Professional Documents
Culture Documents
Cybercrime refers to criminal activities that are committed using the internet or
other digital devices. With the increasing use of technology in our daily lives,
cybercrime has become a major issue that affects individuals, businesses, and
governments worldwide.
Overall, cybercrime is a serious and growing threat that requires ongoing efforts
from all stakeholders to prevent and mitigate its impact.
1
What is meant by Internal and External attacks in Cyber Crimes?
Internal and external attacks are two types of cyber attacks that can be used to
compromise the security of an organization's network and data.
External attacks, on the other hand, are carried out by individuals or groups who
do not have authorized access to the organization's systems or data. These attacks
can take many forms, such as phishing, ransomware, DDoS attacks, and malware.
External attackers typically exploit vulnerabilities in the organization's systems or
applications to gain unauthorized access or cause damage.
Here are some examples of internal and external attacks in cyber crimes:
Internal attacks:
1. Insider threat: An employee with authorized access to sensitive data uses that
access to steal or misuse the data for personal gain.
2
External attacks:
It's important to note that these are just a few examples of the many types of internal
and external attacks that can occur in cyber crimes. Organizations should
implement a comprehensive security strategy to protect against a wide range of
threats.
3
Physical access to a device or network can also be an attack vector. An attacker
with physical access to a computer or network can install malware, steal sensitive
data, or perform other malicious actions.
Intruders are continuously seeking out new attack vectors. The most common
attack vectors include the following:
4
an authorized set of credentials is uncovered. The hacker then uses
these credentials to hack a network, system or application.
3. Weak passwords and credentials. In brute-force attacks, cyber
attackers focus their efforts on hacking user IDs and passwords that are
weak or can be easily guessed. But hackers also steal credentials by
using programs that monitor public Wi-Fi networks for when users
input their access credentials. For example, a hacker could
install keylogging software on a user's workstation through an infected
website or email. The keylogging program logs user keyboard activity,
including the entry of the user's ID and password. Hackers can also gain
access by enticing users to open unsolicited email attachments that
contain malicious links to bogus websites that convince them to
surrender personally identifiable information (PII).
4. Malicious employees. Malicious or disgruntled employees can hack
into networks and systems using their security clearances to extract
sensitive information, such as customer lists and intellectual property
(IP) that they either demand ransom for or sell to others for nefarious
purposes.
5. Poor or missing encryption. In some cases, employees -- or IT -- may
forget to encrypt sensitive information stored on laptops and
smartphones out in the field. In other cases, encryption techniques have
known design flaws or only use limited keys to encrypt and protect
data.
6. Ransomware. Ransomware is a type of malware that locks the data on
the victim's computer, and the attacker either threatens to publish the
victim's data or block access to it unless a ransom is paid. Ransomware
can lock a user's files, often demanding a cash sum from the user in
order to unlock the files. Most ransomware is inadvertently downloaded
onto a computer or network by a user. It can come in the form of a file
that a user opens that contains a worm, which is malware that spreads
itself throughout a network, or a Trojan, which embeds malicious
5
software code in a downloaded file that locks up the user's computer or
data and then demands payment.
7. Phishing. Phishing is the deceptive practice of sending emails in which
the attacker purports to be from a reputable company such as a bank or
other financial institution, and asking the user to click on a link or
download an attachment. in order to lure individuals into revealing
personal information, such as passwords or credit card numbers. Spear
phishing is a highly targeted attack that targets a single recipient,
seeking unauthorized access to sensitive company information.
8. Misconfigured devices. Companies can misconfigure their software
and hardware security, which leaves them vulnerable to hackers.
Vendor security presets on equipment are lax, and if IT doesn't
reconfigure this equipment before installing it on networks, security
hacks can occur. In still other cases, companies purchase equipment
and forget to fully configure security.
9. Trust relationships. In many cases, companies entrust their security to
outside system and network vendors, cloud providers and business
partners. When the systems of these third parties are breached, the
information the hackers obtain may also contain sensitive information
from the companies these providers service. Examples include when a
major credit card carrier's network is breached or when a healthcare
system is breached and sensitive data from patients is stolen.
10. Distributed denial-of-service (DDoS) attacks. DDoS attacks flood
victims with bogus emails, rendering their system or network unusable
and services unavailable to their intended recipients. These attacks
often target the web servers of finance, commerce and government
organizations and are often used to distract an organization from other
network attacks.
5. Physical access: Attackers can gain physical access to a device or network and
install malware or steal sensitive data. For example, an attacker might steal a laptop
containing sensitive data or install a keylogger on a computer in a public place.
These are just a few examples of the many attack vectors that can be used in cyber
crimes. Organizations must remain vigilant and implement a variety of security
measures to protect against these and other attack vectors.
7
5. Man-in-the-middle attacks: Attackers intercept communication between two
parties and eavesdrop on or alter the transmission, allowing them to steal data or
manipulate the communication.
10. Physical attacks: Attackers gain physical access to a victim's computer system
or network, allowing them to steal data, install malware, or disrupt operations.
8
•Install security monitoring and reporting software. This includes software
that monitors, identifies, alerts and even locks down entry points to networks,
systems, workstations and edge technology once a potential attack by an
unidentified or unauthorized user or source is detected.
•Regularly audit and test IT resources for vulnerabilities. At a minimum, IT
vulnerability testing should be conducted quarterly, and an outside IT security
audit firm should test IT resources for vulnerability annually. Based upon these
findings, security policies, practices and prevention techniques should be
updated immediately.
•Keep IT security front and center. Security investments cost money, and a
chief information officer (CIO) and a chief security officer (CSO) need the chief
executive officer (CEO) and the board of directors to approve these purchases.
This requires regular briefings and education for C-level executives so they
understand the importance of securing IT and the ramifications for the company
and its reputation if IT is left unsecured.
•Train users. All new employees should be provided comprehensive training
in IT security policies and practices, and existing employees should be given
refresher training annually. IT personnel, especially in the security area, should
be current on the latest security policies and practices.
•Collaborate with human resources (HR). Social engineering vulnerability
audits should be performed with an outside security audit firm at least once
every two to three years. If there is suspicious employee activity, IT should
immediately alert HR so it can take appropriate action, whether it is meeting
with an employee, restricting an employee's access, coaching an employee or
firing an employee.
•Immediately install all updates. Whenever a hardware, firmware or software
update is issued, IT should promptly install it. If devices are used in the field, the
security updates should be provided as push notifications, where software or
firmware is automatically updated.
•Use thin clients for companies with a bring your own device (BYOD)
policy. It is preferable to house all corporate data in a secure cloud or other
9
enterprise system so users can sign in from home or from their own devices
through a virtual private network (VPN), which is restricted to a specific set of
users and is not open to the public. This eliminates sensitive data from being
stored on remote devices.
•Use strong data encryption on portable devices. Whether a portable device is
a laptop, a smartphone, a sensor or any other type of edge device, data
encryption should be used wherever sensitive data is stored. This can be done by
selecting a strong data encryption technology, such as Advanced Encryption
Standard (AES). The U.S. government uses AES, which contains 192- and 256-
bit keys for data encryption.
•Review and set all security configurations for OSes, internet browsers,
security software, network hubs and edge devices, such as sensors, smartphones
and routers. Often, systems, browsers, hubs and internet of things (IoT) devices
come with minimal default security settings, and companies forget to adjust
these settings. As a standard practice, companies should check and, if necessary,
reset security on all new IT.
•Secure physical spaces. While most data breaches and security hacks target IT,
physical access intrusions can also occur. Data centers, servers located in
different business departments and remote field offices, medical equipment,
field-based sensors and even physical file cabinets in offices are all hacking
targets. They should be secured, protected and regularly inspected.
10
Cyber crimes against individuals
Cyber crimes against individuals can take many forms and can have serious
consequences for the victim. Here are some examples:
1. Identity theft: Cyber criminals can steal personal information, such as social
security numbers, credit card numbers, or login credentials, and use it to
impersonate the victim or commit fraudulent activities.
2. Online harassment: Cyber criminals can use social media, messaging apps, or
other online platforms to harass, threaten, or bully individuals.
3. Sextortion: Cyber criminals use explicit images or videos of the victim, obtained
through hacking or social engineering, to blackmail or extort money from them.
4. Financial fraud: Cyber criminals can use phishing scams, malware, or other
techniques to gain access to the victim's bank accounts, credit cards, or other
financial information and steal money.
5. Romance scams: Cyber criminals create fake online profiles to lure victims into
romantic relationships and then use emotional manipulation to steal money or
personal information.
6. Cyberstalking: Cyber criminals can use online platforms to stalk and monitor
the victim's activities, often in an attempt to intimidate or control them.
7. Cyberbullying: Cyber criminals can use social media or other online platforms
to bully or harass individuals, often with the intent of causing emotional distress.
8. Hacking: Cyber criminals can use hacking techniques to gain access to the
victim's computer or other devices, steal personal information, or install malware.
9. Doxing: Cyber criminals can release personal information about the victim, such
as their home address or phone number, often with the intent of causing harm or
harassment.
10. Child exploitation: Cyber criminals can use online platforms to distribute or
access child pornography, groom children for sexual exploitation, or engage in
other illegal activities involving children.
Email spoofing is possible because the Simple Mail Transfer Protocol (SMTP), the
protocol used to send email messages, does not provide any mechanism to verify
the sender's identity. Instead, SMTP relies on the sender to accurately identify
themselves in the "From" field of the email header. However, this field can be
easily manipulated by the attacker, using various tools and techniques.
Online frauds refer to any fraudulent activity that is carried out over the internet,
typically with the intention of deceiving victims and stealing their money or
personal information. Online frauds can take many forms, including:
2. Online shopping fraud: These frauds involve fake online stores or sellers that
offer products at low prices and then either never deliver the products or deliver
fake or defective items.
12
3. Investment scams: These scams involve fraudulent investment opportunities that
promise high returns but are actually designed to steal victims' money.
4. Romance scams: These scams involve setting up fake online profiles to lure
victims into romantic relationships, and then using emotional manipulation to steal
money or personal information.
1. Email phishing: This is the most common form of phishing, where attackers
send emails to a large number of people, pretending to be a trustworthy entity, such
as a bank or social media site. The email usually contains a link to a fake login
page or other malicious website.
13
2. Spear phishing: This is a targeted form of phishing in which the attacker sends
a personalized email to a specific individual or group of individuals, often with
information that is specific to the victim, such as their name, job title, or company.
3. Smishing: This is a form of phishing that uses text messages instead of emails.
The attacker sends a text message that appears to be from a legitimate source, such
as a bank or credit card company, and contains a link to a fake website.
4. Vishing: This is a form of phishing that uses voice messages or phone calls to
trick victims into providing sensitive information. The attacker may pretend to be
a bank or other financial institution and ask the victim to provide their account
number or other personal information.
1. Email spam: This is the most common form of spamming, in which unsolicited
emails are sent to a large number of recipients. The emails may contain
advertisements, scams, or links to phishing websites.
2. Text message spam: This form of spamming involves sending unsolicited text
messages to a large number of recipients, typically with the intention of promoting
a product or service.
2. Blog posts: Bloggers can be accused of cyber defamation if they publish false
or harmful statements about an individual or organization.
Cyber defamation can have serious consequences for the victim, including damage
to their reputation, loss of business, and emotional distress. In addition, cyber
defamation can be difficult to remove once it has been posted online, and can
spread quickly through social media and other online channels.
Victims of cyber defamation may be able to take legal action against the person
who made the defamatory statement. This can involve filing a lawsuit for damages
or seeking an injunction to have the statement removed from the internet.
Cyber defamation, also known as online defamation, is the act of making false or
derogatory statements about a person or entity through digital channels such as
social media, blogs, forums, or online reviews. These statements can harm the
reputation of the individual or organization, leading to financial, emotional, or
psychological damages.
1. Libel: Written statements that are false and damaging to a person's or entity's
reputation.
2. Slander: Spoken statements that are false and damaging to a person's or entity's
reputation.
17
3. Revenge Porn: Sharing intimate photos or videos of someone without their
consent, often with the intent of causing harm or embarrassment.
4. False reviews: Posting fake or negative reviews about a person or business with
the intent of causing harm or financial loss.
Cyber defamation can have serious consequences, including legal action, damage
to reputation, and financial loss. It is important to be aware of the potential risks
and consequences of online statements and to always verify information before
sharing it online.
18
2. Blog posts: Bloggers can be accused of cyber defamation if they publish false
or harmful statements about an individual or organization.
Cyber defamation can have serious consequences for the victim, including damage
to their reputation, loss of business, and emotional distress. In addition, cyber
defamation can be difficult to remove once it has been posted online, and can
spread quickly through social media and other online channels.
Cyber stalking is a form of harassment that involves the use of technology to track,
monitor, and harass an individual. This can include sending threatening or
harassing messages, posting personal information online, or using GPS tracking to
monitor the victim's location.
Cyber stalking can be carried out through a variety of channels, including email,
social media, text messages, and instant messaging platforms. The perpetrator may
also use fake online profiles to contact the victim, or may use spyware or other
malicious software to gain access to their computer or mobile device.
19
Cyber stalking can have serious consequences for the victim, including emotional
distress, anxiety, and fear for their safety. In some cases, cyber stalking can escalate
into physical stalking or violence.
To protect themselves from cyber stalking, individuals can take several steps,
including:
5. Seeking help from law enforcement and legal professionals if they believe they
are being stalked or harassed.
Cyber stalking is a serious crime, and can carry significant legal consequences for
the perpetrator. If you believe that you are being stalked or harassed online, it is
important to seek help from law enforcement or a legal professional as soon as
possible.
20
Cyber bullying and harassment are forms of online abuse that involve the use of
technology and the internet to intimidate, threaten, or humiliate someone. This can
take many forms, including sending abusive messages or emails, posting
derogatory comments on social media, sharing embarrassing photos or videos, or
creating fake profiles to impersonate someone.
To prevent cyber bullying and harassment, it's important to be aware of the signs
and take action when necessary. This includes reporting any abusive behavior to
the appropriate authorities or platforms, blocking or unfollowing the offender, and
seeking support from friends, family, or a mental health professional.
It's also important to educate ourselves and others about online safety and
responsible internet use. This includes being mindful of the content we share online,
avoiding engaging with trolls or abusive users, and using privacy settings to protect
our personal information.
Overall, cyber bullying and harassment are serious issues that require our attention
and action. By working together to promote a safer and more respectful online
community, we can help prevent these harmful behaviors and create a more
positive and inclusive online environment.
21
There are various methods of computer sabotage, including introducing malware,
viruses, or other harmful software into a system, deleting or modifying files,
disrupting network connectivity, or stealing sensitive data. The consequences of
computer sabotage can be severe, ranging from financial losses to reputational
damage, legal liability, and even physical harm.
Law enforcement agencies also play a critical role in preventing and prosecuting
pornographic offenses. This includes investigating and shutting down websites and
networks involved in the production and distribution of illegal material, as well as
prosecuting offenders to the full extent of the law.
Password sniffing is a type of cyber attack that involves intercepting and recording
network traffic in order to extract passwords or other sensitive information. This
can be done using various methods, including packet sniffing software or hardware
devices that are designed to capture network traffic.
23
corporate data. Password sniffing can be particularly dangerous in environments
where weak passwords are used or where password reuse is common.
To protect against password sniffing, it's important to use strong passwords that
are difficult to guess or crack. This includes using a combination of uppercase and
lowercase letters, numbers, and special characters. Passwords should also be
changed regularly and should not be reused across multiple accounts.
Finally, network administrators can use various security tools and techniques to
detect and prevent password sniffing attacks. This includes implementing intrusion
detection and prevention systems, monitoring network traffic for suspicious
activity, and using strong authentication methods, such as two-factor
authentication.
If you suspect that your computer may be infected with a keylogger, it is important
to take immediate action to remove the malware and change any passwords or other
sensitive information that may have been compromised.
Screen loggers, also known as screen recording software or screen capture software,
are a type of software that records everything that appears on a computer screen,
including keystrokes, mouse clicks, and other activities. This type of software can
be used for a variety of purposes, including surveillance, monitoring employee
productivity, and creating training videos.
Screen loggers can be prevented by using good security practices, such as keeping
anti-virus and anti-malware software up-to-date, being cautious when opening
email attachments or visiting unfamiliar websites, and avoiding the use of public
computers for sensitive activities.
If you suspect that your computer may be infected with a screen logger, it is
important to take immediate action to remove the software and secure any sensitive
information that may have been recorded. This may involve changing passwords,
monitoring financial accounts for fraudulent activity, and seeking assistance from
a professional computer security expert.
25
Cyber crimes against women and children are a growing concern in today's digital
age. These crimes can take many forms, including online harassment,
cyberbullying, cyberstalking, revenge porn, and child sexual abuse material
(CSAM).
Online harassment is a type of cyber crime that involves the use of technology to
intimidate, threaten, or humiliate someone. This can include sending threatening
messages, spreading false rumors, or posting embarrassing photos or videos online.
Cyberstalking is a more serious form of online harassment that involves persistent,
unwanted contact that causes fear or distress.
Revenge porn is a type of cyber crime that involves the sharing of intimate photos
or videos without the consent of the person depicted. This can have devastating
consequences for the victim, including humiliation, loss of reputation, and even
job loss.
Child sexual abuse material (CSAM) is a type of cyber crime that involves the
creation, distribution, or possession of images or videos depicting child sexual
abuse. This is a serious crime that can have lifelong consequences for the victims
and is subject to severe criminal penalties.
There are certain cyber crimes committed to threaten the international governments
or organizations. These cyber crimes are mainly committed for the purpose of
26
spreading terror among people of a particular country. The instigators or
perpetrators of such crimes can be governments of enemy nations, terrorist groups
or belligerents etc. Cyber crimes against Government include cyber attack on the
government website, military website or cyber terrorism etc. In these kinds of
cyber crime, cyber criminals hack governments or organization’s websites,
government firm, and military websites and then circulate propaganda or threats or
rumors. These cyber crimes are known as cybercrimes against Governments or
Organizations. Following are the few examples of crime against Governments or
Organizations:
Cyber attackers who launch DoS in India are punishable under Section 66F of the
IT Act, which deals with cyber terrorism. As per the said Section, any person who
disrupts the authorised access to a computer resource or gets access to a computer
resource through unauthorised means or causes damage to a computer network is
liable for imprisonment which may extend for life.
Salami attack
It is one of the tactics to steal money, which means the hacker steals the money in
small amounts. The damage done is so minor that it is unnoticed. Generally, there
are two types of Salami attacks- Salami slicing and Penny shaving. In Salami
slicing, the attacker uses an online database to obtain customer information, such
27
as bank/credit card details. Over time, the attacker deducts insignificant amounts
from each account. These sums naturally add up to large sums of money taken
from the joint accounts invisibly.
Any person convicted of a Salami attack shall be punished under Section 66 IT Act
with imprisonment up to three years or a fine up to 5 lakhs or maybe both
Counterfeiting
Software counterfeiting is the illegal copying, distribution, and/or selling of
licensed computer software. Other elements that come with the software may be
also counterfeited, for example, the license agreement, packaging, registration
information, and security features. Cybercriminals usually present counterfeit
software as authentic but sell it for a lower price than the original.
Hard-disk loading
Hard disk loading is a form of commercial software piracy in which a PC reseller
buys a legal piece of computer software, copies it, installs it on a computer’s hard
disk, and sells the computer. Having software already installed makes the business’
offer more attractive to customers, most of whom aren’t even aware that they are
also purchasing unlicensed software.
Client-server overuse
Client-server overuse occurs when a company allows the number of users of a
particular software to exceed the number of licenses the company has for the
software. This happens when the company installs the software on its local area
network instead of an individual computer, making it possible for multiple users to
use the same software at the same time.
Online piracy
Online piracy, also known as internet piracy, is the illegal sharing, selling, and
acquiring of software on the internet. Online piracy is committed on:
• Online auction sites that sell counterfeit, outdated, and pirated software.
• Peer-to-peer file sharing networks that allow users to download and
distribute copyrighted software, films, music, and games.
• Usenet, the worldwide distributed discussion system, which offers
anonymity and is known for pirated content distribution.
• Websites that allow users to exchange pirated software.
• Websites that offer to download pirated software programs for free.
29
Examples of software piracy
You don’t need to search far and wide for everyday examples of software piracy.
Here are some common ones you will probably find familiar:
• Purchasing a single user license for a piece of software and downloading it
on your own computer as well as on someone else’s computer. The same
example applies to companies that opt for softlifting to save costs.
• Downloading copyrighted films, music, games, or e-books from shady
websites for free.
• Streaming content without authorization from its legal owner.
• Buying a used PC or a hard drive with potentially unlicensed software
installed on it.
Whether you engage in software piracy knowingly or not, it is still a federal crime
that poses multiple risks.
Risks of using pirated software
Using pirated software might be cheaper than buying original software, but you
should be aware of the dangers that await a software pirate.
• As an unauthorized user, you will not receive any updates or customer
support from the software manufacturer.
• You will face an increased risk of the unlicensed software malfunctioning
or crashing.
• You will put your online security at risk because illegal and counterfeit
software might infect your device with viruses, malware, or adware.
• Visiting pirating websites is a danger in itself — they contain malicious ads,
let alone infected files.
• You may face legal consequences due to copyright violation, including
financial penalties.
Being familiar with the risks is step one, while step two is taking action to avoid
software piracy altogether.
In recent years, industrial espionage has grown with the help of the internet
Penalties for industrial espionage can be significant, as seen in 1993 when
Volkswagen stole trade secrets from General Motors which led to a $100 million
fine.
Special Considerations
Industrial espionage tends to involve inside jobs in which employees steal secrets
for financial gain or to hurt target companies. In certain—and more unlikely—
31
cases, individuals may break into a company facility to steal documents, computer
files, or pick through a company's trash for valuable information. There's a greater
chance, though, that an industrial spy will use the internet to hack into a company's
network to gain access to trade secrets on work computers and servers. It may also
be conducted by governments as they pursue economic or financial goals.
1.The first and most common actively seeks to gather intelligence about a
company or organization. It may include the theft of intellectual property, such as
manufacturing processes, chemical formulas, recipes, techniques, or ideas.
2.Industrial espionage may also entail the concealment or denial of access to key
information related to pricing, bidding, planning, research, and more. Such a
practice is meant to create a competitive advantage for the party who has the
information.
32