Combating Cyber Crime

Presentation by : Priyanka Tomar

[email protected]
Objective
Provide a brief idea of cyber/computer attacks and
preventive measure to be adopted with reference to
Law Enforcement Agencies.


PREREQUISITES
Computer Hardware
Computer Software
Internet Surfing
Email
Networking
IP Address
Combating Cyber Crime
Cyber + Security

What is Security

What is Cyber Security
involves detection, prevention and responding to attacks

Why do we need Cyber Security Phishing, Credit Card Frauds

Combating Cyber Crime
Who is Vulnerable e.g. screen hack



Cyber Security Threats
Virus
Worm
Trojan Horse
Remote Administration Tool Prorat, Poison Ivy

Cyber Security Threats-RAT
The operator controls the RAT through a network connection. RAT
provide an operator the following capabilities:
Screen/camera control.
File management (download/upload/execute etc.
Shell control (from command prompt).
Computer control (power off/on/log off ).
Registry management (query/add/delete/modify).
Start, stop and restart Windows services.
Copy/delete files and format disks.
View and clear the windows event logs.
Other software product-specific functions.


Cyber Security Threats
Hackers
Identity Thieves
Spyware/Adware
Website advertisements
Consequences of Inaction
Loss of access
Loss of confidentiality, integrity and public trust
Lawsuits, Disciplinary action

The US has charged six members of an international
cybercrime gang that hacked into user accounts to defraud
eBay's Stubhub ticket reselling website of about $1m.
The men were arrested in the UK, Canada and Spain in
connection with the scam in which more than 1,600
StubHub users had their credit cards used to buy tickets,
which were then sold on by the criminals.

Preventive Measures -I
OS/Software Updates
Anti virus
Personal Firewalls
Check Open Ports -http://www.auditmypc.com/firewall-test.asp








How to block Ports
Block Ports
Control Panel>System and Security> Windows Firewall
Advanced Settings
See inbound and outbound rules
Create your own rule

How to know if there is spyware?

Endless pop-up windows.
Redirected to other websites automatically.
Random Windows error messages .
Computer suddenly seems slow.
New and unexpected toolbars appear in web browser.
New and unexpected icons appear in the task tray.
Browser's home page suddenly changed.
Search engine your browser opens has been changed.

Don't click on links within pop-up windows
Be careful while installing free software , never forget
to read user agreement.
Block pop-up windows and cookies by adjusting
browser preferences.
Be aware of unexpected dialog boxes asking -Do you
want to run a xxxx program . Always select "no" or
"cancel," or close the dialog box.

Prevent Spyware Installation
Remove Spyware
Spyware copies several files to different directories and
changes the registry. Use a spyware remover - a
program dedicated to removal of sypware.
Run a legitimate product to remove spyware e.g
Ad-Aware, Microsoft Window Defender, Webroot's
SpySweeper etc.
Preventive Measures-II
Prevent Identity Theft-Beware of phishing scams - a form of fraud that uses
email messages that appear to be from a reputable business (often a financial institution)
in an attempt to gain personal/ financial account information. These often do not
include a personal salutation. Never enter personal information into an online form you
accessed via a link in an email you were not expecting. Legitimate businesses will not ask
for personal information online.
Intrusion Detection Software/Device
Phishing
Google Security Team to Sunitha

Verification Required.

Dear Gmail User,

The Gmail infrastructure is going through an annual security and performance overhaul. In the same respect, you
are requested to verify your account by clicking on the following link. The Google Security Team is available to
provide you all the assistance for secure communication over the Internet. Happy surfing!

accountverification.gmail.com/src/verify.php?confirmation=dhPGcsiuUNdnAoN77q5CHwCgl4MmCAXE
72d

You are requested to act on this immediately to guarantee the smooth functioning of your mail account.

Thanks,
Account Security Administrator
Google Security Team
Google, Inc. Phone: +1 650-253-0000

You are receiving this message from Google because you are a valued member. Google respects your privacy. To
learn more, please read our online Privacy Statement. For more information or for general questions regarding
your e-mail account, please visit Gmail Help.

Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043. All rights reserved.


Phishing Website
See URL in
address bar
Preventive Measures

Protect Passwords
Regular Backup

Preventive Measures -II
Setup Cyber Security Policies
Email Virus Filtering Services
Firewall Services
Email attachment Filtering
Vulnerability Scanning
Intrusion Prevention System
Be aware while using gmail
Alternate email
Last account activity
Settings> Chat
Settings>Accounts and Import > Account Settings
> Other Accounts Settings>Security
>Other Accounts Settings>
Settings> Accounts and Import >
Grant access to your account can add other gmail
Mark conversation as read when opened by others


Be aware while using gmail cont::
Set Alerts-
https://www.google.com/settings/security?hl=en
Filter/Block emails
Add Forwarding Address: You can have your emails
automatically forwarded to another address.

Be Alert!!!!!!!


Combating Cyber Crime
Email Spoofing/Phishing ICICI, Credit Card Frauds
IP Spoofing
Onion Router, Proxy Server
Packet Sniffing
Tools -Wireshark, Microsoft Network Monitor
Use SSH not Telnet
Use HTTPS while online shopping
SFTP over FTP
IPSec- provides network layer confidentiality

Intrusion Detection
Used to monitor for suspicious activity on a network
Can protect against known software exploits, like buffer
overflows
Open Source IDS: Snort
Hackers
Black
Grey
White

Google Hacking
Google hacking is a computer hacking technique that
uses Google Search and other Google applications to
find security holes in the configuration and computer
code that websites use.
The following search query will locate all websites that
have the words "admbook" and "version" in the title of
the website. It also checks to ensure that the web page
being accessed is a PHP file.
intitle:admbook intitle:version filetype:php
Email Encryption
Email encryption is authentication, of email
messages, to protect the content from being read by
any but the intended recipients. Email encryption has
been used by journalists and regular users to protect
privacy.
Email Encryption Cont
Your public key is the part of the encryption that you
make public. Your private key is the part of the
encryption that you never share with anyone under
any circumstance.
The two keys work together so that you need both to
decrypt anything.

Get GPG installed on our operating system. It is available
at http://www.gnupg.org/download/
Mozilla Thunderbird

Write Protect USB Drive

Step 1: Open the Registry Editor by opening the Run
dialog box, type regedit and hit Enter).

Step 2.Go to Registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlS
et\Control\



Cont:
Step3: Right-click on Control, click on New->Key and
name it as StorageDevicePolicies. Now a New Key
named as StorageDevicePolicies is created.
Step 4. Right-click on StorageDevicePolicies and
create a New->DWORD (32-bit) Value and name it as
WriteProtect.
Step 5: By double clicking on WriteProtect, set value 1
from 0.


Write Protect USB- Cont:
Now the right-protection for USB drives is enabled on your
computer thus it would not be possible for anyone or any
program to add/delete the contents from USB flash drive.
Any attempt to copy or download the files onto the USB
drive will result error message:
"Remove the Write Protection or Use another Disk"

Cyber Crime
"unlawful acts wherein the computer is either
a tool or a target or both".
crimes where a computer is the target of the
crime,
crimes where a computer is a tool of the
crime, and
crimes where a computer is incidental to the
commission of the crime.

Cyber Crime
EMAIL SPOOFING
PHISHING
IP SPOOFING
PACKET SNIFFING
HACKING
VIRUS, WORMS & TROJANS
BOTNETS
oSOFTWARE PIRACY
oPORNOGRAPHY
o CREDIT CARD FRAUD
oCYBER STALKING
oCYBER DEFAMATION
o SALAMI ATTACK
oNET EXTORTION

Cyber Crime as a Services
Crimeware-as-a-Service

Cybercrime Infrastructure-as-a-Service

Hacking-as-a-Service