Unit II: Cyber Crime

Cyber World, Cyber crime, Methods and Taxonomy of Cyber Attacks, reason behind cyber crime,
Role playing factors responsible for cyber crimec
The Cyber World
The Cyber World, or cyberspace, is more than just the Internet. It refers to an online environment where many
participants are involved in social interactions and have the ability to affect and influence each other. People
interact in cyberspace through the use of digital media. Examples of cyberspace interactions are: Create media,
share media and consume media.
The Cyber World
(History)
In 1984, Wiliam Gibson published his science fiction book – Necromancer, which describes an online world of
computers and elements of the society who use these computers. The word cyberspace first appeared in this
book.
According to him, cyberspace looked like a physical space but was actually a computer generated construction.
Also, it represented abstract data.
The book caught the imagination of many writers and in 1986, major English language dictionaries introduced
the word ‘cyberspace’. According to the New Oxford Dictionary of English, ‘CyberSpace’ is the notional
environment in which people communicate over computer networks.
The Cyber World
Characteristics of Cyberspace
When people are online, most of them engage in activities that leave a digital footprint. A digital footprint
refers to all information found online about a person; it is either posted by that person or others, intentionally
or unintentionally. This information leaves a permanent mark as it can be easily retraced, retrieved and passed
on by others. The digital footprint can be used by potential employers and universities looking for information
on their potential employees and students. The following infographic shows the characteristics of cyberspace
and its impact:
The Cyber World
Characteristics of Cyberspace
Since cyberspace is a virtual space, it has no boundaries, mass, or gravity. It simply represents the
interconnected space between computers, systems, and other networks.
It exists in the form of bits and bytes – zeroes and ones (0’s and 1’s). In fact, the entire cyberspace is a dynamic
environment of 0’s and 1’s which changes every second. These are simply electronic impulses. Also, it is an
imaginary location where the words of two parties meet in conversation.
Cyber Crime
Cybercrime is any criminal activity that involves a computer, networked device or a network. While most
cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out
against computers or devices directly to damage or disable them, while others use computers or networks to
spread malware, illegal information, images or other materials. Some cybercrimes do both -- i.e., target computers
to infect them with a computer virus, which is then spread to other machines and, sometimes, entire networks.
A primary effect of cybercrime is financial; cybercrime can include many different types of profit-driven criminal
activity, including ransomware attacks, email and internet fraud, and identity fraud, as well as attempts to steal
financial account, credit card or other payment card information.
Cybercriminals may also target an individual's private information, as well as corporate data for theft and resale.
As many workers settle into remote work routines due to the pandemic, cybercrimes are expected to grow in
frequency in 2021, making it especially important to protect backup data.
Cyber Crime
Defining cybercrime

The U.S. Department of Justice (DOJ) divides cybercrime into three categories:
crimes in which the computing device is the target -- for example, to gain network access;
crimes in which the computer is used as a weapon -- for example, to launch a denial-of-service (DoS) attack; and
crimes in which the computer is used as an accessory to a crime -- for example, using a computer to store illegally
obtained data.
Cyber Crime
Indian IT Act 2000:
Cybercrime in a narrow sense (computer crime):
Any illegal behavior directed by means of electronic operations that targets the security of computer systems and
the data processed by them.

Cybercrime in a broader sense (computer-related crime):

Any illegal behavior committed by means of, or in relation to, a computer system or network, including such
crimes as illegal possession and offering or distributing information by means of a computer system or network.
Any contract for the sale or conveyance of immovable property or any interest in such property;
Any such class of documents or transactions as may be notified by the Central Government Confidential.
Cyber Attack Classification
CLASSIFICATION RESPONSIBLE AGENT ATTACK EFFECT
EQUIVALENCY
Cyber Attack - -
[generic]
Cyber Warfare State war act
[includes Cyber Espionage, Cyber [nation]
Sabotage]
Cyber Crime Non-State criminal act
(individual/organization)
Cyber Terrorism Non-State terrorism act
(individual/organization)
Types of Cyber Attacks: Web-based
attacks
Web-based attacks
These are the attacks which occur on a website or web applications. Some of the important web-based attacks are
as follows-

1. Injection attacks
It is the attack in which some data will be injected into a web application to manipulate the application and fetch
the required information. Example- SQL Injection, code Injection, log Injection, XML Injection etc.

2. DNS Spoofing
DNS Spoofing is a type of computer security hacking. Whereby a data is introduced into a DNS resolver's cache
causing the name server to return an incorrect IP address, diverting traffic to the attacker?s computer or any other
computer. The DNS spoofing attacks can go on for a long period of time without being detected and can cause
serious security issues.
Types of Cyber Attacks: Web-based
attacks
3. Session Hijacking
It is a security attack on a user session over a protected network. Web applications create cookies to store
the state and user sessions. By stealing the cookies, an attacker can have access to all of the user data.

4. Phishing
Phishing is a type of attack which attempts to steal sensitive information like user login credentials and
credit card number. It occurs when an attacker is masquerading as a trustworthy entity in electronic
communication.

5. Brute force
It is a type of attack which uses a trial and error method. This attack generates a large number of guesses
and validates them to obtain actual data like user password and personal identification number. This
attack may be used by criminals to crack encrypted data, or by security, analysts to test an organization's
network security.
Types of Cyber Attacks: Web-based
attacks
6. Denial of Service
It is an attack which meant to make a server or network resource unavailable to the users. It accomplishes this by
flooding the target with traffic or sending it information that triggers a crash. It uses the single system and single
internet connection to attack a server. It can be classified into the following-
Volume-based attacks- Its goal is to saturate the bandwidth of the attacked site, and is measured in bit per second.
Protocol attacks- It consumes actual server resources, and is measured in a packet.
Application layer attacks- Its goal is to crash the web server and is measured in request per second.

7. Dictionary attacks
This type of attack stored the list of a commonly used password and validated them to get original password.

8. URL Interpretation
It is a type of attack where we can change the certain parts of a URL, and one can make a web server to deliver
web pages for which he is not authorized to browse.
Types of Cyber Attacks: Web-based
attacks
9. File Inclusion attacks
It is a type of attack that allows an attacker to access unauthorized or essential files which is
available on the web server or to execute malicious files on the web server by making use of the
include functionality.

10. Man in the middle attacks

It is a type of attack that allows an attacker to intercepts the connection between client and server and
acts as a bridge between them. Due to this, an attacker will be able to read, insert and modify the
data in the intercepted connection.
Types of Cyber Attacks: System-based
attacks
1. Virus
It is a type of malicious software program that spread throughout the computer files without the knowledge
of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into
other computer programs when executed. It can also execute instructions that cause harm to the system.

2. Worm
It is a type of malware whose primary function is to replicate itself to spread to uninfected computers. It
works same as the computer virus. Worms often originate from email attachments that appear to be from
trusted senders.

3. Trojan horse
It is a malicious program that occurs unexpected changes to computer setting and unusual activity, even
when the computer should be idle. It misleads the user of its true intent. It appears to be a normal
application but when opened/executed some malicious code will run in the background.
Types of Cyber Attacks: System-based
attacks
4. Backdoors
It is a method that bypasses the normal authentication process. A developer may create a backdoor so
that an application or operating system can be accessed for troubleshooting or other purposes.

5. Bots
A bot (short for "robot") is an automated process that interacts with other network services. Some
bots program run automatically, while others only execute commands when they receive specific
input. Common examples of bots program are the crawler, chatroom bots, and malicious bots.
Cyber Attack Malware Taxonomy

MALWARE REQUIRES SELF- APPEARS CAN CARRY CAN CAN

TYPE HOST FILE SPREADING LEGITIMAT HARMFUL COMMO ATTACK OS
TO INFECT? ? E PAYLOAD? WITH KERNEL &
(HARMLESS COMMAND FIRMWARE?
)? & CONTROL
SERVER?
Virus ✔ ❌ N/A ✔ N/A ❌
Worm ❌ ✔ N/A ✔ N/A ❌
Trojan ✔ ❌ ✔ ✔ N/A ❌
Bots/Botnet N/A N/A N/A ✔ ✔ ❌
Spyware ❌ ❌ N/A ❌ ✔ ❌
Rootkit N/A N/A N/A ❌ N/A ❌
Blended Threat ✔ ✔ ✔ ✔ ✔ ✔
Reason Behind Cyber Crime
Easy to access – The problem behind safeguarding a computer system from
unauthorized access is that there are many possibilities of breach due to the complex
technology. Hackers can steal access codes, retina images, advanced voice recorders,
etc. that can fool biometric systems easily and bypass firewalls can be utilized to get
past many security systems.
Capacity to store data in comparatively small space – The computer has the unique
characteristic of storing data in a very small space. This makes it a lot easier for the
people to steal data from any other storage and use it for their own profit.
Complex – The computers run on operating systems and these operating systems are
programmed of millions of codes. The human mind is imperfect, so they can do
mistakes at any stage. Cybercriminals take advantage of these gaps.
Reason Behind Cyber Crime
Negligence – Negligence is one of the characteristics of human conduct. So, there
may be a possibility that protecting the computer system we may make any
negligence which provides cyber-criminal access and control over the computer
system.
Loss of evidence – The data related to the crime can be easily destroyed. So, Loss of
evidence has become a very common & obvious problem which paralyzes the system
behind the investigation of cyber-crime.
Role playing factors responsible for
cyber crime
1. Disgruntled Employees
Read Write Web claim that employees (not hackers) are the biggest threat to security.
This is backed up by a survey conducted by Ponemon Institute, which stated that
59% of ex-employees use their insider information to “get a new job, start their own
business or for revenge“. They can steal data simply by transmitting data files over
the internet, photocopying and distributing documents, and using their knowledge
they have gained whilst working for a company.
Role playing factors responsible for
cyber crime
2. Publicity
Some hackers (whether they are individuals or members of a group) will target big
branded website, knowing that they’ll cause huge amounts of publicity if they can get
away with it. Attacks on retailers, police forces and government websites have led to
the recognition of hacker groups such as Lulzsec and Anonymous who can now lay
their claim to attacking Sony, NHS, CIA and the US Senate websites, amongst many
others.
Role playing factors responsible for
cyber crime
3. Power
Cyber criminals look for a weakness within a target’s people, system, or network, and
then extract and transmit the data to other hackers. This may include conducting
research on the company’s employees and infrastructure. Many hackers are hard to
trace, which means that the majority get away with defacing websites and stealing
data. The power hackers have, knowing that they are untraceable, and unstoppable is
an attraction for many, encouraging them to repeatedly attack.
Role playing factors responsible for
cyber crime
4. Revenge
This is linked closely to the first point of disgruntled employees. Many hackers will attack a
website if they have reason to be annoyed with the organisation or brand. Either for
political reasons, beliefs, or personal grudges, hackers can use cyber attacks as a way of
getting their voices heard.
5. Freedom
Hacker culls such as Anonymous claim that they fight for freedom and that all the work
they do is to stop people controlling them. However, there is some confusion as to what
Anonymous is all about. The cull profess that they hack as a way of fighting for freedom,
and yet they steal other people’s data which removes the anonymity of innocent people.
This confusion has led to several hackers dropping out of Anonymous.
Cyber Crime Trends In India
Cyber Crime Trends In India
Cyber crime can be categorised into :

Cyber crime against person

Cyber crime against property
Cyber crime against government
Cyber crime against society
1. Cyber crime against person
Cyberstalking: The term stalking means unwanted or obsessive attention by an
individual or group towards another person. Cyberstalking refers to threat that is
created through the use of computer technology such as Internet, e-mails, SMS,
webcams, phones calls, websites or even videos.
Cybercrime Hacking : This means gaining unauthorised access over computer
system with the intent of personal gain or misuse. It generally destroys the whole
data present in computer system. Screenshot shows message that hacker can post
once your system is compromised.
1. Cyber crime against person
Cracking : Cracking refers to digitally removing the copy write protection code that
prevents copied or pirated software from running on computers that haven’t been
authorised to run it by the vendor of the software. The person who carries out this
task if called as Cracker.
Defamation : It involves action of damaging the good reputation of someone using
computer or electronic service as medium. For eg., Posting vulgar message and/or
photos about a person on his/her social network profile such as facebook, twitter etc.
1. Cyber crime against person
Online fraud : This refers to acts of stealing confidential details of victim such as
banking credentials using phishing sites and thereafter withdrawing money from
victims account, online lottery scams such as nigeria lottery scams. Screenshot shows
online lottery scam claiming that you have won $ 5,00,000 amount!
1. Cyber crime against person
Child pornography: This involves the use of electronic device and services to create, distribute or access
materials that sexually exploit minor children. For eg., Recording heinous act done with child on mobile device
and distributing on porn site.

Spoofing: The term spoofing means imitate something while exaggerating its characteristic features with some
personal gain or profit. Spoofing of user identity can be described as a situation in which one person or program
successfully masquerades (means pretending to be someone one is not) as another by falsifying data. Spoofing
can be done using email or SMS or WhatApp. For eg.,Constantly mailing a person claiming from bank and
requesting banking credentials. Screenshot shows hacker claiming to be from WhatsApp and sending an
attachment
2. Cyber crime against Property
Transmitting virus: A computer virus is a malware program that reproduces itself into another computer
programs, disk drive, files or booting sector of hard drive. Once this replication of so called virus is
succeeded the areas affected are termed as “infected”. Hacker generally transmit virus to target system
using email attachment as medium. When victim opens the attachment (which is infected with virus) this
virus gets replicated throughout the system and thereby slowing down your system.

Cyber Squatting: The term squatting means unlawfully occupying an uninhabited place. Cyber
Squatting is where two or more persons claim for the same Domain Name or any service available on
Internet such as facebook profile etc. The hacker claims that he/she had first registered the name before
other person or he/she is the owner for twitter handle.
For eg., the first case in India registered for cybersquatting was Yahoo Inc. v/s, Aakash Arora, in 1999
where the defendant launched a YahooIndia.com website nearly identical to the plaintiff’s popular website
Yahoo.com and also provided almost similar services. However, the court ruled in favour of Yahoo Inc.
2. Cyber crime against Property
Cyber Vandalism: Vandalism refers to action involving deliberate destruction or damage of public or private
property. Cyber vandalism means destroying or damaging the data when a network service is unavailable.
For eg., The Tribune of Pakistan had reported in November 2012 that hackers (group named as ‘eboz’ in Pakistan)
replaced Google’s Pakistan logo with a picture of two penguins walking up a bridge at sunset.

Intellectual Property Crimes: Intellectual property are intangible property that is the result of creativity such as
copyrights, trademark, patent etc. Intellectual Property Right (IPR) crime is any unlawful act by which the owner
is deprived of his/her rights completely or partially. These are the most common offence occurring in India and
includes software piracy, infringement of patents, designs, trademark, copyright, theft of source code etc.
For eg., The popular case of trademark of Bikanervala v/s New Bikanerwala filed in 2005. The plaintiff (here
Bikanervala) had filed IPR case with defendant (here New Bikanerwala) since they were running new outlet in
Delhi by using trademark registered with plaintiff. The court had allowed plaintiff’s application and the defendant
was restrained by means of an ad interim injunction.
3. Cybercrime against government
Cyber Warfare: Cyberwarfare is an Internet-based conflict that involves politically motivated attacks on information
and its related systems. It can disable official websites and networks, disrupt or even disable essential services such as
Internet connection, steal or alter classified data such as sensex details on official website, and cripple financial
systems such as blocking payment gateways.

For eg., National Security Agency (NSA) of US spying on large scale on many countries. This spying was blown up
by former NSA agent Edward Snowden.

Cyber Terrorism: Cyber Terrorism is politically motivated use of computers and information technology to cause
severe disruption or widespread fear amongst people.

For eg., the recent example of 2015 dimapur mob lynching rape accused is due to outspread of message on chatting
app called Whatsapp amount locals of Dimapur district in Nagaland.
4. Cybercrime against society at large
Online Gambling: The term gambling means involving in activities that allow chance for
money. Online gambling is one of the most lucrative businesses that is growing today in
the list of cybercrimes in India. It is also known as Internet gambling or iGambling. The
cybercrime incident such as online lottery scam (particularly those of Nigeria lottery
scam), online jobs i.e. work from remote location etc.

Cyber Trafficking: The term trafficking means dealing or involving in trade activities
that is considered to be illegal and is prohibited by cybercrime law. Cyber Trafficking
refers to unlawful activities carried out using computer and/or computer services. For eg.,
selling kidnapped child to human trafficking group using WhatsApp as medium.