTP password hacking takes
9.3 Computer Crimes:
advantage of the fact that many
In order to protect yourself you need to webmasters store their website login
know about the different ways in which your information on their poorly protected PCs.
computer can be compromised and your privacy The thief searches the victim’s system for
infringed. This isn’t an exhaustive list by any FTP login details, and then relays them to
means, but will give you a comprehensive idea of his own remote computer.
the loopholes in networks and security systems, 3. Logic bombs
which can be exploited by attackers, and also their A logic bomb, also known as “slag
possible motives for doing so. code”, is a malicious piece of code which
is intentionally inserted into software to
1. Hacking
execute a malicious task when triggered
In simple words, hacking is an act
by a specific event. It’s not a virus,
committed by an intruder by accessing
although it usually behaves in a similar
your computer system without your
manner. It is stealthily inserted into the
permission. Hackers (the people doing the
program where it lies dormant until
‘hacking’) are basically computer
specified conditions are met.
programmers, who have an advanced
understanding of computers and
4. Denial-of-Service attack

A Denial-of-Service (DoS) attack
is an explicit attempt by attackers to deny
service to intended users of that service.
Another variation to a denial-of-service
attack is known as a “Distributed Denial of
Service” (DDoS) attack wherein a number
of geographically widespread perpetrators
flood the network traffic. Websites of
companies such as Amazon, CNN, Yahoo,
Twitter and eBay! Are not spared either.
5. Phishing
This technique of extracting
confidential information such as credit
card numbers and username password
combos by masquerading as a legitimate
enterprise. Phishing is typically carried out
by email spoofing. You’ve probably
received email containing links to
legitimate appearing websites.
9.4. Laws Applicable for Cyber Crimes
6. Email bombing and spamming
Email bombing is characterized by
an abuser sending huge volumes of email
to a target address resulting in victim’s
email account or mail servers crashing.
The message is meaningless and
excessively long in order to consume
network resources. Such mail arriving
frequently in your inbox can be easily
detected by spam filters.
7. Web jacking
9
Web jacking derives its name from
“hijacking”. Here, the hacker takes control
of a web site fraudulently. He may change
the content of the original site or even
redirect the user to another fake similar
looking page controlled by him. The
owner of the web site has no more control
and the attacker may use the web site for
his own selfish interests.
8. Cyber stalking
Cyber stalking is a new form of
internet crime in our society when a
person is pursued or followed online. A
cyber stalker doesn’t physically follow his
victim; he does it virtually by following
his online activity to harvest information
about the stalkee and harass him or her
and make threats using verbal
intimidation.
 India :
 INFORMATION TECHNOLOGY
ACT 2000 Online
 United States :
 Access Device Fraud. 18 U.S.C. §
1029. Fraud and related activity in
connection with access devices.
 10

 Computer Fraud and Abuse Act. 9.5. TRENDS CHANGING CYBER

18 U.S.C. § 1030--Fraud and SECURITY:
related activity in connection with
Here mentioned below are some of the
computers.
trends that are having a huge impact on cyber
 CAN-SPAM ACT. 15 U.S.C. §
security.
7704. Controlling the Assault of
Non-Solicited Pornography and  Web servers: The threat of attacks on
Marketing Act of 2003. web applications to extract data or to
distribute malicious code persists. Cyber
 Canada : criminals distribute their malicious code
via legitimate web servers they’ve
 Criminal Code of Canada, Section
compromised. But data-stealing attacks,
342.1.Unauthorized Use of
many of which get the attention of media,
Computer.
are also a big threat. Web servers are
 Criminal Code of Canada, Section
especially the best platform for these cyber
184. Interception of
criminals to steal the data.
Communications.
 APT’s and targeted attacks: APT
 Malaysia : (Advanced Persistent Threat) is a whole
new level of cyber crime ware. As
 Computer Crimes Act 1997 (Act attackers grow bolder and employ more
563) vague techniques, network security must
integrate with other security services in
 Pakistan :
order to detect attacks

 Prevention of Electronic Crimes  Mobile Networks: Today we are able to

Ordinance 200 connect to anyone in any part of the world.

 Electronic Transactions Ordinance But for these mobile networks security is a

2002 very big concern. These days’ firewalls

and other security measures are becoming
 Singapore : porous as people are using devices such as
tablets, phones, PC’s etc all of which again
 Computer Misuse Act 1993

require extra securities apart from those
present in the applications used.
 IPv6: New internet protocol IPv6 is the
new Internet protocol which is replacing
IPv4 (the older version), which has been a
backbone of our networks in general and
the Internet at large.
 Encryption of the code: Encryption is
the process of encoding messages in such
a way that eavesdroppers or hackers
cannot read it... In an encryption scheme,
the message or information is encrypted
using an encryption algorithm, turning it
into an unreadable cipher text. This is
usually done with the use of an encryption
key, which specifies how the message is to
be encoded.
9.6. Security Approaches:
 Crime Security: Computer security is a
branch of technology known as
information security as applied to
computers and networks. The objective of
computer security includes protection of
information and property from theft,
corruption, or natural disaster, while
allowing the information and property to
remain accessible and productive to its
intended users.
 Some Approaches:
11
Here are several approaches to security in
computing; sometimes a combination of
approaches is valid:
 Trust all the software to abide by a
security policy but the software is not
trustworthy (this is computer
insecurity).
 Trust all the software to abide by a
security policy and the software is
validated as trustworthy (by tedious
branch and path analysis for example).
 Trust no software but enforce a
security policy with mechanisms that
are not trustworthy (again this is
computer insecurity).
 Trust no software but enforce a
security policy with trustworthy
mechanisms.
HARDWARE MECHANISMS THAT
PROTECT COMPUTERS AND DATA:
Hardware based or assisted computer security
offers an alternative to software-only computer
security. Devices such as dongles may be
considered more secure due to the physical access
required in order to be compromised. Hardware-
based security solutions can prevent read and
write access to data and hence offers very strong
protection against tampering.
SECURE OPERATING SYSTEMS:

One use of the term computer security refers to
technology to implement a secure operating
system. Much of this technology is based on
science developed in the 1980s and used to
produce what may be some of the most
impenetrable operating systems ever.
9.7. Techniques for Cyber Security:
 Access control and password security:
The concept of user name and password
has been fundamental way of protecting
our information. This may be one of the
first measures regarding cyber security.
Fig. : 14
 Authentication of data : The documents
that we receive must always
authenticated be before downloading that
is it should be checked if it has originated
from a trusted and a reliable source and
that they are not altered.
 Malware scanners: This is software that
usually scans all the files and documents
present in the system for malicious code or
harmful viruses. Viruses, worms, and
Trojan horses are examples of malicious
12
software that are often grouped together
and referred to as malware.
 Firewalls: A firewall is a software
program or piece of hardware that helps
screen out hackers, viruses, and worms
that try to reach your computer over
Internet.
Fig. : 15
 Anti-virus software: Antivirus software
is a computer program that detects,
prevents, and takes action to disarm or
remove malicious software programs, such
as viruses and worms.
9.8. Future Prevention against Cyber Crime:
be
In honor of National Cyber Security
Awareness Month, (NCSAM) here are some
measures you can take to protect yourself from
online criminals.
 Create Strong Passwords – Create
passwords with eight characters or more
and that use combinations of letters,
numbers, and symbols.

 Keep Private Information Private –
Keep social security numbers, account
numbers, and passwords private, as well as
specific information about yourself, such
as your full name and date of birth.
 Lock Your Computer – Lock your
computer and smart phones when not in
use.
 Protect Your Computer – Be cautious
about opening attachments or clicking on
links in emails and remember that free
apps (games, ringtones, and screen savers)
can hide viruses or spam.
 Own You’re Online Presence – Always
use privacy settings on social networking
websites.
10. CONCLUSION :
Cyber crime continues to diverge down
different paths with each New Year that passes
and so does the security of the information. The
latest and disruptive technologies, along with the
new cyber tools and threats that come to light
each day, are challenging organizations with not
only how they secure their infrastructure, but how
they require new platforms and intelligence to do
so. There is no perfect solution for cyber crimes
but we should try our level best to minimize them
13
in order to have a safe and secure future in cyber
space. Computer security is critical in almost any
technology-driven industry which operates on
computer systems. Computer security can also be
referred to as computer safety. The issues of
computer based systems and addressing their
countless vulnerabilities are an integral part of
maintaining an operational industry.
11. REFERENCES:
LINKS:
1. http://paperpresentationtopicsandpapers.bl
ogspot.com/2010/01/cyber-crime-and-
security.html
2. https://arxiv.org/ftp/arxiv/papers/1402/140
2.1842.pdf
3. https://www.slideshare.net/aemankhan/cybe
rcrimeppt-27376284
4. https://www.ijera.com/papers/Vol2_issue2
/AG22202209.pdf
5. https://www.digit.in/technology-
guides/fasttrack-to-cyber-crime/the-12-types-
of-cyber-crime.html
6. http://www.norse-corp.com/