Have You Ever?
• Under the suspect that something’s wrong with your system, got an
Antivirus, and scanned the whole, only to find yellow & red popups
indicating something must be truly messed up! (But How?)
• Found an Email in your Inbox, from a Brazilian Banker or Russia, if you
prefer the latter, claiming that he wants to give you a few billion dollars,
and all he needs is your Bank A/C information and your Address! Why?
Maybe he likes your face! (Frankly, You’re not alone!)
• Clicked on a link, unsuspecting, only to find that your browser crashed,
and you don’t even have a clue why! (Happens)
• Seen explicit or genuinely embarrassing pictures of a
friend/acquaintance/celebrity on a social network (Facebook maybe!) or a
site that mustn’t be named!
• Ordered something that was selling on 89% discount (on a site 99% of
people were unaware of) and waited forever for it to deliver.
• Registered on a site, that said you’d get credits for doing stuff like breaking
captchas and clicking on random ads (Just the money never reaches you)
• Can’t Access your Facebook/Gmail/Yahoo account anymore !!!
• Downloaded a free software, and got a dozen others as freebie, you never
knew! And then scary things start happening on your system..
• Got your Laptop/Phone stolen?
• Started finding evidence of leaked data, you’ve shared with none?
• Faced harassment of any form, in any online services or via your cell
• Downloaded your favourite Game/Movie over a file sharing service?
• Got emails that don’t make any sense, and are largely unsolicited.
• DONE ANY OF THE ABOVE?
If you can say YES, to even one of
You’ve already been a victim or
perpetrator in Cyber Crime!
In a nutshell, it is simply a crime that has some kind of computer or cyber
(computer/computer networks from word cybernetics) aspect to it.
Cyber crime encompasses any criminal act dealing with computers and
These include attacks against computer data and systems such as:
Denial of Service Attacks, identity theft, the distribution of child sexual
abuse images, internet auction fraud, the penetration of online financial
services, credit card fraud as well as the deployment of viruses, Botnets, and
various email scams such as phishing and spoofing to gain sensitive
12VICTIMS PER SECOND
378 MILLION VICTIMS PER YEAR
1 MILLION +
VICTIMS PER DAY
NEARLY 2.8 TIMES AS MANY BABIES BORN EACH YEAR
ENOUGH TO FILL WEMBLEY STADIUM (ENGLAND) MORE THAN 10 TIMES
As the Saying goes.. We’re Never Alone!
As we speak….
50% OF ONLINE ADULTS
HAVE BEEN VICTIMS OF CYBERCRIME AND / OR NEGATIVE
ONLINE SITUATIONS IN THE PAST YEAR
41% OF ONLINE ADULTS
HAVE FALLEN VICTIM TO ATTACKS SUCH AS
MALWARE, VIRUSES, HACKING, SCAMS, FRAUD AND THEFT
Who are the Cyber
The Cyber Criminal Profile
This category includes Script
kiddies, and enthusiasts messing
around status quo, hacking
friend’s system and having fun.
This is the Geek we all know!
Also Activists or groups (like
WikiLeaks) seeking to steal data
and release it publicly.
This group (led by technologists
turned cybercriminal) does the
most damage, particularly to
financial institutions, retailers, e-
governments, etc. This group of
cybercriminals actually creates
more fraud, remediation and
reputational damage than the
other types of cybercriminals
Most notably, China, Iran, other
nation-states looking to steal and
In case of a cyber warfare, these
are the people, whose involvement
• Individual: This type of cyber crime can be in the form of hacking, identity theft,
cyber bullying, cyber stalking, distributing pornography, trafficking and “grooming”.
• Property: Just like in the real world where a criminal can steal and rob, even in the
cyber world criminals resort to stealing and robbing.
– In this case, they can steal a person’s bank details and siphon off money; misuse the
credit card to make purchases online;
– use malicious software to gain access to an organization’s website or disrupt the
systems of the organization. The malicious software can also damage software and
hardware, just like vandals damage property in the offline world.
• Government: Although not as common as the other two categories, crimes against
a government are referred to as cyber terrorism.
– If successful, this category can wreak havoc and cause panic amongst the civilian
population. In this category, criminals hack government websites, military websites or
circulate propaganda. The perpetrators can be terrorist outfits or unfriendly
governments of other nations.
Cyber Crime can be broadly classified as:
Its Truly Polymorphic (1)
Yes, there are numerous forms. Some of which are:
• Hacking: This is a type of crime wherein a person’s computer is broken into so that
his personal or sensitive information can be accessed.
• Theft: This crime occurs when a person violates copyrights and downloads
music, movies, games and software.
• Cyber Stalking: This is a kind of online harassment wherein the victim is subjected
to a barrage of online messages and emails.
• Malicious Software: These are Internet-based software or programs that are used
to disrupt a network. The software is used to gain access to a system to steal
sensitive information or data or causing damage to software present in the system.
• Identity Theft: A criminal accesses data about a person’s bank account, credit
cards, Social Security, debit card and other sensitive information to siphon money
or to buy things online in the victim’s name
Its Truly Polymorphic (2)
• Child soliciting and Abuse: This is also a type of cyber crime wherein criminals
solicit minors via chat rooms for the purpose of child pornography.
• Cyber-Terrorism: Attacks against computer networks or the information stored
therein which result in violence against Government or persons or property, or at
least cause enough harm to generate fear, are to be considered cyber-terrorism
• DoS: Short for denial-of-service attack, a type of attack on a network that is
designed to bring the network to its knees by flooding it with useless traffic.
• Spamming & Spoofing: You can always look inside your spam folder for details!
Just for The Record
• MyDoom's Mass Infection
Estimated damage: $38 billion
– This fast-moving worm first struck in 2004 and tops McAfee's list in terms of monetary damage.
– Due to all the spam it sent, it slowed down global Internet access by 10 per cent and reduced access
to some websites by 50 per cent, causing billions in dollars of lost productivity and online sales.
• Conficker's stealthy destruction
Estimated damage $9.1 billion
– This 2007 worm infected millions of computers and then took its infections further than the previous
worm on our list, as cyber crooks moved from notoriety to professionalism.
– Conficker was designed to download and install malware from sites controlled by the virus writers.
• The "I love you" worm (named after the subject line of the email it came in) proved
irresistible in 2000 as millions of users opened the spam message and downloaded the
attached 'love letter' file and a bitter virus.
– This infamous worm cost companies and government agencies $15 billion to shut down their
computers and remove the infection.
• “Operation Get Rich or Die Tryin’
– For nearly four years ending in 2008, 28-year-old Albert “Segvec” Gonzalez and his accomplices
staged the biggest data thefts in history, stealing millions of credit and debit card magnetic stripe
data for sale on the black market.
• These events just provide a glimpse into the criminal activity potential of Cyber Component!
83% OF DIRECT FINANCIAL
COSTS ARE A RESULT OF
FRAUD, REPAIRS, THEFT AND
AVERAGE COST PER VICTIM
Global Price Tag Of
Consumer Cyber Crime:
Above Costs are given for individual victim Organisations.
ALL AMOUNTS IN USD ROUNDED TO THE NEAREST BILLION
BN 1 JAPAN
THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME
CANADA 3 BN; SINGAPORE 1 BN; NEW ZEALAND 0.1 BN; TURKEY 2 BN; SAUDI ARABIA 0.5 BN; UAE 0.3 BN; COLOMBIA 0.5 BN
The 2013 Cost of Cyber Crime Study, conducted by Ponemon Institute, provides an estimation of the economic impact
• The average annualized cost of cybercrime incurred per organization was $11.56 million, with a range of $1.3
million to $58 million. This is an increase of 26 percent, or $2.6 million, over the average cost reported in 2012.
• Organizations in defense, financial services and energy and utilities suffered the highest cybercrime costs.
• Data theft caused major costs, 43 percent of the total external costs, business disruption or lost productivity
accounts for 36% of external costs
• Organizations experienced an average of 122 successful attacks per week, up from 102 attacks per week in 2012.
• The average time to resolve a cyber attack was 32 days, with an average cost incurred during this period of
$1,035,769, or $32,469 per day—a 55 percent increase over last year’s estimated average cost of $591,780 for a
• Denial-of-service, web-based attacks and insiders account for more than 55% of overall annual cybercrime costs
• Smaller organizations incur a significantly higher per-capita cost than larger organizations.
• Recovery and detection are the most costly internal activities.
Why do they do it?
Think for a few moments, why would ..
• Someone living 5000 miles away, be interested in looking inside your system
or gaining access to it anyways?
• What are they going to do with the Facebook profile, full of your self-
• Of what use is any of your personal information to some one else?
• Crash a very popular site? Or slog it down to the knees?
• Steal data? (A more reasonable reason!)
• In short, why would anyone do anything, pulling all the troubles?
• Just to prove his smartness?
• Just to look into someone’s day to day life?
• Just to make a point anyways?!
At one point or another, all of these reasons, will
be just as mundane, as going to college
If not, there had been a big, bigger, biggest motivation of all!!
Money is the necessity, which breeds most crime!
There have been cases, where Internet has been used as means of
protest, refusal, and opposition as well!
• 2010 saw the political whistle-blower site Wikileaks release confidential communication records
between the US state department and various representatives overseas. In response pressure was
put on Amazon, PayPal, Visa and MasterCard to remove services associated with Wikileaks – in
effect hiding the site, freezing assets, and preventing supporters from financially donating to the
• Anonymous saw this as an attempt to censor the truth. The hackers quickly launched an offensive
and armed their various activists with a program called the Low Orbit Ion Cannon, which made it
incredibly easy to execute Distributed Denial Of Services (dDoS). In no time at all the sites of
PayPal, Visa, and MasterCard were shut down, causing the companies losses which PayPal recently
claimed to be in the region of £3.5 million.
• Hacktivists played an essential role in Arab Spring, a revolution in Arab Nations, that lead to the
rulers being thrown out of power.
• Following The bans on video streaming websites and file storage websites, hacktivist group
Anonymous's Indian volunteers went active. This resulted in Distributed Denial of Service attacks
on several government websites.
Information is Invaluable
So Are Zombies (!?)
• Believe it or not, Data & Information pays hard cash!
– Credit card information, Identification Numbers, Company
Secrets, Passwords etc.
– An Organisation’s classified data.
• Enemy Nations and rival countries often perform acts of
spying, espionage, and stealing against each other.
• Once your system has been infiltrated, the hacker can access
the functionalities, on the go!
– He can see whatever you’re doing.
– Even watch you on your webcam (which can be embarrassing)
– He can use your system, to perform attacks on other systems (yes, like
a zombie following orders!)
• Long gone are the days when cybercrime was tantamount to teenage
miscreants causing mischief in their parents’ basement.
• Today, as any commercial enterprise, cybercrime has evolved into a
complex, highly organized hierarchy involving leaders, engineers, infantry,
and hired money mules.
• Like any legitimate commercial enterprise, each player has a designated
role or function to perform.
• Cybercrime pays, it’s very common to find advertising looking to recruit
cyber specialists (e.g. botmaster, malware engineers) promising amount of
money between $2,000 and $5,000 a month.
“ Cybercriminals Today Mirror Legitimate Business Processes “
- Fortinet 2013 Cybercrime Report
Cyber Crime for Sale
• Hard to believe, but nowadays there are organisations selling services like
Hacking, Spamming, Denial Of Service Attacks.
• So, you can go online, and BUY a Hacking Service to hack your ex’s profile, or
maybe if you are into business, knock a competitor’s website down!
• There are testing platforms like virtest.com which enables cyber criminals to
test their malware before releasing it.
• Cyber Criminals now have crime packs, with business Intelligence Reporting
Dashboards to manage the distribution of their malicious code!
• For Instance, the Market Leader in Malware Distribution, Blackhole Exploit
Kit, comes with Technical Guide, Demo Videos, and Dedicated Customer
How Do They Do It?
• All these forms of Cyber Crime are due to one or more kind of Attacks by the Cyber
Criminals or the Hacktivist in question. Some common types of Attack are:
• Passive Attack
– A passive attack monitors unencrypted traffic and looks for clear-text passwords and
sensitive information that can be used in other types of attacks.
– Passive attacks include traffic analysis, monitoring of unprotected
communications, decrypting weakly encrypted traffic, and capturing authentication
information such as passwords.
– Passive attacks result in the disclosure of information or data files to an attacker without
the consent or knowledge of the user.
• Active Attack
– In an active attack, the attacker tries to bypass or break into secured systems.
– This can be done through stealth, viruses, worms, or Trojan horses.
– Active attacks include attempts to circumvent or break protection features, to introduce
malicious code, and to steal or modify information.
How Do They Do It? (2)
• Close-in attack
– involves someone attempting to get physically close to network components, data, and
systems in order to learn more about a network.
– Close-in attacks consist of regular individuals attaining close physical proximity to
networks, systems, or facilities for the purpose of modifying, gathering, or denying
access to information. Eg. Social Engineering.
• Distributed Attack
– A distributed attack requires that the adversary introduce code, such as a Trojan horse
or back-door program, to a “trusted” component or software that will later be
distributed to many other companies.
• Insider Attack
– An insider attack involves someone from the inside, such as a disgruntled employee,
attacking the network. Insider attacks can be malicious or non malicious.
• Phishing Attack
– In phishing attack the hacker creates a fake web site that looks exactly like a popular site
such as the SBI bank or paypal. The phishing part of the attack is that the hacker then
sends an e-mail message trying to trick the user into clicking a link that leads to the fake
How Do They Do It? (3)
• Hijack attack
– In a hijack attack, a hacker takes over a session between you and another
individual and disconnects the other individual from the communication.
– You still believe that you are talking to the original party and may send private
information to the hacker by accident.
– Eg. Man In The Middle Attack (Beware Of Public Wi-Fi’s)
• Password attack
– An attacker tries to crack the passwords stored in a network account database
or a password-protected file. There are three major types of password attacks:
a dictionary attack, a brute-force attack, and a hybrid attack.
• Buffer overflow
– Abuffer overflow attack is when the attacker sends more data to an
application than is expected. It usually results in the attacker gaining
administrative access to the system in a Command prompt or shell.
• Spoof attack
– In a spoof attack, the hacker modifies the source address of the packets he or
she is sending so that they appear to be coming from someone else. This may
be an attempt to bypass your firewall rules.
• Cyber Criminals, despite theft of millions of dollars, rarely get
• Most laws are National in their implementation, despite Cyber
Crime Conventions, where the Internet is borderless and
International by definition.
• Countries do not agree, which makes this area exceptionally
challenging from legal perspective.
• So, Cyber Criminals operating from the Ends of the
world, evade laws, taking full advantage of anonymity and
loopholes is International Laws.
Indian Laws & Cyber Crime
• The Indian Law has not given any definition to the term ‘cyber crime’.
• In fact, the Indian Penal Code does not use the term ‘cyber crime’ at any point
even after its amendment by the Information Technology (amendment) Act
2008, the Indian Cyber law.
• But “Cyber Security” is defined under Section (2) (b) means protecting
information, equipment, devices, computer, computer resource, communication
device and information stored therein from unauthorized access.
• In essence, cyber law is an attempt to apply laws designed for the physical
world, to human activity on the Internet.
• It has a separate chapter XI entitled “Offences” in which various cyber crimes
have been declared as penal offences punishable with imprisonment and fine.
Better Be Safe Than Sorry!
• Use Strong Passwords.
– Don’t use dictionary words, or numbers, or popular names. Use a combination of all!
– Try to use different passwords for all online services.
• Secure your computer:
– Activate your firewall
Firewalls are the first line of cyber defense; they block connections to unknown or bogus sites
and will keep out some types of viruses and hackers.
– Use anti-virus/malware software
Prevent viruses from infecting your computer by installing and
– regularly update anti-virus software.
• Block spyware attacks.
• Secure your Mobile Devices
• Install the latest operating system and software updates
• Protect your Data
Use encryption for your most sensitive files such as tax returns or financial
records, make regular back-ups.
Better Be Safe Than Sorry! (2)
• Review bank and credit card statements regularly
– The impact of identity theft and online crimes can be greatly reduced if you can catch it
shortly after your data is stolen or when the first use of your information is attempted
• Avoid being scammed
– Always think before you click on a link or file of unknown origin.
– Don’t feel pressured by any emails!
• Protect your e-identity
– Be cautious when giving out personal information such as your name, address, phone number
or financial information on the Internet. Make sure that websites are secure.
• Secure your wireless network
– Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured.
– Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Use VPNs (Virtual Private Networks) like
– Avoid conducting financial or corporate transactions on these networks.
• In an organisation, Cyber-Education and Awareness across the staff will go a long
way to protect against many types of cybercrime.
• The Internet is a fantastic Resource.
• It promotes business, Learning, Expression, and
• Keep Your Systems Safe & Secure, A large majority of
Cyber Crimes can be prevented by precautionary
• Even if we can’t stop it, Let’s Make Life Much Much
More Difficult For Cyber Criminals!