Cyber Crime

Today, the world is more digitally connected than ever before. Criminals take advantage of this online
transformation to target weaknesses in online systems, networks and infrastructure. There is a massive
economic and social impact on governments, businesses and individuals worldwide. Cybercrimes know
no national borders.

The use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking
in child pornography and intellectual property, stealing identities, or violating privacy. Cybercrime,
especially through the Internet, has grown in importance as the computer has become central to
commerce, entertainment, and government.

What exactly is cybercrime?

Cybercrime refers to illegal actions using computers or the internet. Some examples of
cybercrime include:

 Stealing and selling corporate data

 Demanding payment to prevent an attack
 Installing viruses on a targeted computer
 Hacking into government or corporate computers

Types of Cyber Crimes

The different types of cyber-crimes are depicted

Cyber Theft

Computer Unauthorised
Viruses Use at work

Computer
Piracy
Worms

Hacking
  Hacking
The process of illegally gaining access to a computer Or network is known as hacking. It
involves some degree of privacy violations and also harms the computer-based properties (like
files, web pages, software, etc.). People who involve in the hacking process are known as
hackers. The main purpose of hackers is to alter the computer hardware and software to achieve
a goal which is different (often involving its unethical use) from that of the owner's actual
objects. To change or modify the old setting of a computer system without the permission of the
system owner is known as hacking. These change or modification might be the cause of drastic
damage in the computer systems or networks. Hackers, who have malicious intent, are referred
as crackers as in cracking" into computers.

Examples of Common Hacking Tactics

1) Denial of Service: This is the most common prank in networking wherein too many requests
for information are hitting to the website's equipment. By doing this, an attacker can easily block
the system, slow down the system performance or sometimes crash the site.

2) Trojan Horse: It is a program which contains malicious code (that can exploits the some
software's known weakness) and is un-known to the users.

3) Sniffers: It is the program that secretly searches the individual s data packets over the
Internet. These data packets contain the password or some other secret contents. It captures either
passwords or the entire content of the website.

4) Malicious Applets: These are the small programs that harm the Computer's resources. These
programs are normally written in java programming language.

5) Password Crackers: This software tries to guess the password.

6) War Dialing: These programs dial a large number of telephone numbers randomly to search
a modem, in order to connect with internet.

 Cyber Theft

Most of the computer crimes comprise of the theft of money by accessing the network using an
unauthorized way. They are "inside jobs” and make the fake changes in the computer databases
that track the important information of employees.

For example, the much publicized Citibank theft case of 11 million dollars in late 1994. Cyber
theft is the process of stealing important information with the use of computer or communication
system in electronic format.

For example, when hackers crack the bank's computer and transfer the money in their accounts.
So, this process of stolen money is known as cyber theft.
  Unauthorized Use at Work

For doing a good business, organisations increase the use of IT in their day-to-day work. They
provide computers and Internet connection to their employees for doing their work efficiently.
This increases their productivity but also runs at the risk of its misuse by employees. It is not
necessary that the behaviour of insiders is malicious but sometimes they misuse the
organization's resources, without any intention of causing risk or harm to the organization. They
simply do it, to complete their job on time. For example, most of the organisations ban the use
of personal computing devices for business purpose, but still some employees use the personal
laptops, to carry office work at home in weekends for completing it on time.

Insiders or employees must be made aware of the threats, so that it might reduce the risk of
insider misuse. Accessing the computer systems and network in an unauthorized way is known
as time and resource theft.

 Piracy

Piracy refers to the unauthorised and intentional copying, selling, distributing, acquiring or
transferring of entities software or any intellectual property that are not available in public
domain.

 Computer Viruses

A computer virus is a small program that copies itself into a Computer and infects it without the
knowledge of the owner.

Types of Viruses

Today, various types of computer viruses are known. Some of them are as follows:

1) File Infecting Viruses: These viruses mainly affect the executable files like * .com, *.exe,
*.drv, and *.dll files. These viruses are activated by copying themselves into the other executable
files, each and every time when infected files are opened or used. These viruses can be easily
spread out in other systems via e-mails or through file transfer system. The examples of file
infecting viruses are CIH and Jerusalem.

2) Boot Sector Viruses: These viruses hide themselves in to the boot sector (either on the
bootable disk or hard drive) of the computer. This virus does not infect the files in hard disk, but
damage the hard disk itself. These viruses can be easily transferred through physical media like
floppy disk, which is uncommon computer device at present. The examples of boot sector
viruses are Elk Cloner, Brain and Stoned.

3) Macro Viruses: Macro viruses are application specific, i.e., they infect only some specific
application for which it was created such as Microsoft Word, Excel or PowerPoint. Once the user
opens the particular application, the virus copies itself rapidly to the templates of that
application. This implies that when new document is created with the application, document will
also be infected with the macro virus. These viruses are easily spread via e-mail attachments.
The examples of macro viruses are DMV, Nuclear and Word Concept.

4) Script Viruses: These are known as script viruses because they are written in the script
programming languages such as VBScript (Visual Basic Script) and JavaScript. This virus gets
activated whenever any infected *.vbs file is double clicked. The most popular example of script
virus is ILOVEYOU which overwrites the *.jpg and *.mp3 files.

5) Direct Action Virus – When a virus attaches itself directly to a .exe or .com file and enters
the device while its execution is called a Direct Action Virus. If it gets installed in the memory, it
keeps itself hidden. It is also known as Non-Resident Virus.

6) Resident Virus – A virus which saves itself in the memory of the computer and then infects
other files and programs when its originating program is no longer working. This virus can easily
infect other files because it is hidden in the memory and is hard to be removed from the system.

7) Multipartite Virus – A virus which can attack both, the boot sector and the executable files
of an already infected computer is called a multipartite virus. If a multipartite virus attacks your
system, you are at risk of cyber threat.

8) Overwrite Virus – One of the most harmful viruses, the overwrite virus can completely
remove the existing program and replace it with the malicious code by overwriting it. Gradually
it can completely replace the host’s programming code with the harmful code.

9) Polymorphic Virus – Spread through spam and infected websites, the polymorphic virus are
file infectors which are complex and are tough to detect. They create a modified or morphed
version of the existing program and infect the system and retain the original code.
How do you prevent computer viruses?

Here are some steps that can help you prevent a virus infection:

 Install current antimalware software and keep the software and definitions up to date.

 Use the antimalware software to run daily scans.

 Disable auto run to prevent viruses from propagating to media connected to the system.

 Regularly patch the OS and applications installed on the computer.

 Don't click web links or open attachments in email from unknown senders.

 Don't download files from the internet from unknown senders or untrustworthy sites.

 Install a hardware-based firewall.

 COMPUTER WORMS

A computer worm is a type of harmful software that copy itself and spread from one computer

to another without requiring any user intervention. It’s like a sickness that can move through a

network of computers, searching for weaknesses to infect. Worms often spread through email

attachments that may seem safe, but they can actually cause a lot of trouble. Once a computer

is infected, the worm can send itself to the person’s contacts, using their email account. This

way, it keeps spreading to more and more computers.

Computer worms are classified based on the way they are distributed in the systems. Some are

explained below.
 1. Email Worms
 The email box is used as a client by the worm. The mail has infected link or attachment

which once opened downloads the worm. This worm searches the email contacts of the

infected system and sends links so that those systems are also destroyed. These worms have

double extensions like mp4 or video extensions so that the user believes it to be media

extensions. These worms do not have a downloadable link but a short link to open the

same. The link is clicked and the worm is downloaded, it either deletes the data or modifies

the same and the network is destroyed. An example of an email worm is ILOVEYOU

worm which infected computers in 2000.

 2. Internet Worms
 Internet is used as a medium to search other machines vulnerable and affect them. Those

systems where the antiviruses are not installed are affected easily with these worms. Once

the machines are located they are infected and the same process is started all over again in

those systems. This is used to check the recent updates and security measures if the system

hasn’t installed any. The worm spreads through the internet or local area network

connections.

 3. File-Sharing Network Worms

 When a file from an unknown source is downloaded, the file may have worm which locates

a shared folder and destroys other files. When another system downloads file from the

same network, the worm locates that system as well and is replicated. And the process is

repeated for all the systems in the network. These worms are media or other extensions and

hence users can easily download the same thinking that they are an extension of the files. A

worm ‘Phatbot’ infected computers in 2004 through sharing files. This worm has stolen
 personal information such as credit card details and destroyed many systems on an

unprecedented scale.

 4. Instant Message and Chat Room Worms

 These worms work as email worms as the contacts from chat rooms are taken and messages

are sent to those contacts. Once the contact accepts the invitation and opens the message or

link, the system is infected. The worms have either links to open websites or attachments to

download. These worms are not as effective as other worms. Users can destroy these

worms by changing the password and deleting the messages.

 5. IRC Worms
 The application Internet Relay Chat was a messaging application that was a trend once.

IRC worms worked in the way email and Instant Message worms and destroyed the

systems in the contact list of IRC application.

 Once you feel that your system has a worm, it is very important to run a security scan and

identify the same. Only the best antivirus software can help you with the same. The

applications must be always updated to avoid vulnerabilities. Unknown links should be

avoided by all means.

How To Prevent Computer Worm Infections ?

1. Keep your software updated and use strong passwords
2. Enable and properly configure firewalls on your computer and network devices.
3. Be cautious with email when dealing with email attachments and links.
4. Practice safe web browsing by avoiding clicking on suspicious advertisements or pop-up
windows.
5. Install and keep updated a reliable antivirus or anti-malware software.
1. Firewalls
As we know, the firewall is the core of security tools, and it becomes one of the most important
security tools. Its job is to prevent unauthorized access to or from a private network. It can be
implemented as hardware, software, or a combination of both. The firewalls are used to prevent
unauthorized internet users from accessing private networks connected to the Internet. All
messages are entering or leaving the intranet pass through the firewall. The firewall examines
each message and blocks those messages that do not meet the specified security criteria.

2. Antivirus Software
Antivirus software is a program which is designed to prevent, detect, and remove viruses and
other malware attacks on the individual computer, networks, and IT systems. It also protects our
computers and networks from the variety of threats and viruses such as Trojan horses, worms,
keyloggers, browser hijackers, rootkits, spyware, botnets, adware, and ransomware. Most
antivirus program comes with an auto-update feature and enabling the system to check for new
viruses and threats regularly. It provides some additional services such as scanning emails to
ensure that they are free from malicious attachments and web links.

3. PKI Services
PKI stands for Public Key Infrastructure. This tool supports the distribution and identification of
public encryption keys. It enables users and computer systems to securely exchange data over the
internet and verify the identity of the other party. We can also exchange sensitive information
without PKI, but in that case, there would be no assurance of the authentication of the other
party.

4. Managed Detection and Response Service (MDR)

Today's cybercriminals and hackers used more advanced techniques and software to breach
organization security So, there is a necessity for every businesses to be used more powerful
forms of defences of cybersecurity. MDR is an advanced security service that provides threat
hunting, threat intelligence, security monitoring, incident analysis, and incident response. It is a
service that arises from the need for organizations (who has a lack of resources) to be more
aware of risks and improve their ability to detect and respond to threats. MDR also uses
Artificial Intelligence and machine learning to investigate, auto detect threats, and orchestrate
response for faster result.

5. Penetration Testing
Penetration testing, or pen-test, is an important way to evaluate our business's security systems
and security of an IT infrastructure by safely trying to exploit vulnerabilities. These
vulnerabilities exist in operating systems, services and application, improper configurations or
risky end-user behavior. In Penetration testing, cybersecurity professionals will use the same
techniques and processes utilized by criminal hackers to check for potential threats and areas of
weakness.

6. Staff Training
Staff training is not a 'cybersecurity tool' but ultimately, having knowledgeable employees who
understand the cybersecurity which is one of the strongest forms of defence against cyber-
attacks. Today's many training tools available that can educate company's staff about the best
cybersecurity practices. Every business can organize these training tools to educate their
employee who can understand their role in cybersecurity
 “TYPES OF CYBER CRIME”

What are the effects of cybercrime?

Attacks caused by cybercriminals can leave a significant financial and social impact on
governments, businesses, and individuals. Other effects of cybercrime on businesses can include
damage to the brand's reputation, legal consequences of a data breach, and loss of sensitive data.