Professional Documents
Culture Documents
Cybercrime 140425112603 Phpapp02
Cybercrime 140425112603 Phpapp02
These include attacks against computer data and systems such as Denial
Service Attacks, identity theft, the distribution of child sexual abuse images,
internet auction fraud, thepenetration of online financial services, aswellasthe
deploymentofviruses, Botnets, and various email scams such as phishing.
2.Abstract:
Individual: This type of cybercrime can be in the form of hacking, identity theft,
cyber bullying, cyber stalking, distributing pornography, trafficking and
“grooming”. Today, law enforcement
agencies are taking this category of cybercrime very seriously and are joining forces
internationally to reach and arrest the perpetrators.
Property: Just like in the real world where a criminal can steal and rob, even in the
cyber world criminals resort to stealing and robbing. In this case, they can steal a
person’s bank details and siphon off money; misuse the credit card to make
numerous purchases online; run a scam to get naïve people to part with their hard
earned money; use malicious software to gain access to an organization’s website
or disrupt the systems of the organization. The malicious software can also damage
software and hardware, just like vandal’s damage property in the offline world.
Theft:
This crime occurs when a person violates copyrights and downloads music, movies,
games and software. There are even peer sharing websites which encourage
software piracy and many of these websites are now being targeted by the FBI.
Today, the justice system is addressing this cybercrime and there are laws that
prevent people from illegal downloading.
Cyber Stalking:
Malicious Software:
These are Internet-based software or programs that are used to disrupt a network. The
software is used to gain access to a system to steal sensitive information or data or
causing damage to software present in the system.
Identity Theft:
This has become a major problem with people using the Internet for cash
transactions and banking services. In this cyber-crime, a criminal accesses data
about a person’s bank account, credit cards, Social Security, debit card and other
sensitive information to siphon money or to buy things online in the victim’s name.
It can result in major financial losses for the victim and even spoil the
victim’s credit history.
This is also a type of cyber-crime wherein criminals solicit minors via chat
rooms for the purpose of child pornography. The FBI has been spending a lot of
time monitoring chat rooms frequented by children with the hopes of reducing
and preventing child abuse and soliciting.
Cyber-Terrorism
DoS
All these forms of Cyber Crime are due to one or more kind of Attacks
bytheCyberCriminals or theHacktivist inquestion
Classes of attack might include passive monitoring of
communications, active network attacks, close-in
attacks, exploitation by insiders, and attacks through the service provider.
Information systems and networks offer attractive targets and should be
resistant to attack from the full range of threat agents, from hackers to
nation-states. A system must be able to limit damage and recover rapidly
when attacks occur.
There are five types of attacks, which are most common:
Passive Attack:
A passive attack monitors unencrypted traffic and looks for clear-text
passwords and sensitive information that can be used in other types of attacks.
Passive attacks include traffic analysis, monitoring of unprotected
communications, decrypting weakly encrypted
traffic, and capturing authentication information such as passwords. Passive
interception of network operations enables adversaries to see upcoming
actions. Passive attacks result in the disclosure of information or data files to
an attacker without the consent or knowledge of the user.
Active Attack:
In an active attack, the attacker tries to bypass or break into secured
systems. This can be done through stealth, viruses, worms, or Trojan horses.
Active attacks include attempts to circumvent or break protection features,
to introduce malicious code, and to steal or modify information.
These attacks are mounted against a networkbackbone,exploit
information in transit, electronically penetrate an enclave, or attack an
authorized remote user during an attempt to connect to an enclave. Active
attacks result in the disclosure or dissemination of data files, DoS, or
modification of data.
• Distributed Attack
• Adistributedattackrequiresthattheadversaryintroducecode, such as
a Trojan horse or back-door program, to a “trusted” component or software
that will later be distributed to many other companiesandusersDistribution
attacksfocusonthemalicious modification of hardware or software at the
factory or during distribution. These attacks introduce malicious code such as
a back doortoaproduct togainunauthorized accesstoinformationortoa system
function at a later date.
• Insider Attack
• An insiderattackinvolves someone fromthe inside, such as a disgruntled
employee, attacking the network Insider attacks can be malicious or no
malicious. Malicious insiders intentionally eavesdrop, steal, or damage
information; use information in a fraudulent manner; ordenyaccess toother
authorized users. No malicious attacks typically result from carelessness, lack
of knowledge, or intentional circumvention of security for such reasons as
performing atask.
•
• Close-in Attack
• Aclose-inattackinvolvessomeoneattemptingtogetphysically closeto
networkcomponents,data,andsystemsinordertolearn more about a network
Close-in attacks consist of regular individuals attaining close physical
proximity to networks, systems, or facilities for the purpose of modifying,
gathering, or denying access to information.
•
• Close physical proximity is achieved through surreptitious entry into
the network, open access, or both. One popular form of close in attack is social
engineering in a social engineering attack, the attacker compromises the
network or system through social interaction with a person, through an e-mail
message or phone.
• Various tricks can be used by the individual to revealing information
about the security of company. The information that the victim reveals to the
hacker would most likelybe used in a subsequent attack to gain unauthorized
access to a system or network.
• Phishing Attack
• In phishing attack the hacker creates a fake web site that looks
exactlylike a popular site such as the SBI bank or paypal. The phishing part
of the attack is that the hacker then sends an e-mail messagetrying totrickthe
userinto clicking alinkthatleadstothe fake site. When the user attempts to
log on with their account information, the hacker records the username
and password and then tries that information on the real site.
• Hijack attack
• Hijack attack In a hijack attack, a hacker takes over a session
between you and another individual and disconnects the other individual
from the communication. You still believe that you are talking to the original
partyand maysend privateinformation to the hacker by accident.
•
• Password attack
• An attacker tries to crack the passwords stored in a network account
database or a password-protected file. There are three major types of
passwordattacks:adictionaryattack,abrute-forceattack,anda hybrid attack. A
dictionary attack uses a word list file, which is a list of potential passwords. A
brute-force attack is when the attacker tries every possible combination of
characters.
•
• Buffer overflow
• BufferoverflowAbufferoverflowattackiswhentheattackersends more
data to an application than is expected. A buffer overflow attack usually
results in the attacker gaining administrative access to the system in a
Command prompt or shell.
•
•
• Spoof attack
• Spoof attack In a spoof attack, the hacker modifies the source
addressofthepacketsheorsheissendingsothattheyappeartobe comingfrom
someoneelse.Thismaybeanattempttobypassyour firewall rules.
Architecture:
6.Applications or Examples:
Before we delve deeper into the World Of Cyber Crime, let’s see if
its even worth the effort!
In the present decade, this term has gathered a large amount of
attention and hype, and people fear these shadowy group of
new brand of criminals for all sort of reasons. Let’s have a look
at some facts and figures
The "I love you" worm (named after the subject line of the
email it came in) proved irresistible in 2000 as millions of
users opened the spam message and downloaded the
attached 'love letter' file and a bitter virus.
This infamous worm cost companies and government
agencies $15 billion to shut down their computers and
remove the infection.
Conficker's stealthy
destruction Estimated
damage $9.1 billion
This 2007 worm infected millions of computers and then
took its infections further than the last two worms on our
list, as cybercrooks moved from notoriety to
professionalism.
Conficker was designed to download and install malware from
sites
controlled by the virus writers.
MyDoom's Mass
Infection Estimated
damage: $38 billion
This fast-moving worm first struck in 2004 and tops McAfee's
list in terms of monetary damage.
Due to all the spam it sent, it slowed down global Internet
access by 10 per cent and reduced access to some websites by
50 per cent, causing billions in dollars of lost productivity
and online sales.
Once upon a time, “distributed denial of service attacks” were
just a way for quarreling hackers to knock each other out of IRC.
Then one day in February 2000, a 15-year-old Canadian
named Michael “MafiaBoy” Calce experimentally
programmed his botnet to hose down the highest traffic
websites he could find. CNN, Yahoo, Amazon, eBay, Dell and
eTrade all buckled under the deluge, leading to national
headlines and an emergency meeting of security experts at the
White House.
In 2003, fear came in 376 bytes. The lightning-fast Slammer
worm targeted a hole in Microsoft’s SQL server, and despite
striking six months after a fix was released, the malware cracked
an estimated 75,000 unpatched servers in the space of hours.
Bank of America and Washington Mutual ATM networks
ground to a halt. Continental Airlines delayed and canceled
flights when its ticketing system got gummed up. Seattle lost its
emergency 911 network, and a nuclear power plant in Ohio lost
a safety monitoring system.
$113 BN
OTHER 17%
REPAIRS 24%
FRAUD 38%
USD $298
AVERAGECOST PERVICTIM
THEFT OR
LOSS 21%
378 MILLION
VICTIMS
PER YEAR
NEARLY 2.8 TIMES AS MANY BABIES BORN EACH
YEAR
MILLION+
VICTIMS PER
DAY
12
VICTIMS
PER
SECOND
50% OF
ONLINE
ADULTS
HAVE BEEN VICTIMS OF
CYBERCRIME AND / OR
NEGATIVE ONLINE
SITUATIONS IN THE PAST
YEAR (e.g., RECEIVED NUDE
IMAGES FROM STRANGERS
OR WERE BULLIED OR
STALKED ONLINE)
today: Nation-states:
Hacktivists:
Activists or groups (like WikiLeaks) seeking to steal data and
release it publicly. This category also includes Script kiddies,
and enthusiasts messing around status quo and having fun.
Professional Cybercriminals:
This group (led by technologists turned cybercriminal) does
the most damage, particularly to financial institutions,
retailers, e-commerce businesses, governments, etc. This
group of cybercriminals actually creates more fraud,
remediation and reputational damage than the other types of
cybercriminals combined.
• The Cybercrime Ecosystem:
Active Attack
In an active attack, the attacker tries to bypass or break into
secured systems. This can be done through stealth, viruses,
worms, or Trojan horses. Active attacks include attempts to
circumvent or break protection features, to introduce
malicious code, and to steal or modify information.
These attacks are mounted against a network backbone, exploit
information in transit, electronically penetrate an enclave, or
attack an authorized remote user during an attempt to
connect to an enclave. Active attacks result in the disclosure
or dissemination of data files, DoS, or modification of data.
Distributed Attack
A distributedattack requires that the adversary introduce
code, such as a Trojan horse or back-door program, to a
“trusted” component or software that will later be distributed
to many other companies and users Distribution attacks focus
on the malicious modification of hardware or software at the
factory or during distribution. These attacks introduce
malicious code such as a back door to a product to gain
unauthorized access to information or to a system function at a
later date.
Insider Attack
An insider attack involves someone from the inside, such as a
disgruntled employee, attacking the network Insider attacks can
be malicious or no malicious. Malicious insiders intentionally
eavesdrop, steal, or damage information; use information in a
fraudulent manner; or deny access to other authorized users. No
malicious attacks typically result from carelessness, lack of
knowledge, or intentional circumvention of security for such
reasons as performing a task.
Close-in Attack
A close-inattackinvolves someone attempting to get physically
close to network components, data, and systems in order to learn
more about a network Close-in attacks consist of regular
individuals attaining close physical proximity to networks,
systems, or facilities for the purpose of modifying, gathering,
or denying access to information.
Close physical proximity is achieved through surreptitious
entry into the network, open access, or both. One popular form
of close in attack is social engineering in a social engineering
attack, the attacker compromises the network or system
through social interaction with a person, through an e-mail
message or phone.
Various tricks can be used by the individual to revealing
information about the security of company. The information
that the victim reveals to the hacker would most likely be used in a
subsequent attack to gain unauthorized access to a system or
network.
Phishing Attack
In phishing attack the hacker creates a fake web site that
looks exactly like a popular site such as the SBI bank or
paypal. The phishing part of the attack is that the hacker then
sends an e-mail message trying to trick the user into clicking a
link that leads to the fake site. When the user attempts to log
on with their account information, the hacker records the
username and password and then tries that information on
the real site.
Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session
between you and another individual and disconnects the
other individual from the communication. You still believe
that you are talking to the original party and may send private
information to the hacker by accident.
Password attack
An attacker tries to crack the passwords stored in a network
account database or a password-protected file. There are three
major types of password attacks: a dictionary attack, a brute-
force attack, and a hybrid attack. A dictionary attack uses a word
list file, which is a list of potential passwords. A brute-force
attack is when the attacker tries every possible combination of
characters.
Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker
sends more data to an application than is expected. A buffer
overflow attack usually results in the attacker gaining
administrative access to the system in a Command prompt or
shell.
Spoof attack
Spoof attack In a spoof attack, the hacker modifies the
source address of the packets he or she is sending so that they
appear to be coming from someone else. This may be an attempt
to bypass your firewall rules.
• Current Scenario
Recent studies published on the evolution of principal cyber
threats in the security landscape. They present concerning
scenarios, characterized by the constant growth of cyber
criminal activities.
USA
BN
EUROPE
13
BN
RUSSIA
1
BN
CHINA
37
MEXICO
BN
4 BN 1
BN
JAPAN
BN
BRAZIL
BN
SOUTH AFRICA
INDIA
0.3
BN
AUSTRALIA
1BN
Bibliography