CS Unit-1

Department
Department of Computer
of Computer Science&
Science & Engineering
Engineering
Regulation-R18
Regulation-R18
A.Y: 2022-23 Sem-I
A.Y: 2022-23 Sem-I
UNIT-I
III Year CSE
Subject: Fundamentals of Cyber Security
(18MC0CS02)
Prepared by
Mr. P. HARI SHANKAR,
Assistant Professor - CSE.
Fundamentals of Cyber
Security
UNIT-I
• Introduction to Cyber Security: Basic Cyber Security Concepts, Motive
of
Attackers, Active Attacks, Passive Attacks, Cyber Crime and
Information Security, Computer Criminals,
• Defamation,
Classification Internet Time Threat,
of Cyber Crimes: Salami
E-mailAttack, Data Diddling,
Spoofing, Spamming,
Web Jacking, Newsgroup Spam, Industrial Espionage, Hacking, Online
Forgery,
Cyber Software Piracy, Computer Sabotage, Email Bombing, Usenet
Frauds,
Newsgroup as The Source Of Cybercrimes, Computer Network
Intrusions, Password Sniffing, Identity Theft,
• Cyber Threats-cyber Warfare, Cia Traid
Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

UNIT Introduction to Cyber Security
🠶-IBasic Cyber Security Concepts
🠶 Cybercrime: Definition and Origins of the Word
🠶 The definitions of computer crime:
🠶 1. Any illegal act where a special knowledge of com pu ter technology is essential for its
perpetration, investigation or prosecution.
🠶 2. Any traditional crime that has acquired a new dimension or order of magnitude through
the aid of a computer, and abuses that have come into being because of computers.
🠶 3. Any financial dishonesty that takes place in a computer environment.
🠶 4. Any threats to the computer itself, s u c h as theft of hardware or software, sabotage and
demands for ransom.
🠶 The term “cybercrime” relates to a number of other terms s u c h as:
• Computer-related crime
• Computer crime
• Internet crime
• E-crime
• High-tech crime
🠶-IMotive of Attackers
🠶 Two types of attack are prevalent in cybercrimes:
🠶 1. Techno-crime: A premeditated act against a system or systems, with the intent to copy,
steal, prevent access, corrupt or otherwise deface or damage parts of or the complete
computer system.
🠶 2. Techno-vandalism: These acts of “brainless” defacement of websites and/or other
activities, s uc h as copying files and publicizing their contents publicly, are usually
opportunistic in nature.
🠶 Cybercrimes differ from most terrestrial crimes in four ways:

(a)How to commit them is easier to learn
(b)They require few resources relative to the potential damage caused
(c)They can be committed in a jurisdiction without being physically present in it
(d)They are often not clearly illegal.

🠶 How cybercrimes are planned and how they actually take place
• Cyberterrorists usually use computer as a tool, target or both for their
unlawful act to gain information.
• Internet is one of the means by which the offenders can gain priced sensitive
information of companies, firms, individuals, banks and can lead to
intellectual property (IP), selling illegal articles, pornography/child
pornography, etc.
• This is done using:
 Phishing, Spoofing, Pharming, Internet Phishing, wire transfer, etc.

🠶 Cybercriminals:
 Are those who conduct acts s u c h as:
 Credit card fraud
 Cyber stalking
 Defaming others online
 Gaining unauthorized access to computer systems
 Ignoring copyrights
 Software licensing and trademark protection
 Overriding encryption to make illegal copies
 Software piracy
 Stealing other’s identity to perform criminal acts

🠶 Categorization of Cybercriminals
 Type-1 Cybercriminals- Hungry for recognition
 Type 2 Cybercriminals- Not interested in

recognition
 Type -3 Cybercriminals- The insiders

🠶 Type 1: Cybercriminals- Hungry for recognition
 Hobby hackers
A person who enjoys exploring the limits of what is possible, in a spirit
of playful cleverness. May modify hardware/ software
 IT professional (social engineering):
 Ethical hacker
 Politically motivated hackers :
 promotesthe objectives of individu a ls, groups or nations su pporting a
variety of
causes s uc h as : Anti globalization, transnational conflicts and protest
 Terrorist organizations
 Cyber terrorism
 Use the internet attacks in terrorist activity
 Large scale disru ption of com puter networks , personal com pu ters
attached to internet via viruses
🠶 Type 2: Cybercriminals- Not interested in recognition
 Psychological perverts
 Express abnormal behavior
 Financially motivated hackers
 Make money from cyber attacks
 Bots-for-hire : fraud through phishing, information theft, spam and extortion
 State-sponsored hacking
 Hacktivists
 Extremely professional groups working for governments
 H a ve ability to worm into the networks of the m edia, m ajor
corporatio ns , defense departments

🠶 Type 3: Cybercriminals- The insiders
 Disgruntled or former employees seeking revenge
 Com peting companies u s ing employees to gain economic advantage through

dam age
and/ or theft.
🠶

 Greed
 Desire to gain power
 Publicity
 Desire for revenge
 A sense of adventure
 Looking for thrill to access forbidden information
 Destructive mindset
 Desire to sell network security services

🠶-IAttacks
🠶 A cyber attack is an assault launched by cybercriminals using one or more
computers against a single or multiple computers or networks. A cyber
attack can maliciously disable computers, steal data, or use a breached
computer as a launch point for other attacks.
Or
🠶 An attack, via cyberspace, targeting an enterprise's use of cyberspace for the
purpose of disrupting, disabling, destroying, or maliciously controlling a
computing environment/infrastructure; or destroying the integrity of the
data or stealing controlled information.

🠶-IAttacks Attack/threats
• A Pass ive a tta c k can only

observe communications or data.
Example: Interception (also called eavesdropping
or passive wiretapping) Passive threats
Active threats
• An Active a t t a c k can actively

modify
• communications or data but very powerful
Often difficult to perform,
Interception
– Mail forgery/modification Interruption Modification Fabrication
(Availability) (Integrity)
– TCP session hijacking /IP spoofing (authentication)
Examples: Interruption, Modification ( also called Release of message Traffic analysis

active wiretapping), Fabrication contents
Types of Active Attacks: masqu erade,

replay, modification and denial of service. Figure : Threats/Attacks

🠶-IActive Attacks
 Cybercrime refers to the act of performing a criminal act using cyberspace
as communication vehicle.
 Two types of attacks are common:
Techno- crime : Active a t ta ck
🠶Techno Crime is the term used by law enforcement agencies to denote
criminal activity which uses (computer) technology, not as a tool to
commit the crime, but as the subject of the crime itself. Techno Crime is
usually pre-meditated and results in the deletion, corruption, alteration,
theft or copying of data on an organization's s y s te m s .

🠶-IPassive Attacks
Techno – vandalism: Passive a t t a c k
🠶Techno Vandalism is a term used to describe a hacker or cracker who breaks into a
computer system with the sole intent of defacing and or destroying its contents.
🠶 Techno Vandals can deploy 'sniffers' on the Internet to locate soft (insecure) targets
and then execute a range of commands using a variety of protocols towards a range of
ports.
🠶 The best weapon against s u c h attacks is a firewall which will hide and disguise the
organization's presence on the Internet.

🠶-ISoftware Attacks
🠶 Software attacks means attack by Viruses, Worms, Trojan Horses etc.
🠶 Many users believe that malware, virus, worms, bots are all same things.
🠶 But they are not same, only similarity is that they all are malicious software that behave
differently.
🠶 Virus – They have the ability to replicate themselves by hooking them to the program on the
host computer like songs, videos etc and then they travel all over the Internet.
🠶 Examples include File Virus, Macro Virus, Boot Sector Virus, Stealth Virus etc.
🠶 Worms – Worms are also self replicating in nature but they don’t hook themselves to the
program on host computer.
🠶 Biggest difference between virus and worms is that worms are network aware.
🠶 They can easily travel from one computer to another if network is available and on the target
machine they will not do m u ch harm, they will for example consume hard disk space thus slowing
down the computer.

🠶-ISoftware Attacks
🠶 Software attacks means attack by Viruses, Worms, Trojan Horses etc.
🠶 Many users believe that malware, virus, worms, bots are all same things.
🠶 But they are not same, only similarity is that they all are malicious software that behave
differently .
🠶 Trojan – The Concept of Trojan is completely different from the viruses and worms.
🠶 The name Trojan derived from the ‘Trojan Horse’ tale in Greek mythology, which explains how the
Greeks were able to enter the fortified city of Troy by hiding their soldiers in a big wooden horse
given to the Trojans as a gift.
🠶 The Trojans were very fond of horses and trusted the gift blindly.
🠶 In the night, the soldiers emerged and attacked the city from the inside.
🠶 Bots –: can be seen as advanced form of worms.
🠶 They are automated processes that are designed to interact over the internet without the need of
h u m an interaction.
🠶 They can be good or bad.
🠶 Malicious bot can infect one host and after infecting will create connection to the central server
which will provide commands to all infected hosts attached to that ne
🠶-IHardware Attacks
🠶 Hardware attacks take advantage of vulnerabilities in hardware-manufacturing supply
chains.
🠶 Modern chips are incredibly complex devices consisting of billions of transistor
components that can be compromised during the processes of design, fabrication, and
assembly and testing.
🠶 The complexity of integrated circuits and microelectronics makes hardware
vulnerabilities difficult to detect.
🠶 Physical modifications to a single integrated circuit can be well hidden among the
sheer number of valid components, and can function undetected for a long time.
🠶 A well-designed hardware vulnerability could therefore go undetected until well after the
malicious hardware has been widely incorporated into critical infrastructure.

🠶-IHardware Attacks
🠶 Hardware attacks pertain to the following devices:
🠶 Access control systems s u c h as authentication tokens
🠶 Network appliances
🠶 Industrial control systems
🠶 Surveillance systems
🠶 Components of communication infrastructure
🠶 Attackers could also act at lower levels to affect the work of microcircuits,
fundamental components of any electronic device

🠶-ICyber Crime and Information Security
🠶 Indian Information Technology Act (ITA 2008) provides a new focus on “Information Security
in India.”
 “Cybersecurity” means protecting information, equipment, devices, computer, computer
resource, communication device and information stored therein from unauthorized access.
 Where financial losses to the organization due to insider crimes are concerned, difficulty is
faced in estimating the losses because the financial impacts may not be detected by the
victimized organization and no direct costs may be associated with the data theft.

 For anyone trying to compile data on business impact of cybercrime, there are number of
challenges.
o Organization s do not explicitly incorporate the cost of the vast m ajority of
computer security incidents into their accounting.
o There is always a difficulty in attaching a quantifiable monetary value to the corporate
data and yet corporate data get stolen/lost.
o Most organizations abstain from revealing facts and figures about “security
incidents”
including cybercrime.
o Organizations perception about “insider attacks” seems to be different than that made
out by security solution vendor.
o Awareness about “data privacy” too tends to be low in most organizations.

🠶 Typical network misuses are for:

 Internet Radio
 Streaming Audio
 Streaming Video
 File Sharing
 Instant Messaging
 Online Gaming
 Online Gambling

 Cybercrime can be committed against a n individual or a group; it can also be committed

against government and private organizations.
 It may be intended to harm someone’s reputation, physical harm, or even mental harm.
🠶 Cybercrime can cause direct harm or indirect harm to whoever the victim is.
🠶 However, the largest threat of cybercrime is on the financial security of a n individual as well
as the government.
🠶 Cybercrime causes loss of billions of U S D every year.

🠶 Types of Cybercrime
🠶 Hacking
It is a n illegal practice by which a hacker breaches the computer’s security system of
someone for personal interest.
🠶 Unwarranted mass-surveillance
Mass surveillance means surveillance of a substantial fraction of a group of people by the
authority especially for the security purpose, but if someone does it for personal interest, it
is considered as cybercrime.
🠶 C h ild pornography
It is one of the most heinous crimes that is brazenly practiced across the world. Children
are sexually abused and videos are being made and uploaded on the Internet.
🠶 C h ild grooming
It is the practice of establishing a n emotional connection with a child especially for the
purpose of child-trafficking and child prostitution.
🠶 Types of Cybercrime
🠶 HaCopyright infringement
If someone infringes someone’s protected copyright without permission and publishes that
with his own name, is known as copyright infringement.
🠶 Money laundering
Illegal possession of money by a n individual or a n organization is known as money
laundering. It typically involves transfers of money through foreign banks and/or legitimate
business. In other words, it is the practice of transforming illegitimately earned money into
the legitimate financial system.
🠶 C y ber-extortion
When a hacker hacks someone’s email server, or computer system and demands money to
reinstate the system, it is known as cyber-extortion.
🠶 C y ber-terrorism
Normally, when someone hacks government’s security system or intimidates government or
s uc h a big organization to advance his political or social objectives by invading the security
system through computer networks, it is known as cyber-terrorism. Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC
🠶 Cyber security is a potential activity by which information and other communication
systems are protected from and/or defended against the unauthorized use or modification
or exploitation or even theft.
🠶 Likewise, cyber security is a well-designed technique to protect computers, networks,
different programs, personal data, etc., from unauthorized access.
 Lack of information security gives rise to cybercrime
 Cybersecurity: means protecting information, equipment, devices, computer, computer
resource, communication device and information stored therein from unauthorized access,
use, disclosure, disruption, modification or destruction.

🠶-IComputer criminals
 Are those who conduct acts such as:
 Credit card fraud
 Cyber stalking
 Defaming others online
 Gaining unauthorized access to computer systems
 Ignoring copyrights
 Software licensing and trademark protection
 Overriding encryption to make illegal copies
 Software piracy
 Stealing other’s identity to perform criminal acts
🠶-IComputer Criminals
🠶 Cybercriminals are those who conduct activities s u c h as
 Child Pornography;
 Credit Card Fraud;
 Cyberstalking;
 Defaming another online;
 Gaining unauthorized access to computer systems;
 Ignoring copyright,
 Software licensing and trademark protection;
 Overriding encryption to make illegal copies;
 Software piracy and stealing another’s identity to perform criminal acts.

🠶-IComputer Criminals
🠶 1. Type I: Cybercriminals – hungry for recognition
🠶 2. Type II: Cybercriminals – not interested in recognition
🠶 3. Type III: Cybercriminals – the insiders
Classifications of Cybercrimes

UNIT Classification Of Cyber Crimes
🠶-IClassification of Cyber Crimes
🠶 Cybercrimes are classified as follows:
1. Cybercrime against individual

2. Cybercrime against property
3. Cybercrime against organization
4. Cybercrime against Society
5. Crimes emanating from Usenet newsgroup:

🠶 Cybercrimes: Classification
 Cybercrime against an individual

 Electronic mail spoofing and other online frauds
 Phishing
 Spamming
 Cyber defamation
 Cyber stalking (harassment)
 Computer sabotage
 Pornographic offenses
 Password sniffing

 Cybercrime against property
 Credit card frauds
 Intellectual property( IP) crimes
 Internet time theft

 Cybercrime against organization
 Unauthorized accessing of computer
 Password sniffing
 Denial-of-Service (DoS) attacks
 Virus attack/dissemination of viruses
 E-Mail bombing/mail bombs
 Salami attack/ Salami technique
 Logic bomb
 Trojan Horse
 Data diddling
 Industrial spying
 Computer network intrusions
 Software piracy
 Cybercrime against Society
 Forgery
 Cyber terrorism
 Web jacking

 Crimes emanating from Social Media
 Social media may carry very offensive, harmful, inaccurate material
 Postings with wrong labels or are deceptive in another way

🠶 Cybercrime: Usually Includes
 Unauthorized access of the computers
 Data diddling
 Virus/worms attack
 Theft of computer system
 Hacking
 Denial of attacks
 Logic bombs
 Trojan attacks
 Internet time theft
 Web jacking
 Email bombing
 Salami attacks
 Physically damaging computer system .
🠶-IE-mail Spoofing
🠶 A spoofed E-Mail is one that appears to originate from one source but actually has been sent from
another source.
 E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from
someone or somewhere other than the actual source.
 To send spoofed e-mail, senders insert commands in headers that will alter message information.
 It is possible to send a message that appears to be from anyone, anywhere, saying whatever
the sender wants it to say.
 Thus, someone could send spoofed e-mail that appears to be from you with a message that you didn't
write.
 Although most spoofed e-mail falls into the "nuisance" category and requires little action other than
deletion, the more malicious varieties can cause serious problems and security risks.
 For example, spoofed e-mail may purport to be from someone in a position of authority, asking for
sensitive data, su c h as passwords, credit card numbers, or other personal information -- any of which
can be used for a variety of criminal purposes.
 One type of e-mail spoofing, self-sending spam, involves messages that appear to be both to and from
the recipient.
🠶-ISpamming
• People who create electronic S p a m are called spammers.
• Spam is the abu se of electronic m essaging system s to send unsolicited bu lk
m essages indiscriminately.
• Spamming is widely detested, and has been the subject of legislation in many jurisdictions –
for example, the CAN-SPAM Act of 2003.
🠶 Search engine spamming
 Spamming is alteration or creation of a document with the intent to deceive a n electronic
catalog or a fi ling system.
 Som e web auth ors u se “su bversive techn iques” to en su re that their site appears
m ore
frequently or higher number in returned search results.

🠶-ISpamming
 Spamming may be
 E-Mail Spam
 Instant messaging spam
 Usenet group spam
 Web search engine spam
 Spam in blogs, wiki spam
 Online classified ads spam
 Mobile phone messaging spam
 Internet forum spam
 J u n k fax spam

🠶-ICyber defamation
• “Cyberdefamation” occurs when defamation takes place with the help of computers and/or the
According to the IPC Section 499:
🠶 1. It may amount to defamation to impute anything to a deceased person, if the imputation would
harm the reputation of that person if living, and is intended to be hurtful to the feelings of his family
or other near relatives.
🠶 2. It may amount to defamation to make an imputation concerning a company or an association or
collection of persons as su c h .
🠶 3. An imputation in the form of an alternative or expressed ironically, may amount to defamation.
🠶 4. No imputation is said to harm a person’s reputation unless that imputation directly or indirectly, in
the estimation of others, lowers the moral or intellectual character of that person, or lowers the
character of that person in respect of his caste or of his calling, or lowers the credit of that person, or
causes it to be believed that the body of that person is in a loathsome state or in a state generally
considered as disgraceful.
• The law on defamation attempts to create a workable balance between two equally important h u m an
rights
1. The right to an unimpaired reputation
2. The right to freedom of expression Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC
🠶-ICyber defamation
🠶 The tort of cyber defamation is considered to be the act of defaming, insulting, offending or
otherwise causing harm through false statements pertaining to a n individual in cyberspace.
Example: someone publishes defamatory matter about someone else on a website or sends
a n E-mail containing defamatory information to all friends of that person.
🠶 Types of defamation
 Libel : written defamation
 Slander: oral defamation
 The plaintiff must have to show that the defamatory statements were unlawful and would
indeed injure the person’s or organization’s reputation.
 When failed to prove, the person who made the allegations may still be held responsible
for defamation.

🠶-IInternet Time Threat
 Internet time theft occurs when a n unauthorized person uses the Internet hours paid for by
another person.
 It comes under hacking because the person gets access to someone else’s ISP user ID and
password, either by hacking or by gaining access to it by illegal means
 Occurs when a n unauthorized person uses the Internet hours paid for by another person
 Comes under hacking
 The person get access to someone else’s ISP user ID and password, either by hacking or by
gaining access to it by illegal means and uses the internet without the other person’s
knowledge
 This theft can be identified when Internet time is recharged often, despite infrequent usage.
 This comes under “identity theft”

🠶-ISalami Attack/Salami Technique
 These attacks are used for committing financial crimes.
 No account holder will probably notice this unauthorized debit,
but the bank employee will make a sizable amount every month.
 The alterations made are so insignificant that in a single case it
would go completely unnoticed.
 Example: a bank employee inserts a program, into the bank’s
server, that deduces a small amount from the account of every
customer every month,

🠶-IData Diddling
 A data diddling attack involves altering raw data just before it is processed by a computer
and then changing it back after the processing is completed.
 In other words, information is changed from the way it should be entered by a person typing
in the data.
 Electricity Boards in India have been victims to data diddling programs inserted when
private parties computerize their systems.
 Usually, a virus that changes data or a programmer of the database or application has pre-
programmed it to be changed.
 Eg: A hidden program that shows whatever that is typed on the screen but internally
changes the account number to his own account. Hence, any amount transfer will
automatically point to his account instead of the intended account number.
 To deal with this type of crime, a company must implement policies and internal controls.
 This may include performing regular audits, using software with built-in features to combat
s u c h problems, and supervising employees.
🠶-IForgery
 The act of forging something, especially the unlawful act of counterfeiting a
document or object for the purposes of fraud or deception.
 Something that has been forged, especially a document that has been copied
or remade to look like the original.
 Counterfeit currency notes, postage, revenue sta m p s , m arks sheets,
etc., can be forged using sophisticated computers, printers and scanners.

🠶-IWeb Jacking
🠶Web jacking occu rs when someone forcefully takes

control of a website (by cracking the password and
later changing it).
 This term is derived from the term hi jacking.
 In these kinds of offences the hacker gains access and
control over the web site of another.
 He may even change the information on the site.
 The first stage of this crime involves “password sniffing”
an d administrative password in particular.
 The actual owner of the website does not have an y more
control over what appears on that website
 This may be done for fulfilling political objectives or for money
🠶-INewsgroup Spam/Crimes Emanating from Usenet Newsgroup
• The advent of Google Groups, and its large Usenet archive,
has made Usenet more attractive to spammers than ever.
• Spamming of Usenet newsgroups actually predates E-Mail
Spam.
🠶Newsgroup spam is a type of spam where the targets are Usenet
newsgroups.
🠶Usenet group may carry very offensive, harmful, inaccurate or
otherwise inappropriate material or postings that have been
misplaced or are deceptive in another way.

🠶-IIndustrial Espionage/ Industrial Spying
• “Spies” can get information about product finances, research and development and
marketing strategies, a n activity known as “industrial spying.”
• “Targeted Attacks” - applies very well to organizations that are victim of focused attacks
aiming at stealing corporate data, Intellectual Property or whatever else that may yield a
competitive advantage for a rival company.
• There are two distinct business models for cybercrime applied to industrial spying
 Selling Trojan-ware
 Selling Stolen Intellectual Property.
 Industrial espionage is the covert and sometimes illegal practice of investigating competitors
to gain a business advantage.
 The target of investigation might be a trade secret s u c h as a proprietary product
specification or formula, or information about business plans.
 In many cases, industrial spies are simply seeking any data that their organization can
exploit to its advantage.
🠶-IHacking
🠶 Hackers, crackers and phrackers are some of the oft-heard terms. The
original meaning of the word “hack” meaning an elegant, witty or inspired
way of doing almost anything originated at MIT.
 Hackers write or use ready-made computer programs to attack the target
computer.
 They possess the desire to destruct and they get enjoyment out of such
destruction.
 Some hackers hack for personal monetary gains, such as stealing credit card
information, transferring money from various bank accounts to their own
account followed by withdrawal of money.

🠶-IHacking
 Every act committed toward breaking into a computer and/ or network is hacking.
 Purpose
 Greed
 Power
 Publicity
 Revenge
 Adventure
 Desire to access forbidden information
 Destructive mindset

🠶-IHacking
🠶 History of hacking
 hacking is any technical effort to manipulate the normal behavior of network connections
and connected systems.
 A hacker is any person engaged in hacking.
 The term "hacking" historically referred to constructive, clever technical work that was not
necessarily related to computer systems.
 M.I.T. engineers in the 1950s and 1960s first popularized the term and concept of hacking.
 the so-called "hacks" perpetrated by these hackers were intended to be harmless technical
experiments and fun learning activities.
 As computer networking and the Internet exploded in popularity, data networks became by
far the most common target of hackers and hacking.

🠶-IHacking
🠶 Hacking vs. Cracking
 Malicious attacks on computer networks are officially known as cracking ,
 while hacking truly applies only to activities having good intentions.
 Most non-technical people fail to make this distinction, however.
 Outside of academia, its extremely common to see the term "hack" misused and be applied
to cracks as well.

🠶-IHacking
🠶 3 types of modern hackers
 Black Hats: Criminal Hackers.
 Possess desire to destruction
 Hack for personal monetary gains : Stealing credit card information, transferring money
from various bank accounts to their own account, extort money from corporate giant by
threatening.
 White Hats: Ethical Hackers.
 Network Security Specialist.
 Grey Hats: Deals in both of the above (jack of all trades, master of none).

🠶-IOnline Frauds
🠶 Types of crimes under the category of hacking
 Spoofing website and E-Mail security alerts
 Hoax mails about virus threats
 lottery frauds
 Spoofing.
🠶 Spoofing websites and E-Mail security threats
o Fraudsters create authentic looking websites that are actually nothing but a spoof.
o The purpose of these websites is to make the user enter personal information which is then
used to access business and bank accounts
o This kind of online fraud is common in banking and financial sector.
o It is strongly recommended not to input any sensitive information that might help criminals
to gain access to sensitive information, s u c h as bank account details, even if the page
appears legitimate.

🠶-IOnline Frauds
 Fra u d that is committed using the internet is “online Online fra u d can involve
fraud . ”
financial fraud and identity theft.
 Online fraudthat
 viruses comes in many forms. with the goal of retrieving personal information, to email
attack computers
schemes that lure victims into wiring money to fraudulent sources,
 “phishing” emails that purport to be from official entities (such as banks or the
Internal Revenue Service) that solicit personal information from victims to be used to
commit identity theft, to fraud on online auction sites (such as Ebay) where perpetrators
sell fictional goods.
 E-Mail spoofing to make the user to enter the personal information : financial fraud
 Illegal intrusion: log-in to a computer illegally by having previously obtained actual
password. Creates a new identity fooling the computer that the hacker is the genuine
operator. Hacker commits innumerable number of frauds.

🠶-IOnline Frauds
🠶 Virus hoax E-Mails
o The warnings may be genuine, so there is always a dilemma whether to take them lightly or
seriously.
o A wise action is to first confirm by visiting an antiviru s site s u c h as M cAfee, S ophos
or
Symantec before taking any action, s u c h as forwarding them to friends and colleagues.
🠶 Lottery frauds
o Typically letters or E-Mails that inform the recipient that he/she has won a prize in a lottery.
o To get the money, the recipient has to reply, after which another mail is received asking for
bank details so that the money can be directly transferred.
🠶 Spoofing
o A hacker logs-in to a computer illegally, using a different identity than his own.
o He creates a new identity by fooling the computer into thinking tha t the ha cker is
th e
genuine system operator and then hacker then takes control
Mr. of the SHANKAR,
P. HARI system. ASST. PROF., CSE, GNITC
🠶-IOnline Frauds
🠶 Pornographic Offenses
🠶 “Child pornography” includes:
🠶 1. Any photograph that can be considered obscene and/or unsuitable for the age of child
viewer;
🠶 2. film, video, picture;
🠶 3. computer-generated image or picture of sexually explicit conduct where the production of
s u c h visual depiction involves the use of a minor engaging in sexually explicit conduct.
 As the broad-band connections get into the reach of more and more homes, larger child
population will be using the Internet and therefore greater would be the chances of falling
victim to the aggression of pedophiles.

🠶-ISoftware Piracy
 Theft of software through the illegal copying of
genuine programs or the counterfeiting and
distribution of products intended to pass for the
original.
🠶 Those who buy pirated software have a lot to
lose: ed
(a)getting untested software that may have been copi
thousands of times over
(b)the software, if pirated, may potentially contain
hard-drive-infecting viruses
e
(c) there is no technical support in the case of softwar
failure, that is, lack of technical product support
available to properly licensed users
(d)there is no warranty protection,
(e)there is no legal right to use the product, etc.
🠶 Economic impact of software piracy is grave (see Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC
🠶-ISoftware Piracy
 Theft of software through the illegal copying of genuine programs or the counterfeiting and
distribution of products intended to pass for the original.
 End-user copying
 Hard disk loading with illicit means
 Counterfeiting
 Illegal downloads from internet

🠶-IComputer Sabotage
🠶 It is the use of the Internet to hinder the normal functioning of a computer system through
the introduction of worms, viruses or logic bombs.
🠶 It can be used to gain economic advantage over a competitor, to promote the illegal activities
of terrorists or to steal data or programs for extortion purposes.
🠶 Logic bombs are event-dependent programs created to do something only when a certain
event (known as a trigger event) occurs.
🠶 Some viruses may be termed as logic bombs.
 Computer sabotage involves deliberate attacks intended to disable computers or networks
for the purpose of disrupting commerce, education and recreation for personal gain,
committing espionage, or facilitating criminal conspiracies.
 Through viruses, worms, logic bombs
 Chernobyl virus
 The Chernobyl virus is a computer virus with a potentially devastating payload that
destroys all computer data when an infected file is executed.,
🠶-IEmail Bombing/Mail Bombs
 It refers to sending a large number of E-Mails to the victim to crash victim’s E-Mail account
or to make victim’s mail servers crash (in the case of a company or a n E-Mail service
provider).
 Computer program can be written to instruct a computer to do s u c h tasks on a repeated
basis.
 In Internet usage, a n email bomb is a form of net abuse consisting of sending huge volumes
of email to a n address in a n attempt to overflow the mailbox or overwhelm the server where
the email address is hosted in a denial-of-service attack.
 Construct a computer to repeatedly send E-mail to a specified person’s E-mail address.
 C a n overwhelm the recipient’s personal account and potentially shut down the entire
system.

🠶-IUsenet Newsgroup as The Source Of Cybercrimes
🠶Usenet is a popular means of sharing an d

distributing information on the Web with respect to specific topic
or subjects.
🠶It is a mechanism that allows sharing
information in a many-to- many manner.
🠶The newsgroups are spread across 30,000 different topics.

🠶-IComputer Network Intrusions
 Computer Networks pose a problem by way of security threat because people
can get into them from anywhere.
 The cracker can bypass existing password protection by creating a
program to capture logon IDs and passwords.
 The practice of “strong password” is therefore important.
🠶 Password Sniffing
 Password Sniffers are progra m s that monitor and record the name
and password of network users as they login, jeopardizing security at a site.
 Whoever installs the Sniffer can then impersonate an a u thorized user
and login to access restricted documents.

🠶-ICredit Card Frauds
 Millions of dollars may be lost annually by consumers who have
credit card and calling card numbers stolen from online
databases.
 Bulletin boards and other online services are frequent targets for
hackers who want to access large databases of credit card
information.

🠶-IIdentity Theft
 Identity theft is a fraud involving another person’s identity for a n illicit purpose.
 This occurs when a criminal uses someone else’s identity for his/her own illegal purposes.
 The cyberimpersonator can steal unlimited funds in the victim’s name without the victim
even knowing about it for months, sometimes even for years!
 Phishing and identity theft are related offenses
 Examples:
 Fraudulently obtaining credit
 Stealing money from victim’s bank account
 Using victim’s credit card number
 Establishing accounts with utility companies
 Renting a n apartment
 Filing bankruptcy using the victim’s name

🠶-ICyber Threats-cyber Warfare
🠶Cyberterrorism is defined as “any person, group or

organization who, with terrorist intent, utilizes a cces s es
or aids in accessing a computer or computer network or
electronic s y s te m or electronic device b y a ny available
means , and thereby knowingly engages in or attempts to
engage in a terrorist act commits the offence of
cyberterrorism.”

🠶-ICyber Threats-Cyber Warfare
🠶Cyberwarfare is computer- or network-based conflict involving

politically motivated attacks by a nation-state on another nation-
state. In these types of attacks, nation-state actors attempt to
disrupt the activities of organizations or nation-states, especially
for strategic or military purposes and cyberespionage.
Or
🠶Cyberwarfare is the use of digital attacks to attack a nation,
causing comparable harm to actual warfare and or disrupting the
vital computer systems. There is significant debate among experts
regarding the definition of cyberwarfare, and even if such a thing
exists.

🠶-ICyber Terrorism
🠶 Cyber terrorism is the convergence of cyberspace and terrorism.
🠶 It refers to unlawful attacks and threats of attacks against computers,
networks and the information stored therein when done to intimidate or
coerce a government or its people in furtherance of political or social
objectives.
🠶 Further, to qualify as cyber terrorism, an attack should result in violence
against persons or property, or at least cause enough harm to generate fear.
🠶 Attacks that lead to death or bodily injury, explosions, or severe economic
loss would be examples. Serious attacks against critical infrastructures
could be acts of cyber terrorism, depending on their impact.
🠶 Attacks that disrupt nonessential services or that are mainly a costly
nuisance would not.

🠶-ICyber Espionage
🠶 Exploitation of vulnerabilities commonly software
products, s uc h as: J av a ,Adobe Reader, Microsoft Office,
Internet Explorer, Adobe Flash and more
🠶 Social engineering techniques – including spear-
phishing campaigns
🠶 Drive-by downloads , Droppers
🠶 The act or practice of obtaining secrets sensitive,
proprietary or classified information from individuals,
competitors, rivals, groups,
🠶 governments and enemies also for military, political, or
economic advantage using illegal exploitation methods
on internet, networks, software and or computers
🠶 You don’t control all of your critical business systems.
Understand your vulnerabilities in the distributed,
outsourced world
🠶-ICIA Traid
🠶 CIA Security Model Confidentiality, Integrity & Availability
Confidentiality
Secure
Integrity Availability

🠶-ICIA Traid
🠶 CIA Security Model Confidentiality, Integrity & Availability
🠶 CIA Model
🠶 A simple but widely-applicable security model is the CIA triad standing for:
🠶Confidentiality
🠶Integrity
🠶Availability
🠶 These are the three key principles which should be guaranteed in any kind
of secure system.
🠶 This principle is applicable across the whole subject of Security Analysis,
from access to a user's internet history to security of encrypted data across
the internet.
🠶 If any one of the three can be breached it can have serious consequences for
the parties concerned. Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC
🠶-ICIA Traid
🠶 Confidentiality
🠶 Confidentiality is the ability to hide information from those people unauthorised to view it.
🠶 It is perhaps the most obvious aspect of the CIA triad when it comes to security; but correspondingly, it is also
the one which is attacked most often.
🠶 Cryptography and Encryption methods are an example of an attempt to ensure confidentiality of
data
transferred from one computer to another.
🠶 Integrity
🠶 The ability to ensure that data is an accurate and unchanged representation of the original secure
information.
🠶 One type of security attack is to intercept some important data and make changes to it before sending it on to
the intended receiver.
🠶 Availability
🠶 It is important to ensure that the information concerned is readily accessible to the authorised viewer at
all times.
🠶 S ome types of secu rity attack attem pt to deny access to the appropriate u ser, either for the
sake of
inconveniencing them, or because there is some secondary effect.
🠶-IComprehensive C yber Security Policy
At country level:
🠶 Policy directives on data security and privacy protection -
Compliance, liabilities and enforcement (ex. Information Technology Act 2000)
🠶 S tandards and guidelines for com pliance (ex: IS O 27001, IS O 20001 & C E RT-In
guidelines)
🠶 Conformity assessment infrastructure (enabling and endorsement actions concerning
security product – I S O 15408, security process – I S O 27001 and security manpower –
C I SA , C I S S P, ISMS-LA, DISA etc.)
🠶 Security incident - early warning and response (National cyber alert system and crisis
management)
• Information sharing and cooperation (M oU s with vendors and overseas C E R Ts
and security forums).
• Pro-active actions to deal with and contain malicious activities on the net by way of net
traffic monitoring, routing and gateway controls
• Lawful interceptions and Law enforcement.
• Nation wide security awareness campaign.
• Security research and development focusing on tools, technology, products and services.
🠶 Actions at network level
🠶 Compliance to security best practices (ex. ISO27001), service quality (ISO 20001) and
service level agreements (SLAs) and demonstration.
🠶 Pro-active actions to deal with and contain malicious activities, ensuring quality of services
and protecting average end users by way of net traffic monitoring, routing and gateway
controls
🠶 Keeping pace with changes in security technology and processes to remain current
(configuration, patch and vulnerability management)
🠶 C o nform to legal obligations and cooperate with law
enforcement activities including prompt actions on alert/advisories issued by
CERT-In.
🠶 Use of secure product and services and skilled manpower.
🠶 Crisis management and emergency response.

🠶 Actions at corporate level:
🠶 Compliance to security best practices (ex. ISO27001), and demonstration.
🠶 Pro-active actions to deal with and contain malicious activities, and protecting average end
users by way of net traffic monitoring, routing and gateway controls
🠶 Keeping pace with changes in security technology and
processes to remain cu rrent (configuration, patch and vulnerability management)
🠶 C o nform to legal obligations and cooperate with law enforcement activities including
prompt actions on advisories issued by CERT-In.
🠶 Use of secure product and services and skilled manpower.
🠶 Crisis management and emergency response.
🠶 Periodic training and up gradation of skills for personnel engaged in security related
activities
🠶 Promote acceptable users’ beh avior in the interest of
safe computing both with in and outside.
🠶 Actions at small user level:
🠶 Maintain a level of awareness necessary for self-protection.
🠶 Use legal software and update at regular intervals.
🠶 Beware of security pitfalls while on the net and adhere to security advisories as necessary.
🠶 Maintain reasonable and tru s t-worthy access control to prevent
abu se of computer resources

CS Unit-1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CS Unit-1

Uploaded by

Copyright:

Available Formats

Department

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

🠶 Cybercrimes differ from most terrestrial crimes in four ways:

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

 Type 2 Cybercriminals- Not interested in

 Type -3 Cybercriminals- The insiders

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

 Disgruntled or former employees seeking revenge

 Com peting companies u s ing employees to gain economic advantage through

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

• A Pass ive a tta c k can only

• An Active a t t a c k can actively

Examples: Interruption, Modification ( also called Release of message Traffic analysis

Types of Active Attacks: masqu erade,

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

🠶 Typical network misuses are for:

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

 Cybercrime can be committed against a n individual or a group; it can also be committed

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

1. Cybercrime against individual

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

 Cybercrime against an individual

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

 Credit card frauds

 Intellectual property( IP) crimes

 Internet time theft

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

 Crimes emanating from Social Media

 Social media may carry very offensive, harmful, inaccurate material

 Postings with wrong labels or are deceptive in another way

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

🠶Web jacking occu rs when someone forcefully takes

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC

Mr. P. HARI SHANKAR, ASST. PROF., CSE, GNITC