CONTENTS

S.NO. Table of Contents

1. Introduction
2. Abstract
3. Literature Survey
4. Types /Problem Description
5. Architecture
6. Applications or Examples
7. Advantages
8. Future Scope
9. Conclusion
10. Reference
1.Introduction
We often hear the term ‘cybercrime’ bandied about these days, as it's a bigger
risk now than ever before due to the sheer number of connected people and
devices. But what is it exactly?

In a nutshell, it is simply a crime that has some kind of computer or cyber

(computer/computer networks from word cybernetics) aspect to it. To go into more
detail is not as straightforward, as it takes shape in a variety of different formats.
Cybercrime encompasses any criminal act dealing with computers and
networks. Additionally, cyber-Crime also includes traditional crimes conducted
throughthe Internet.

According to Interpol, Cybercrime is one of the fastest growing areas of crime.

More and more criminals are exploiting the speed, convenience and anonymity
that modern technologies offer in order to commit a diverse range of criminal
activities.

These include attacks against computer data and systems such as Denial
Service Attacks, identity theft, the distribution of child sexual abuse images,
internet auction fraud, thepenetration of online financial services, aswellasthe
deploymentofviruses, Botnets, and various email scams such as phishing.
2.Abstract:

The Computers have unleashed an era of enhanced productivity and creativity.

Communication and connectedness has seen new heights in the last two decades.
Internet has ushered a new revolution, The Online Revolution. As more and more
people are shifting their day to day activities online, more and more people are
targeting the easy-to-make money and information.
These are the contemporary criminals, enjoying the anonymity provided by the
Internet and numerous tools to gain entry into almost any system, taking advantage of
human error and system vulnerabilities. These are the Cyber Criminals, the ill-
motivated hackers, crackers and spammers. In this report,anattempthasbeen madetosee
Cyber Crime in a broad Spectrum, starting from scratch. Reports &Investigations
from World’s top Cyber Security firms has been incorporated.
3.Literature Survey:

Cyber security comprises of technologies, processes and practices

designed to protect computers, programs, networks and data from hacking,
damage or unauthorized access. Cyber security is also sometimes
conflated inappropriately in public discussion with other concepts such as
privacy, information sharing, intelligence gathering, and surveillance.
Cyber security comes into picture as well as we encounter cybercrimes. To
avoid giving cybercriminals the initiative, it is important for those
involved in the fight against cybercrime to try to anticipate qualitative and
quantitative changes in its underlying elements so that they can formulate
their methods appropriately. The importance of being acquainted with the
effects of cybercrime keeping in mind the recent activities that have taken
place and offering solutions to protect an individual and/or an organization
from them is laid down in this paper. Types of cyber security and cyber-
attacks are listed in this paper. It also throws light on the state of
cybercrimes and cyber security in India. A gist of Indian cyber laws is
presented in this paper as well.
4.Types /Problem Description:
Cyber crimes are broadly categorized into three categories, namely crimes
against:
• Individual
• Property
• Government
Each category can use a variety of methods and the methods used vary from
one criminal to another.

Individual: This type of cybercrime can be in the form of hacking, identity theft,
cyber bullying, cyber stalking, distributing pornography, trafficking and
“grooming”. Today, law enforcement
agencies are taking this category of cybercrime very seriously and are joining forces
internationally to reach and arrest the perpetrators.

Property: Just like in the real world where a criminal can steal and rob, even in the
cyber world criminals resort to stealing and robbing. In this case, they can steal a
person’s bank details and siphon off money; misuse the credit card to make
numerous purchases online; run a scam to get naïve people to part with their hard
earned money; use malicious software to gain access to an organization’s website
or disrupt the systems of the organization. The malicious software can also damage
software and hardware, just like vandal’s damage property in the offline world.

Government: Although not as common as the other two categories,

crimes against a government are referred to as cyber terrorism. If successful,
this category can wreak havoc and cause
panic amongst the civilian population. In this category, criminals hack
government websites, military websites or circulate propaganda. The perpetrators
can be terrorist outfits or unfriendly governments of Cyber Crime may take
many forms. The most common ones are
explained below:
Hacking:
This is a type of crime where in a person’s computer is broken into so that his
personal or sensitive information can be accessed. This is different from ethical
hacking, which many organizations use to check their Internet security protection.
In hacking, the criminal uses a variety of software to enter a person’s computer and
the person may not be aware that his computer is being accessed from a remote
location

Theft:

This crime occurs when a person violates copyrights and downloads music, movies,
games and software. There are even peer sharing websites which encourage
software piracy and many of these websites are now being targeted by the FBI.
Today, the justice system is addressing this cybercrime and there are laws that
prevent people from illegal downloading.

Cyber Stalking:

This is a kind of online harassment wherein the victim is subjected to a barrage of

online messages and emails. Typically, these stalkers know their victims and instead
of resorting to offline stalking, they use the Internet to stalk. However, if they notice
that cyber stalking is not having the desired effect, they begin offline stalking
along with cyber s talking to make the victims’ lives more miserable.

Malicious Software:

These are Internet-based software or programs that are used to disrupt a network. The
software is used to gain access to a system to steal sensitive information or data or
causing damage to software present in the system.
Identity Theft:

This has become a major problem with people using the Internet for cash
transactions and banking services. In this cyber-crime, a criminal accesses data
about a person’s bank account, credit cards, Social Security, debit card and other
sensitive information to siphon money or to buy things online in the victim’s name.
It can result in major financial losses for the victim and even spoil the
victim’s credit history.

Child soliciting and Abuse:

This is also a type of cyber-crime wherein criminals solicit minors via chat
rooms for the purpose of child pornography. The FBI has been spending a lot of
time monitoring chat rooms frequented by children with the hopes of reducing
and preventing child abuse and soliciting.

Cyber-Terrorism

Cyber-terrorism is distinguished from other acts of commercial crime or

incidents of hacking by its severity. Attacks against computer networks or the
information stored therein which result in "violence against persons or property,
or at least cause enough harm to generate fear" are to be considered cyber-
terrorism attacks according to congressional testimony from Georgetown
University professor Dorothy Denning. "Attacks that disrupt nonessential
services or that are mainly a costly nuisance" are not classified as cyber-terrorist
attacks by her definition.

DoS

Short for denial-of-service attack, a type of attack on a network that is designed to

bring the network to its knees by flooding it with useless traffic.Many DoS
attacks,such as the PingofDeathand Teardrop attacks, exploit limitations in the
TCP/IP protocols.
• How Cyber Criminals Attack?

All these forms of Cyber Crime are due to one or more kind of Attacks
bytheCyberCriminals or theHacktivist inquestion
Classes of attack might include passive monitoring of
communications, active network attacks, close-in
attacks, exploitation by insiders, and attacks through the service provider.
Information systems and networks offer attractive targets and should be
resistant to attack from the full range of threat agents, from hackers to
nation-states. A system must be able to limit damage and recover rapidly
when attacks occur.
There are five types of attacks, which are most common:

Passive Attack:
A passive attack monitors unencrypted traffic and looks for clear-text
passwords and sensitive information that can be used in other types of attacks.
Passive attacks include traffic analysis, monitoring of unprotected
communications, decrypting weakly encrypted
traffic, and capturing authentication information such as passwords. Passive
interception of network operations enables adversaries to see upcoming
actions. Passive attacks result in the disclosure of information or data files to
an attacker without the consent or knowledge of the user.

Active Attack:
In an active attack, the attacker tries to bypass or break into secured
systems. This can be done through stealth, viruses, worms, or Trojan horses.
Active attacks include attempts to circumvent or break protection features,
to introduce malicious code, and to steal or modify information.
These attacks are mounted against a networkbackbone,exploit
information in transit, electronically penetrate an enclave, or attack an
authorized remote user during an attempt to connect to an enclave. Active
attacks result in the disclosure or dissemination of data files, DoS, or
modification of data.
• Distributed Attack
• Adistributedattackrequiresthattheadversaryintroducecode, such as
a Trojan horse or back-door program, to a “trusted” component or software
that will later be distributed to many other companiesandusersDistribution
attacksfocusonthemalicious modification of hardware or software at the
factory or during distribution. These attacks introduce malicious code such as
a back doortoaproduct togainunauthorized accesstoinformationortoa system
function at a later date.
• Insider Attack
• An insiderattackinvolves someone fromthe inside, such as a disgruntled
employee, attacking the network Insider attacks can be malicious or no
malicious. Malicious insiders intentionally eavesdrop, steal, or damage
information; use information in a fraudulent manner; ordenyaccess toother
authorized users. No malicious attacks typically result from carelessness, lack
of knowledge, or intentional circumvention of security for such reasons as
performing atask.
•
• Close-in Attack
• Aclose-inattackinvolvessomeoneattemptingtogetphysically closeto
networkcomponents,data,andsystemsinordertolearn more about a network
Close-in attacks consist of regular individuals attaining close physical
proximity to networks, systems, or facilities for the purpose of modifying,
gathering, or denying access to information.
•
• Close physical proximity is achieved through surreptitious entry into
the network, open access, or both. One popular form of close in attack is social
engineering in a social engineering attack, the attacker compromises the
network or system through social interaction with a person, through an e-mail
message or phone.
• Various tricks can be used by the individual to revealing information
about the security of company. The information that the victim reveals to the
hacker would most likelybe used in a subsequent attack to gain unauthorized
access to a system or network.
• Phishing Attack
• In phishing attack the hacker creates a fake web site that looks
exactlylike a popular site such as the SBI bank or paypal. The phishing part
of the attack is that the hacker then sends an e-mail messagetrying totrickthe
userinto clicking alinkthatleadstothe fake site. When the user attempts to
log on with their account information, the hacker records the username
and password and then tries that information on the real site.
• Hijack attack
• Hijack attack In a hijack attack, a hacker takes over a session
between you and another individual and disconnects the other individual
from the communication. You still believe that you are talking to the original
partyand maysend privateinformation to the hacker by accident.
•
• Password attack
• An attacker tries to crack the passwords stored in a network account
database or a password-protected file. There are three major types of
passwordattacks:adictionaryattack,abrute-forceattack,anda hybrid attack. A
dictionary attack uses a word list file, which is a list of potential passwords. A
brute-force attack is when the attacker tries every possible combination of
characters.
•
• Buffer overflow
• BufferoverflowAbufferoverflowattackiswhentheattackersends more
data to an application than is expected. A buffer overflow attack usually
results in the attacker gaining administrative access to the system in a
Command prompt or shell.
•
•
• Spoof attack
• Spoof attack In a spoof attack, the hacker modifies the source
addressofthepacketsheorsheissendingsothattheyappeartobe comingfrom
someoneelse.Thismaybeanattempttobypassyour firewall rules.
Architecture:
6.Applications or Examples:

Before we delve deeper into the World Of Cyber Crime, let’s see if
its even worth the effort!
In the present decade, this term has gathered a large amount of
attention and hype, and people fear these shadowy group of
new brand of criminals for all sort of reasons. Let’s have a look
at some facts and figures
The "I love you" worm (named after the subject line of the
email it came in) proved irresistible in 2000 as millions of
users opened the spam message and downloaded the
attached 'love letter' file and a bitter virus.
This infamous worm cost companies and government
agencies $15 billion to shut down their computers and
remove the infection.
Conficker's stealthy
destruction Estimated
damage $9.1 billion
This 2007 worm infected millions of computers and then
took its infections further than the last two worms on our
list, as cybercrooks moved from notoriety to
professionalism.
Conficker was designed to download and install malware from
sites
controlled by the virus writers.

MyDoom's Mass
Infection Estimated
damage: $38 billion
This fast-moving worm first struck in 2004 and tops McAfee's
list in terms of monetary damage.
Due to all the spam it sent, it slowed down global Internet
access by 10 per cent and reduced access to some websites by
50 per cent, causing billions in dollars of lost productivity
and online sales.
Once upon a time, “distributed denial of service attacks” were
just a way for quarreling hackers to knock each other out of IRC.
Then one day in February 2000, a 15-year-old Canadian
named Michael “MafiaBoy” Calce experimentally
programmed his botnet to hose down the highest traffic
websites he could find. CNN, Yahoo, Amazon, eBay, Dell and
eTrade all buckled under the deluge, leading to national
headlines and an emergency meeting of security experts at the
White House.
In 2003, fear came in 376 bytes. The lightning-fast Slammer
worm targeted a hole in Microsoft’s SQL server, and despite
striking six months after a fix was released, the malware cracked
an estimated 75,000 unpatched servers in the space of hours.
Bank of America and Washington Mutual ATM networks
ground to a halt. Continental Airlines delayed and canceled
flights when its ticketing system got gummed up. Seattle lost its
emergency 911 network, and a nuclear power plant in Ohio lost
a safety monitoring system.

“OperationGetRich orDieTryin’ ”.For nearly four years

ending in 2008, 28-year-old Albert “Segvec” Gonzalez and his
accomplices in America and Russia staged the biggest data
thefts in history, stealing credit and debit card magstripe data
for sale on the black market.
Using Wi-Fi hacking and SQL injection, the gang popped
companies like 7-Eleven, Dave & Buster’s, Office Max, TJX,
and the credit card processor Heartland Payment Systems,
which alone gave up 130 million cards.

These are just a few instances of Cyber Crimes, which caused

mass losses, and troubles. Millions more are happening
everyday, every second, against individuals and
organisations alike by individuals and organisations alike!
Global Price Tag Of
Consumer Cyber Crime:

$113 BN

OTHER 17%

REPAIRS 24%

FRAUD 38%

83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF

FRAUD, REPAIRS, THEFT AND LOSS

USD $298
 AVERAGECOST PERVICTIM

THEFT OR
LOSS 21%

REPRESENTS A 50 PERCENT INCREASE OVER 2012

The Scale Of Consumer Cyber Crime:

378 MILLION

VICTIMS
PER YEAR
NEARLY 2.8 TIMES AS MANY BABIES BORN EACH
YEAR

MILLION+
 VICTIMS PER

DAY

ENOUGH TO FILL WEMBLEY STADIUM

(ENGLAND) MORE THAN 10 TIMES

12
VICTIMS
PER
SECOND
 50% OF
ONLINE
ADULTS
HAVE BEEN VICTIMS OF
CYBERCRIME AND / OR
NEGATIVE ONLINE
SITUATIONS IN THE PAST
YEAR (e.g., RECEIVED NUDE
IMAGES FROM STRANGERS
OR WERE BULLIED OR
STALKED ONLINE)

• Who are the Cyber Criminals?

When we speak about cybercrimes, such as phishing and
malware attacks, we tend to lump cybercriminals into one
category and operate under an assumption that they are all
motivated to steal credentials that lead to some sort of financial
theft. While those types of crimes do occur, it is important to
distinguish between the different types of cybercriminals that
comprise today’s threatscape.
Here are the basic types of cybercriminals in operation

today: Nation-states:

Most notably, China, Iran, other nation-states looking to steal and

infiltrate data.

Hacktivists:
Activists or groups (like WikiLeaks) seeking to steal data and
release it publicly. This category also includes Script kiddies,
and enthusiasts messing around status quo and having fun.

Professional Cybercriminals:
This group (led by technologists turned cybercriminal) does
the most damage, particularly to financial institutions,
retailers, e-commerce businesses, governments, etc. This
group of cybercriminals actually creates more fraud,
remediation and reputational damage than the other types of
cybercriminals combined.
• The Cybercrime Ecosystem:

Resources, Motivations and Methods

“ Cybercriminals Today Mirror Legitimate Business Processes “

- Fortinet 2013 Cybercrime Report

Long gone are the days when cybercrime was tantamount to

teenage miscreants causing mischief in their parents’ basement.
Today, as any commercial enterprise, cybercrime has evolved
into a complex, highly organized hierarchy involving leaders,
engineers, infantry, and hired
money mules. Looking from the outside in, there’s little to
distinguish cybercrime organizations from any other business.

Like any legitimate commercial enterprise, each player has a

designated role or function to perform. And each job is necessary
in order to create the desired good that turns the wheels of the
machine. The mission? Like any other business, it’s profitability.
Or, in some cases, retribution.

The fundamental laws of economics apply here as well. The

deliverables run the range from consulting, services, and
advertising to a myriad of programs that serve as the
“product.” The more features and/or more complex the service
offered, the higher the price.
According to the Fortinet’s 2013 cybercrime report, an
interesting study on cybercriminal ecosystem, identifying
the operations, the motivations, the methods, the resource
used and countermeasure adoptable to mitigate the cyber
threats are identified.
As demonstrated by various researchers conducted by
principal security firm’s cybercrime industry operates
exactly as legitimate businesses working in a global
industry. What is very concerning is the capabilities of
criminal organizations to quickly react to new business
opportunities demonstrating a high level of
motivation, very common is the habit to recruit skilled
professionals or rent specialist services to arrange illegal
activities.

Criminal organizations have different motivations for their

operations, they could adopt a direct method of
monetization earning with frauds and illegal activities such
as cyber espionage or estorsions, or they can decide to
monetize the providing of illegal services such as the renting
of botnets or customization of malicious code.

Cybercrime has no specific Geo localization, it operates on a

global scale in the cyber space exploiting different law
framework adopted by various governments that make
cybercrime relatively risk free compared with traditional
crimes.
In too many countries cyber laws are very poor, the level of
enforcement is low exactly such as monitoring of criminal
ecosystem, this advantages the growth cybercriminals
organizations.
Cybercrime often goes unpunished ,it is very profitable and
contrary to what we can think the providing of criminal services
in the model dubbed Crime-as-a-Service allows also to
ordinary crime without technological background to become
part of “cybercriminal business”.
Being a cybercriminal allows to gain handsome profits
especially in countries where per capita income is extremely
low. Cybercrime pays, it’s very common to find advertising
looking to recruit cyber specialists (e.g. botmaster, malware
engineers) promising amount of money between $2,000 and
$5,000 a month.
 This amount of
money is very attractive if we consider the monthly earns for
these categories of professionals located in Eastern Europe,
especially in countries such as Russia and Moldova.

• How Cyber Criminals Attack?

All these forms of Cyber Crime are due to one or more

kind of Attacks by the Cyber Criminals or the Hacktivist
in question
Classes of attack might include passive monitoring of
communications, active network attacks, close-in
attacks, exploitation by insiders, and attacks through the service
provider. Information systems and networks offer attractive
targets and should be resistant to attack from the full range
of threat agents, from hackers to nation-states. A system must
be able to limit damage and recover rapidly when attacks
occur.

There are five types of attacks, which are most common:

Passive Attack
A passive attack monitors unencrypted traffic and looks for
clear-text passwords and sensitive information that can be used
in other types of attacks. Passive attacks include traffic
analysis, monitoring of unprotected communications,
decrypting weakly encrypted
traffic, and capturing authentication information such as
passwords. Passive interception of network operations enables
adversaries to see upcoming actions. Passive attacks result in the
disclosure of information or data files to an attacker without
the consent or knowledge of the user.

Active Attack
In an active attack, the attacker tries to bypass or break into
secured systems. This can be done through stealth, viruses,
worms, or Trojan horses. Active attacks include attempts to
circumvent or break protection features, to introduce
malicious code, and to steal or modify information.
These attacks are mounted against a network backbone, exploit
information in transit, electronically penetrate an enclave, or
attack an authorized remote user during an attempt to
connect to an enclave. Active attacks result in the disclosure
or dissemination of data files, DoS, or modification of data.
Distributed Attack
A distributedattack requires that the adversary introduce
code, such as a Trojan horse or back-door program, to a
“trusted” component or software that will later be distributed
to many other companies and users Distribution attacks focus
on the malicious modification of hardware or software at the
factory or during distribution. These attacks introduce
malicious code such as a back door to a product to gain
unauthorized access to information or to a system function at a
later date.
Insider Attack
An insider attack involves someone from the inside, such as a
disgruntled employee, attacking the network Insider attacks can
be malicious or no malicious. Malicious insiders intentionally
eavesdrop, steal, or damage information; use information in a
fraudulent manner; or deny access to other authorized users. No
malicious attacks typically result from carelessness, lack of
knowledge, or intentional circumvention of security for such
reasons as performing a task.

Close-in Attack
A close-inattackinvolves someone attempting to get physically
close to network components, data, and systems in order to learn
more about a network Close-in attacks consist of regular
individuals attaining close physical proximity to networks,
systems, or facilities for the purpose of modifying, gathering,
or denying access to information.
Close physical proximity is achieved through surreptitious
entry into the network, open access, or both. One popular form
of close in attack is social engineering in a social engineering
attack, the attacker compromises the network or system
through social interaction with a person, through an e-mail
message or phone.
Various tricks can be used by the individual to revealing
information about the security of company. The information
that the victim reveals to the hacker would most likely be used in a
subsequent attack to gain unauthorized access to a system or
network.
Phishing Attack
In phishing attack the hacker creates a fake web site that
looks exactly like a popular site such as the SBI bank or
paypal. The phishing part of the attack is that the hacker then
sends an e-mail message trying to trick the user into clicking a
link that leads to the fake site. When the user attempts to log
on with their account information, the hacker records the
username and password and then tries that information on
the real site.
Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session
between you and another individual and disconnects the
other individual from the communication. You still believe
that you are talking to the original party and may send private
information to the hacker by accident.

Password attack
An attacker tries to crack the passwords stored in a network
account database or a password-protected file. There are three
major types of password attacks: a dictionary attack, a brute-
force attack, and a hybrid attack. A dictionary attack uses a word
list file, which is a list of potential passwords. A brute-force
attack is when the attacker tries every possible combination of
characters.
Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker
sends more data to an application than is expected. A buffer
overflow attack usually results in the attacker gaining
administrative access to the system in a Command prompt or
shell.

Spoof attack
Spoof attack In a spoof attack, the hacker modifies the
source address of the packets he or she is sending so that they
appear to be coming from someone else. This may be an attempt
to bypass your firewall rules.

• Current Scenario
Recent studies published on the evolution of principal cyber
threats in the security landscape. They present concerning
scenarios, characterized by the constant growth of cyber
criminal activities.

Even though the level of awareness of cyber threats has

increased, and law enforcement acts globally to combat them,
illegal profits have reached amazing figures. The impact to
society has become unsustainable, considering the global
economic crisis.

It’s necessary to work together to avoid the costs the global

community suffers, which we can no longer sustain. The risk of
business collapse is concrete, due to the high cost for enterprises
in mitigating counter measures, and the damage caused by
countless attacks.

Principal security firms which observe and analyze the incidents

occurred to their clients have provided estimates of the annual
loss suffered by enterprises. Dozens of billion dollars tare
eroding their profits. If we extend the effects of cybercrime to
government
circles, public industry and the entire population, it’s easy
to assume that the amount of damage reaches several hundred
billion dollars.

In many cases, that estimate can be misleading. That’s because

there were still too many companies that fail to quantify the
losses related to cybercrime. In some cases, they totally
ignore that
they’re victims of attacks. The majority of estimates relied on
a survey, and loss estimates are based on raw assumptions
about the magnitude and effect of cyber attacks to provide
an economic evaluation.
Cyber criminal activities are increasing by incidence in a
scenario made worse by the economic crisis. We also face
tightened spending by the private sector, and reduced financial
liquidity.

Nearly 80% of cybercrime acts are estimated to originate in some

form of organized activity. The diffusion of the model of fraud-as-
service and the diversification of the offerings of the underground
market is also attracting new actors with modest skills.
Cybercrime is becoming a business opportunity open to
everybody driven by profit and personal gain.
According to experts at RSA security, cybercrime continues
to improve its techniques and the way it organizes and targets
victims. The RSA Anti-Fraud Command Center (AFCC) has
developed the following list of the top cybercrime trends it
expects to see evolve:

• As the world goes mobile, cybercrime will follow

• The privatization of banking, trojans and other malware
• Hacktivism and the ever-targeted enterprise
• Account takeover and increased use of manually-assisted cyber
attacks
• Cybercriminals will leverage Big Data principles to
increase the effectiveness of attacks
Cybercrime activities are globally diffused, financially-
driven acts. Such computer-related fraud is prevalent, and
makes up around one third of acts around the world.

Another conspicuous portion of cybercrime acts are represented

by computer content, including child pornography, content
related to terrorism offenses, and piracy. Another significant
portion of crime relates to acts against confidentiality, integrity
and accessibility of computer systems.
That includes illegal access to a computer system, which
accounts for another one third of all acts.

It’s clear that cyber crime is influenced by national laws and by

the pressure and efficiency of local law enforcement.

8.1. Cyber Crime Statistics

A study, titled The 2013 Cost of Cyber Crime Study, conducted

by Ponemon Institute, provides an estimation of the
economic impact of cybercrime. It’s sponsored by HP for the
fourth consecutive year.
It reveals that the cost of cybercrime in 2013 escalated 78
percent, while the time necessary to resolve problems has
increased by nearly 130 percent in four years. Meanwhile,
the average cost to resolve a single attack totalled more than
$1 mKeiylliofinn.dings include:
 The average annualized cost of cybercrime incurred per
organization was $11.56 million, with a range of $1.3 million to
$58 million. This is an increase of 26 percent, or $2.6 million,
over the average cost reported in 2012.
Organizations in defense, financial services and energy and
utilities
suffered the highest cybercrime costs.
Data theft caused major costs, 43 percent of the total external
costs, business disruption or lost productivity accounts for 36%
of external costs. While the data theft decreased by 2% in the
last year, business disruption increased by 18%.
Organizations experienced an average of 122 successful attacks
per
week, up from 102 attacks per week in 2012.
The average time to resolve a cyber attack was 32 days, with an
average cost incurred during this period of $1,035,769, or
$32,469 per day—a 55 percent increase over last year’s
estimated average cost of $591,780 for a 24-day period.
Denial-of-service, web-based attacks and insiders account for
more
than 55% of overall annual cybercrime costs per
organization. Smaller organizations incur a significantly
higher per-capita cost than larger organizations.
Recovery and detection are the most costly internal activities.
Symantec experts have also analyzed the incidence of
cybercrime in different countries around the world.
THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME
38

USA

BN

EUROPE

13

BN

RUSSIA
1

BN

CHINA

37

MEXICO

BN
 4 BN 1
BN

JAPAN

BN

BRAZIL

BN

SOUTH AFRICA

INDIA

0.3
BN

AUSTRALIA

1BN

The 2013 Norton Report states that the lack of efficient

authentication mechanisms and defense mechanisms is the
primary cause of incidents for mobile users. Almost half don’t
use basic precautions and a third were victims of illegal activities
last year.
What’s very concerning is that, given the awareness level of
users regarding cyber threats, only a small portion of mobile
users (26%) have installed security software and 57% aren’t
aware of existence of security solutions for mobile
environments. These numbers explain why mobile
technology is so attractive for cyber crime. In the majority of
cases, the systems are totally exposed to cyber threats due to
bad habits and risky behavior.

Great interest is dedicated to cloud computing, and in particular

to cloud storage solutions that make it easy to archive and share
files. 24% of users use the same cloud storage account for
personal and work activities. 18% share their collection of
documents with their friends. Once again, bad habits facillitate
cyber crime. Cloud services bundle a multitude of data
services in one place, so they’re attractive targets for hackers.

A study on 234 benchmarked Organizations

Revealed the following proportions of cyber
crime Activity:

• Indian Laws & Cyber Crime:

The Indian Law has not given any definition to the term ‘cyber
crime’. In fact, the Indian Penal Code does not use the term ‘cyber
crime’ at any point even after its amendment by the
Information
Technology (amendment) Act 2008, the Indian Cyber law. But
“Cyber Security” is defined under Section (2) (b) means
protecting information, equipment, devices computer,
computer
resource, communication device and information stored
therein from unauthorized access.
In essence, cyber law is an attempt to apply laws designed for
the physical world, to human activity on the Internet. In India,
The IT Act, 2000 as amended by The IT (Amendment) Act,
2008 is known as the Cyber law. It has a separate chapter XI
entitled “Offences” in which various cyber crimes have been
declared as penal offences punishable with imprisonment
and fine.
Let us look into some common cyber-crime scenarios which can
attract prosecution as per the penalties and offences
prescribed in IT Act 2000 (amended via 2008) Act.
• Harassment via fake public profile on social networking site
A fake profile of a person is created on a social networking site
with the correct address, residential information or contact
details but he/she is labelled as ‘prostitute’ or a person of
‘loose
character’. This leads to harassment of the victim.
Provisions Applicable:- Sections 66A, 67 of IT Act and Section 509
of the Indian Penal Code.
• Online Hate Community
Online hate community is created inciting a religious group
to act or pass objectionable remarks against a country,
national figures etc.
Provisions Applicable: Section 66A of IT Act and 153A & 153B of
the Indian Penal Code.

• Email Account Hacking

If victim’s email account is hacked and obscene emails are
sent to people in victim’s address book.
Provisions Applicable:- Sections 43, 66, 66A, 66C, 67, 67A and
67B of
IT Act.
• Credit Card Fraud
Unsuspecting victims would use infected computers to make
online transactions.
Provisions Applicable:- Sections 43, 66, 66C, 66D of IT Act and
section 420 of the IPC.
• Web Defacement
The homepage of a website is replaced with a
pornographic or defamatory page. Government sites
generally face the wrath of hackers on symbolic days.
Provisions Applicable:- Sections 43 and 66 of IT Act and
Sections 66F, 67 and 70 of IT Act also apply in some cases.
• Introducing Viruses, Worms, Backdoors, Rootkits,
Trojans, Bugs All of the above are some sort of malicious
programs which are used to destroy or gain access to some
electronic information.
Provisions Applicable:- Sections 43, 66, 66A of IT Act and
Section 426 of Indian Penal Code.
• Cyber Terrorism
Many terrorists are use virtual(GDrive, FTP sites) and physical
storage media(USB’s, hard drives) for hiding information and
records of their illicit business. IT Act 2000: Penalties,
Offences with Case Studies Confidential Network
Intelligence (India) Pvt. Ltd. Page 14 of 24 Provisions
Applicable: Conventional terrorism laws may apply along with
Section 69 of IT Act.

• Online sale of illegal Articles

Where sale of narcotics, drugs weapons and wildlife is
facilitated by the Internet
Provisions Applicable:- Generally conventional laws apply
in these cases.
• Phishing and Email Scams
Phishing involves fraudulently acquiring sensitive
information through masquerading a site as a trusted
entity.
Provisions Applicable:- Section 66, 66A and 66D of IT Act and
Section 420 of IPC
• Theft of Confidential Information
Many business organizations store their confidential
information in computer systems. This information is
targeted by rivals, criminals and disgruntled employees.
Provisions Applicable:- Sections 43, 66, 66B of IT Act and
Section 426 of Indian Penal Code.
• Source Code Theft
A Source code generally is the most coveted and important
"crown jewel" asset of a company.
Provisions applicable:- Sections 43, 66, 66B of IT Act and Section
63 of
Copyright Act.
• Tax Evasion and Money Laundering
Money launderers and people doing illegal business
activities hide their information in virtual as well as physical
activities.
Provisions Applicable: Income Tax Act and Prevention of Money
Laundering Act. IT Act may apply case-wise.
• Online Share Trading Fraud
It has become mandatory for investors to have their demat
accounts linked with their online banking accounts which are
generally accessed unauthorized, thereby leading to share trading
frauds.
Provisions Applicable: Sections 43, 66, 66C, 66D of IT Act and
Section
420 of IPC

• Cyber Crime Prevention Tips

Use Strong Passwords

Use different user ID /password combinations for different
accounts and avoid writing them down. Make the passwords
more complicated by combining letters, numbers, special
characters (minimum 10 characters in total) and change them on
a regular basis.
Secure your
computer:
Activate your
firewall
Firewalls are the first line of cyber defense; they block
connections to unknown or bogus sites and will keep out some
types of viruses and hackers.
Use anti-virus/malwaresoftware
Prevent viruses from infecting your computer by installing and
regularly updating anti-virus software.
Block spyware attacks
Prevent spyware from infiltrating your computer by installing
and
updating anti-spyware software.
Secure your Mobile Devices
Be aware that your mobile device is vulnerable to
viruses and hackers. Download applications from
trusted sources.

Install the latest operating system updates

Keep your applications and operating system (e.g.
Windows, Mac, Linux) current with the latest system updates.
Turn on automatic updates to prevent potential attacks on older
software.
Protect your Data
Use encryption for your most sensitive files such as tax returns or
financial records, make regular back-ups of all your important
data, and store it in another location.
Secure your wireless network
Wi-Fi (wireless) networks at home are vulnerable to intrusion
if they are not properly secured. Review and modify default
settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable.
Use VPNs like vemeo.
Avoid conducting financial or corporate transactions on these
networks.

Protect your e-identity

Be cautious when giving out personal information such as your
name, address, phone number or financial information on the
Internet. Make sure that websites are secure (e.g. when making
online purchases) or that you’ve enabled privacy settings (e.g.
when accessing/using social networking sites).

Avoid being scammed

Always think before you click on a link or file of unknown origin.
Don’t feel pressured by any emails. Check the source of the
message. When in doubt, verify the source. Never reply to
emails that ask you to verify your information or confirm your
user ID or password.

Review bank and credit card statements regularly.

The impact of identity theft and online crimes can be greatly
reduced if you can catch it shortly after your data is stolen or when
the first use of your information is attempted. One of the easiest
ways to get the tip-off that something has gone wrong is by
reviewing the monthly statements provided by your bank and
credit card companies for anything out of the ordinary.
In an organisation, Education and awareness across the staff
will go a long way to protect against many types of cybercrime.

Bibliography

In writing this report, I’ve found following

resources highly useful.
• 2013 Cost of Cyber Crime Study: Global
Report by Ponemon Institute© Research
Report.
• Fortinet 2013 Cyber Crime Report
• 2013 Norton Cyber Security Report
• Forbes: How to prevent cyber crime
• Cisco - CCNA Study Guide 640 - 802 - Network
Security access lists standards and extended
• Articles on Cross Domains Solution Website
• Other websites: wired.in, webopedia.com ,
wikipedia.com and numerous other resourceful sites.