1 Cyber Crimes

W
hile there is little you can do to prevent hackers from researching your company,
you can reduce the threat this poses by conducting the same research yourself.
Though the process is a bit tedious to learn, it is free to use; you are simply
conducting competitive intelligence upon your own enterprise. By reviewing your
own information, you can draw similar conclusions to the attackers, allowing you to
strengthen those areas of your business that may be at risk.
1.1 What is Cyber Crime?
Cybercrime is defined as a crime where a computer is the object of the crime or is
used as a tool to commit an offense. Or, it can be defined as any criminal activity
that involves a computer, networked device or a network. While most cybercrimes are
carried out in order to generate profit for the cybercriminals, some cybercrimes
are carried out against computers or devices directly to damage or disable them,
while others use computers or networks to spread malware, illegal information,
images or other materials. Some cybercrimes do both -- i.e., target computers to
infect them with a computer virus, which is then spread to other machines and,
sometimes, entire networks.
The U.S. Department of Justice (DOJ) divides cybercrime into three categories:
1. crimes in which the computing device is the target -- for example, to gain
network access;
2. crimes in which the computer is used as a weapon -- for example, to launch a
Denial-of-Service attack ; and
3. crimes in which the computer is used as an accessory to a crime -- for
example, using a computer to store illegally obtained data.

1.2 Types of Cyber Crimes

There are many different types of cybercrime; most cybercrimes are carried out with
the expectation of financial gain by the attackers, though the ways cybercriminals
aim to get paid can vary. Some specific types of cybercrimes include the following:
� Cyberextortion: A crime involving an attack or threat of an attack coupled
with a demand for money to stop the attack. One form of cyberextortion is the
ransomware attack, in which the attacker gains access to an organization's systems
and encrypts its documents and files -- anything of potential value -- making the
data inaccessible until a ransom is paid, usually in some form of cryptocurrency,
such as bitcoin.
� Cryptojacking: An attack that uses scripts to mine cryptocurrencies within
browsers without the user's consent. Cryptojacking attacks may involve loading
cryptocurrency mining software to the victim's system. However, many attacks depend
on JavaScript code that does in-browser mining if the user's browser has a tab or
window open on the malicious site; no malware needs to be installed as loading the
affected page executes the in-browser mining code.
� Cyber Theft: Cyber theft is a part of cybercrime which means theft carried
out by means of computers or the Internet.
Plagiarism
P Piracy
U Unlawful appropriation
B Business Espionage
G Getting someone�s identity
The most common types of cyber theft include the following:
a. Phishing: Phishing is the fraudulent attempt to obtain sensitive information
such as usernames, passwords and credit card details by disguising oneself as a
trustworthy entity in an electronic communication. Typically carried out by email
spoofing or instant messaging, it often directs users to enter personal
information at a fake website which matches the look and feel of the legitimate
site.
b. Internet Time Theft - It refers to the theft in a manner where the
unauthorized person uses internet hours paid by another person. The authorized
person gets access to another person's ISP user ID and password, either by hacking
or by illegal means without that person's knowledge.
c. Identity Theft: Identity theft is the deliberate use of someone else's
identity, usually as a method to gain a financial advantage or obtain credit and
other benefits in the other person's name, and perhaps to the other person's
disadvantage or loss.
� Cyber Terrorism: Cyber terrorism is any planned activity in the cyber space
via internet/computer to create terror in the social space.
� Assault by Threat: Act of giving threat to someone�s life or the loved one�s
life. The Blue Whale Game, made by Philipp Budeikin in 2013 is a very good example
for this type of cybercrime.
� Computer Trespassing: A computer trespass is defined as accessing a computer
without proper authorization and gaining financial information, information from a
department or agency of the United States and/or information from any protected
computer.
� Cyber Fraud: Cyber Fraud or Internet fraud is a type of fraud or deception
which makes use of the Internet and could involve hiding of information or
providing incorrect information for the purpose of tricking victims out of money,
property, and inheritance.
� Destructive Cybercrime: It is related to damage the network, delete data or
steal them for misusing. For example: Injecting virus, Cyber Vandalism
� Internet Gambling: Unlike real casinos that are highly regulated, Internet
gambling is unregulated and dangerous. Individuals gambling on the Internet risk
providing credit card numbers and money to criminal gambling operators. Further,
minors can gamble on the sites since the Internet is unaware of the age of its
users.
� Selling illegal narcotics (a dangerous drug)
� Advertising abusive content OR Mal-advertising
1.3 Scale of Cyber Threat
The U.S. government spends $19 billion per year [1] on cyber-security but warns
that cyber-attacks continue to evolve at a rapid pace. To combat the proliferation
of malicious code and aid in early detection, the National Institute of Standards
and Technology (NIST) recommends continuous, real-time monitoring of all electronic
resources.

2 Cyber Security
C
omputer security, cybersecurity or information technology security is the
protection of computer systems from the theft of or damage to their hardware,
software, or electronic data, as well as from the disruption or misdirection of the
services they provide.
2.1 Types of Cyber Security
� Network security is the practice of securing a computer network from
intruders, whether targeted attackers or opportunistic malware.
� Application security focuses on keeping software and devices free of threats.
A compromised application could provide access to the data its designed to protect.
Successful security begins in the design stage, well before a program or device is
deployed.
� Information security protects the integrity and privacy of data, both in
storage and in transit.
� Operational security includes the processes and decisions for handling and
protecting data assets. The permissions users have when accessing a network and the
procedures that determine how and where data may be stored or shared all fall under
this umbrella.
� Disaster recovery and business continuity define how an organization responds
to a cyber-security incident or any other event that causes the loss of operations
or data. Disaster recovery policies dictate how the organization restores its
operations and information to return to the same operating capacity as before the
event. Business continuity is the plan the organization falls back on while trying
to operate without certain resources.
� End-user education addresses the most unpredictable cyber-security factor:
people. Anyone can accidentally introduce a virus to an otherwise secure system by
failing to follow good security practices. Teaching users to delete suspicious
email attachments, not plug in unidentified USB drives, and various other important
lessons is vital for the security of any organization.
2.2 How does cyber-security measure protect users and systems?
First, cyber-security relies on cryptographic protocols to encrypt emails, files,
and other critical data. This not only protects information in transit, but also
guards against loss or theft. In addition, end-user security software scans
computers for pieces of malicious code, quarantines this code, and then removes it
from the machine. Security programs can even detect and remove malicious code
hidden in Master Boot Record (MBR) and designed to encrypt or wipe data from
computer�s hard drive.
Electronic security protocols also focus on real-time malware detection. Many use
heuristic and behavioural analysis to monitor the behaviour of a program and its
code to defend against viruses or Trojans that change their shape with each
execution (polymorphic and metamorphic malware). Security programs can confine
potentially malicious programs to a virtual bubble separate from a user's network
to analyse their behaviour and learn how to better detect new infections.
Security programs continue to evolve new defences as cyber-security professionals
identify new threats and new ways to combat them.