CYBER SECURITY

CYBER CRIME
AND
TYPES OF
CYBERCRIME

PERIOD-01
 Cyber crime
Cybercrime is a crime that
involves a computer and a
network. The computer may have
been used in the commissioning
of a crime, or it may be the
target. Cybercrime may harm
someone's security and financial
health
Cybercrime can be defined as
“The illegal usage of any
communication device to commit
or facilitate in committing any
illegal act”.
In short – crime done on net
 DATA SCALES IN UNIT
Abn Unit Value Size (in bytes)
B BIT 0 or 1 1/8 of a byte
B BYTES 8 bits 1 byte
KB KILOBYTES 1,000 bytes 1,000 bytes
MB MEGABYTE 1,000² bytes 1,000,000 bytes
GB GIGABYTE 1,000³ bytes 1,000,000,000 bytes
TB TERABYTE 1,000⁴ bytes 1,000,000,000,000 bytes
PB PETABYTE 1,000⁵ bytes 1,000,000,000,000,000 bytes
EB EXABYTE 1,000⁶ bytes 1,000,000,000,000,000,000 bytes
ZB ZETTABYTE 1,000⁷ bytes 1,000,000,000,000,000,000,000 bytes
7
YB YOTTABYTE 1,000⁸ bytes 1,000,000,000,000,000,000,000,000
 DATA IN A DAY
500 million tweets are sent
294 billion emails are sent
4 petabytes of data created on
facebook
4 terabytes of data created from
each connected car
65 billion messages sent on
whatsapp
5 billion searches made

By 2025, it’s estimated that 463 exabytes of data will be

created each day globally – that’s the equivalent of 212,765,957
dvds per day!
 Sources of Cyber Crimes
• National governments
• Terrorists
• Industrial spies
• Organized crime groups
• Hacktivists and hackers
• Business competitors
• Disgruntled insiders
 MOTIVES OF CYBER CRIME
Financial gain
Competition
Political
Learning
Fame
Ego
Revenge
 TYPES OF CYBER CRIMES
 Hacking
 Malware
 Virus
 Worms
 Trojan
 Ransomware
 Spyware
 Adware
 Scareware
 TYPES OF CYBER CRIMES
 DOS (denial of service)
 DDOS
 Salami attack
 Computer vandalism
 Cyber terrorism
 Session hijacking
 Key loggers
 Phishing
 TYPES OF CYBER CRIMES
 Sniffing
 Social engineering
 Rootkit
 Bots
 Password crackers
 Scanner
 Backdoors
 Sql injection
ANY QUESTION

?
 CYBER SECURITY

CYBER CRIME
AND
TYPES OF
CYBERCRIME

PERIOD-02
 HACKING
• Illegal intrusion into a
computer system/ network

• This can be as simple as

figuring out somebody else's
password or as complex as
writing a custom program to
break another computer's
security software.

•Government websites are the hot targets of the hackers

due to the press coverage, it receives.
 TYPE OF HACKERS
 Ethical hacker
 Black hat
 Grey hat
 Elite hacker
 Script kiddie
 Neophyte
 Blue hat
 Hackvitist
 ETHICAL HACKER
 A certified hacking professional.
 Finds out vulnerability of the
network.
 Carries out non destructive
offensive action (pen test) with
the help of specified tools.
 Gives a detail report on the
vulnerabilities found in the
network and preventive action
required.
 Always carries out the
penetration testing with written
permission of the department.
 BLACK HAT
A hacker who "violates computer
security for little reason beyond
maliciousness or for personal
gain" .
Form the stereotypical, illegal
hacking groups
Break into secure networks to
destroy, modify, or steal data; or
to make the network unusable for
those who are authorized to use
the network.
Also referred to as the "crackers"
 GREY HAT
Lies between a black hat and a
white hat hacker.

May surf the internet and hack

into a computer system for the
sole purpose of notifying the
administrator that their system
has a security defect.

Sometimes find the defect of a

system and publish the facts to
the world instead of a group of
people.
 ELITE HACKER
Elite is used to describe the most skilled, a  social
status .  
Circulate newly discovered exploits among hackers.
Groups such as masters of deception confer a kind of
credibility on their members.

SCRIPT KIDDIE
Also known as a skid or skiddie
Unskilled hacker who breaks into computer systems by
using programs/ automated tools written by others
 HACKERs
NEOPHYTE
 Newbie, or "noob“
 New to hacking
 Has almost no knowledge or experience of the workings
of technology and hacking.

BLUE HAT
Someone outside computer security consulting firms
Used to bug-test a system prior to its launch
Look for exploits so they can be closed. 
 HACKTIVIST
A hacker who utilizes technology to publicize a social,
ideological, religious or political message.

• Can be divided into two main groups:

1.Cyberterrorism — activities involving website
defacement or denial-of-service attacks
2. Freedom of information — making information that is
not public, or is public in non-machine-readable formats,
accessible to the public.
ANY QUESTION

?
 CYBER SECURITY

CYBER CRIME
AND
TYPES OF
CYBERCRIME

PERIOD-03
 Malware
 Malware- malicious software e.g.
 Computer viruses, 
 Worms, 
 Trojan horses, 
 Ransom ware, 
 Spyware, 
 Adware, 
 Scareware &
 Other malicious programs.
 Purpose---
 Designed to infect computers and systems
 Steal critical info
 Delete applications, drives and files
 Convert computers into an asset for an outsider or attacker
 Monitoring your actions and keystrokes
 Virus
Computer prgm
Requires a host prgm
When the prgm runs, the virus
is executed
When executed, it replicates
Modifies other prgms/ apps
Corrupts or modify files
 VIRUS BEHAVIOUR
Dormant Phase:
 The virus is idle.

The virus is eventually be activated by some event,

such as a date, the presence of another program or
file, or the capacity of disk exceeding some limit.

Not all viruses have this phase.

 VIRUS BEHAVIOUR

INFECTION PHASE:

When the virus executes it will infect other programs.

What is often not clearly understood is precisely when it

will infect the other programs.

Some viruses infect other programs each time they are

executed, other viruses infect only upon a certain trigger.
 VIRUS BEHAVIOUR

Execution phase:
 Many viruses do unpleasant things such as
deleting files or changing random data on your disk,
simulating types or merely slowing your PC down;

 Some viruses do less harmful things such as

playing music or creating messages or animation
on your screen.
 WORMS
 Standalone malware comp prgm.
 Does not need a host prgm like
virus.
 Replicates in order to spread to
other comps.
 Uses comp network to spread.

 Uncontrolled replication.
 Harms to network by increasing
traffic.
 Trojans
• Misled user of its true intent
• Backdoor unauthorized access

• May contact c2 server for

instructions.

• May spy, steal info, log key

strokes & download other
malware
 Ransom ware
 Data on a victim's computer is locked
by encryption.
 Payment is demanded before the
ransomed data is decrypted and
access returned to the victim. 
 The motive for ransomware attacks is
nearly always monetary, and unlike
other types of attacks, the victim is
usually notified that an exploit has
occurred and is given instructions for
how to recover from the attack.

 Payment is often demanded in a virtual currency, such as bitcoin, so

that the cybercriminal's identity isn't known.
 Spyware
Spyware is unwanted software
that infiltrates your computing
device, stealing your internet
usage data and sensitive
information

Aims to gather information about

a person or organization and
send such information to another
entity
 Adware
 Advertising-supported software that
generates revenue for its developer by
automatically generating online
advertisements.

 The software may generate two types of

revenue:
1. one is for the display of the
advertisement
2. another on a "pay-per-click" basis, if
the user clicks on the advertisement.

Some advertisements also act as spyware, collecting and reporting data

about the user, to be sold or used for targeted advertising or user profiling.

All forms of advertising carry health, ethical, privacy and security risks for

users.
 Scareware
Uses social engineering to
cause shock, anxiety, or the perception
of a threat in order to manipulate users
into buying unwanted software

Tricks users into believing their

computer is infected with a virus, then
suggests that they download and pay
for a fake malware removal tool that
actually installs malware on their
computer

The "scareware" label can also apply to any application or virus

which is designed to instill victims with anxiety and/or panic.
ANY QUESTION

?
 CYBER SECURITY

CYBER CRIME
AND
TYPES OF
CYBERCRIME

PERIOD-04
 DOS Attack
A Denial-of-Service (DoS) attack is an attack meant to shut
down a machine or network, making it inaccessible to its
intended users.
DoS attacks accomplish this by flooding the target with
traffic, or sending it information that triggers a crash.
 DDOS Attack
Distributed denial of service
(DDoS) attacks are a subclass
of denial of service (DoS)
attacks.

A DDoS attack involves
multiple connected online
devices, collectively known as
a botnet, which are used to
overwhelm a target website
with fake traffic.

This can make DDoS extremely destructive to any online organization.

 Salami Attack or Salami Slicing
Series of minor attacks
that together results in a
larger attack.

Often go unnoticed.

E.g. Small amount deductions like Rs.0.5/- per month from

the account of many and deposit the same in one account
 Computer Vandalism

Intension is to destroy victim’s

resources, rather than stealing
them.

Computer vandalism is a process

wherein there is a program that
performs malicious function such
as extracting a user's password
or other data or erasing the hard
disk.
 Cyber terrorism
Use of the Internet to conduct
violent acts that result in, or
threaten, loss of life or significant
bodily harm, in order to achieve
political gains through intimidation. 

Internet terrorism - large-scale

disruption of computer networks by
means of malicious software and
hardware.
 Session hijacking or Cookie hijacking

 Taking over a Web user session by secretly obtaining the session

ID and masquerading as the authorized user.
 Do anything the user is authorized to do on the network.
 The session ID is normally stored within a cookie or URL. 
 Key loggers
Hardware device or small program.
Monitors each keystroke a user types on a specific computer's
keyboard.
Easy to hide and plug with keyboard.
 SOCIAL ENGINEERING
a broad range of malicious activities
accomplished through human
interactions.

 It uses psychological manipulation to

trick users into making security
mistakes or giving away sensitive
information.

example-Phishing, fake websites

ANY QUESTION

?
 CYBER SECURITY

CYBER CRIME
AND
TYPES OF
CYBERCRIME

PERIOD-05
 PHISHING
Type of social engg.
Fraudulently obtaining sensitive
information
Most common attack
Email, sms, page hijacking etc
 SNIFFERS
Tapping of phone.

An app aimed at capturing network

packets while tx

Theft or interception of data by

capturing network traffic

Monitoring and capturing network

packets.
a type of networking tool that is able to inspect packets of data
traveling through a network.
Sniffers may either be special software created to capture data
packets or a physical hardware device that is connected directly to
a network.
 ROOTKIT
Collection of malicious comp
softwares.
To get unauthorized access of a
comp or its software.
Rootkit installation can be
automated, or an attacker can
install it once they've obtained
root or administrator access
Actively avoids detection

Has the ability to hide & change appearance

Can turn off system restore, anti-virus, anti spyware prgms
 BOTS OR ZOMBIES

A “bot” is a computer infected

with certain malware and
controlled remotely without the
knowledge of the user
Combined into networks called
botnets
Botnet - a large number of
compromised computers that are
used to generate spam, relay
viruses or flood a network or web
server with excessive requests to
cause it to fail.
Botnets rented or sold to
criminals
 Password Crackers

 Some actually try to decrypt....

 Most simply try “brute force” or

intelligent “brute force”

 SCANNERS

 Programs that
automatically detect
security weaknesses in
remote or local hosts.
 SQL Injection
Code injection technique  
Attack data-driven applications
Malicious SQL statements are
inserted into an entry field for
execution (e.g. to dump the
database contents to the attacker)
Exploit a security vulnerability in
an application's software
Attacker can execute malicious
SQL statements that control a web
application’s database server
Thank you
Cyber Security Is Everyone’s Responsibility