Chapter:1

Cyber Security
Introduction to Cyber Security

• Introduction to Cybercrime
– Definition and Origins of the word
– Cyber crime and Information Technology
– Who are Cybercriminals?
– Types of Cybercriminals
– Classification of Cybercrimes
• What is crime?

An action or omission which constitutes an

offence and is punishable by law.

“ An act or the commission of an act that is

forbidden , or the omissions of a duty that is
commanded by a public law and that makes
the offender liable to punishment by law”.
Cyber Crime

• “A crime conducted in which a computer was

directly and significantly instrumental”
• “Cybercrime (Computer Crime) is any illegal
behavior, directed by means of electronic
operations, that targets the security of computer
system and the data processed by them.
• Act of performing a criminal act using
CYBERSPACE as the communication vehicle
Other definitions of Cyber crime

• A crime committed using a computer and the

Internet to steal a person’s identity or disrupt
operations with malevolent programs.
• Crimes completed either on or with a computer
• Any illegal activity done through the internet or
on the computer.
• All criminal activities done using the medium of
computers, the internet, cyberspace and the
WWW.
Cyber

Relating to or characteristic of the culture of

computers, information technology, and
virtual reality.
Cyberspace

• “Online world of computer networks and

Internet.
• Cyberspace is a space where human user
can interact with computer network.
cybersquatting

• Cybersuatting in a bit different in that the

domain names that are being squattered
being process through the registration
process.
statistics of cyber crime

Total cyber crimes including fishing malicious

code, website intrusion, denial of service etc.

2013 – 41,319 incidents

2014 – 44,679 incidents
2015 – 49,455 cases
2016 (till March) – 14,363 incidents
Statistics of cyber crime

Indian website hacking incidents

2013 – 28,481 websites hacked

2014 – 32,323 sites hacked
2015 – 27,205 sites hacked
2016 (till March) – 8,056 sites hacked
Above statistics mentioned was given in Lok Sabha by Mr. Ravi Shankar Prasad.
(Source: http://computerera.co.in/)
Statistics of Cybercrime

• Cyber Crime damage cost to hit $6 trillion

annually by 2021.
• Cyber Security spending to exceed $1
trillion from 2017 to 2021.
• Cyber crime will more than triple the
unfilled cyber security jobs, which is
predicted to reach 3.5 million by 2021.
Statistics

• Human attack surface to reach 6 billion

people by 2022.
3.8 billion internet users in 2017 (51
percent of the world’s population of 7
billion), up from 2 billion in 2015.
6 billion users/ out of global population 8
billion.
Statistics

• Global ransomware damage costs are

predicted to exceed $5 billion in 2017.
That’s up from $325 million in 2015.
Law

Cyber Crimes in India are registered under

three broad heads :
 The IT Act,
 The Indian Penal Code (IPC)
 And other State Level Legislations (SLL).
Cases under IT Act

 Tampering computer source documents

(Section 65 IT Act)
 Loss /damage to computer resource/utility
(Section 66 (1) IT Act)
 Hacking (Section 66 (2) IT Act)
 Obscene publication/transmission in
electronic form (Section 67 IT Act)
 Failure of compliance/orders of Certifying
Authority (Section 68 I T Act)
Cases under IT Act
 Failure to assist in decrypting the
information intercepted by Govt Agency
(Section 69 IT Act)
 Un-authorised access/attempt to access to
protected computer system (Section 70 IT
Act)
 Obtaining license or Digital Signature
Certificate by misrepresentation /
suppression of fact (Section 71 IT Act)
Cases under IT Act

 Publishing false Digital Signature

Certificate (Section 73 IT Act)
 Fraud Digital Signature Certificate (Section
74 IT Act)
 Breach of confidentiality/privacy (Section
72 IT Act)
Cases under IPC

 Offences by/against Public Servant

(Section 167, 172, 173, 175 IPC)
 False electronic evidence (Section 193
IPC)
 Destruction of electronic evidence (Section
204, 477 IPC)
 Forgery (Section 463, 465, 466, 468, 469,
471, 474, 476, 477A IPC)
Cases under IPC

 Criminal Breach of Trust (Section 405,

406, 408, 409 IPC)
 Counterfeiting Property Mark (Section 482,
183, 483, 484, 485 IPC)
 Tampering (Section 489 IPC)
 Counterfeiting Currency / Stamps (Section
489A to 489E IPC)
Indian Govt. Initiatives

• Awareness
• Training
• Legal framework
• Emergency response
• Implementation of best practices
Cybercrime and Information Security

• Indian Information Technology Act (ITA) 2000

provides a new focus on “Information
Security” in India. The new version of the act
is ITA 2008.
• Cybersecurity as per this act means
protecting information, equipment, devices,
computer, computer resource, communication
device and information stored therein from
unauthorized access, use, disclosure,
modification or destruction.
Measures to Tackle Cyber Crime

The State Governments have been advised

to build adequate technical capacity in
handling cyber crime including technical
infrastructure, cyber police stations and
trained manpower for detection, registration,
investigation and prosecution of cyber
crimes.
Measures to Tackle Cyber Crime

 Started development of cyber forensics

tools.
 Setting up infrastructure for investigation
and training of users( Judges and Police
officers)
 How to use tools to collect and analyze the
digital evidences and present them in
Courts?
Measures to Tackle Cyber Crime

 Computer Emergency Response Team

(CERT-In) issues alerts and advisories
regarding latest cyber threats and
countermeasures on regular basis.
 CERT-In has published guidelines for
securing the websites, which are available
on its website (www.cert-in.org.in).
Measures to Tackle Cyber Crime

 In collaboration with Data Security Council

of India (DSCI), (National Association of
Software and Services) NASSCOM, Cyber
Forensic Labs have been set up at
Mumbai, Bengaluru, Pune and Kolkata for
awareness creation and training programs
on Cyber Crime investigation.
Who are Cybercriminals

• Cybercrime involves such activities as credit card fraud,

cyber stalking, defaming another online, gaining
unauthorized access to computer system, child
pornography, ignoring copyright, software licensing and trade
mark protection, overriding encryption to make illegal copies,
software piracy and stealing another's identity to perform
criminal act.
• Cybercriminals are those who conduct such acts.
Types of cybercriminals

Types of cybercriminals

Cybercriminals
Cybercriminals- Cybercriminals-
-not interested
hungry for the insiders
in recognition
recognition
Types of Cybercriminals

• Type I: Cybercriminals-hungry for

recognition
– Hobby Hackers
– IT Professionals
– Politically motivated hackers
– Terrorist organization
Types of Cybercriminals

• Type II: Cybercriminals-not interested in

recognition
– Psychological perverts
– Financially motivate hackers
– State sponsored hacking (national espionage,
sabotage)
– Organized criminals
Types of Cybercriminals

• Type III Cybercriminals-the insiders

– Disgruntled or former employees seeking
revenge
– Competing companies using employees to
gain economic advantage through damage
and/ or theft.
Classification of Cybercrimes

• Cybercrime against individual

– Electronic mail spoofing
– Phishing
– Spamming
– Cyber defamation
– Cyber stalking and harassment
– Computer Sabotage
– Password Sniffing
Classification of Cybercrimes

• Cybercrime against Property

– Credit card fraud
– Intellectual Property
Classification of Cybercrimes
• Cybercrime against Organization
– Unauthorized accessing of Computer
– Password sniffing
– Denial of Service attack
– Virus attack
– E-mail bombing/mail bomb
– Salami attack
– Logic Bomb
– Trojan Horse
– Data Diddling
– Crimes emanating from Usenet newsgroup
– Industrial spying
– Computer network intrusions
– Software piracy
Classification of Cybercrimes

• Cybercrime against society

– Forgery
– Cyber terrorism
– Web jacking
E-mail Spoofing

• A Spoofed E-mail is one that appears to

originate from one source but actually has
been sent from another source.
Fake Mail
Spamming

• People who create electronic spam are

called spammers.
• Spam is the abuse of electronic
messaging system to send unsolicited bulk
messages indiscriminately to large number
of users.
• Purpose: Advertisement, Phising,
Spreading Malwares etc.
Cybersquatting

The practice of registering names, especially

well-known company or brand names, as
Internet domains, in the hope of reselling
them at a profit.
Cyber warfare

Cyber warfare is typically defined as an act

of war using internet-enabled technology to
perform an attack on a nation's digital
infrastructure, such as with computer viruses
or a distributed denial-of-service attack.
Cyber warfare examples

Pakistani hackers compromised 10 Indian

websites which included National
Aeronautics, Army Institute of Management
and Technology, Defence Institute of
Advanced Technology, Army Institute of
Management, and the Board of Research in
Nuclear Sciences.
Cyber warfare example

The hacker group — Pakistan Haxor Crew

— claimed the action was to avenge the
defacement of the Pakistan Railways
website by an Indian hacker and to show
solidarity with Kashmiris.
Source: Economic times(19-OCT-2017)
Cyber warfare

In April 2009, China and Russia had

infiltrated the U.S. electrical grid and left
behind software programs that could be
used to disrupt the system.
Massive power outages caused by a cyber
attack could disrupt the economy, distract
from a simultaneous military attack, or
create a national trauma.
.
Source: The Wall Street Journal. Retrieved 8 November 2011
Cyberdefamation

• As per IPC section 499

“The term 'Cyber Defamation' basically means
publishing of false statement about an individual
in cyberspace that can injure or demean the
reputation of that individual.”

• Cyber defamation involves defaming a person

through a new and far more effective method
such as the use of modern Electronic devices. It
refers to the publishing of defamatory material
against any person in cyberspace or with the
help of computers or the Internet.
Cyberdefamation

• Unidentified persons posted obscene

photographs and contact details of a Delhi
school girl. Suggestive names like ’sex teacher’
were posted on the profile. The matter came to
light after the girl’s family started receiving vulgar
calls referring to Orkut.
Computer sabotage

• Computer sabotage is. [t]he input,

alteration, erasure or suppression of
computer data or computer programmes,
or interference with computer systems,
with the intent to hinder the functioning
of a computer or a telecommunication
system.
Internet Time Theft

• This type of theft occurs when an unauthorized

person uses the Internet hours paid by some
other person.
• Internet Time Theft comes under hacking
because the person who gets access to
someone else’s ISP user ID and password either
by hacking or gaining access to it by illegal
means, uses it to access the Internet without the
other person’s knowledge.
Salami Attack/Salami Technique

• These attacks are used for communicating

financial crimes.
• The idea here is to make the alteration so
insignificant that in single case it would go
completely unnoticed.
Salami Attack/Salami Technique

• Four executives of a rental-car franchise in

Florida USA defrauded at least 47,000
customers using a salami technique. They
modified a computer billing program to add five
extra gallons to the actual gas tank capacity of
their vehicles.
• From 1988 through 1991, every customer who
returned a car without topping it off ended up
paying inflated rates for an inflated total of
gasoline. The thefts ranged from $2 to $15 per
customer difficult for the victims to detect.
Data Diddling

• A data diddling attack involves altering raw data

just before it is processed by a computer and then
changing it back after the processing is
completed.
• Electricity boards in India have been victims to
data diddling programs inserted when parties
computerize their systems.
Diddling Example

• A keyboard operator processing orders at

an Oakland USA department store
changed some delivery addresses and
diverted several thousand dollars worth of
store goods into the hands of accomplices.
Diddling Example

The NDMC Electricity Billing Fraud Case 1996

The computer network was used for receipt and accounting of electricity bills by
the New Delhi Municipal Council.

Collection of money, computerized accounting, record maintenance and

remittance in the bank were exclusively left to a private contractor who was a
computer professional.

He misappropriated huge amount of funds by manipulating data files to

show less receipt and bank remittance.
Forgery

• Counterfeit currency notes, postage and

revenue stamps, mark sheets etc. can be forged
using sophisticated computers, printers and
scanners.
Vishing

• Vishing is the criminal practice of using social

engineering over the telephone.
• The term is combination of V- Voice and
Phishing.
• The most profitable uses of the information
gained through Vishing include:
– ID theft
– On line shopping
– Transferring Money
– Monitoring bank account details
Hacking

• Hackers write or use ready-made computer

programs to attack the target computer. The
main purpose of hacking are:
– Greed
– Power
– Publicity
– Revenge
– Adventure
– Desire to access forbidden information
– Destructive mindset
Online Frauds

• Lottery frauds and E-mail spoofing comes

under this category.
• In spoofing websites and E-mail security
threats, fraudsters create authentic looking
website that are actually nothing but a
spoof.
• The purpose of these website is to make
the user enter personal information which
is then used to access business and bank
accounts.
Example Lottery Fraud
Online Frauds

• Lottery frauds are typically letters or E-mail

that inform the recipient that he/she has
won a prize in lottery.
• To get the money the recipient has to
reply, after which another mail is received
asking for bank details so that the money
can be directly transferred.
Pornographic Offenses

Child Pornography means any visual

depiction, including but not limited to the
following:
1. Any photograph that can be considered
terrible and unsuitable for the age of child
viewer.
2. Film, video, picture.
3. Computer generated image.
The CEO of online auction website bazee.com (a
part of the ebay group) was arrested by the Delhi
police for violating India’s strict laws on cyber
pornography.
An engineering student was using the bazee
website to sell a video depicting two school
students having sexual intercourse. Bazee.com
was held liable for distributing porn and hence the
CEO was arrested.
Software Piracy

The unauthorized copying of software.

By buying the software, you become
a licensed user rather than an owner . You
are allowed to make copies of the program
for backup purposes, but it is against the law
to give copies to friends and colleagues
Software Piracy
Sabotage

• The deliberate destruction, disruption, or

damage of equipment, a public service, etc, as
by enemy agents, dissatisfied employees, etc
Computer Sabotage
• The use of computer to hinder the normal
functioning of a computer system through
the introduction of worms, viruses or logic
bomb.
• It can be used to gain economic
advantage over a competitor , to promote
the illegal activities of terrorists or to steal
data or programs for extortion purposes.
Computer Sabotage

Examples would include writing and releasing a virus,

worm, or Trojan, sending out spam, initiating a denial of
service attack, installing a "back door", altering or deleting
data, damaging computer equipment, causing data on
someone else's computer to become corrupted, encrypting
someone's hard drive and holding it hostage until they pay
a ransom for the decryption key, intercepting computer
traffic and altering it before sending it along (a type of man-
in-the middle attack), or causing physical damage to a
computer system by deliberate malicious actions.
Computer Sabotage

July 2007 A space program worker

deliberately damaged a computer that was
supposed to fly aboard the shuttle
Endeavour in less than two weeks. This was
an act of sabotage that was caught before
the equipment was loaded onto the
spacecraft.
Computer Sabotage

November 2007 Seagate Maxtor Basics

Personal Storage 3200 hard drives were
infected with a Trojan Horse virus. The hard
drive has been temporarily pulled off the
shelves and is no longer available for
purchase. Intelligence reports that the Trojan
was designed to copy information on the
computer and send it to a Beijing web sites
without the user’s knowledge.
Virus

 A computer virus attaches itself to a

program or file enabling it to spread from
one computer to another, leaving
infections as it travels.
 All viruses are attached to an
executable file, which means the virus
may exist on your computer but it actually
cannot infect your computer unless you
run or open the malicious program.
worm

• Sub-class of a virus
• It has the capability to travel without any
human action
• Due to the copying nature of a worm and
its capability to travel across networks, it
worm consumes too much
system memory (or network bandwidth),
causing Web servers, network servers and
individual computers to stop responding.
Trojan Horse

The Trojan Horse, at first glance will appear

to be useful software but will actually do
damage once installed or run on your
computer.
Back Door

Backdoor is an undocumented way of

gaining access to a program, online service
or an entire computer system.
A backdoor will bypass normal
authentication mechanisms.
It is written by the programmer who creates
the code for the program and is often only
known by the programmer and is a potential
security risk. Also called a trapdoor.
E-Mail Bombing/Mail Bomb

Mass mailing consists of sending numerous

duplicate mails to the same email address.
Similar to Spamming, the attacker instructs
the botnet to send out millions or even
billions of emails, but unlike normal botnet
spamming, the emails are all addressed to
only one or a few addresses the attacker
wishes to flood. This form of email bombing
is similar in purpose to other DDoS flooding
attacks.
Email Bomb

In one case, a foreigner who had been residing in

Simla (India) for almost 30 years wanted to avail of
a scheme introduced by the Simla Housing Board
to buy land at lower rates.
When he made an application it was rejected on
the grounds that the scheme was available only for
citizens of India.
He decided to take his revenge. Consequently, he
sent thousands of mails to the Simla Housing
Board and repeatedly kept sending e mails till their
servers crashed.
Password Sniffing

• If a hacker can't guess your password, there are other

ways he/she can try to get it. One way which has
become very popular is called ``password sniffing''.
• It turns out that most networks use what's known as
“broadcast” technology. What that means is that every
message that a computer on the network transmits can
be read by any other computer on that network. In
practice, all the computers except the recipient of the
message will notice that the message is not meant for
them, and ignore it.
Credit Card Frauds

• Credit card fraud is a wide-ranging term for

theft and fraud committed using or involving a payment
card, such as a credit card or debit card, as a fraudulent
source of funds in a transaction.
• The purpose may be to obtain goods without paying, or
to obtain unauthorized funds from an account.
Web Defacement

Website defacement is usually the substitution of

the original home page of a website with another
page (usually pornographic or defamatory in
nature) by a hacker.
Web Defacement

• Mahesh Mhatre and Anand Khare (alias Dr

Neukar) were arrested in 2002 for allegedly
defacing the website of the Mumbai Cyber Crime
Cell. They had allegedly used password
cracking software to crack the FTP password
for the police website.

They then replaced the homepage of the

website with pornographic
content.
Identity Theft

• Identity theft is a form of stealing

someone's identity in which someone pretends
to be someone else by assuming that person's
identity, usually as a method to gain access to
resources or obtain credit and other benefits in
that person's name.
• It’s a serious crime that can cause disturbance
with your finances, credit history, reputation and
can take time, money, and patience to resolve.
Cyber Security
Cyber attacks
The most common cyber-attacks with their occurrences are as follows

Attack Types %
Viruses, malware, worms, Trojans 50%
Criminal insider 33%
Theft of data-bearing devices 28%
SQL injection 28%
Phishing 22%
Web-based attacks 17%
Social engineering 17%
Other 11%
Survival Mantra for the Netizens:

• Precaution
• Prevention
• Protection
• Preservation
• Perseverance
Survival Mantra for the Netizens:

• Keep genuine software

• keep browsers updated with security
patches
• Keep an effective Antivirus and updates
• never share private data with others
• stay aware in cyber world….