Unit 2 Cyber Crime

2.1 Concept of Cyber Crimes:

What is Cybercrime?
As the name says, "cyber" means computer and "crime" means something unfair
and illegal, which collectively means a crime executed using computer technologies.
It is also known as hi- tech crime, e- crime, cybercrime, or electronic crime. It is
performed by a computer user who has great knowledge about hacking. The hacker
tries to gain unauthorized access to any particular account, personal information or
individual's private information. In some cases, hackers can corrupt the computer or
data files that can be very harmful to you. It could be that the computer may be
involved in the crime. This could harm someone's privacy and finances. It covers a
wide range of crimes like cyber fraud, financial scams, cybersex trafficking,
advertisement scams, etc. Cyber Crime generally be divided into two categories:
● Crimes that aim at computer networks or devices. These types of crimes
involve different threats (like virus, bugs etc.) and denial- of- service (DoS)
attacks. [A denial- of- service (DoS) attack is a cyberattack on devices,
information systems, or other network resources that prevents authentic users
from accessing expected services and resources.]
● Crimes that use computer networks to commit other criminal activities. These
types of crimes include cyber stalking (Cyber stalking is the act of unwanted
contact from someone online), financial fraud or identity theft.

Categories of Cybercrime

There are three major categories that cybercrime falls into: individual, property
and government.
1. Crimes against People
These crimes include cyber harassment and stalking, distribution of child
pornography, credit card fraud, human trafficking, spoofing, and identity theft.
2. Crimes against Property
Some online crimes occur against property, such as a computer or server. These
crimes include DDOS attacks, hacking, virus transmission, copyright infringement, and
IPR violations.
3. Crimes against Government
A crime against the government is also known as cyber terrorism. Government
cybercrime includes hacking government websites, military websites. These criminals
are usually terrorists or enemy governments of other nations.
Types of Cyber Crime

1. Malware is a broad term that comprised a wide range of cyber- attacks

such as Trojans, viruses, and worms. Malware can simply be described as
 code written to steal data or destroy things on a computer.

2. Phishing frequently poses as a request for information from a reputable

third party. Phishing emails invite users to click on a link and enter their
personal information.In recent years, phishing emails have become much
more complex, making it impossible for some users to distinguish between a
real request for information and a fraudulent one. Phishing emails are
sometimes lumped in with spam, but they are far more dangerous than a
simple advertisement.

3. DDoS Attack As the name suggests, a denial- of- service (DoS)

attack focuses on disrupting network service. Attackers transmit a large
amount of data traffic via the network until it becomes overloaded and stops
working. A DoS attack can be carried out in a variety of ways, but the most
common is a distributed denial- of- service (DDoS) attack. It involves the
attacker sending traffic or data, by utilizing several machines that will overload
the system.

4. Botnets are networks from compromised computers that are controlled

externally by remote hackers. The remote hackers then send spam or attack
other computers through these botnets. Botnets can also be used to act as
malware and perform malicious tasks.
5. Identity Theft This cybercrime occurs when a criminal gains access to a
user’s personal information to steal funds, access confidential information, or
participate in tax or health insurance fraud. They can also open a phone/
internet account in your name, use your name to plan a criminal activity and
claim government benefits in your name. They may do this by finding out user’s
passwords through hacking, retrieving personal information from social media,
or sending phishing emails.

Viruses:
Virus: Vital Information Resources Under Seize
A virus is a malicious executable code attached to another executable file that can be
harmless or can modify or delete data. When the computer program runs attached
with a virus it performs some action such as deleting a file from the computer system.
Viruses can’t be controlled by remote. The ILOVEYOU virus spreads through email
attachments. It can affect the data files, boot sector of hard drive etc. when its
replication succeeds. The affected area is said infected.
Viruses are human made programs generally write to access private information,
corrupt data, to display political and humorous messages on the user's screen. They
insert themselves into host programs and spread on the execution of infected
programs.

Worms :
Worms are similar to a virus but it does not modify the program. It replicates
itself more and more to cause slow down the computer system. Worms can be
controlled by remote. The main objective of worms is to eat the system
resources.
Sr.No. Basis of WORMS VIRUS
Comparison

1. Definition A Worm is a form of malware A Virus is a malicious

that replicates itself and can executable code attached
spread to different computers to another executable file
via Network. which can be harmless or
can modify or delete
data.

2. Objective The main objective of worms is The main objective of

to eat the system resources. It viruses is to modify the
consumes system resources information.
such as memory and bandwidth
and made the system slow in
speed to such an extent that it
stops responding.

3. Host It doesn’t need a host to It requires a host is

replicate from one computer to needed for spreading.
another.

4. Harmful It is less harmful as compared. It is more harmful.

5. Detection Worms can be detected and Antivirus software is

and removed by the Antivirus and used for protection
Protection firewall. against viruses.

6. Controlled Worms can be controlled by Viruses can’t be

by remote. controlled by remote.

7. Execution Worms are executed via Viruses are executed via

weaknesses in the system. executable files.
 8. Comes from Worms generally comes from Viruses generally comes
the downloaded files or through from the shared or
a network connection. downloaded files.

11. Types Internet worms, Instant Boot sector virus, Direct

messaging worms, Email Action virus, Polymorphic
worms, File sharing worms, virus, Macro virus,
Internet relay chat (IRC) worms Overwrite virus, File
are different types of worms. Infector virus are
different types of viruses

12. Examples Examples of worms include Examples of viruses

Morris worm, storm worm, etc. include Creeper, Blaster,
Slammer, etc.

13. Interface It does not need human action It needs human action to
to replicate. replicate.

14. Speed Its spreading speed is faster. Its spreading speed is

slower as compared to
worms.

Software Piracy
Software Piracy is the illegal approach of copying, distributing, modifying, selling,
or using the software which is legally protected. So in a simple term, we can say
Software piracy is the act of stealing legal software in an illegal way. This
software piracy refers to the unauthorized copy and use of legal software. And
now this critical problem has turned into a global issue.
Regulation for Software Piracy :
Software piracy is illegal and there are strict laws for these illegal activities. So
monetary penalties are also there for this lawbreaker who breaks these copyright
laws and creates copyright violation.
End- User License Agreement (EULA) is a license agreement which is mostly used for
software to protect its legality. It is a contract between the manufacturer and the end-
user. This rule defines the rules for legal software. One common rule in EULA is that it
prevents the user from sharing the software with others.
Types of Software Piracy :
There are mainly 5 types of Software Piracy.
1. Softlifting-
It is the most common type of software piracy. In this piracy, the legal owner of
the software is one, but the users are multiple. For instance, someone
purchases the genuine software, and others will illegally use that software by
downloading the software to their computer.
 For example, many times we borrow the software from our colleague and install a
copy of that on our computer just to save the money which rises to softlifting one
type of software piracy.
2. Hard- disk Loading-
It is the most common type of software piracy which mainly happens in PC
resell shops. The shop owner buys a legal copy of the software and reproduces
its copies in multiple computers by installing it. Most of the time customers/PC
users are not aware of these things and get the pirated version of the software
in the original S/W price or less than the original price. It is one type of
Commercial software piracy.
3. Counterfeiting-
In counterfeiting the duplicates are created of genuine/legal software
programs with the appearance of authenticity. Then these duplicate software
are sold out at less price.
4. Client- Server overuse –
In client- server overuse, more copies of the software are installed than it has
licensed for. Mainly it has seen in local business sectors when they work under
a local area n/w and install the software in all the computers for use by a
number of employees which is an unauthorized practice.
5. Online Piracy-
In online piracy, the illegal software is acquired from online auction sites and
blogs which is mainly achieved through the P2P(Peer to Peer) file- sharing
system. As it is acquired by means of the Internet, often it is called Internet
Piracy.

Web Jacking
In simplest terms, when attackers illegally gain control of an organisation’s or
individual’s website is known as Web Jacking. The hackers implant a fake website,
which, when you open it, takes you to another fraudulent website, where the attackers
try to extract sensitive information. This crucial data can range from simple account
passwords to credit card details.
There are still millions of people who do not understand the significance of Cyber
Security, let alone web threats like Web Jacking. The safety of your web must be a
priority. This is why it is important to understand how Web Jacking works and
learn how to prevent it.

Understanding how Web Jacking works

Web Jacking is a phishing attack intended to extract confidential data from users.
It follows a basic skeleton, from creating a fake website to freezing it to steal the
users' login information. Following are the steps generally followed by attackers
in Web Jacking.
a) Compromising the Domain Name System (DNS): Firstly, the hacker creates a fake
web page using the same domain name as the targeted web application.
b) Hosting: The second step is to host it on your computer or shared hosting.
c) Sending link: This step involves the hacker sending the fake website’s link to the
victim. The success of the hacker’s mission depends entirely on whether the
victim falls for it.
d) Entering details: If the victim clicks on the link, it directs them to the malicious
website. As the victim enters sensitive information like their login credentials or
credit card details, the hacker gets all of it. The attacker can use these freshly
retrieved details for nefarious reasons.

What is website defacement?

Website defacement is a type of website vandalism. In short, an attacker finds a way
to modify the files or contents of your website without your permission. Usually, they'll
change the contents of your website to something intended to embarrass you.
Sometimes, activists deface websites of companies or organizations with whom they
disagree, to raise awareness of what they see as that company's misdeeds.
Website defacement attacks differ from other cybersecurity threats because the
attacker rarely stands to gain from the action. Instead of trying to do things like steal
user credentials or skim money from unsuspecting users, they're trying to make as
much noise as they can. Most malicious users try to hide their activities, but not those
who choose defacement as a weapon. They're doing it to show off.

Why do attackers deface websites?

As we mentioned, defacing a website is unlike other forms of computer crime. The
goal of the attacker is to make as much noise as they can. Sometimes, they'll do this
purely for the "fun" of it or to increase their online credibility. Occasionally, website
admins, spurned by companies who haven't paid them, will deface the site they
administrate.
Other times, attackers are there to speak out about causes they believe in. In 2020,
former president Trump's personal website was defaced by hackers who disagreed
with his politics.
The common thread between these types of attacks is that the attackers want people
to know they did it. Their goal is to raise as much awareness as they can in as short a
period as they can.

Fig 1. Website Defacement

How does website defacement happen?
Sure, it's easy to say that website defacement is the result of an unauthorized person
changing something on your website. But how does that happen? What are the
mechanisms that they use to make those changes? Unfortunately, that's a broader
topic than we have space to cover here, so we'll do so in brief. There are so many
different configurations of web server and content management systems that an
exhaustive list just isn't possible. But the basic gist is this: your attacker will seek to
gain permission to change things on your website, usually by exploiting one or more
security vulnerabilities. The most common are vulnerabilities like broken
authentication, SQL injection, or misconfigured server security.
 Fig 2. How does website defacement happen?

Once they've exploited one or more of those security flaws, the attackers gain access
to your system. Usually, they're trying to gain administrative access to your website.
This doesn't always come with the first account that they access, so they may need to
exploit yet more vulnerabilities in order to gain administrative access. Once the
attacker gains administrative access, they're free to do whatever they wish. That's
when they start to deface your website

What is Cyber stalking?

Cyberstalking involves using digital platforms to intimidate or
control someone by continuously monitoring or harassing them
online, they can track the victim's online activity. Cyberstalkers may
impersonate their victims, post false information, or make
threatening comments.
Cyber stalking is a type of cybercrime that uses the internet and technology to
harass or stalk a person. It can be considered an extension of cyberbullying and in-
person stalking. However, it takes the form of text messages, e- mails, social media
posts, and other mediums and is often persistent, deliberate, and methodical.
Cyber stalking often starts with seemingly harmless interactions that go on to
become systematic in an annoying or frightening manner. Some even find the initial
stage of cyber stalking to be amusing and harmless, but it stops being fun anymore
when the interactions do not end even after the recipient has expressed their
displeasure and asked for the interaction to stop.
The content that is directed at the victim’s is often inappropriate and disturbing.
A cyber stalker might terrorize a victim by sending messages several times a day and
from different accounts.
Cyber stalking does not necessarily involve direct communication, and some
victims may not even realize that they are the victims of online stalking. The victims
can be monitored through various methods and the information gathered can be later
 used for crimes such as identity theft. Some stalkers even go as far as
harassing the victims offline as well and even contacting their friends.
Some common characteristics of Cyber stalking behaviour are tracking
locations, breaching data privacy, monitoring online and real- world activities,
obsessively tracking the victims’ whereabouts, intimidating victims, etc. Social media
stalking may include sending threatening private messages or faking photos.
Oftentimes, cyber stalkers make false accusations, spread malicious rumors,
create fake social media profiles or blogs, or create and publish revenge porn.
There might be a misperception that because it does not involve physical contact,
Cyber stalking is not as severe as the physical form of stalking. This is not true in any
case. The internet has become an integral part of everything that we do, be it
personal or professional. This has only eased the way communications take place
along with the increased access to personal information.

Cyber stalking Examples

Cyber stalkers use a variety of tactics and techniques to humiliate, harass, control,
and intimidate their victims. Many cyber stalkers are technologically savvy as well as
creative in their ways. Here are some examples of how Cyber stalking might take
place:

● Posting offensive, suggestive, or rude comments online

● Sending threatening, lewd, or offensive emails or messages to the victim

● Joining the same groups and forums as the victim

● Releasing the victim’s confidential information online

● Tracking all online movements of the victim through tracking devices

● Using technology for blackmailing or threatening the victim

● Excessively tagging the victim in irrelevant posts

● Engaging with all online posts made by the victim

● Creating fake profiles on social media to follow the victim

● Posting or distributing real or fake photos of the victim

● Excessively sending explicit photos of themselves to the victim

● Making fake posts intended to shame the victim

● Repeatedly messaging the victim

● Hacking into the victim’s online accounts

 ● Attempting to extort explicit photos of the victim

● Sending unwanted gifts or items to the victim

● Using hacking tools to get into the victim’s laptop or smartphone camera and
secretly record them

● Continuing harassment even after being asked to stop

Cyber Pornography
Cyber Pornography means the publishing, distributing or designing
pornography by using cyberspace. The technology has its pros and cons and cyber
pornography is the result of the advancement of technology. With the easy availability
of the Internet, people can now view thousands of porn on their mobile or laptops,
they even have access to upload pornographic content online.

Cyber pornography is in simple words defined as the act of using cyberspace to

create, display, distribute, import, or publish pornography or obscene materials. With
the advent of cyberspace, traditional pornographic content has now been largely
replaced by online/digital pornographic content.

2.4 Hacking, Phishing, e- fraud, threatening email, Cyber Terrorism.

Hacking:
A commonly used hacking definition is the act of compromising digital devices and
networks through unauthorized access to an account or computer system. Hacking is
not always a malicious act, but it is most commonly associated with illegal activity and
data theft by cyber criminals.
Hacking in cyber security refers to the misuse of devices like computers,
smartphones, tablets, and networks to cause damage to or corrupt systems, gather
information on users, steal data and documents, or disrupt data- related activity.
A traditional view of hackers is a lone rogue programmer who is highly skilled in
coding and modifying computer software and hardware systems. But this narrow view
does not cover the true technical nature of hacking. Hackers are increasingly growing
in sophistication, using stealthy attack methods designed to go completely unnoticed
by cybersecurity software and IT teams. They are also highly skilled in creating attack
vectors that trick users into opening malicious attachments or links and freely giving
up their sensitive personal data.
Types of Hackers
Black hat hackers
Black hat hackers are the "bad guys" of the hacking scene. They go out of their
way to discover vulnerabilities in computer systems and software to exploit them for
financial gain or for more malicious purposes, such as to gain reputation, carry out
corporate espionage, or as part of a nation- state hacking campaign. These
individuals’ actions can inflict serious damage on both computer users and the
organizations they work for. They can steal sensitive personal information,
compromise computer and financial systems, and alter or take down the functionality
of websites and critical networks.

White hat hackers

White hat hackers can be seen as the “good guys” who attempt to prevent the
success of black hat hackers through proactive hacking. They use their technical skills
to break into systems to assess and test the level of network security, also known
as ethical hacking. This helps expose vulnerabilities in systems before black hat
hackers can detect and exploit them. The techniques white hat hackers use are
similar to or even identical to those of black hat hackers, but these individuals are
hired by organizations to test and discover potential holes in their security defenses.

Grey hat hackers

Grey hat hackers sit somewhere between the good and the bad guys. Unlike
black hat hackers, they attempt to violate standards and principles but without
intending to do harm or gain financially. Their actions are typically carried out for the
common good. For example, they may exploit a vulnerability to raise awareness that it
exists, but unlike white hat hackers, they do so publicly. This alerts malicious actors to
the existence of the vulnerability.