CYBER SECURITY BY SARTHAK

Cyber Offenses:
How Criminals Plan Them
CYBER SECURITY BY SARTHAK

Hacking, Industrial Espionage, Network Intrusion, Password Sniffing, Computer Viruses are

Introduction most occurring crimes that target computers.

Cyber Criminals use WWW(World Wide Web) at very optimum level for illegal activities to

Cyber Offenses: How Criminals Plan them store data, contacts, account information, etc.

People who commit cyber crimes are known as Crackers.

 6

Hacker
A Hacker is a person with strong Interest in computers who
enjoys learning and experimenting with them. Hackers are
usually very talented, smart peoples who understand
computer better than others.

Examples for Hacking: Trojan Horse Attack, Brute Force

Attack

CYBER SECURITY
BY SARTHAK
CYBER SECURITY BY SARTHAK

Brute Force
Attack/Hacking
It is an technique used by the Hacker/Attacker to find
passwords or encryption keys.
• It involves every combinations of letters, digits, special
characters until the code is broken
 8

Cracker
A Cracker is a person who breaks into any computer/server.
Cracker is usually connected to computer criminals.

Examples for Cracker: Vandalism, theft, Snooping

in unauthorized area

CYBER SECURITY
BY SARTHAK
 9

Cracker, 1
Cracker
Cracking And A person who breaks into the computer is known

its Tools
as Cracker. e.g. Vandalism, theft, etc.

Roadmap of Cracking 2
Cracking
What is Cracking, What is Cracking and What The act of breaking into computers/servers is

are Cracker tools. known as Cracking. e.g. using dictionary for

guessing the Passwords.

3
Cracker Tools
Tools that are used to break into the
computers/servers. e.g. Virus, Trojan Horse, etc.
CYBER SECURITY BY SARTHAK
CYBER SECURITY
BY SARTHAK
 10

Phreaking
This is the notorious art of breaking into phone and other
communication systems. Phreaking websites are very
popular among the Crackers and other criminals.

Examples for Phreaking: Gaining unauthorized access

to phone networks

CYBER SECURITY
BY SARTHAK
 11

Vulnerabilities
The categories of vulnerability that hackers typically
search for are the following :

• Inadequate Border Protection (Border as in sense of

Network)
• Remote Access Server with WAC (Weak)
• Applications with Well known Exploits
• Misconfigured Systems and systems with default
configurations.

CYBER SECURITY
BY SARTHAK
 Different Hats
Different Hats in Cyber Security

As per Edward De Bono, in his Book “The Six Thinking Hats”, he mentioned 6 hats of Hackers,
Four of the following are given below:

Black Hat Hacker White Hat Hacker Grey Hat Hacker Red Hat Hacker
Cracker/Dark Side Hacker/ Ethical Hacker/ Both Ethical Hacker and Hacker that thinks before
Criminal Hacker Positive Side Hacker Criminal Hacker committing a malice or
non-malice deed
Categories of
Cyber Crimes
1. Crimes Targeted at Individual: Cyber Crimes targeted at a
particular Individual and exploit human weakness, e.g.
Phishing.
2. Crimes Targeted at Property: Cyber Crimes targeted at a
particular cyber property, e.g. Stealing Mobile Phones.
3. Crimes Targeted at Organization: Cyber Crimes targeted
at a particular organization, government or Military
maintained websites. e.g. stealing country’s data.
1. Single Event of Cybercrime: It is the single event of crime
from the perspective of victim. e.g. Fraud.
2. Series of Events of Cybercrime: It is series of events of
crime from the perspective of victim. e.g. Cyberstalking.
Categories of
Cyber Attacks
1. Active Attack: The Attacks in which the attacker directly
engages with the victim is known as Active Attack. It
affects the Availability, Integrity, e.g. DoS Attack
1. Passive Attack: The Attacks in which the attacker doesn’t
directly engages with the victim in known as Passive
Attack. e.g. Doing Reconnaissance on the Target
 CYBER SECURITY BY SARTHAK 15

Active Attacks and Passive Attacks

Active Attacks
An Active Attacks compromises of probing the
network to discover individual’s hosts to confirm
the information phase
.e.g. Nmap port scanning, exploitation, etc.

Passive Attacks
Information Gathering in which attackers gather
Information of Individual/Company/
Organization without letting the victim know
about it or without his/her knowledge.
.e.g. Google or Yahoo Search, Smurfing Social
Media to gain information, Blogs, newspaper,
etc.

Passive Attack Active Attack

Maltego Nmap
CYBER SECURITY BY SARTHAK

How Criminals Plans the Attack

Cyber Offenses: How Criminals Plan them
 Phases of Cyber Crimes
Phases of Cyber Attacks

1 2 3

Reconnaissance Scanning & Scrutinizing Info Gaining and Maintaining Access

Information Gathering Scanning the information gathered and verifying Exploiting and Maintaining all the access
the information to the device
CYBER SECURITY BY SARTHAK 18

Reconnaissance/
Information
Gathering
“Reconnaissance” is the act of reconnoitering – explore, often
with a goal of finding something or somebody.
 In Hacking, this phase starts with Footprinting
 Footprinting: It is the preparation act for pre-attack process
in which attackers find out the victim’s environment,
computer architecture, and how can he intrude into that.
 19

Scanning and
Scrutinizing Info
Scanning is the key step to examine the intelligently while
gathering information about the target. The objectives of
scanning are as follows:

• Port Scanning: Identify Open/Closed Ports and Services

• Network Scanning: Understand IP Address and Related
Information.
• Vulnerability Scanning: Understand the existing weakness
in the system.

Scrutinizing in Cyber Security is called Enumeration. The

objective of find that are as follows:
• The valid user accounts or groups.

CYBER SECURITY
• Network resources and or/shared resources.

BY SARTHAK
• OS and different application running that OS.
 20

Ports
A port is an interface to which one can connect a device.
TCP/IP made two protocol that is used universally to
communicate all over the internet
1. TCP
2. UDP
Each of these have ports 0 to 65536 to communicate

Well Known Ports

There are some well known IP ports that require scanning
owing to vulnerability. Some ports are pre-assigned by
INAA(Internet Numbers Assigned Authority).

Port Scanning
With Port Scanning we can find doors to go in and out
Port Scanning is used to find all the doors by sending
packets.

CYBER SECURITY
BY SARTHAK
• Open: Listening on the Port
• Closed: Port is closed.
• Filtered/Blocked: No reply from the Host
CYBER SECURITY BY SARTHAK 21

Attack
Gaining and Maintaining Access

After Scanning and Enumeration, the attack is launched in

following steps:
1. Crack the Password.
2. Exploit the Privileges.
3. Execute the malicious command/applications.
4. Hide the files(if required)
5. Cover the tracks – delete the access logs, so that there is
no trail illicit activity
CYBER SECURITY BY SARTHAK

Social Social Engineering is a technique to “Influence” or persuasion to “Deceive” people to obtain

information or perform some action.

Engineering
Social Engineers exploit the “Human Tendency” of a person to trust social engineers word, and
exploiting it.
Social Engineers mostly uses VoIP or VoWIFI for telecommunication and Internet to
Cyber Offenses: How Criminals Plan them communicate with the Victim.
 Classification of Social Engineering
Human based Social Engineering

1 2 3

Impersonating or Social Employee Posing as an important user Using a third person

Impersonating is perhaps the greatest The attacker pretends to be an important An attacker pretends to be authorized from the
technique used by social engineers. Social user of the company in order to gain source to use a system. This trick is useful when
Engineers take advantage of the fact that most access to the system. Most low level supposed authorized personal is on vacation or
people are helpful. employee will not ask any questions. cannot be contacted for verification.
 Classification of Social Engineering
Human based Social Engineering(Continued)

4 5 6

Calling technical support Shoulder Surfing Dumpster Diving

Calling the technical support for assistance is It is a technique of gathering It involves looking information in trash written in
a classical example of social engineering. information such as usernames pieces of paper or printouts. Also known as
technical support/Help desk users are trained to and passwords by watching over Dumpstering, binning, trashing, garbing, “Scavenging”
help the user which makes them a good prey. someone’s shoulder.
 Classification of Social Engineering
Computer Based Social Engineering

1 2 3

Fake E-Mails E-Mail Attachments Pop-Up Windows

The attackers sends fake e-mail such that the E-Mail attachments are used to send Pop-up windows are also used, in a similar
legitimate users find it as legitimate mail. this malicious code to the victim’s device, manner. Pop-up windows with special offers
activity is also known as phishing. It is an which will automatically get executed. encourages the users to unintentionally install
attempt to entice the user to reveal sensitive info. malicious code.
CYBER SECURITY BY SARTHAK

Cyber Stalking is an act of following prey stealthily – trying to approach somebody or

something.
Cyber Stalking is defined as use of Information and Communication technology, particularly

Stalking internet by Individual, or group of people to harass Individual or group of people

The behavior include false accusation, monitoring, transmission of threats, theft ID, damage
to data equipment, solicitation of minors for sexual purposes and gathering information for
Cyber Offenses: How Criminals Plan them
harassment purpose.
CYBER SECURITY BY SARTHAK 27

Types of Cyber Stalking

Online Stalkers
They aim to directly interact with the victim
with the help of internet. E-mail or chat rooms
are the most popular communication medium
to get connected with the victim. The stalker
makes sure the victim recognizes the attack
attempted on him. He may use third party in
order to harass the victim.

Offline Stalkers
The attacker use traditional ways such as
following the victim, watching the daily routine
of the victim, etc. Searching on message
boards/newsgroup, personal websites, blogs,
etc. to gain the information about victim. The

victim is not aware that the internet is used to Online Stalkers Offline Stalkers
perpetuate an attack against them.
(Continued)
28

Cases Reported On
Cyber Stalk
Majority of Time the Case Reported on Cyber Stalking, the victims
are Women and Men are stalkers and mostly cases are sex-cyber-
stalking. But there are many cases of attacker being a stranger.

How Stalking
Works ?
1. Personal Information Gathering about the Victim
2. Establish a contact with the victim through E-Mail or
Telephone, the stalker can use multiple names.
1. Some stalkers keep on sending repeated E-Mails for asking
various kinds of favors or threaten the victim.

CYBER SECURITY
BY SARTHAK
2. Posting Victim’s Personal Information on Web
3. Information used by Public/Internet User for different deeds
CYBER SECURITY BY SARTHAK

Cyber Café and Cyber Crimes

Cyber Offenses: How Criminals Plan them
Cyber Café and
Survey
Cyber Café are one of the most used places in order to carry
out an attack, there is always risk of programs such as
keyloggers and spyware in the computers. ITA Act 2000
doesn’t include Cyber Café and hence it makes Cyber Café a
perfect place to carry out an attack and hence its necessary
to know the survey conducted and the tips to be safe in case
if you visit the Cyber Café to do your tasks.
Cyber Café and
Survey (Contd.)
1. Pirated Software such as OS, MS Office is installed.
2. Antivirus is found not to be updated or not to be installed.
3. Many Cyber café have installed software called “Deep Freeze”
to protect from prospective malware attack. This program can
clean all the activities done on a computer when clicked on
restart. It troubles police while investigating.
4. AMC(Annual Maintenance Contract) is not found in many
Cyber Cafés.
1. Pornographic Contents or similar content are not banned.
2. Cyber Café owners not having Cyber Security Awareness.
3. Cyber Café association or State Police(Cyber Cell Wing) not
conducting periodic visit to Cyber Cafés.
 32

Tips for Cyber Café

Few tips while going to Cyber Café are:
• Always Logout
• Stay with the computer
• Clear History and Temporary Files
• Be Alert
• Avoid Online Financial Transactions
• Change Passwords
• Use Virtual Keyboards
• Check for Browser Security Warnings and Check for HTTPS.

CYBER SECURITY
BY SARTHAK
CYBER SECURITY BY SARTHAK

Botnets: Fuel of Cyber Crimes

Cyber Offenses: How Criminals Plan them
Botnets
The Fuel of Cyber Crimes

Bots are the automated programs for doing some particular task,
often over a network. It is a term used for collection of software robots,
or bots that run automatically and
autonomously.

Botnets: It is a network of computers infected with

malicious program that gives direct control to the hacker.

One can secure the systems from botnets by following:

• Use Antivirus/Anti-Spyware
• Set the OS to download security patches update automatically
• Use Firewall when using Internet
• Disconnect the Internet when away
• Downloading Freeware from only known and trusted websites.
• Check regularly the mail box’s sent items and trash.
• Take immediate action if System is infected.
CYBER SECURITY BY SARTHAK

Attack Vectors
Cyber Offenses: How Criminals Plan them
 36

Attack Vector
An attack vector is the path by which the attacker gains
access. Attack vectors enables the attacker to exploit
vulnerabilities, including the human element.

 To some extent Firewalls and Antivirus can stop attack

vectors.,
 Attackers keep updating the attack vector, hence the
defense mechanism that is effective today might not
be effective in future.
 Most common malicious payload is Virus

Payloads: necessary data within a packet or

other transmission unit (In this case Attack

CYBER SECURITY
Vectors)

BY SARTHAK
 37

Attack Vector
(Continued)

The attack vectors are mostly launched by:

1. Attack by E-Mail: Hostile Content Embedded in Mail
2. Attachments: Malicious Attachments install Malicious
Codes.
3. Attack by Deception: Deception is aimed at the users/
operator as a vulnerable entry points. e.g. Frauds, Scams
and to some extent spams
4. Hackers/Crackers: They use variety of tools, heuristics and
social engineering to gain access to the computers and
online accounts. e.g. Trojan Horse installed by a Hacker.
5. Headless Guests(Attack by Webpage): Counterfeit websites
are used to gather information.

CYBER SECURITY
6. Attack of the Worms: Many worms are delivered through

BY SARTHAK
email attachments but network worms uses holes in the
network directly.
 38

Attack Vector
(Continued)

1. Malicious Macros: A macro is something like automating any

type of program. e.g. Instant Messaging, Excel, etc.
2. Foistware: Software that adds hidden components to the
systems. e.g. Spyware is most common example of Foistware.
3. Viruses: Malicious Codes that hitch a ride and make payload.
e.g. E-Mail Attachment, Trojan Horses, etc.

CYBER SECURITY
BY SARTHAK