Professional Documents
Culture Documents
Unit- 1
Introduction to Cybercrime
WHAT IS CYBER SECURITY?
• Cyber security surround by the technologies, processes and practices that are
put in place to provide protection from cyber-attacks that are designed to
cause harm against a network system or access data without authorization.
• Internet has opened a new way of exploitation known as cybercrime involving
the use of computers, the Internet, cyberspace and the worldwide web
(WWW).
Introduction
• Figure 1 (previous page), based on a 2008 survey in Australia, shows the
cybercrime trend.
• While the worldwide scenario on cybercrime looks bleak, the situation in
India is not any better.
Indian corporate and government sites have been attacked or defaced
more than 780 times between February 2000 and December 2002.
A total of 3,286 Indian websites were hacked in 5 months – between
January and June 2009.
• Cybercrime: Definition and Origins of the Word
• A crime conducted in which a computer was directly and scientifically
instrumental. (not universally accepted)
• The definitions of computer crime:
• Classifications of Cybercrimes
• Crime
Defn. “An act or the commission of an act that is forbidden, or the
omission of a duty that is commanded by public law and that makes the
offender liable to punishment by law”.
–
2. Spamming
– People who create electronic Spam are called spammers.
– Spam is the abuse of electronic messaging systems to send unsolicited
bulk messages indiscriminately.
– Spamming is widely detested, and has been the subject of legislation in
many jurisdictions
• for example, the CAN-SPAM Act of 2003.
•
• Search engine spamming
Spamming is alteration or creation of a document with the intent to
deceive an electronic catalog or a filling system.
Some web authors use “subversive techniques” to ensure that their
site appears more frequently or higher number in returned search
results. Following are the types:
By: Tamal Dey, Dept. of CA 5
UE19MC522 - Cyber Security
• Definition. Excessive manipulation to influence search engine rankings,
often for pages which contain little or no relevant content.
•
3. Cyberdefamation
– “Cyberdefamation” occurs when defamation takes place with the help
of computers and/or the According to the IPC Section 499:
1. It may amount to defamation to impute (possessed by someone ) anything
to a deceased person, if the imputation would harm the reputation of that
person if living, and is intended to be hurtful to the feelings of his family or
other near relatives.
2. It may amount to defamation to make an imputation concerning a
company or an association or collection of persons as such.
• Cyber defamation is not a specific criminal offense, misdemeanor or torture,
but rather defamation or slander conducted via digital media, usually through
the Internet.
• Communication of a false statement that, depending on the law of the
country, harms the reputation of an individual, business, product, group,
government, religion, or nation
By: Tamal Dey, Dept. of CA 6
UE19MC522 - Cyber Security
3. An imputation (an accusation) in the form of an alternative or expressed
ironically, may amount to defamation.
4. No imputation is said to harm a person’s reputation unless that imputation
directly or indirectly, in the estimation of others by:
• lowers the moral or intellectual character of that person
• lowers the character of that person in respect of his caste
• lowers the credit of that person
• causes it to be believed that the body of that person is in a loathsome (causing
hatred) state or in a state generally considered as disgraceful.
• The law on defamation attempts to create a workable balance between two
equally important human rights
1. The right to an unimpaired (damaged) reputation (belief)
2. The right to freedom of expression
• Data Diddling
A data diddling attack involves altering raw data just before it is
processed by a computer and then changing it back after the
processing is completed.
Electricity Boards in India have been victims to data diddling programs
inserted when private parties computerize their systems.
Data diddling occurs when someone with access to information of
some sort changes this information before it is entered into a
computer. This is done to provide some sort of benefit to
• Web Jacking
• Web jacking occurs when someone forcefully takes control of a website (by
cracking the password and later changing it). Known as password sniffing.
The actual owner doesn’t have any control over website.
• Usenet Newsgroup as the Source of Cybercrimes
• Usenet is a popular means of sharing and distributing information on the Web
with respect to specific topic or subjects. It is a mechanism that allows sharing
information in a many-to-many manner. The newsgroups are spread across
30,000 different topics
• Newsgroup Spam/Crimes Emanating from Usenet Newsgroup
• The advent of Google Groups, and its large Usenet archive, has made Usenet
more attractive to spammers than ever.
•
• Spamming of Usenet newsgroups actually predates E-Mail Spam.
•
• Industrial Spying/Industrial Espionage
• “Spies” can get information about product finances, research and
development and marketing strategies, an activity known as “industrial
spying.”
• “Targeted Attacks” - applies very well to organizations that are victim of
focused attacks aiming at stealing corporate data, Intellectual Property or
whatever else that may yield a competitive advantage for a rival company.
• There are two distinct business models for cybercrime applied to industrial
spying
Selling Trojan-ware
Selling Stolen Intellectual Property.
• Hacking
•
• Hackers, crackers and phrackers are some of the oft-heard terms. The original
meaning of the word “hack” meaning an elegant, witty or inspired way of
doing almost anything originated at MIT (Massachusetts Institute of
Technology).
• Computer Sabotage
• Credit Card Frauds
Millions of dollars may be lost annually by consumers who have credit card
and calling card numbers stolen from online databases.
Bulletin boards and other online services are frequent targets for hackers who
want to access large databases of credit card information.
• Identity Theft
Identity theft is a fraud involving another person’s identity for an illicit
purpose.
This occurs when a criminal uses someone else’s identity for his/her own
illegal purposes.
The cyber impersonator can steal unlimited funds in the victim’s name
without the victim even knowing about it for months, sometimes even for
years!
• Cybercrimes: An Indian Perspective
• India has the fourth highest number of Internet users in the world.
• Cybercrime and the Indian ITA 2000
The first step toward the Law relating to E-Commerce at international level to
regulate an alternative form of commerce and to give legal status in the area
of E-Commerce.
• Hacking and the Indian Law(s)
Cybercrimes are punishable under two categories: the ITA 2000 and the IPC.
A total of 207 cases of cybercrime were registered under the IT Act in 2007
compared to 142 cases registered in 2006.
Under the IPC too, 339 cases were recorded in 2007 compared to 311 cases
in 2006.
• A Global Perspective on Cybercrimes
Cyberoffenses
How Criminals Plan Them
• Introduction
• In today’s world of Internet and computer networks, a criminal activity can be
carried out across national borders with “false sense of anonymity (the
condition of being anonymous.)”.
• An attacker would look to exploit the vulnerabilities (exposed) in the
networks such as:
1. Inadequate border protection (border as in the sense of network periphery
[edge]);
2. remote access servers (RASs) with weak access controls;
3. application servers with well-known exploits;
• Active Attacks
An active attack involves probing the network to discover individual hosts to
confirm the information gathered in the passive attack phase.
It involves the risk of detection and is also called “Rattling the doorknobs” or
“Active reconnaissance.”
Active reconnaissance can provide confirmation to an attacker about security
measures in place.
• Scanning and Scrutinizing Gathered Information
• The objectives of scanning are:
1. Port scanning: Identify open/close ports and services.
2.Network scanning: Understand IP Addresses and related information about the
computer network systems.
3.Vulnerability scanning: Understand the existing weaknesses in the system.
• Attack (Gaining and Maintaining the System Access)
• After the scanning and enumeration, the attack is launched using the
following steps:
1. Crack the password;
2. exploit the privileges;
3. execute the malicious commands/applications;
4. hide the files (if required);
• Spear phishing is an email-spoofing attack that target a specific organization
or individual, seeking unauthorized access to sensitive information. Spear-
phishing attempts are not typically initiated by random hackers, but are more
likely to be conducted by perpetrators (carries out a harmful) out for financial
gain, trade secrets or military information.
• Phishing Examples
• Phishing emails and text messages often tell a story to trick you into
clicking on a link or opening an attachment. They may
• say they’ve noticed some suspicious activity or log-in attempts
• claim there’s a problem with your account or your payment information
By: Tamal Dey, Dept. of CA 20
UE19MC522 - Cyber Security
• say you must confirm some personal information
• include a fake invoice
• want you to click on a link to make a payment
• say you’re eligible to register for a government refund
• offer a coupon for free stuff
Classification of Social Engineering