CHAITANYA BHARATHI INSTITUTE OF TECHNOLOGY

BASICS OF CYBER SECURITY

ASSIGNMENT -1
B.Nandhini
ROLL NO: 160120735014
ECE -1

1.Explain in detail how criminals plan the attacks (in different phases
describing with a set of tools in each phase) with any two real time
examples.

Criminals planning attacks typically follow a series of phases, each with

specific goals and strategies. Here's a detailed breakdown of these phases, along
with the tools commonly used:

1. Reconnaissance Phase:

 Goal: Gather information about the target.

 Tools:
o Open-source intelligence (OSINT) tools: These tools scrape the
internet for publicly available information about the target, such as
social media profiles, company websites, and news articles.
o Network scanning tools: Used to discover the target's network
infrastructure, including IP addresses, open ports, and services
running on those ports.

2. Scanning Phase:

 Goal: Identify potential vulnerabilities in the target's network.

 Tools:
o Port scanners: These tools scan the target's network for open
ports, which can help identify services running on those ports.
o Vulnerability scanners: Used to identify known vulnerabilities in
the target's systems and applications.

3. Gaining Access Phase:

  Goal: Gain initial access to the target's network.
 Tools:
o Exploit frameworks: Tools like Metasploit provide a framework
for developing and executing exploits against known
vulnerabilities.
o Phishing kits: Used to create and launch phishing attacks, which
trick users into providing access credentials or downloading
malware.

4. Maintaining Access Phase:

 Goal: Maintain persistent access to the target's network.

 Tools:
o Backdoors: Malicious software that provides a way for attackers
to regain access to the target's network even if their initial access is
discovered and closed.
o Remote administration tools (RATs): Used to remotely control
compromised systems and carry out further malicious activities.

5. Covering Tracks Phase:

 Goal: Hide evidence of the attack to avoid detection.

 Tools:
o Log cleaners: Tools that remove or modify log files to hide
evidence of the attacker's activities.
o File wipers: Malware that deletes files or entire hard drives to
cover up the attack.

6. Collecting Information Phase:

 Goal: Gather sensitive information from the target's network.

 Tools:
o Keyloggers: Capture keystrokes on compromised systems,
allowing attackers to steal passwords and other sensitive
information.
o Data exfiltration tools: Used to transfer stolen data from the
target's network to the attacker's systems.

7. Exploitation Phase:

 Goal: Exploit the information gathered during the attack for financial
gain or other malicious purposes.
 Tools:
 o Cryptocurrency wallets: Used to receive payments from
ransomware attacks or other extortion schemes.
o Money mule recruitment tools: Used to recruit individuals to
launder money or transfer funds on behalf of the attacker.

Each of these phases requires careful planning and execution on the part of the
attacker. By understanding these phases and the tools used, organizations can
better defend against cyber attacks by implementing appropriate security
measures and best practices.

1.Twitter Celebrities Attack

In July 2020, Twitter was breached by a group of three attackers, who took over
popular Twitter accounts. They used social engineering attacks to steal
employee credentials and gain access to the company’s internal management
systems, later identified by Twitter as vishing (phone phishing). Dozens of well-
known accounts were hacked, including Barack Obama, Jeff Bezos, and Elon
Musk. The attackers used the stolen accounts to post bitcoin scams and earned
more than $100,000. Two weeks after the events, the US Justice Department
charged three suspects, one of whom was 17 years old at the time.
2.SolarWinds Supply Chain Attack
This was a massive, highly innovative supply chain attack detected in December
2020, and named after its victim, Austin-based IT management company
SolarWinds. It was conducted by APT 29, an organized cybercrime group
connected to the Russian government. The attack compromised an update meant
for SolarWinds’s software platform, Orion. During the attack, threat actors
injected malware, which came to be known as the Sunburst or Solorigate
malware—into Orion’s updates. The updates were then distributed to
SolarWinds customers. The SolarWinds attack is considered one of the most
serious cyber espionage attacks on the United States, because it successfully
breached the US military, many US-based federal agencies, including agencies
responsible for nuclear weapons, critical infrastructure services, and a majority
of Fortune 500 organizations.
2.Illustrate Social Engineering and its types with any 2 real time cases
booked under social engineering.

Social engineering is a tactic used by attackers to manipulate individuals into

divulging confidential information, providing access to systems, or performing
actions that compromise security. It preys on human psychology and relies on
deception rather than technical means. Here are some common types of social
engineering attacks:

1. Phishing: Attackers send emails or messages that appear to be from a

legitimate source, such as a bank or a trusted organization, to trick
individuals into providing sensitive information like passwords or credit
card numbers.
2. Pretexting: Attackers create a false pretext, or scenario, to trick
individuals into providing information or performing actions. For
example, an attacker might pretend to be a co-worker who needs access
to a sensitive file.
3. Baiting: Attackers offer something enticing, such as a free download or a
prize, to trick individuals into providing information or downloading
malicious software.
4. Quid pro quo: Attackers offer a service or benefit in exchange for
information or access. For example, an attacker might offer IT support in
exchange for remote access to a computer system.
5. Tailgating: Attackers gain physical access to a restricted area by
following an authorized person. This type of attack is often seen in
movies, where someone holds the door open for an attacker posing as a
delivery person, for example.
6. Phishing: This is one of the most common types of social engineering
attacks. Attackers send emails or messages that appear to be from a
legitimate source, such as a bank or a trusted organization, to trick
individuals into providing sensitive information like passwords or credit
card numbers.
7. Spear phishing: This is a targeted form of phishing where attackers
customize their messages for specific individuals or organizations. They
often use information gathered from social media or other sources to
make their messages more convincing.
8. Whaling: This is a type of phishing attack that targets high-profile
individuals, such as executives or celebrities. Attackers use similar tactics
as in phishing but tailor their messages to appeal to the specific target.

Social engineering attacks can be very effective because they exploit human
psychology and emotions. It's important for individuals and organizations to be
aware of these tactics and to take steps to protect themselves, such as being
cautious of unsolicited requests for information and verifying the identity of the
person making the request.

Real time example:

1. The White House Hack

 The White House became a victim of the social engineering attack even
though the intent was more mischief than malice. In the past also, many
of the attackers have tried to access the networks within the White House
but didn’t succeed. Unfortunately, on this occasion they were successful.
Posing as Jared Kushner, a key member of former President Donald
Trump’s team, the UK-based individual was able to secure the private
email address of the administration’s cybersecurity chief. If the most
powerful office in the world can be breached, it just goes to show that just
about any organization is vulnerable.
2. Twitter Bitcoin scam (2020)
The Twitter Bitcoin scam was one of this year’s recent cyberattacks,
demonstrating that even social media giants are vulnerable to
cyberattacks. Notable Twitter users with the trusted blue verification
checkmark Tweeted “double your Bitcoin” offers, informing their
followers that donations made through a specific link would be
matched.Well-known leaders, celebrities, and big companies, such as
former U.S. President Barack Obama, media billionaire Mike Bloomberg,
Apple, and others, were among the Twitter accounts affected. According
to The BBC, because the accounts targeted had millions of followers, the
bad actors received hundreds of contributions in minutes, reportedly
totaling more than $100,000 in Bitcoin. But how did cybercriminals gain
access to the accounts of so many high-profile users in one fell swoop?
Through a series of specific social engineering attacks. Malicious actors
manipulated Twitter employees to infect them with malware. They then
worked their way through Twitter’s internal systems, gaining
administrative access to many verified users’ passwords.
3.Describe the Credit Card fraud (with techniques/tools) in Mobile and
Wireless computing era with real-time examples
This era belongs to technology where technology becomes a basic part of our
lives whether in business or home which requires connectivity with the internet
and it is a big challenge to secure these units from being a sufferer of cyber-
crime. Wireless credit card processing is a tremendously new service that will
enable an individual to process credit cards electronically, virtually anywhere. It
permits corporations to process transactions from mobile locations quickly,
efficiently, and professionally and it is most regularly used via organizations
that function in general in a cellular environment. Nowadays there are some
restaurants that are using wifi processing tools for the safety of their credit card
paying customers. Credit card fraud can take place when cards are misplaced or
stolen, mails are diverted by means of criminals, employees of a commercial
enterprise steal some consumer information. Techniques of Credit Card Frauds :
1.Traditional Techniques .
• Paper-based Fraud – Paper-based fraud is whereby a criminal makes use of
stolen or faux files such as utility payments and financial institution statements
that can construct up beneficial Personally Identifiable Information (PII) to open
an account in anybody else’s name.
• Application Fraud – 1. ID THEFT: Where a person pretends to be anybody
else.
2. Financial Fraud : Where a person offers false data about his or her monetary
reputation to gather credit.
3. Modern Techniques : Skimming to Commit Fraud is a kind of crime in which
dishonest employees make unlawful copies of credit or debit cards with the help
of a ‘skimmer’. A skimmer is a gadget that captures credit card numbers and
other account information which should be personal. The data and records held
on either the magnetic stripe on the lower back of the deposit card or the records
saved on the smart chip are copied from one card to another.
Real time examples: .One recent real-life example of credit card fraud involved
a large-scale data breach at Capital One, one of the largest credit card issuers in
the United States. In July 2019, a former employee of a cloud computing
company that provided services to Capital One gained unauthorized access to
the bank's systems and obtained sensitive information belonging to over 100
million Capital One customers in the United States and Canada. The stolen data
included personal information such as names, addresses, credit scores, and
Social Security numbers, as well as bank account numbers and credit card
application data.
Dark Overlord Cybercrime Group Description: The Dark Overlord was a
cybercrime group known for targeting healthcare organizations, schools, and
other businesses to steal sensitive data, including patient records and financial
information. They would then attempt to extort money from the victims by
threatening to release the stolen data publicly. Impact: In one notable incident in
2017, The Dark Overlord targeted a healthcare organization and stole sensitive
patient records, including Social Security numbers and medical histories. They
then demanded a ransom from the organization in exchange for not releasing the
data publicly. The organization refused to pay, and The Dark Overlord
proceeded to release the stolen data, causing significant reputational and
financial damage.
4.Make a case study on cyberstalking.
Cyberstalking: Cyberstalking is the term for using the internet and other
technologies to harass or follow someone online; it may be illegal in the US.
This kind of online harassment may take many different forms, such as emails,
texts, social media postings, and more. It is frequently purposeful, persistent,
and systematic. It is a continuation of both in-person stalking and cyberbullying.
Even when the receiver tells the offender to stop or shows their disgust, the
encounters usually continue. The target is frequently exposed to unsuitable and
occasionally even upsetting information, which can make them feel afraid,
upset, nervous, and worried.
Although part of the online harassment that respondents to the poll reported was
merely bothersome behavior, over one in five Americans reported having dealt
with serious instances of online harassment. These behaviors included stalking,
physical threats, and sexual harassment.
Signs of Cyberstalking

Cyberstalking may manifest in several ways, such as receiving an excessive

number of messages, receiving inappropriate messages, having someone like all
of your previous social media postings, being tricked into communicating with
them online, or being the target of trolling. Cyberstalking is also linked to
behaviors like GPS tracking, threatening communications, online impersonality,
catfishing, and doxing..
Examples of Cyberstalking

Individuals that participate in cyberstalking employ several strategies and

tactics to intimidate, harass, and exert control over their targets. Actually, a lot
of people who engage in cyberstalking are quite tech-savvy and creative, and
they come up with a lot of different ways to harass and torture their targets.

So what is considered cyberstalking? Here are some examples of things people

who cyberstalk might do:

● Post rude, offensive, or suggestive comments online

● Follow the target online by joining the same groups and forums
● Send threatening, controlling, or lewd messages or emails to the target
● Use technology to threaten or blackmail the target
 ● Tag the target in posts excessively, even if they have nothing to do with
them
● Comment on or like everything the target posts online
● Create fake accounts to follow the target on social media
● Message the target repeatedly
● Hack into or hijack the target's online accounts
● Attempt to extort sex or explicit photos
● Send unwanted gifts or items to the target
● Release confidential information online
● Post or distribute real or fake photos of the target
● Bombard the target with sexually explicit photos of themselves
● Create fake posts designed to shame the victim
● Track the target's online movements by installing tracking devices
● Hack into the target's camera on their laptop or smartphone as a way to
secretly record them
● Continue the harassing behavior even after being asked to stop

What are the main types of cyberstalking?

Cyberstalking, like traditional stalking, can have a variety of negative

psychological and physical effects on the targets. For example, it's normal for
people who are harassed online to feel confused, afraid, and angry. They may
also experience difficulty sleeping and may report experiencing gastrointestinal
issues.

How to Prevent Cyberstalking

Taking the required safety measures to safeguard oneself online is crucial in

combating cyberstalking. There are actions you can do to strengthen your
security and lessen the chance of cyberstalking, even if it is impossible to totally
prevent it from happening.

Give priority to security

Ensuring the security of your gadgets and online accounts is the first step
towards combating cyberstalking. These are some actions you ought to think
about doing.

● Create strong passwords. Make sure you have strong passwords for all
your online accounts as well as strong passwords for your devices. Then,
set a reminder on your phone to regularly change your passwords. Choose
passwords that would be difficult to guess but are easy for you to
remember.
● Be sure to log out every time. It may seem like a pain, but make sure
you log out of email, social media accounts, and other online accounts
after using them. This way, if someone were able to get into your device
they would not have easy access to your accounts.
● Keep track of your devices. Don't leave your phone sitting on your desk
at work or walk away from an open laptop. It only takes a minute or two
for someone to install a tracking device or hack your device. So, make
sure you keep these things in your possession or that you secure them in
some way.
● Use caution on public wifi. Recognize the fact that if you use public wifi
at hotels or at the local coffee shop, you are putting yourself at risk for
hacking. Try to refrain from using public wifi or invest in VPN.
● Practice online safety habits. In other words, make it a priority to only
accept friend requests from people you know and keep your posts private.
You also should consider having one email address that is specifically for
your online activity. Use this email when you do your online shopping or
join loyalty programs.

Maintain Proper Digital Hygiene

It's crucial to maintain appropriate digital hygiene if you want to shield yourself
against cyberstalking. This indicates that you are conscious of the digital traces
you leave behind when you use the internet and that you are taking precautions
to safeguard your identity and accounts. These are some things that you ought to
be performing frequently.

● Take advantage of security settings. Go through each of your online

accounts—especially your social media accounts—and ensure that you
 are using the strongest privacy settings as possible. You can even
establish settings where people cannot tag you or post pictures of you
without your approval first.
● Create generic screen names. Rather than using your full name online,
consider developing a gender-neutral screen name or pseudonym. By
doing so, you are making it harder for people to find you online. You also
should leave the optional sections, like your date of birth or your
hometown, blank.
● Keep locations secure. Consider disabling the geolocation settings in
photos. You also should refrain from posting your location in real time
and instead post photos showing where you have been after the fact.
● Be careful with online dating sites. Refrain from using your full name
on online dating sites. You also should avoid giving out personal
information like your last name, address, email, and telephone number
until you have met in person and established a level of trust.
● Perform a social media audit. It's always a good idea to go through your
social media accounts and remove photos or posts that provide too much
information about you or that create an image you don't want out there.
Keep in mind, too, that even if you have blocked someone on social
media, they may be able to still see your account by using another
person's account or by creating a fake profile.

How to Cope With Cyberstalking

Although it might be difficult to link specific instances of cyberstalking to an

individual due to online anonymity, there are still steps you can do to improve
your safety and stop the harassment you're receiving. All the information you
require to handle cyberstalking is provided here.

Place Barricades

Putting a stop to interactions with the individual cyberstalking you is the first
step towards resolving the cyberstalking you are experiencing. Even while they
could still find a method to get in touch with you, you can at least make it more
difficult for them to do so. Attempt to erect these barriers against online
harassment.
 ● Tell the person to stop. Respond only once to the person cyberstalking
you and tell them to stop contacting you. You don't need to say anything
specific or explain your answer, just ask them to never contact you again.
● Block the person. Make sure you block the person cyberstalking you
from all your accounts. You should block them on social media and on
your smartphone.
● Refuse to respond to any contact. If the person cyberstalking continues
to find ways to contact you, do not respond to anything they post or send
you.
● Change email address and screen names. Consider getting a new email
address and changing your online screen names to make it harder for the
person cyberstalking you to reach you.

Increase Security.It's important to remember that people who engage in

cyberstalking are already crossing a number of personal boundaries in order to
make contact with you. For this reason, you need to do everything you can to
increase your safety.

You also should prepare yourself for the possibility that their online harassment
could escalate to in-person stalking. So, make sure you're also taking steps to
keep yourself safe at home, school, and work. It may even help to create
a safety plan. Here are some other things you can do:

● Change passwords. Even if your accounts have not been breeched you
should change all your passwords and continue to change them on a
regular basis.
● Consider suspending online accounts. If you are able, you should
consider suspending your social media accounts or at least taking a break
for them for a while. If you are not active online, it's harder for the person
cyberstalking you to reach you.
● Get your devices checked. Before you use your devices again you
should have them checked out by a professional to ensure the person
harassing you did not install tracking devices or hack your computer in
some way.

Act Now.It's critical to pursue legal action against the individual who is
cyberstalking you if you have requested that they cease, yet their actions persist.
This entails getting in touch with the proper authorities and gathering proof of
their deeds. It could be a good idea to have a conversation with an attorney.

These are the main issues that must be resolved before acting. If there is
anything else you can do to ensure your safety, your local law enforcement can
inform you.

● Save evidence of everything. Even though you may feel like destroying
everything, it's important to keep copies of everything the person
cyberstalking you has sent. Make a copy for yourself and a copy for law
enforcement.
● Notify your local police. It's important to notify the police and file an
official complaint if you're being cyberstalked. Even if they cannot do
anything right away, having an official complaint on file is important if
the behavior persists or escalates.
● Report them to the site or service they used. If the person cyberstalking
you harassed you through Facebook, Instagram, Twitter, Snapchat,
YouTube, Gmail, or some other method, let the appropriate authorities
know what you're experiencing. Many times, these organizations take
complaints of cyberstalking seriously and will address the matter.

Cyberstalking Laws

There are statutes that can be used to prosecute those who participate in
cyberstalking, even if there isn't a single federal law that forbids it.
Cyberstalking is a severe offense, and individuals who participate in it risk
facing harsh penalties.

For example, in these situations, the federal statute against stalking is frequently
invoked. According to this law, someone could be imprisoned for using
electronic communications technology in a way that "causes, attempts to cause,
or would be reasonably expected to cause substantial emotional distress to a
person" or that gives rise to a reasonable fear of death or serious bodily injury.

There are other federal statutes that may also be applicable in situations of
cyberstalking.If someone has been surreptitiously videotaped on their own
computer or if the criminal obtained erroneous access to the target's computer to
get explicit images or videos, they may be charged under the Computer Fraud
and Abuse Act.
Similarly, if someone publishes or threatens to publish another person's private
images or videos with the goal of pressuring them to do something against their
will, especially if the communication takes place over interstate commerce
channels like phones, computers, or the internet, that person may also be
charged with extortion.

Additionally, a legislation states that it is illegal to threaten, harass, abuse, or

bother another person by using a phone, the internet, or any other kind of
communication