Cyber Security

Subject Code: 3150714

Introduction to Cyber
crimes and laws
UNIT - 4
Cyber Crime
● Cyber-crime is simply defined as crimes that are directly or indirectly
related to computers, mobile, network, communication or storage
devices and using all or any of them.
● A crime conducted in which a computer was directly and significantly
instrumental.
● Cyber crime in more detail, “Offences that are committed against individuals
or groups of individuals with a criminal motive to harm the reputation of the
victim or cause physical or mental or economical harm, or loss to the victim
directly or indirectly, using modern telecommunication networks such as
Internet (networks including but not limited to Chat rooms, emails, notice
boards and groups) and mobile phones (Bluetooth/SMS/MMS)”.
Cyber Law

● Cyber Law is a framework created to give legal

recognition to all risks arising out of the usage of
computers, computer network or related technology.

● “Cyber Law” is a term used to describe the legal

issues related to use of Computer and
Communications Technology.
Cyber Security
● Cyber Security means protecting information, equipment, devices,
computer, computer resource, communication device and information
stored therein from unauthorized access, use, disclosure, disruption,
modification or destruction.
● Cyber security also refers to the body of technologies, processes, and
practices designed to protect computer, networks, communication devices,
programs, and data from attack, damage, or unauthorized access
● Effective cyber security reduces the risk of cyber attacks, and protects
organizations and individuals from the unauthorized exploitation of systems,
networks and technologies
Cyber Crime Classification
● We can categorize Cyber crimes in two ways
● The Computer as a Target :- using a computer to attack other computers.
e.g. Hacking, Virus/Worm attacks, DOS attack etc.
● The Computer as a Weapon :- using a computer to commit real world
crimes. e.g. Cyber Terrorism, IPR(intellectual property rights) violations,
Credit card frauds, EFT(electronic funds transfer) frauds, Pornography etc.
● Types of Cybercrime
● 1.Cybercrime against individual
● 2.Cybercrime against property
● 3.Cybercrime against organization
● 4.Cybercrime against society
● 5.Crimes originating from Usenet newsgroup
Cyber crime against Individual
● Email Spoofing
● A spoofed email is one in which e-mail header is forged so that mail appears to
originate from one source but actually has been sent from another source.
● Email spoofing is the creation of email messages with a forged sender address.

● Spamming
● Spamming means sending multiple copies of unsolicited mails or mass e-mails
such as chain letters.
● In context of “search engine spamming”, spamming is alternation or creation of
a document with the intent to deceive an electronic catalog or filing system
● Cyber Defamation
● This occurs when defamation takes place with the help of computers and / or the
Internet.
● E.g. someone publishes defamatory matter about someone on a website or sends
emails containing defamatory information.
● Harassment & Cyber Stalking
● Cyber Stalking Means following the moves of an individual's activity over
internet.
● It can be done with the help of many protocols available such at e- mail, chat
rooms, user net groups.
● Phishing
● A deception designed link to steal valuable personal data, such as
credit card numbers, passwords, account data, or other
information.
● Phishing is the fraudulent attempt to obtain sensitive information
(such as usernames, passwords, and credit card details) by
masking as a trustworthy entity.
● For example : please reset your facebook password
www.facebook.com
Cyber crime against Property
● Intellectual Property crimes
● These include Software piracy, illegal copying of programs, distribution of
copies of software, Copyright violation, Trademarks violations, Theft of
computer source code.
● Credit Card Fraud
● An unauthorized taking of victim’s credit card information for the purpose of
purchases from credit card or transferring funds from it.
● Credit card fraud is a form of identity theft
● Internet Time Theft
● The usage of the Internet hours by an unauthorized person which is actually
paid by another person.
Cybercrime against organization

● Unauthorized Accessing of Computer

● Accessing the computer/network without permission from the owner.
● it can be of 2 forms:
● a. Changing/deleting data: Unauthorized changing of data.
● b. Computer observe: The criminal reads or copies confidential or
proprietary information, but the data is neither deleted nor changed.
● Denial of Service (DoS) or DDos Attack
● When Internet server is flooded with continuous bogus requests so as to
denying legitimate users to use the server or to crash the server.
Cyber crime against organization
Computer Virus / Contamination
● A computer virus is a computer program that can infect other computer
programs by modifying them in such a way as to include a (possibly evolved)
copy of it.

Email Bombing
● Sending large numbers of mails to the individual or company or mail servers
thereby ultimately resulting into crashing.

Salami Attack
● When negligible amounts are removed & accumulated in to something larger.
These attacks are used for the commission of financial crimes.
Cyber crime against organization
Logic Bomb
It is an event dependent program, as soon as the designated event occurs, it
crashes the computer, release a virus or any other harmful possibilities.

Trojan Horse
An unauthorized program which functions from inside what seems to be an
authorized program, thereby concealing what it is actually doing.

Data diddling
This kind of an attack involves altering raw data just before it is processed by
a computer and then changing it back after the processing is completed.
Cyber crime against Society
Forgery
Currency notes, revenue stamps, mark sheets etc can be forged using computers
and high quality scanners and printers.

Cyber Terrorism
Using computer resources to threaten or force others.

Web Jacking
Hackers gain access and control over the website of another, even they
change the content of website for fulfilling political objective or for money.
Crimes Originating from Usenet group
Usenet
● Usenet is a popular means of sharing and distributing information on the web
with respect to specific subjects or topic.
● Usenet group may carry very offensive, harmful, inaccurate or otherwise
inappropriate material or postings that have been improper or are dishonest in
another way.
Following criminal use Usenet
● Distribution/sale of pirated software package
● Distribution of hacking software
● Distribution/sale of pornographic material
● Sale of stolen credit card number
● Sale of stolen data/stolen property
Hacking
● The term hacker was originally a term of respect for computer experts who
knew all about computers, and could do cool things with them
● The person who is able to discover weakness in a system and managed to
exploit it to accomplish his goal referred as a Hacker, and the process is
referred as Hacking
● Some hackers crossed over to the dark side, and these villains were more
properly known as "crackers“
● A hacker is an unauthorized user who attempts to gain access to an
information system
Types of Attack Vector
Email as an Attack Vector :
Email attacks continue to advance in sophistication.
Millions of messages can be sent out in the hope that a large number of people will be duped.
Attachments (and other files):
Malicious attachments install malicious computer code. Attachments attempt to install their
payload as soon as you open them.
The code could be a Virus, Trojan horse or any other kind of malware.
Attack by deception:
Deception is aimed at the user/operator as the vulnerable entry point.
It's not just malicious computer code that you need to watch out for.
Viruses:
These are malicious computer code that makes them a payload.
The main attack vector for viruses was originally infected USB drive, but now the vectors
include email attachments, downloaded files, worms and more.
Heedless guests (attack by WebPages)
Fake Web sites are used to extract personal information, like your address, credit
card number and expiration date from people.
The Fake websites look very much like the genuine websites they imitate.
Attacks of the worms
Most worms are delivered as attachments
These worms spread without the need for humans to open attachments.
Foist ware (sneak ware)
Foist ware is a new term for software that secretly adds hidden components to your
system.
Spyware is the most common form of foist ware.
It diverts you to some "revenue opportunity" that the foister has going.
Malicious macros
Microsoft Word and Microsoft Excel are some of the examples that allow macros.
The macros can also be used for malicious purposes.
Cyberspace and criminal behaviour
Cyberspace is worldwide network of computer networks for communication and exchange
of data using TCP/IP.
Cyberspace is most definitely a place where you chat, explore, research and play.
The Information or Digital Revolution has created a new forum for both terrorist activity
and criminal behavior.
The cybercriminals are categorized based on motive into following groups:
Cybercriminals- hungry for recognition
Hobby hackers, IT professionals, Politically motivated hackers, Terrorist organizations
Cybercriminals- not interested in recognition
Psychological perverts, Financially motivated hackers, State-sponsored hacking,
Organized criminals
Cybercriminals- the insiders
Former employees seeking revenge
Competing companies using employees to gain economic advantage through damage
and/or theft
Criminal Behavior
The advent of the computer has changed the way individuals behave.
A similar point can be made about Criminal behavior; namely, a significant amount of crimes
are connected to technology.
In common fraud scams the criminals gathers the information by phishing and spoofing
leading to identity theft.
Crimes related to health care, insurances are also performed by hacking and forging identities.
Cyber harassment and defamation especially the cases of pedophiles' and stalkers use false
identities to trap the children and teenagers.
spamming and unsolicited bulk messages leads to lost productivity.
The criminal steals this information from certain unsecured websites or by identity theft and
doing frauds like auction frauds, non-delivery of existent/non-existent merchandize.
Forgery is often achieved by hacking wherein the hacker attack the target computer and
retrieve personal information of the victims and use it for their personal monetary gains.
General Terms
● Computer crime
● A general term that has been used to denote any criminal act which has been facilitated
by computer use.
● Included both Internet and non-Internet activity. Examples include theft of components,
forging, digital piracy or copyright infringement, hacking, and child pornography.
● Computer-related crime
● A broad term used to encompass those criminal activities in which a computer was
peripherally involved. Examples include traditional bookmaking and theft.
● Cybercrime
● A specific term used to refer to any criminal activity which has been committed through
or facilitated by the Internet.
● Digital-crime
● A term used to refer to any criminal activity which involves the unauthorized access,
dissemination, manipulation, destruction, or corruption of electronically stored data.
Traditional problems
● Criminals adapt changing technologies while law enforcement agencies and
government institutions, bounded by traditional system
● The law enforcement agencies are struggling to keep up with criminal
innovations.
● Computer crime has proven and significant challenge to Law Enforcement
personnel
● Indeed, the law-enforcement community has often failed to recognize.
● Many computer-related crime involves non-specialist users (e.g., child
pornography, drug dealers, harassment, etc.).
Types of traditional problems
1.Physicality and Jurisdictional Concerns (different countries)
2.Perceived Insignificance, Stereotypes, and Incompetence
3.Lack of Reporting
4.Lack of Resources
5.Jurisprudential Inconsistency
Incident Response
● Incident response is the response to a computer crime, security policy
violation, or similar event.
● Digital evidence is secured, preserved, and documented in this phase.
● The incident responder is not necessarily the forensic specialist who will
conduct the analysis of the digital evidence.
● In a large corporate setting, the incident responder might be a
technician-level employee in security or information technology.
● In a smaller company, the network administrator or security officer might
also be the incident responder in addition to performing several other duties.
● In the case of a criminal investigation, a sworn law enforcement officer or
“crime lab” technician typically has incident responder responsibilities.
Incident Response
Pre-incident preparation
Take actions to prepare the organization and the CSIRT(computer security
incident response team) before an incident occurs.
Detection of incidents
Identify a potential computer security incident.
Initial response
Perform an initial investigation, recording the basic details surrounding the
incident, assembling the incident response team, and notifying the individuals
who need to know about the incident.
Formulate response strategy
Based on the results of all the known facts, manage the best response and get
management approval. Determine what civil, criminal, administrative, or other
actions are appropriate to take, based on the conclusions drawn from the
investigation.
Incident Response
Investigate the incident
Perform a thorough collection of data
Review the data collected to determine
What happened,
When it happened,
Who did it, and
How it can be prevented in the future.
Reporting
Accurately report information about the investigation in a manner useful to
decision makers.
Resolution
Employ security measures and procedural changes, record lessons learned, and
develop long term fixes for any problems identified.
Digital Forensics
● Digital forensics is a fairly novel science.
● Digital forensics is as “the collection of techniques, proven methods and tools
used to find digital evidence derived from digital sources ”.
● Computer forensics generally focuses on particular methods for extracting
evidence from a specific platform, whereas digital forensics needs to be
formed in such a way that it covers all types of digital devices, including
future digital technologies.
● Regrettably, there is no regular or consistent digital forensic methodology.
● However there are a number of procedures and tools based on experiences of
law enforcement, system administrators and hackers.
● Gather evidence by applying approved methods that will reliably extract and
analyze evidence without bias or modification is challenging task.
Contaminants and Destruction of Data
Data destruction is the process of destroying data stored on tapes, hard disks and other
forms of electronic media so that it is completely unreadable and cannot be accessed or
used for unauthorized purposes.
Data contamination The alteration, maliciously or accidentally, of data in a computer
system.
Environment surrounding of data storage area may affect on the stored data. Like
environment polluted with Ferrous metal particles, Corrosive gases, Chlorides/salts,
Electrostatic dust, electricity generation,
five most commonly experienced culprits of data loss
1.Power Outage
2.Virus, Malware, or Attack
3.Natural Disaster
4.Human Error
5.Equipment Failure or Malfunction
Cyber-Crime Scenarios and Applicability of Legal Sections
Let us look into some common cyber-crime scenarios which can attract prosecution as per
the penalties and offences prescribed in IT Act 2000 (amended via 2008) Act.
1.Harassment via fake public profile on social networking site
A fake profile of a person is created on a social networking site with the correct address,
residential information or contact details but he/she is labeled as ‘prostitute’ or a person of
‘loose character’. This leads to harassment of the victim.
Provisions Applicable: Sections 66A, 67 of IT Act and Section 509 of the Indian Penal
Code.
2.Online Hate Community
Online hate community is created inciting a religious group to act or pass objectionable
remarks against a country, national figures etc.
Provisions Applicable: Section 66A of IT Act and 153A & 153B of the Indian Penal Code.
3.Email Account Hacking
If victim’s email account is hacked and obscene emails are sent to people in victim’s
address book.
Provisions Applicable: Sections 43, 66, 66A, 66C, 67, 67A and 67B of IT Act.
8.Online sale of illegal Articles
Where sale of narcotics, drugs weapons and wildlife is facilitated by the Internet.
Provisions Applicable: Generally conventional laws apply in these cases.
9.Cyber Pornography
Among the largest businesses on Internet. Pornography may not be illegal in many
countries, but child pornography is.
Provisions Applicable: Sections 67, 67A and 67B of the IT Act.
10.Phishing and Email Scams
Phishing involves fraudulently acquiring sensitive information through masquerading a
site as a trusted entity. (E.g. Passwords, credit card information).
Provisions Applicable: Section 66, 66A and 66D of IT Act and Section 420 of IPC.
11.Theft of Confidential Information
Many business organizations store their confidential information in computer systems.
This information is targeted by rivals, criminals and disgruntled employees.
Provisions Applicable: Sections 43, 66, 66B of IT Act and Section 426 of Indian Penal
Code.
12.Source Code Theft
A Source code generally is the most coveted and important "crown jewel" asset
of a company.
Provisions applicable: Sections 43, 66, 66B of IT Act and Section 63 of
Copyright Act.
13.Tax Evasion and Money Laundering
Money launderers and people doing illegal business activities hide their
information in virtual as well as physical activities.
Provisions Applicable: Income Tax Act and Prevention of Money Laundering
Act. IT Act may apply case-wise.
14.Online Share Trading Fraud
It has become mandatory for investors to have their demat accounts linked with
their online banking accounts which are generally accessed unauthorized, thereby
leading to share trading frauds.
Provisions Applicable: Sections 43, 66, 66C, 66D of IT Act and Section 420 of
IPC (Indian penal code)